NC Department of Information Technology: Digital Government Services
The North Carolina Department of Information Technology (NCDIT) functions as the centralized technology authority for state government operations, overseeing infrastructure, cybersecurity, broadband policy, and digital service delivery across executive branch agencies. Its mandate is defined under N.C. General Statute Chapter 143B, Article 14, which consolidates IT governance under a single cabinet-level department. This page covers the department's operational scope, service delivery mechanisms, and the boundaries of its authority relative to other state and local entities.
Definition and Scope
NCDIT was established as a cabinet-level department in 2015 under Session Law 2015-241, consolidating technology functions previously distributed across state agencies. The department is headed by the State Chief Information Officer (State CIO), a position appointed by the Governor. NCDIT's statutory responsibilities span four primary domains: enterprise IT infrastructure, cybersecurity, broadband infrastructure expansion, and technology procurement oversight.
The department's scope encompasses all executive branch agencies operating under the Governor's authority. This includes the North Carolina Department of Health and Human Services, the North Carolina Department of Transportation, and the North Carolina Department of Public Safety, among others. NCDIT operates the State Data Center in Research Triangle Park, which serves as the primary hosting facility for enterprise applications used by state government.
Scope boundary and coverage limitations: NCDIT's authority is confined to executive branch agencies. It does not govern IT systems operated by the North Carolina General Assembly, the North Carolina court system (which falls under the Administrative Office of the Courts), the University of North Carolina System, the North Carolina Community College System, or local government entities such as county or municipal IT departments. State-chartered constitutional offices — including the North Carolina Secretary of State and the North Carolina State Treasurer — may participate in NCDIT enterprise services but retain independent procurement authority in specific circumstances defined by statute.
How It Works
NCDIT delivers digital government services through a shared-services model, in which centralized infrastructure and platforms are provisioned to participating state agencies rather than each agency independently procuring and operating its own systems.
The department's operational framework includes five functional layers:
- Enterprise Infrastructure — Managed network connectivity through the state's Government Network (NCGovNet), data center hosting, and cloud brokerage services coordinating use of approved cloud service providers.
- Cybersecurity — The Statewide Information Security Manager (SISM) function sits within NCDIT and enforces the Statewide Information Security Manual (SISM Manual), which agencies must follow under N.C.G.S. § 143B-1379.
- Broadband Infrastructure — NCDIT administers federal broadband funding allocations, including programs authorized under the Infrastructure Investment and Jobs Act of 2021 (Public Law 117-58), which directed $65 billion nationally for broadband expansion.
- IT Procurement and Governance — All IT contracts above $500,000 require NCDIT review and the State CIO's approval before execution, per N.C.G.S. § 143B-1320.
- Digital Services and Citizen Experience — NCDIT maintains NC.gov as the official state web portal and oversees accessibility compliance requirements tied to the Americans with Disabilities Act and Section 508 of the Rehabilitation Act.
Agencies interact with NCDIT through a formal project intake process, submitting IT project proposals that are assessed for strategic alignment, redundancy with existing systems, and procurement category.
Common Scenarios
The following represent typical service interactions that fall within NCDIT's operational scope:
- Agency Application Hosting: A state agency migrating a legacy case management system to the State Data Center or a state-approved cloud environment routes the project through NCDIT's cloud brokerage and receives a security authorization under the SISM framework.
- Broadband Grant Administration: A county government seeking federal broadband expansion funding under the BEAD Program (Broadband Equity, Access, and Deployment) applies through NCDIT's Office of Broadband and Digital Equity, which serves as the state's administering entity.
- Cybersecurity Incident Response: When an executive branch agency experiences a data security incident, NCDIT's Security Operations Center (SOC) coordinates incident response. Agencies are required to report incidents within defined timeframes specified in the SISM Manual.
- Statewide Software Licensing: An agency seeking Microsoft 365 licenses procures through NCDIT's enterprise agreement rather than negotiating independently, a mechanism that consolidates licensing costs across the state enterprise.
- IT Project Oversight: A capital IT project exceeding the $500,000 threshold, such as a revenue collection system modernization at the North Carolina Department of Revenue, requires a project charter submission to NCDIT and quarterly status reporting through the Project Portfolio Management system.
Decision Boundaries
The practical line between NCDIT authority and agency-level discretion depends on contract value thresholds, system classification, and whether a project uses enterprise-shared infrastructure.
| Scenario | NCDIT Authority Applies | Agency Independent Authority |
|---|---|---|
| IT contract ≥ $500,000 | Yes — State CIO approval required | No independent execution |
| IT contract < $500,000 | Review optional; varies by agency | Generally yes |
| Data center hosting (executive branch) | Yes — State Data Center or approved cloud | No independent data center buildout |
| Constitutional office IT procurement | Partial — consultation encouraged | Retained by office |
| Legislative/judicial branch systems | No — NCDIT has no jurisdiction | Fully independent |
| Local government IT | No — outside statutory scope | Fully independent |
The contrast between executive branch agencies and constitutionally independent offices is significant in practice. The North Carolina State Auditor and similar constitutional officers operate systems that interface with NCDIT infrastructure but are not subject to mandatory State CIO approval on procurement decisions.
NCDIT's broadband authority has a distinct administrative boundary: while the department administers federal broadband grants and maintains the state's broadband map, actual network construction is executed by internet service providers, local governments, and electric cooperatives — not by NCDIT directly.
For a broader orientation to North Carolina's executive branch structure and how NCDIT fits within the cabinet framework, the site index provides structured access to agency and departmental reference pages across the state government landscape.
References
- North Carolina Department of Information Technology — Official Site
- N.C. General Statute Chapter 143B, Article 14 — Department of Information Technology
- N.C.G.S. § 143B-1379 — Statewide Information Security
- N.C.G.S. § 143B-1320 — State CIO Procurement Authority
- Infrastructure Investment and Jobs Act, Public Law 117-58 — U.S. Congress
- NCDIT Statewide Information Security Manual
- NC.gov — Official North Carolina State Portal
- Section 508 of the Rehabilitation Act — U.S. Access Board