Skip Maine state header navigation

Agencies | Online Services | Help

State of Maine Seal

Maine State Government

Dept. of Administrative & Financial Services

Office of Information Technology

 

 

Waiver Policy 

I. Statement of Policy

Adherence to policy, standards and procedures is a necessary part of conducting state business.  It is equally important to document the process for exceptions.

II. Purpose

The purpose of this policy is to outline and document a process for the seeking a waiver and the cataloging mechanism.

 

III. Guidelines & Procedures

A. Once it is determined that a waiver to an existing policy or standard is desired, the person seeking the waiver will create an email addressed to the chair of the Enterprise Architecture Team (Enterprise.Architect@Maine.Gov) that includes the following:

1. State the name of the person requesting the waiver and the IT Manager approving the request to move forward.

2. Identify the policy or standard for which the waiver is being requested.  

3. Describe the compelling technical or business case that identifies the specific action and how it warrants exemption.

4. State the duration length of the waiver.

5. The exit strategy is to terminate the waiver and to bring the product into our standard offering.

6. Finally, what is the impact if the waiver is not approved?

B. The recommendation from the Enterprise Architecture Team will then be presented to the Executive Management Group (EMG). The EMG meets every Wednesday afternoon and will consider all pending waivers at that time.

C. Once the EMG has made a determination on the waiver the CIO will be briefed on our recommendation. This will occur at the weekly CIO/EMG meeting that is held on Monday afternoons. The CIO will approve or deny the wavier in whole, part and/or with conditions.

D. Approval or denial of the request will be made within three weeks of the submittal via email to the requestor and will include the Names outlined in III A. 1.

E. Emergency requests will be handled in the same manner only on an expedited scale via e-mail. Approval may be granted or denied at any time by the CIO.

F. A Save As function will take place on the last email thread, saving the file with the last name of the requestor and the date. Example: Jones112009.

G. The response will be cataloged on the CIO-Common/Policies/waiver/approval denial directory.

H. By the expiration of the waiver period, it is expected that corrective actions would have been taken to convert to an accepted standard or policy. Should that not be the case, then the requester may petition for a follow-up waiver with an explicit explanation as to why they did not adhere to the terms of the original waiver grant.

IV. Applicability

This policy is applicable to all OIT issued policies, standards and procedures. This policy may be utilized by entities outside of OIT. For example, an agency may wish to request a waiver to the Domain Name Policy.

V. Responsibilities

A. OIT management will respond within a three week time frame to wavier requests. OIT management who are listed as the follow designations on the policy, standard or procedure to which a waiver is being sought, are responsible for alerting appropriate OIT staff when a waiver request is submitted:

·                 Point of Contact: Name

·                 Approved By: Name

·                 Position Title(s) or Agency Responsible for Enforcement:  Name

B. Those seeking a waiver are not permitted to proceed with their desired outcome until they receive an email indicating the waiver has been granted.

 

VI. Document Information

A. Document Reference Number: 42

B. Category: General/Governance

C. Adoption Date:  02/22/2010

D. Effective Date:  02/22/2010

E. Review Date: 02/22/2013

F. Point of Contact: Chair and/or co-chair of the Enterprise Architecture Team, Victor Chakravarty 624-8800.

G. Approved By: Richard B. Thompson, Chief Information Officer

H. Position Title(s) or Agency Responsible for Enforcement:  Executive Management Group comprised of the Associate CIO for Applications, the Associate CIO for Policy, Planning, and Oversight, and the Chief Technology Officer.

I. Legal Citation:  Title 5, Maine Revised Statutes, Chapter 163 §1973, Section 1, Paragraph B authorizes the CIO to “set policies and standards for the implementation and use of information and telecommunications technologies” and Title 5, Maine Revised Statutes, Chapter 147 §1621, Section 4.

J. Waiver Process:  N/A