Standards in Government IT Management Process Improvement Road Map to IT Success
description
Transcript of Standards in Government IT Management Process Improvement Road Map to IT Success
1
Standards in Government IT Management Process Improvement
Road Map to IT Success
Presented by Stephen Hyland and Steven Tauber
2
Agency is Responsible for Meeting Legislative and Regulatory Mandates
Government Performance and Results Act of 1993 (GPRA)
– Is the primary legislative framework through which agencies are required to set strategic goals, measure performance, and report on the degree to which goals were met. It requires each federal agency to develop strategic plans that cover a period of at least 5 years and include the agency's mission statement; identify the agency's long-term strategic goals, and describe how the agency intends to achieve those goals through its activities and through its human capital, information, and other resources.
Information Technology Management Reform Act of 1996 (Clinger-Cohen Act)
- Link IT investments to agency accomplishments and establish and measure processes for selecting, managing, and controlling IT investments
3
Agency is Responsible for Meeting Legislative and Regulatory Mandates (cont’d)
OMB Circular A-130: Management of Federal Information Resources
- Monitor and evaluate the performance of information resource investments through a capital planning and investment control process, and provide advice on whether to continue, modify, or terminate a program or project
- Advise the agency head on budgetary implications of information resource decisions
- Be an active participant throughout the annual agency budget process in establishing investment priorities for agency information resources
E-Government Act of 2002 (FISMA)– To enhance the management and promotion of electronic Government
services and processes, and by establishing a broad framework of measures that require using Internet-based information technology to enhance citizen access to Government information and services.
4
OMB’s Circular A-11 Requires the Annual Filing of Information
Exhibit 300 -- Planning, Budgeting, Acquisition and Management of Capital Assets
– used to report Major System Acquisitions– Is the basis for OMB approved funding
Exhibit 53 – Information Technology and E-Government
– OMB IT budget approval is based on this report. – Is one of the reports OMB uses to ensure that Capital projects are in
compliance with the Capital Planning and Investment Control requirements.
5
GAO Established an Approach for Life Cycle Management of IT Investments
SelectPhase
• Screen• Rank• Select
ControlPhase
• Monitor progress• Take corrective
actions
EvaluatePhase
• Conduct reviews
• Make adjustments
• Apply lessons learned
?How are you ensuring that
projects deliver benefits?
?Are the systems delivering what you expected?
?How do you know you have selected the best projects?
6
GAO’s ITIM Vision: Framework for Organizational Improvement Improve the likelihood that IT investments will be
completed on time and on budget Promote a better understanding and management
of IT-related risks Ensure that IT investments are selected based on
their merits by a well-informed decision-making body
Implement process management improvement ideas and innovations
Increase the business value and mission performance improvements of IT investments
7
GAO’s ITIM Vision: Framework for Organizational Improvement
Investment benchmarking and IT-enabled change management techniques are deployed to strategically share business outcomes.
Process evaluation techniques focus on improving the performance and management of the organization's IT investment portfolio.
Comprehensive IT investment portfolio selection and control techniques are in place that incorporate benefit and risk criteria linked to mission goals and strategies.
Repeatable investment control techniques are in place and the key foundation capabilities have been implemented.
There is little awareness of investment management techniques. IT management processes are ad hoc, project-centric, and have widely variable outcomes.
Project-Centric
Enterprise and Strategic Focus
Stage 5Leveraging IT for
Strategic Outcomes
Stage 4Improving the
Investment Process
Stage 3Developing a Complete
Investment Portfolio
Stage 2Building the
Investment Foundation
Stage 1Creating Investment
Awareness
8
Enterprise-wide focus on IT investment management
Evaluates all areas of CIO activities Rigorous, standardized tools for evaluations of an IT
investment management strategy Identifies policy deficiencies and efficient corrective
actions Simplifies the completion of required filings for
funding of IT investments: OMB Exhibit 300B Consistent and understandable mechanism for
reporting results to agency executives, Congress, GAO, and other interested parties
What ITIM Means to the Gov’t CIO
9
What is an ITIM Assessment? Objectively evaluates the existing information
technology investment maturity Produces a road map for prioritizing and meeting
legislative and regulatory mandates (GAO and OMB) and meeting mission goals
Establishes strategies for effectively managing information resources across the enterprise and identifies areas with maximum ROI
Fosters collaboration through the adoption of standards that bridge functional and organizational boundaries
10
Holistic Approach to ITIM Maturity Assessment
Records Management
Data Management
Human Capital
Hardware, Software &
Services Acquisition
Operations and
Maintenance
Software Development
Enterprise Architecture
Budget and Planning
Information Security
IT Investment Management
11
Approach Provides a Framework forContinuous Process Improvement
PlanProject
AssessCurrent
State
EnvisionFutureState
PlanImplementation
ExecutePlan
EvaluateProgress
12
Phases of ITIM Assessment Methodology
PHASE 4PHASE 3PHASE 2
Monitor and Evaluate Progress
Execute Transition Strategy
Create Transition Strategy
Envision Future State
Assess Current State
Evaluate Performance
Institute and Execute Policies
Institute and Execute Procedures
Develop Transition Strategy
Identify and Scope Processes to be
Analyzed
Obtain Executive Management
Support
Confirm Strategic Objectives
Select Project Team
Identify Key Stakeholders
Develop Project Plan
Define Standards and Establish
Measurable Criteria
Evaluate Current Policy/Processes
and Documentation
Identify Gaps and Key Improvement
Opportunities
Assess Organizational
Change Readiness
Identify Best Practices
Define Policy/Process Requirements
Define Organizational Requirements
Define Technology Requirements
Finalize Recommendations
Define Benefits
Institute and Execute Processes
Monitor Performance
Educate/Train on Processes, Policies, Procedures & Tools
Determine Transition Rate
Constraints
Plan Project
Manage Change
PHASE 1
13
Enterprise Architecture
Measure compliance with legislative and regulatory standards Provide integration with Federal Government EA Frameworks
– OMB’s FEA, Federal CIO Council’s FEAF, Treasury’s TEAF, and DoD’s C4ISR
– E-Gov Common Reference Model Establish a baseline for conducting future Enterprise
Architecture self-assessments to measure progress– GAO’s A Framework for Assessing and Improving Enterprise
Architecture Management, Version 1.1– CIO Council’s Practical Guide to Federal Enterprise Architecture
14
Information Security
Measure compliance with legislative and regulatory standards– Government Information Security Reform Act (GISRA)– Computer Security Act– Paperwork Reduction Act
Identify opportunities for effectively managing Information Security at an enterprise level
Establish a baseline for conducting future Information Security self-assessments to measure progress
– CIO Council’s Federal Information Technology Security Assessment Framework
– NIST Security Self-Assessment Guide for Information Technology Systems (NIST SP 800-26)
– NIST Contingency Planning Guide for Information Technology Systems (NIST SP 800-34)
15
Budget and Planning
Measure compliance with legislative and regulatory standards– OMB Circular A-11, Part 7: Planning, Budgeting, Acquisition and
Management of Capital Assets
– OMB Program Assessment Rating Tool (PART)
– President’s Management Agenda: Agency Scorecards
Identify opportunities for effectively managing Budget and Planning across the enterprise
Establish a baseline for conducting future Budget and Planning self-assessments to measure progress
16
IT Human Capital
Measure compliance with legislative and regulatory standards– Clinger-Cohen Act– OMB Circular A-130– GAO IT Investment Management Framework
Identify opportunities for effectively managing Human Capital at an enterprise level
Establish a baseline for conducting future Human Capital self-assessments to measure progress
– Office of Personnel Management Human Capital Framework– Software Engineering Institute’s People Capability Maturity Model
17
Software Development
Measure compliance with legislative and regulatory standards– Clinger-Cohen Act– OMB Circular A-130– GAO IT Investment Management Framework
Identify opportunities for effectively managing Software Development life cycle at an enterprise level
Establish a baseline for conducting future Software Development self-assessments to measure progress
– Software Engineering Institute Capability Maturity Model (SEI CMM)
– Software Engineering Institute Capability Maturity Model Integration (SEI CMMI)
– ISO 9000
18
IT Hardware, Software & Services Acquisition
Measure compliance with legislative and regulatory standards– Clinger-Cohen Act– OMB Circulars A-11, A-130, and A-109– Federal Acquisition Streamlining Act (FASA)
Identify opportunities for effectively managing Hardware/Software Acquisition across the enterprise
Establish a baseline for conducting future HW/SW Acquisition self-assessments to measure progress
– GAO IT Investment Management Framework– Software Engineering Institute Software Acquisition Capability
Maturity Model (SEI SA-CMM)
19
Records Management
Measure compliance with legislative and regulatory standards– Government Paperwork Elimination Act – 5 USC Sec. 522 - Freedom of Information Act– 40 CFR Part 16 - Privacy Act
Identify opportunities for effectively managing Records Management at an enterprise level
Establish a baseline for conducting future Records Management assessments to measure progress
– NARA Records Management Self-Evaluation Guide
20
Data Management
Measure compliance with legislative and regulatory standards– Section 515 of P.L. 106-554: Data Quality Act
Identify opportunities for effectively managing Data and Information at an enterprise level
Establish a baseline for conducting future Data Management self-assessments to measure progress
– Michael Brackett’s Ten Best Practices for Effective Data Quality– Larry English’s Improving Data Warehouse and Business
Information Quality
21
Operations and Maintenance
Measure compliance with legislative and regulatory standards Identify opportunities for effectively managing Operations and
Maintenance activities at an enterprise level Establish a baseline for conducting future Operations and
Maintenance self-assessments to measure progress– IT Service Capability Maturity Model (ITS CMM)– Software Engineering Institute Software Engineering Capability
Maturity Model (SEI SE-CMM)
22
ITIM Process Improvement Methodology
Provides an adaptable methodology based on needs and objectives
Evaluate status against legislative and regulatory requirements – Define Evaluation Criteria/Standards– Perform Gap Analysis and produce detailed Recommendations
Provides roadmap for achieving your IT vision– Produce Transition Strategy, including Communications, Quality
Assurance, and Risk Management Plans– Provide ROI basis for decisions
Execute Transition Strategy– Provide execution assistance, specifically in areas of business process
re-engineering, and template and tool evaluation and selection– Metrics of success
Implement and Evaluate– Support planning and execution of ongoing monitoring strategies,
processes, and tools (self-assessments or independent)
23
Presenters
Stephen HylandThe Orkand CorporationProgram Manager(703) [email protected]
Steven TauberBearingPointManager, Federal eGovernment(703) [email protected]