The administration proposes a number of changes to the state’s information technology (IT) governance structure. Our analysis finds that (1) the planning and policy development roles are appropriately placed with the Chief Information Officer (CIO), (2) moving IT project oversight to CIO would eliminate objectivity, and (3) a separate security office may create an unnecessary layer of review. We recommend the Legislature adopt an alternative structure that addresses these concerns.