Arkansas

In plain terms. Arkansas sets a statutory policy on the use of technology resources and cybersecurity and creates state data and privacy officers.

Who it applies to. State agencies and their IT vendors. The state participates in StateRAMP, its baseline for vetting cloud-service security.

What it requires. State law establishes the policy on technology-resource use and cybersecurity, a Chief Data Officer and Chief Privacy Officer, and a Data and Transparency Panel to guide state data practices.

Why it matters. Vendors serving Arkansas should expect to align with the state's cybersecurity policy and its data-governance roles.

Citation. Ark. Code Ann. §§ 25-1-126 (Use of Technology Resources and Cybersecurity), 25-4-126 (Chief Data Officer and Chief Privacy Officer), and 25-4-127 (Data and Transparency Panel).

In plain terms. Arkansas applies architecture-compliance requirements to IT solicitations.

Who it applies to. Vendors responding to state IT solicitations.

What it requires. IT solicitations (RFP/IFB/RFQ) carry architecture-compliance requirements that proposed solutions must meet.

Why it matters. Your proposed solution must satisfy the state's IT architecture-compliance requirements to be eligible.

Citation. Arkansas IT RFP/IFB/RFQ Architecture Compliance requirements.