Virginia’s primary public lead for information technology (IT) is the Virginia IT Agency (VITA), which provides consolidated IT services (computing, telecommunications, governance, and procurement), infrastructure, and cybersecurity for executive branch agencies.
While some services are delivered directly, VITA primarily operates on a multi-supplier model, acting as a broker to provide agencies with access to products and solutions through statewide contracts.
Non-executive branch entities (independent agencies and authorities, and those within the legislative and judicial branches) manage their own IT needs but comply with VITA standards regarding security. For the legislative branch, IT services are managed centrally by the Division of Legislative Automated Systems (DLAS). The House Appropriations Committee provides resources to manage the IT needs across the executive, legislative, and judicial branches of government.
$700M
in active IT projects
18%
of active IT contracts are considered at-risk
7
major IT contracts provide services to state agencies
Budget Overview
- The largest share of IT related expenditures in the state budget flow through VITA with 96% of the revenue supporting VITA coming from fees paid by state agencies for IT services. Accordingly, while the FY 2026 budget for VITA (per Chapter 725, 2025 Acts of Assembly) is $494.0 million, only $2.3 million is a direct general fund (GF) appropriation and $475.1 million is a nongeneral fund appropriation (NGF) to reflect these fees.
- On average, 55% of all fees paid by agencies to VITA are derived from agencies’ GF resources, so changes to VITA’s rates have a measurable impact on the GF. On a near-annual basis, an amendment is included in the Central Accounts part of the budget to reflect the latest cost and usage estimates and corresponding impact to agencies’ GF appropriation for this purpose. As with other central budget charges, agencies supported by NGF revenue are expected to absorb cost variations.
- VITA’s rates are set on an annual basis to reflect actuals for the preceding year, any anticipated increases in vendor charges, utilization, or market fluctuations, and anticipated new services offered by VITA. Depending on the type of service, it either requires approval by the General Assembly or, if provided for a specific agency, evidence of that agency’s ability to absorb the additional costs within current resources. Funding to upgrade IT systems within state agencies is usually provided directly to state agencies. For example, the House Appropriations Committee provided $131 million to replace the revenue administration system on the Department of Taxation.
Program / Policy Highlights
- Information Security Policy
All of Virginia state agencies follow a set of IT security standards, primarily based on the Commonwealth’s Information Technology Resource Management (ITRM) Standard, which mandates security controls, governance, and procedures. The policy is applicable to the Commonwealth’s executive, legislative, and judicial branches, as well as independent agencies and institutions of higher education, but is offered only as guidance to local government entities. The standard is built upon the NIST Special Publication 800-53 framework.
- Artificial Intelligence (AI)
There are requirements for Commonwealth agencies and suppliers on the acceptable and ethical use of AI. These standards apply to existing and new uses of AI, stand-alone AI or embedded and generative AI within other systems or applications, AI developed by an agency or by third parties on behalf of agencies, and agencies’ procurement of AI applications. These standards were developed in accordance with Executive Directive No. 5 and Executive Order 30 (2024).
- Accessibility Guidelines
In accordance with ICT Accessibility 508 Standards and 255 Guidelines and Chapter 751, 2025 Acts of Assembly, all Commonwealth agencies responsible for the management, development, purchase, and use of IT resources in Virginia must ensure that their technology complies with certain accessibility standards. See VITA’s website for more information.
- State and Local Cybersecurity Grant Program (SLCGP)
Program specifically for state, local, and territorial governments across the country. Funds are allocated to Virginia and distributed to localities to manage and reduce systemic cyber risk. See VITA’s website for more information.
- Joint Commission on Technology and Science (JCOTS)
JCOTS is a permanent legislative agency established in 1997 to study all aspects of technology and science that strives to encourage, promote, and assist in the development of sound technology and science policy in the Commonwealth. Presently, JCOTS’s current work plan has four key focus areas: Quantum, AI Chatbots, Digital inclusion, and AI in medicine.
- Office of Data Governance and Analytics (ODGA)
Home of the state’s Chief Information Officer, ODGA partners with Commonwealth agencies and public institutions to maximize the value of Commonwealth data through strategic governance, secure and appropriate data sharing, and enterprise analytics services informing actionable intelligence. ODGA is responsible for operating the Commonwealth Data Trust (a contract agreement between ODGA and agencies, localities, and other organizations geared toward data sharing and security).
Reports and Presentations
Resources and Deep Dives
Staff Contact
