1

Electronic Signatures on Contracts and Grants

State Controller Policy

Effective Date: 01/18/2019

Approved by: Robert Jaros, CPA, MBA, JD, Colorado State Controller

Policy

Under the Fiscal Rules, this is a State Controller Contract, Grant, and Purchase Order Policy.

Definitions

  • Digital Signature Certificate. An electronic document issued by a recognized certificate authority that contains a public key that specifies the identity of the individual associated with the key.
  • Electronic Signature. An electronic sound, symbol, or process attached to or logically associated with an agreement and executed or adopted by a person with the intent to sign the agreement, and includes digital signatures.
  • Electronic Signature System. A system for electronic signature approved and implemented by
    Office of Information Technology (OIT) for agencies subject to OIT authority and with the form approved by the OSC for use on State Contracts and Grants.
  • Scanned Signature. A scanned copy of a document with a wet ink signature.

Authorization for State Agencies and Institutions of Higher Education (IHEs) to Use Electronic Signatures on State Contracts and Grants

  • State Agencies subject to OIT authority:
    • State Agencies, in consultation with OIT and State Archives, and in accordance with policies, standards, and guidelines set forth by OIT, may determine the extent to which such Agency shall send and accept electronic records and electronic signatures. CRS 24-71.3- 118 Acceptance and distribution of electronic records by governmental agencies.
    • State Agencies may petition OIT to review a technology for use in electronic transactions by providing a written request for review. The petition must include a full explanation of the technology and show that it meets the security requirements and any additional applicable requirements established by OIT. B CCR 1501-9.
    • If a technology is approved by OIT under 8 CCR 1501-9, State Agencies may enter into
      electronic transactions using the technology in conformance with OIT's policies.
    • The Office of the State Controller (OSC) shall approve the form of the signature and cover page as described in this policy. CRS 24-30-202(1) and Fiscal Rule 3-3 State Contracts, section 5.1.1.8.
    • After approval, State Agencies shall work with OIT to gain access to an approved Electronic
      Signature System.
  • State Agencies and IHEs not subject to OIT authority and follow Fiscal Rules:
    • State agencies and IHEs shall develop policies, standards, and guidelines regarding sending and accepting electronic records and signatures. Such policies shall include a process for validating electronic signatures through an e-mail verification of the signatory, a valid Digital Signature Certificate, or other means of validation.
    • State agencies shall conduct a review of the technology for use in electronic transactions.
    • Upon internal approval, Agencies and IHEs may enter into electronic transactions in conformance with their own policies. Agencies and IHEs shall provide their policies and internal approval of electronic records and signatures to the OSC.
    • The OSC shall approve the form of the signature and cover page as described in this policy.

Authorization for State Agencies and IHEs to accept Electronic Signatures from Vendors on State Contracts and Grants

Agencies and IHEs may accept Electronic Signatures from vendors using an Electronic Signature System provided the Electronic Signature System complies with OIT policies for agencies subject to OIT authority and with their own policy for agencies and IHEs not subject to OIT authority. If a vendor does not sign a document electronically but instead signs by hand, then the State Agency or IHE may upload a scanned copy, Scanned Signature, of that vendor's document that was signed by hand into the Electronic Signature System and have all State signatories sign the document electronically, so long as the State Agency or IHE maintains the original document signed by the vendor in its files.

Signature and Cover Page

The signature shall comply with the requirements of OIT policies for agencies subject to OIT authority or with the requirements of the agency or IHE's own policies for agencies not subject to OIT authority. An electronic signature that meets these requirements is a valid and enforceable signature. If the signature does not follow the cover page, then the cover page shall state where the electronic signature is located in the document.  Agencies and IHEs shall submit their form for the signature and cover page to DSC for approval.

Central Approvers

State Agencies and IHEs using an Electronic Signature System shall ensure that all central approvers are also able to sign the document electronically.

Fiscal Rules and Signature Delegation

Agencies and IHEs shall continue to comply with Fiscal Rules and signature delegation if an Agency or IHE decides to use electronic signatures.

Internal Control

State Agencies and IHEs shall develop internal control procedures for the use of electronic signatures.

Policy Implementation

State Agencies and IHEs shall coordinate with OIT and OSC the roll-out of electronic signatures to better facilitate the adoption of electronic signatures statewide. Agencies and IHEs may develop an Agency or IHE-specific policy on electronic signature that further clarifies the statewide policy.

Costs

State Agencies and IHEs that initiate the transaction {owner of the document) shall be responsible for any costs associated with the use of Electronic Signatures by that Agency or IHE. For interagency agreements, the paying agency shall be responsible for the costs.
 

 State Controller Policies