February 3, OI&T Enterprise Strategy: Putting Veterans First
|
|
- Myles Hill
- 7 years ago
- Views:
Transcription
1 OI&T Enterprise Strategy: Putting Veterans First
2 Objectives Provide an overview of the IT Enterprise Strategy Share O&IT s opportunities Gain your feedback on our way forward Answer any questions about our direction and plans 2
3 3
4 Given the complexity, it was evident that implementing one or two projects would not fix this organization. 4
5 The new OI&T Transformation Strategy is the result of in-depth analysis of numerous sources. Industry partners IT leaders Business partner leadership All Employee Survey VA Senior Leadership myva task force Multiple OI&T Assessments Strategic plans Congress Oversight: OIG, GAO etc. Employee feedback Survey results 5
6 After centralization in 2006, OI&T has been a tactical participant in VA s mission. Our Veterans need more. 6
7 We found opportunities in several key areas. PARTNERSHIP Lack of partner collaboration Shifting partner needs Protracted and misaligned acquisition process Prolific shadow IT IT used to address/support poor process design CULTURAL Internally focused No talent management large skill gap Consumerization of IT Activity outweighs outcome Lack of data-driven decision making OPERATIONAL No standardization or quality controls Ineffective leadership & governance Lack of accountability No software lifecycle No asset/config management EXTERNAL FORCES Changing Veteran demographics Rising public expectations Growing cyber threats Internet of Things Next generation IT models 7
8 MyVA is also a key driver for our change. Improving the Veteran Experience Improving the Employee Experience Improving Internal Support Services Establishing a Culture of Continuous Improvement Enhancing Strategic Partnerships 8
9 We have focused on four key principles Not the rules of the past. Transparency Accountability Innovation Teamwork 9
10 Our strategic framework has five new elements. Collaborate with our business partners to create the best experience for all Veterans 1 Mission 2 Vision Become a world-class organization that that provides a seamless, unified Veteran experience through the delivery of state-of-the-art technology 3 Our Guiding Principles Stabilize and streamline core processes Eliminate material weaknesses Institutionalize new set of capabilities to drive improved outcomes 5 4 Technical Foundation Execution: Now, Near, and Future Mission alignment Data visibility and accessibility Data interoperability Infrastructure interoperability Information security Enterprise services 10
11 Our strategic framework centers on three key themes Stabilize and streamline core processes and platforms Eliminate material weaknesses Institutionalize new set of capabilities to drive improved outcomes 11
12 And spans three phases: Now, Near, Future. Value Strategic Framework Time 12
13 The framework can be used to support the future. 13
14 In addition, our goals are consistent with our business partners strategic plans. Business Partners Key Business Priorities OI&T Strategic Themes MyVA VHA VBA NCA Corporate Offices Improve functionality of existing systems Enhance system interop Ensure secure electronic options for Veterans Modernize IT management processes Ensure shared information for greater interaction across VA and externally Establish new mission-critical systems Expand virtual, mobile, and self-service options for Veterans Stabilize and streamline core processes and platforms Eliminate material weaknesses Institutionalize new set of capabilities to drive improved outcomes 14
15 Based on the strategy, we are establishing five new key functions. ENTERPRISE PROJECT MANAGEMENT OFFICE DATA MANAGEMENT ACCOUNT MANAGEMENT QUALITY AND COMPLIANCE STRATEGIC SOURCING 15
16 Our IT Account Managers (ITAMs) are responsible for managing the IT needs of our business partners Continuous 10-step process for strategic business alignment Trusted role models for enterprise collaboration & communication Leveraging the best practices on behalf of service improvement within VA Focus is on outcomes to the Veteran while supporting the customer Constant assessment & improvement focused on higher level of service and ensuring a seamless engagement within OI&T. 16
17 The ITAMs are supported by 5 key Customer Relationship Managers (CRMs) North Atlantic Pacific Midwest Continental Southeast who will transform the way we interact with our partners in the field. 17
18 We are establishing a clear, consistent process for understanding and communicating with our partners. Customer relationship knowledge workers will analyze data received from our CRMs. This information will provide OI&T a better approach to: VA Division ITAM CIO EPMO Issue resolution Change management Enterprise innovation Max.gov - provides a best-ingovernment approach to dynamic knowledge management. Pacific Midwest Continental North Atlantic Southeast 18
19 The EPMO leverages this constantly evolving partnership by selecting, developing, and delivering solutions with the Veteran in mind. 19
20 EPMO s portfolio and resource tracking will ensure constant visibility into all project activities. Outcomes Project portfolio and resource tracking 18-month portfolio view Metrics that matter Monthly portfolio health metrics Align portfolios to objectives Enhance visibility and governance Analyze and report portfolio performance metrics Ensure overall portfolio health Optimize resources for projects, people, and timelines 20
21 OI&T is improving the value of the products we deliver through strategic alignment, effectiveness, and consistency. PMAS Document Driven (58 Documents) Data Driven (7 Documents + ATO) 5 Phase Gates/Milestones 2 Critical Decision Events Multiple Release processes 1 Integrated Release process 6 month delivery cycle 3 month delivery cycle Ad-hoc hierarchy of programs and projects Waterfall Centric Security + Architecture late in the process Project-centered (tactical) Portfolio-based management Agile Centric Security + Architecture standards leveraged early, during planning Portfolio-centered (strategic) 21
22 In addition, we have four transformational initiatives within EPMO. NEW RELEASE PROCESS Single process for all partners Dedicated release owner Streamlined review, approval, and communication process ENTERPRISE CHANGE CALENDAR Partner-specific, unified calendar Continually updated Full visibility into upcoming releases TOOLS Consistent intake through VIP Request (VIPR) Time-tracking for all resources VETERAN-FOCUSED INTEGRATION PROCESS (VIP) Focused on value over artifacts Only two critical decision points Product team stays engaged for 90 days following release 22
23 We have the opportunity to improve the Veteran experience through data management, stewardship and analysis. 23
24 24
25 Our ultimate goal is to create a holistic view of the Veteran to improve their experience, care, and access. We will have a seamless data integration capability with DoD, answering the question of interoperability. Current: VA can view full service record. JLV our health interoperability with DoD Vets.gov: one login, one time CDI: creating the customer data interchange for the enterprise And a new Data Management Organization (DMO) function within OI&T 25
26 OI&T s DMO will unite VA s resources behind a common goal. DATA MANAGEMENT DMO Represents Process Excellence and Innovation Engages with the data steward (business owner) to ensure accuracy and security. Institutes data governance and a single source of the truth. Analyzes data sources to form a true enterprise data architecture. Establishes appropriate metrics for data efficiency, access and value. Identifies new opportunities to improve the Veteran experience. Ensures an enterprise-wide data linkage. 26
27 Our final two key functions will be established by the end of Q3. Establishes an organized, collaborative, streamlined approach to fulfilling enterprise requirements with solution providers. STRATEGIC SOURCING Manages COE for requirements development and vendor selection. Develops knowledge base for enterprise architecture needs and supplier alignment strategies Tracks Vendor performance and contract deliverables; manages feedback. Maintains and shares insights on new technologies and capabilities to improve the workforce knowledge base. Encourages buy first methodology. Ensures adherence to appropriate policies and standards leading to the elimination of the material weakness findings. Evaluates solutions for effectiveness. Establishes effective policy governance and standards. QUALITY AND COMPLIANCE Identify, monitor, and measure risks for a forward-looking assessment of compliance across the organization. Evaluates apps for compliance and quality. Ensures OI&T is prepared for audits. Manages correspondence with oversight bodies and tracks commitments to responses. 27
28 We are also transforming our OI&T Field Services Team. Customer Experience Deliver best-in-class, customer facing solutions that increase transparency. Example: SLAs for all organizations. Field Operations Transform field operations. Example: Leveraging SLAs to define support needed. Infrastructure Operations Service Desk Organizational Structure Operational Process Drive operational efficiency across infrastructure operations. Example: Migrate data and applications to cloud. Deliver best-in-class IT support for all enduser contact and communication. Example: Redesign of service desk Redesign organizational structure. Example: Focus on centers of excellence and proximity to customer. Focus on efficiency and effectiveness. Example: Data center consolidation strategy. 28
29 Our new enterprise security strategy focuses on eliminating our material weakness and provides defense in depth for all VA data. For the first time, security initiatives are fully funded and resourced. 29
30 Based on the IT Enterprise Strategy, we will close key actions in response to oversight recommendations, eliminating our label as a material weakness in VA. 30
31 ECST (CRISP) Material Weakness Plan: 2016 Finding # FY 15 Draft Language 3/31/16 6/30/16 9/30/16 12/31/16 Finding 1: Agency-Wide Risk Management Program Finding 2: Identity Management and Access Controls Finding 3: Configuration Management Controls Finding 4: System Development/Change Management Controls Finding 5: Contingency Planning Finding 6: Incident Response and Monitoring Finding 7: Continuous Monitoring Finding 8: Contractor Systems Oversight Status of Prior-Year Recommendations Average % Complete February for Finding 3, 2016 Recommended Projected % Complete 12/31/ Risk Management Program 8% 44% 73% 94% 94% 2 Health Eligibility Center (HEC) WRAP Authority to Operate (ATO) 33% 100% 100% 3 POA&M Roles & Responsibilities 7% 39% 55% 66% 66% 4 POA&M Updates 7% 39% 55% 66% 66% 5 POA&M Artifacts 7% 39% 55% 66% 66% 6 POA&M Artifacts Update (GRC) 7% 39% 55% 66% 66% 7 POA&M Automatic Closures and NIST Revision 4 Updates 8% 74% 100% 100% 8 Security Plan Update Mechanisms 8% 74% 100% 100% 9 Security Document Update Process 4% 42% 49% 60% 60% 10 Password Policy Enforcement 26% 56% 88% 100% 100% 11 Access Reviews 17% 19% 54% 100% 100% 12 Audit Logs & Security Violation Reviews 5% 38% 69% 82% 82% 13 Two-Factor Authentication for Remote Access 90% 99% 99% 100% 100% 14 Remote Access Security Standards 0% 100% 100% 15 Enterprise Vulnerability Remediation 19% 46% 74% 84% 84% 16 Patch Management Program 19% 46% 74% 84% 84% 17 Configuration Baseline Scanning 12% 46% 79% 79% 79% 18 Medical Device & Non-OI&T Network Segregation 43% 43% 100% 100% 19 Common Control for Non-OI&T Networks 15% 53% 96% 100% 100% Finding Projected % Complete 12/31/ System Development & Change Control 18% 47% 80% 100% 100% 100% 21 Contingency Plan Update Process 25% 96% 99% 100% 100% 22 Backup Data Encryption 7% 39% 63% 75% 75% 23 Disaster Recovery Update Process 16% 26% 26% 26% 26% 24 Business Impact Analysis Update Process 9% 45% 45% 91% 91% 25 Incident Response Procedures 31% 58% 80% 80% 80% 26 ID & Monitor External Interconnections 11% 22% 41% 58% 58% 27 Data Exfiltration 7% 24% 29% 59% 59% 28 Approved/Unapproved Software 13% 45% 45% 100% 100% 29 Software Inventory 11% 44% 81% 100% 100% 30 Contractor Cloud System Monitoring 37% 89% 100% 100% 31 FISMA Systems Inventory 41% 81% 100% 100% FY6-3 Position Sensitivity & Rules of Behavior 27% 51% 64% 67% 67% FY6-4 Background Investigation Monitoring 27% 51% 64% 67% 67% FY6-8 Wireless Security 25% 36% 50% 50% 50% FY6-9 Encryption of Sensitive Data 23% 64% 64% 93% 93% 80% 96% 77% 57% 72% 100% 100% 69% 84%
32 ECST (CRISP) Material Weakness Plan: 2017 Finding # FY 15 Draft Language 3/31/17 6/30/17 9/30/17 12/31/17 Finding 1: Agency-Wide Risk Management Program Finding 2: Identity Management and Access Controls Finding 3: Configuration Management Controls Finding 4: System Development/Change Management Controls Finding 5: Contingency Planning Finding 6: Incident Response and Monitoring Finding 7: Continuous Monitoring Finding 8: Contractor Systems Oversight Status of Prior-Year Recommendations Average % Complete for February Finding 3, Risk Management Program 100% 2 Health Eligibility Center (HEC) WRAP Authority to Operate (ATO) 3 POA&M Roles & Responsibilities 79% 94% 97% 100% 4 POA&M Updates 79% 94% 97% 100% 5 POA&M Artifacts 79% 94% 97% 100% 6 POA&M Artifacts Update (GRC) 79% 94% 97% 100% 7 POA&M Automatic Closures and NIST Revision 4 Updates 8 Security Plan Update Mechanisms 9 Security Document Update Process 62% 62% 75% 85% 10 Password Policy Enforcement 11 Access Reviews 12 Audit Logs & Security Violation Reviews 98% 100% 13 Two-Factor Authentication for Remote Access 14 Remote Access Security Standards 15 Enterprise Vulnerability Remediation 91% 100% 16 Patch Management Program 91% 100% 17 Configuration Baseline Scanning 87% 99% 100% 18 Medical Device & Non-OI&T Network Segregation 19 Common Control for Non-OI&T Networks Finding Project % Complete 12/31/ System Development & Change Control 100% 21 Contingency Plan Update Process 22 Backup Data Encryption 80% 96% 100% 23 Disaster Recovery Update Process 89% 100% 24 Business Impact Analysis Update Process 100% 25 Incident Response Procedures 80% 93% 100% 26 ID & Monitor External Interconnections 67% 67% 100% 27 Data Exfiltration 92% 100% 28 Approved/Unapproved Software 29 Software Inventory 30 Contractor Cloud System Monitoring 31 FISMA Systems Inventory FY6-3 Position Sensitivity & Rules of Behavior 76% 76% 85% 100% FY6-4 Background Investigation Monitoring 76% 76% 85% 100% FY6-8 Wireless Security 67% 67% 78% 78% FY6-9 Encryption of Sensitive Data 100% 100% 100% 100% 100% 100% 100% 100% 100% 100%
33 We are equipping our leaders with the tools they need to foster a sustainable legacy of Veteran focus and execution. 33
34 The Top 12 is our first step on that journey. Veteran touchpoints 1 Improve the Veterans Experience 9 Critical enablers Improve Employee Experience (to include leadership development) 2 Increase Access to Health Care 10 Staff Critical Positions 3 Improve Community Care 11 Transform OIT 4 Deliver a Unified Veterans Experience 12 Transform Supply Chain Modernize our Contact Centers (to include Veterans Crisis Line) Improve the Comp & Pension Exam Develop a Simplified Appeals Process Continue to Reduce Veteran Homelessness IT has a role in all of the top 12 projects, requiring a relentless focus on execution and partner engagement and discipline. 34
35 Implementation of the OI&T Strategy and Top 12 Breakthrough Initiatives demand increased sophistication and executive agility. OI&T is taking steps now to address improved leadership skills. Emulating the concepts of Leaders Developing Leaders into internal training. Aligning training to behaviors that support the IT principles and strategy: only undertaking work that provides direct value to the Veteran. New leaders and role assignments are being used to infuse different perspectives into OI&T. Our leadership team will carry the torch for relentless execution. 35
36 Our customized development program carries benefits well beyond the leadership level. We will: Address long-term talent management challenges Develop meaningful employee career plans by the end of 2017 a first. Milestones for 2016: Go/no-go decision on current employee capability model. All executive and employee performance plans tied to the IT Enterprise Strategy. Talent management is not simply attracting the right people. It s retaining those with a passion and a commitment to our mission by fostering a compelling, rewarding environment. 36
37 OI&T will provide strong support for the 12 Breakthrough Priorities by accomplishing the following in 2016: Project Management Establish EPMO 100% of all projects in VIP Align all project managers to EPMO Design time tracking, put processes in place Define clear portfolios for business partners Assign Account Managers to each portfolio Delivery/Cost Effectiveness Stand up & standardize command center Develop and implement service catalog Redesign service desk and field operations; implement redesign Define strategies for managing data centers, telecommunication, and cloud Begin migration to managed services Quality and Compliance Establish quality and compliance organization to manage risk Close material weakness Enable PIV for 75% of VA employees Close 15 cybersecurity initiatives related to oversight recommendations Begin proactive tracking of commitments to oversight bodies People Customize and deliver ITIL and Agile training for key personnel Define curriculum to educate project managers Implement capability model or select suitable alternative Management s performance goals will be tied to the Strategy s goals. 37
38 Most importantly, OI&T will adopt innovation in its truest sense: a tool to approach our existing challenges. Innovation Improve alignment to Veteran experience (10%+) Establish customer relationship managers Deploy fully functional knowledge management database and associated processes to drive innovation across organization Establish data management organization and complete analysis of existing VA data sources Establish strategic sourcing function, complete analysis of initiatives with most potential for impact, and implement Relentless execution demands creative problem solving. OI&T is embracing innovation at our core not as an activity, but as a skill. 38
39 We know where we ve been We know where we are 39
40 And now you know where we re going. Our Mission: Collaborate with our business partners to create the best experience for all Veterans 40
41 QUESTIONS? 41
EVALUATION REPORT. Weaknesses Identified During the FY 2014 Federal Information Security Management Act Review. March 13, 2015 REPORT NUMBER 15-07
EVALUATION REPORT Weaknesses Identified During the FY 2014 Federal Information Security Management Act Review March 13, 2015 REPORT NUMBER 15-07 EXECUTIVE SUMMARY Weaknesses Identified During the FY 2014
More informationVA Office of Inspector General
VA Office of Inspector General OFFICE OF AUDITS & EVALUATIONS Department of Veterans Affairs Federal Information Security Management Act Audit for Fiscal Year 2013 May 29, 2014 13-01391-72 ACRONYMS AND
More informationVA Office of Inspector General
VA Office of Inspector General OFFICE OF AUDITS & EVALUATIONS Department of Veterans Affairs Federal Information Security Management Act Audit for Fiscal Year 2014 May 19, 2015 14-01820-355 ACRONYMS CRISP
More informationVA Office of Inspector General
VA Office of Inspector General OFFICE OF AUDITS & EVALUATIONS Department of Veterans Affairs Federal Information Security Modernization Act Audit for Fiscal Year 2015 March 15, 2016 15-01957-100 ACRONYMS
More informationEvaluation Report. Weaknesses Identified During the FY 2013 Federal Information Security Management Act Review. April 30, 2014 Report Number 14-12
Evaluation Report Weaknesses Identified During the FY 2013 Federal Information Security Management Act Review April 30, 2014 Report Number 14-12 U.S. Small Business Administration Office of Inspector General
More informationPOSTAL REGULATORY COMMISSION
POSTAL REGULATORY COMMISSION OFFICE OF INSPECTOR GENERAL FINAL REPORT INFORMATION SECURITY MANAGEMENT AND ACCESS CONTROL POLICIES Audit Report December 17, 2010 Table of Contents INTRODUCTION... 1 Background...1
More informationstate of south dakota Bureau of Information & Telecommunications Provide a Reliable, Secure & Modern Infrastructure services well-designed innovative
Strategic Plan 2015-2017 state of south dakota Bureau of Information & Telecommunications 1GOAL ONE: Provide a Reliable, Secure & Modern Infrastructure services security technology assets well-designed
More information1 Published on September 14, 2015, and January 6, 2016, respectively.
STATEMENT OF BRENT ARRONTE DEPUTY ASSISTANT INSPECTOR GENERAL FOR AUDITS AND EVALUATIONS OFFICE OF INSPECTOR GENERAL DEPARTMENT OF VETERANS AFFAIRS BEFORE THE COMMITTEE ON VETERANS AFFAIRS UNITED STATES
More informationNATIONAL CREDIT UNION ADMINISTRATION OFFICE OF INSPECTOR GENERAL
NATIONAL CREDIT UNION ADMINISTRATION OFFICE OF INSPECTOR GENERAL INDEPENDENT EVALUATION OF THE NATIONAL CREDIT UNION ADMINISTRATION S COMPLIANCE WITH THE FEDERAL INFORMATION SECURITY MANAGEMENT ACT (FISMA)
More informationEnterprise Security Tactical Plan
Enterprise Security Tactical Plan Fiscal Years 2011 2012 (July 1, 2010 to June 30, 2012) Prepared By: State Chief Information Security Officer The Information Security Council State of Minnesota Enterprise
More informationIndependent Evaluation of NRC s Implementation of the Federal Information Security Modernization Act of 2014 for Fiscal Year 2015
Independent Evaluation of NRC s Implementation of the Federal Information Security Modernization Act of 2014 for Fiscal Year 2015 OIG-16-A-03 November 12, 2015 All publicly available OIG reports (including
More informationDHS IT Successes. Rationalizing Our IT Infrastructure
TESTIMONY OF Richard A. Spires Chief Information Officer U.S. Department of Homeland Security Before the House Committee on Oversight and Government Reform February 27, 2013 Chairman Issa, Ranking Member
More informationDepartment of Veterans Affairs
OFFICE OF AUDITS & EVALUATIONS Department of Veterans Affairs Federal Information Security Management Act Assessment for FY 2010 May 12, 2011 10-01916-165 FISMA NIST OIG OMB POA&M ACRONYMS AND ABBREVIATIONS
More informationStatement of Danny Harris, Ph.D. Chief Information Officer U.S. Department of Education
Statement of Danny Harris, Ph.D. Chief Information Officer U.S. Department of Education Before the U.S. House Oversight and Government Reform Committee Hearing on Agency Compliance with the Federal Information
More informationVA Office of Inspector General
VA Office of Inspector General OFFICE OF AUDITS AND EVALUATIONS Department of Veterans Affairs Audit of Office of Information Technology s Strategic Human Capital Management October 29, 2012 11-00324-20
More informationApplication Overhaul. Key Initiative Overview
Scott D. Nelson Research Managing Vice President This overview provides a high-level description of the Application Overhaul Key Initiative. IT leaders can use this guide to understand how to develop an
More informationNARA s Information Security Program. OIG Audit Report No. 15-01. October 27, 2014
NARA s Information Security Program OIG Audit Report No. 15-01 October 27, 2014 Table of Contents Executive Summary... 3 Background... 4 Objectives, Scope, Methodology... 7 Audit Results... 8 Appendix
More informationFiscal Year 2014 Federal Information Security Management Act Report: Status of EPA s Computer Security Program
U.S. ENVIRONMENTAL PROTECTION AGENCY OFFICE OF INSPECTOR GENERAL Information Technology Fiscal Year 2014 Federal Information Security Management Act Report: Status of EPA s Computer Security Program Report.
More informationSTATEMENT OF CHARLES EDWARDS DEPUTY INSPECTOR GENERAL U.S. DEPARTMENT OF HOMELAND SECURITY BEFORE THE
STATEMENT OF CHARLES EDWARDS DEPUTY INSPECTOR GENERAL U.S. DEPARTMENT OF HOMELAND SECURITY BEFORE THE COMMITTEE ON HOMELAND SECURITY SUBCOMMITTEE ON OVERSIGHT AND MANAGEMENT EFFICIENCY U.S. HOUSE OF REPRESENTATIVES
More informationAudit Report. Effectiveness of IT Controls at the Global Fund Follow-up report. GF-OIG-15-20b 26 November 2015 Geneva, Switzerland
Audit Report Effectiveness of IT Controls at the Global Fund Follow-up report GF-OIG-15-20b Geneva, Switzerland Table of Contents I. Background and scope... 3 II. Executive Summary... 4 III. Status of
More informationQlik UKI Consulting Services Catalogue
Qlik UKI Consulting Services Catalogue The key to a successful Qlik project lies in the right people, the right skills, and the right activities in the right order www.qlik.co.uk Table of Contents Introduction
More informationDouglas County School District. Information Technology. Strategic Plan 2014-17
Douglas County School District Information Technology Strategic Plan 2014-17 Introduction About the Strategic Plan About the Division The goal of the Douglas County School District is to prepare students
More informationEVALUATION REPORT. The Department of Energy's Unclassified Cybersecurity Program 2014
U.S. Department of Energy Office of Inspector General Office of Audits and Inspections EVALUATION REPORT The Department of Energy's Unclassified Cybersecurity Program 2014 DOE/IG-0925 October 2014 Department
More informationFREQUENTLY ASKED QUESTIONS
FREQUENTLY ASKED QUESTIONS Continuous Monitoring 1. What is continuous monitoring? Continuous monitoring is one of six steps in the Risk Management Framework (RMF) described in NIST Special Publication
More informationIBM Internet Security Systems October 2007. FISMA Compliance A Holistic Approach to FISMA and Information Security
IBM Internet Security Systems October 2007 FISMA Compliance A Holistic Approach to FISMA and Information Security Page 1 Contents 1 Executive Summary 1 FISMA Overview 3 Agency Challenges 4 The IBM ISS
More informationMiddle Class Economics: Cybersecurity Updated August 7, 2015
Middle Class Economics: Cybersecurity Updated August 7, 2015 The President's 2016 Budget is designed to bring middle class economics into the 21st Century. This Budget shows what we can do if we invest
More informationTHE TELECOM MANAGEMENT ECOSYSTEM: A Progress Report on Vendor Value, Enterprise Efficiency Gains and Business Impact
THE TELECOM MANAGEMENT ECOSYSTEM: A Progress Report on Vendor Value, Enterprise Efficiency Gains and Business Impact Alliance Communication Management 2610-B Dauphin Street, Suite 103 Mobile, AL 36606
More informationIT Standards & Contract Management
Appendix F IT Standards & Table of Contents Vision of Action... 2 Background... 3 Goals and Objectives... 4 Projects... 5 Metrics and Measures... 6 F IT Standards & Carol Steffanni Director, MDIT Bureau
More informationIG ISCM MATURITY MODEL FOR FY 2015 FISMA FOR OFFICIAL USE ONLY
IG MATURITY MODEL FOR FY 2015 FISMA 1 Ad-hoc 1.1 program is not formalized and activities are performed in a reactive manner resulting in an adhoc program that does not meet 2 requirements for a defined
More informationAgency Services. Moving Ahead. Agency Services Road Map
Table of Contents Moving Ahead... 2 Service Delivery... 3 Agency-specific Applications... 4 Shared Services... 6 Targets for Initiatives and Outcomes... 7 Outcomes... 8 Cross-walk between the Goals, Strategies
More informationAudit of the Board s Information Security Program
Board of Governors of the Federal Reserve System Audit of the Board s Information Security Program Office of Inspector General November 2011 November 14, 2011 Board of Governors of the Federal Reserve
More informationInternal audit strategic planning Making internal audit s vision a reality during a period of rapid transformation
2015 State of the Internal Audit Profession Study Internal audit strategic planning Making internal audit s vision a reality during a period of rapid transformation 68% of companies have gone through or
More information"Service Lifecycle Management strategies for CIOs"
"Service Lifecycle strategies for CIOs" Ralf Hart, Sales Manager CEE Europe FrontRange Solutions 10th December 2008 Agenda FrontRange Solutions The challenges the IT community faces What is the solution?
More informationState of Minnesota. Enterprise Security Strategic Plan. Fiscal Years 2009 2013
State of Minnesota Enterprise Security Strategic Plan Fiscal Years 2009 2013 Jointly Prepared By: Office of Enterprise Technology - Enterprise Security Office Members of the Information Security Council
More informationDepartment of Homeland Security
Evaluation of DHS Information Security Program for Fiscal Year 2013 OIG-14-09 November 2013 Washington, DC 20528 / www.oig.dhs.gov November 21, 2013 MEMORANDUM FOR: FROM: SUBJECT: Jeffrey Eisensmith Chief
More informationERP. Key Initiative Overview
Jeff Woods Research Managing Vice President This overview provides a high-level description of the ERP Key Initiative. IT leaders can use this overview to better understand what they need to do to prepare
More informationCybersecurity in the States 2012: Priorities, Issues and Trends
Cybersecurity in the States 2012: Priorities, Issues and Trends Commission on Maryland Cyber Security and Innovation June 8, 2012 Pam Walker, Director of Government Affairs National Association of State
More informationRisk Management Framework (RMF): The Future of DoD Cyber Security is Here
Risk Management Framework (RMF): The Future of DoD Cyber Security is Here Authors: Rebecca Onuskanich William Peterson 3300 N Fairfax Drive, Suite 308 Arlington, VA 22201 Phone: 571-481-9300 Fax: 202-315-3003
More informationReliable, Repeatable, Measurable, Affordable
Reliable, Repeatable, Measurable, Affordable Defense-in-Depth Across Your Cyber Security Life-Cycle Faced with today s intensifying threat environment, where do you turn for cyber security answers you
More informationAt the Heart of Connected Manufacturing
www.niit-tech.com At the Heart of Connected Manufacturing Transforming Manufacturing Operations to Drive Agility and Profitability The success of the new manufacturing network hinges on the agility of
More informationFFIEC Cybersecurity Assessment Tool
Overview In light of the increasing volume and sophistication of cyber threats, the Federal Financial Institutions Examination Council 1 (FFIEC) developed the Cybersecurity Tool (), on behalf of its members,
More informationAUDIT REPORT. The Energy Information Administration s Information Technology Program
U.S. Department of Energy Office of Inspector General Office of Audits and Inspections AUDIT REPORT The Energy Information Administration s Information Technology Program DOE-OIG-16-04 November 2015 Department
More informationIT-CNP, Inc. Capability Statement
Securing America s Infrastructure Security Compliant IT Operations Hosting Cyber Security Information FISMA Cloud Management Hosting Security Compliant IT Logistics Hosting 1 IT-CNP, Inc. is a Government
More informationSummit Platform. IT and Business Challenges. SUMMUS IT Management Solutions. IT Service Management (ITSM) Datasheet. Key Benefits
Summit Platform The Summit Platform provides IT organizations a comprehensive, integrated IT management solution that combines IT service management, IT asset management, availability management, and project
More informationPosition Description: Chief Information Officer Department: Information Technology Information Technology FLSA Status: Exempt. Revised: October, 2014
Position Description: Chief Information Officer Department: Information Technology Division: Information Technology FLSA Status: Exempt Location: Griffiss Revised: October, 2014 PURPOSE: I. Assure the
More informationBridging the HIPAA/HITECH Compliance Gap
CyberSheath Healthcare Compliance Paper www.cybersheath.com -65 Bridging the HIPAA/HITECH Compliance Gap Security insights that help covered entities and business associates achieve compliance According
More informationIT Service Management. The Role of Service Request Management
RL Consulting IT Service Management The Role of Service Request Management Prepared by: Rick Leopoldi June 1, 2007 Copyright 2001-2007. All rights reserved. Duplication of this document or extraction of
More informationSTATE OF MARYLAND 2017 INFORMATION TECHNOLOGY MASTER PLAN (ITMP) Department of Information Technology David Garcia; State CIO
STATE OF MARYLAND 2017 INFORMATION TECHNOLOGY MASTER PLAN (ITMP) Department of Information Technology David Garcia; State CIO Introduction Since taking office in January 2015, Governor Larry Hogan has
More informationPaperless Office Solution Framework for Banking & Financial Services A Business Process Automation (BPA) Approach
Paperless Office Solution Framework for Banking & Financial Services A Business Process Automation (BPA) Approach A White Paper Santosh Khanolkar Platform Strategy Advisor, Microsoft Corporation India
More informationServices Providers. Ivan Soto
SOP s for Managing Application Services Providers Ivan Soto Learning Objectives At the end of this session we will have covered: Types of Managed Services Outsourcing process Quality expectations for Managed
More informationAgency for State Technology
Agency for State Technology 2015-2018 Statewide Information Technology Security Plan The Way Forward Rick Scott, Governor Jason M. Allison, State CIO Table of Contents From the Desk of the State Chief
More informationDepartment-wide Systems & Capital Investment Programs
Department-wide Systems & Capital Investment Programs Mission Statement The Department-wide Systems and Capital Investments Programs (DSCIP) is authorized to be used by or on behalf of the Treasury Department
More informationDomain 1 The Process of Auditing Information Systems
Certified Information Systems Auditor (CISA ) Certification Course Description Our 5-day ISACA Certified Information Systems Auditor (CISA) training course equips information professionals with the knowledge
More informationU.S. Department of Energy Office of Inspector General Office of Audits & Inspections. Evaluation Report
U.S. Department of Energy Office of Inspector General Office of Audits & Inspections Evaluation Report The Department's Unclassified Cyber Security Program - 2012 DOE/IG-0877 November 2012 MEMORANDUM FOR
More informationFollowing is a discussion of the Hub s role within the health insurance exchanges, the results of our review, and concluding observations.
Testimony of: Kay Daly Assistant Inspector General for Audit Services Office of Inspector General, U.S. Department of Health and Human Services Hearing Title: The Threat to Americans Personal Information:
More informationSeptember 10, 2015. Dear Administrator Scott:
September 10, 2015 Tony Scott United States Chief Information Officer Administrator, Office of Electronic Government and Information Technology Office of Management and Budget 725 17th Street, NW Washington,
More informationDeveloping the Corporate Security Architecture. www.avient.ca Alex Woda July 22, 2009
Developing the Corporate Security Architecture www.avient.ca Alex Woda July 22, 2009 Avient Solutions Group Avient Solutions Group is based in Markham and is a professional services firm specializing in
More informationOverview. FedRAMP CONOPS
Concept of Operations (CONOPS) Version 1.0 February 7, 2012 Overview Cloud computing technology allows the Federal Government to address demand from citizens for better, faster services and to save resources,
More informationAnn Geyer Tunitas Group. CGEIT Domains
1 CGEIT Exam Prep May 17, 2011 Ann Geyer Tunitas Group CGEIT Domains 2 Job Practice Areas by Domain 25% IT Gov Frameworks 20% Risk Mgmt 15% Strategic Alignment 15% Value Delivery 13% Resource Mgmt 12%
More informationENTERPRISE COMPUTING ENVIRONMENT. Creating connections THROUGH SERVICE & WORKFORCE EXCELLENCE
ITA Strategic Plan FY 2011 - FY 2016 U.S. Army Information Technology Agency REALIZING The DoD ENTERPRISE COMPUTING ENVIRONMENT Creating connections THROUGH SERVICE & WORKFORCE EXCELLENCE Provide Quality
More informationHow To Manage Security On A Networked Computer System
Unified Security Reduce the Cost of Compliance Introduction In an effort to achieve a consistent and reliable security program, many organizations have adopted the standard as a key compliance strategy
More informationTREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION
TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION Improvements Are Needed to the Information Security Program March 11, 2008 Reference Number: 2008-20-076 This report has cleared the Treasury Inspector
More informationDEPARTMENT AGENCY STATEMENT OF OBJECTIVES FOR CLOUD MIGRATION SERVICES: INVENTORY, APPLICATION MAPPING, AND MIGRATION PLANNING MONTH YYYY TEMPLATE
DEPARTMENT AGENCY STATEMENT OF OBJECTIVES FOR CLOUD MIGRATION SERVICES: INVENTORY, APPLICATION MAPPING, AND MIGRATION PLANNING MONTH YYYY TEMPLATE 1 Introduction and Instructions This sample Statement
More informationGOVERNMENT USE OF MOBILE TECHNOLOGY
GOVERNMENT USE OF MOBILE TECHNOLOGY Barriers, Opportunities, and Gap Analysis DECEMBER 2012 Product of the Digital Services Advisory Group and Federal Chief Information Officers Council Contents Introduction...
More informationOffice of Inspector General
Office of Inspector General DEPARTMENT OF HOMELAND SECURITY U.S. Department of Homeland Security Washington, DC 20528 Office of Inspector General Security Weaknesses Increase Risks to Critical DHS Databases
More informationA Managed Storage Service on a Hybrid Cloud
A Managed Storage on a Hybrid Cloud Business Context Sustainability Improve procurement & contract management Embrace and optimise advances in technology Environmental improvement & carbon reduction Global
More informationStrategic Plan Network Optimization & Transport Services 2013-2018
Strategic Plan Network Optimization & Transport Services 2013-2018 Office of the Chief Information Officer National Oceanic and Atmospheric Administration United States Department of Commerce Version 2.0
More informationU.S. Office of Personnel Management. Actions to Strengthen Cybersecurity and Protect Critical IT Systems
U.S. Office of Personnel Management Actions to Strengthen Cybersecurity and Protect Critical IT Systems June 2015 1 I. Introduction The recent intrusions into U.S. Office of Personnel Management (OPM)
More informationNATIONAL CREDIT UNION ADMINISTRATION OFFICE OF INSPECTOR GENERAL
NATIONAL CREDIT UNION ADMINISTRATION OFFICE OF INSPECTOR GENERAL FY 2015 INDEPENDENT EVALUATION OF THE EFFECTIVENESS OF NCUA S INFORMATION SECURITY PROGRAM UNDER THE FEDERAL INFORMATION SECURITY MODERNIZATION
More informationNASA OFFICE OF INSPECTOR GENERAL
NASA OFFICE OF INSPECTOR GENERAL OFFICE OF AUDITS SUITE 8U71, 300 E ST SW WASHINGTON, D.C. 20546-0001 April 14, 2016 TO: SUBJECT: Renee P. Wynn Chief Information Officer Final Memorandum, Review of NASA
More informationInformation Security for Managers
Fiscal Year 2015 Information Security for Managers Introduction Information Security Overview Enterprise Performance Life Cycle Enterprise Performance Life Cycle and the Risk Management Framework Categorize
More informationSecurity from a customer s perspective. Halogen s approach to security
September 18, 2015 Security from a customer s perspective Using a cloud-based talent management program can deliver tremendous benefits to your organization, including aligning your workforce, improving
More informationConfiguration Management System:
True Knowledge of IT infrastructure Part of the SunView Software White Paper Series: Service Catalog Service Desk Change Management Configuration Management 1 Contents Executive Summary... 1 Challenges
More informationSECTION C: DESCRIPTION/SPECIFICATIONS/WORK STATEMENT
PAGE 6 of 51 SECTION C: DESCRIPTION/SPECIFICATIONS/WORK STATEMENT Article C.1 Statement of Work This contract is designed to permit the Institutes and Centers (ICs) of NIH, the Department of Health and
More informationGEARS Cyber-Security Services
Florida Department of Management Services Division of State Purchasing Table of Contents Introduction... 1 About GEARS... 2 1. Pre-Incident Services... 3 1.1 Incident Response Agreements... 3 1.2 Assessments
More informationEvaluation of DHS' Information Security Program for Fiscal Year 2014
Evaluation of DHS' Information Security Program for Fiscal Year 2014 December 12, 2014 HIGHLIGHTS Evaluation of DHS Information Security Program for Fiscal Year 2014 December 12, 2014 Why We Did This We
More informationBPA Policy 434-1 Cyber Security Program
B O N N E V I L L E P O W E R A D M I N I S T R A T I O N BPA Policy Table of Contents.1 Purpose & Background...2.2 Policy Owner... 2.3 Applicability... 2.4 Terms & Definitions... 2.5 Policy... 5.6 Policy
More informationEastern Illinois University information technology services. strategic plan. January,
Eastern Illinois University information technology services strategic plan January, 2014 Introduction With the selection of emerging technologies as one of the six themes of the university s recent strategic
More informationInformation Technology General Controls And Best Practices
Paul M. Perry, FHFMA, CITP, CPA Alabama CyberNow Conference April 5, 2016 Information Technology General Controls And Best Practices 1. IT General Controls - Why? 2. IT General Control Objectives 3. Documentation
More informationCritical Controls for Cyber Security. www.infogistic.com
Critical Controls for Cyber Security www.infogistic.com Understanding Risk Asset Threat Vulnerability Managing Risks Systematic Approach for Managing Risks Identify, characterize threats Assess the vulnerability
More informationIT Operations Management: A Service Delivery Primer
IT Operations Management: A Service Delivery Primer Agile Service Delivery Creates Business Value Today, IT has to innovate at an ever- increasing pace to meet accelerating business demands. Rapid service
More information2014 Audit of the Board s Information Security Program
O FFICE OF I NSPECTOR GENERAL Audit Report 2014-IT-B-019 2014 Audit of the Board s Information Security Program November 14, 2014 B OARD OF G OVERNORS OF THE F EDERAL R ESERVE S YSTEM C ONSUMER FINANCIAL
More informationAudit Report. The Social Security Administration s Compliance with the Federal Information Security Management Act of 2002 for Fiscal Year 2013
Audit Report The Social Security Administration s Compliance with the Federal Information Security Management Act of 2002 for Fiscal Year 2013 A-14-13-13086 November 2013 MEMORANDUM Date: November 26,
More informationPhysical Infrastructure Management Solutions
Physical Infrastructure Management Solutions Physical Infrastructure Challenges Require Innovative Solutions The Need for In-Depth Network Intelligence. With increased acceptance of virtualization, cloud
More informationInformation Technology Strategic Plan 2013 9/23/2013
Information Technology Strategic Plan 2013 9/23/2013 Unit Mission Statement: Information Technology Shared Services is dedicated to providing unparalleled service and support to the UC Davis College of
More informationCaretower s SIEM Managed Security Services
Caretower s SIEM Managed Security Services Enterprise Security Manager MSS -TRUE 24/7 Service I.T. Security Specialists Caretower s SIEM Managed Security Services 1 Challenges & Solution Challenges During
More informationCLOUD COMPUTING SERVICES CATALOG
CLOUD COMPUTING SERVICES CATALOG... Including information about the FedRAMP SM authorized Unclassified Remote Hosted Desktop (URHD) Software as a Service solution CTC Cloud Computing Services Software
More informationStatement of Gil Vega. Associate Chief Information Officer for Cybersecurity and Chief Information Security Officer. U.S. Department of Energy
Statement of Gil Vega Associate Chief Information Officer for Cybersecurity and Chief Information Security Officer U.S. Department of Energy Before the Subcommittee on Oversight and Investigations Committee
More informationUNITED STATES COMMISSION ON CIVIL RIGHTS. Fiscal Year 2012 Federal Information Security Management Act Evaluation
Memorandum UNITED STATES COMMISSION ON CIVIL RIGHTS Date: November 15, 2012 To: From: Subject: The Honorable Commissioners Frances Garcia, Inspector General Fiscal Year 2012 Federal Information Security
More informationStrategic Plan FY 2014-2016
Strategic Plan FY 2014-2016 CONTENTS SUMMARY 3 ACADEMIC SERVICES 4 DATA MANAGEMENT & REPORTING 6 COMMUNICATIONS & COLLABORATION 7 IT SERVICES 8 INFRASTRUCTURE 9 SECURITY 10 BRAND BUILDING 11 INITIATION
More information2015 List of Major Management Challenges for the CFPB
September 30, 2015 MEMORANDUM TO: FROM: SUBJECT: Richard Cordray Director Consumer Financial Protection Bureau Mark Bialek Inspector General 2015 List of Major Management Challenges for the CFPB We are
More informationHHSN316201200042W 1 QSSI - Quality Software Services, Inc
ARTICLE C.1. STATEMENT OF WORK This contract is designed to permit the Institutes and Centers (ICs) of NIH, the Department of Health and Human Services (DHHS), and all other federal agencies to acquire
More informationAudit of the Department of State Information Security Program
UNITED STATES DEPARTMENT OF STATE AND THE BROADCASTING BOARD OF GOVERNORS OFFICE OF INSPECTOR GENERAL AUD-IT-15-17 Office of Audits October 2014 Audit of the Department of State Information Security Program
More informationThe Data Lifecycle: Managing Data through Business. Ewan Willars Friday 27 February
The Lifecycle: Managing through Business Ewan Willars Friday 27 February ACCA s unrivalled global network 4,000 members & students in Canada The changing role of finance and the CFO Traditional control
More information2015 Strategic Business Plan Franklin County Data Center Ishreth Sameem, CIO
2015 Strategic Business Plan Franklin County Data Center Ishreth Sameem, CIO Mission The Franklin County Data Center partners with County agencies to deliver cost efficient business solutions and provide
More informationUnder the Digital Dome: State IT Priorities, Trends and Perspectives
Under the Digital Dome: State IT Priorities, Trends and Perspectives Best Practices Exchange 2014 Conference Montgomery, Alabama November 19, 2014 Doug Robinson, Executive Director National Association
More informationReview of the SEC s Systems Certification and Accreditation Process
Review of the SEC s Systems Certification and Accreditation Process March 27, 2013 Page i Should you have any questions regarding this report, please do not hesitate to contact me. We appreciate the courtesy
More informationOptimizing the Data Center for Today s State & Local Government
WHITE PAPER: OPTIMIZING THE DATA CENTER FOR TODAY S STATE...... &.. LOCAL...... GOVERNMENT.......................... Optimizing the Data Center for Today s State & Local Government Who should read this
More informationDynamic Service Desk. Unified IT Management. Solution Overview
I T S E R V I C E + I T A S S E T M A N A G E M E N T INFRASTRUCTURE MANAGEMENT Dynamic Service Desk Unified IT Management Achieving business and IT alignment requires having insight into hardware and
More informationIT UNIFICATION Vision, Impact & Strategy. May 2015
IT UNIFICATION Vision, Impact & Strategy May 2015 Presentation Agenda Why Unification Embracing Business Drivers UC San Diego Strategic Plan IT Unification Vision Campus Impact What s in it for campus?
More information