                                 CODE OF VIRGINIA

MAJOR INFORMATION TECHNOLOGY PROJECT PROCUREMENT; TERMS AND CONDITIONS (§
2.2-2012.1)

A. For purposes of this section, &#8220;supplier&#8221; means an offeror with
whom the Commonwealth has entered into a contract for a major information
technology project.

B. Except as provided in subsection C, in any contract for a major information
technology project, terms and conditions relating to the indemnification
obligations and liability of a supplier shall be reasonable and shall not exceed
in aggregate twice the value of the contract. There shall be no limitation on
the liability of a supplier for (i) the intentional or willful misconduct,
fraud, or recklessness of a supplier or any employee of a supplier or (ii)
claims for bodily injury, including death, and damage to real property or
tangible personal property resulting from the negligence of a supplier or any
employee of a supplier.

C. If the CIO believes that a major information technology project presents an
exceptional risk to the Commonwealth, he shall conduct a risk assessment prior
to the issuance of a Request for Proposal. Such risk assessment shall include
consideration of the nature, processing, and use of sensitive or personally
identifiable information. If the risk assessment concludes that the project
presents an exceptional risk to the Commonwealth and the limitation of liability
amount provided in subsection B is not reasonably adequate to protect the
interest of the Commonwealth, the CIO may recommend and request approval by the
Secretary of Administration to increase the limitation of liability amount.
			The CIO shall make such recommendation in writing setting forth the reasons
that the limitations in subsection B are not adequate to protect the
Commonwealth&#8217;s interests. The recommendation shall describe the risks
presented to the Commonwealth and how those risks are not sufficiently mitigated
by the expected terms and conditions associated with the Request for Proposal.
The CIO shall recommend a reasonable maximum alternative limitation of liability
amount that is a multiple of the contract value, with the same exceptions to the
limitation as provided in subsection B.
			The Secretary of Administration shall review and may approve any recommended
maximum alternative limitation of liability amount to be included in any Request
for Proposal issued for the project. The CIO shall annually publish a list of
all approvals granted under this subsection pertaining to any Request for
Proposal issued in the previous 12-month period.

D. Notwithstanding the provisions of this section, the Commonwealth may agree to
a lower limitation for any contract subject to subsection B or C.

HISTORY: 2019, cc. 605, 606.