Overview of Florida Information Technology Project Management and Oversight Standards Jason M. Allison, Executive Director
AGENCY FOR STATE TECHNOLOGY Statutory duties and responsibilities of AST: Establish IT project management and oversight standards Establish rules for the State Data Center Establish rules for IT Security Establish IT architecture standards Identify opportunities for standardization and consolidation of IT services Recommend consolidations of agency data centers or computing facilities Develop best practices for IT procurement (with DMS) Manage the state data center Perform project oversight on IT projects as required by section 282.0051, F.S. 2
Florida Information Technology Project Management and Oversight Standards State Agencies must comply with Florida Information Technology Project Management and Oversight Standards when implementing IT projects (Section 282.0051(3), F.S.) Cabinet Agencies must comply with these standards for IT projects with a total cost of $25 million or more and that impacts one or more other agencies (Section 282.00515, F.S.) 3
Florida Information Technology Project Management and Oversight Standards Standards include: Performance measurements and metrics that objectively reflect the status of an IT project based on a defined and documented project schedule, cost, and scope Methodologies for calculating acceptable variances in the projected versus actual schedule, cost, and scope of an IT project Reporting requirements, including requirements designed to alert all defined stakeholders that an IT project has exceeded acceptable variances Content, format and frequency of project updates Rule 74-1.001, Florida Administrative Code 4
Florida Information Technology Project Management and Oversight Standards AST Project Assurance Office Collaborate with state agencies to: Develop and use consistent project management standards and methodologies Facilitate project oversight and assessment Strive for high performing IT projects across the state 1. Establish Florida IT Project Management and Oversight Standards Provide training Provide templates Conduct assessments to determine compliance with these standards 2. Perform oversight on IT projects Perform risk assessment and assist agencies in identifying project issues Recommending corrective action plans Report to the Governor s Office, House and Senate 5
Florida Information Technology Project Management and Oversight Standards Development of Standards: Virginia Information Technology Agency Georgia Technology Authority Michigan Department of Technology Management and Budget Reviewed and Endorsed by Gartner: As we discussed, in general I found the guidelines that it sets forth to be comprehensive, thorough and in keeping with good industry practices. We discussed a few minor suggestions, though the procedures put forth in the document are well-focused on reducing the risk on I.T. projects; as mentioned, some additional illustration (e.g. with process diagrams) might render the document more easily accessible. However, the guidelines were quite clear and complete and would I expect be quite effective in the hands of a good project management organization in helping to assure satisfactory project delivery. 6
Florida Information Technology Project Management and Oversight Standards are based on the project s risk and complexity (R&C) characteristics 7
RISK An uncertain event or condition that, if it occurs, could have a positive or negative effect on a project s objectives. COMPLEXITY - Technological and management characteristics of the project and the potential impacts, both positive and negative, that these characteristics could have on the project s risks. 8
RISK & COMPLEXITY ASSESSMENT Assists agencies in determining the level of project management control necessary to adequately manage a given project in order to reduce risk and increase the probability of success. Rule 74-1.002, Florida Administrative Code 9
RISK & COMPLEXITY ASSESSMENT Specialized Assessments for different project lifecycle phases: Pre-Charter R&C Assessment AST-F-0505A R&C Assessment Workbook Initiation Gate R&C Assessment Planning Gate R&C Assessment Event-Driven R&C Assessment Each assessment builds on the last to provide a cumulative R&C Score Aligns IT projects into 1 of 4 R&C categories: 10
DOCUMENT REQUIREMENTS Although specific documents are specified throughout the rule, no specific formats are required except for the Project Status Report As long as the content supplies the information required by the rule, any document or group of documents will meet the rule requirement Use existing agency documents, forms, templates Use existing state documents, forms, templates Use separate or comprehensive documents (PMP) Use AST-developed templates AST will provide a series of suggested, guideline templates These may be taken and revised, amended, edited and used for the project 11
PROJECT LIFECYCLE PHASES Initiation Planning Execution Closeout Monitoring and Controlling 12
Initiation Develop the key information needed to describe, approve, and start the project Communicate this information to all stakeholders Project and business sponsors approve and sign off Rule 74-1.003, Florida Administrative Code 13
Initiation Pre-Charter R&C Assessment 4 3 C C Business Case and Alternative Analysis 4 3 C C 4 3 R R R Cost Benefit Analysis Project Charter Centralized Project Repository PMP Certified Project Manager Risk Manager Employ Independent Verification & Validation (IV&V) Initiation Gate R&C Assessment R = Recommended C = Charter 14
Planning Develop and approve detailed project planning documents These planning documents will guide all work throughout the project Rule 74-1.004, Florida Administrative Code 15
Planning Project Management Plan 4 3 2 4 R S 4 3 S S 4 3 S S 4 3 4 3 4 2 1 S S 3 2 S Project Plan Summary Project Scope and Objectives Work Breakdown Structure (WBS) Organizational & Governance Structure Resource Plan Project Schedule -SPI and CPI -Schedule Update Project Budget Project Spend Plan Communications Plan R= Recommended S = PP Summary 16
Planning 4 3 S 2 Change Management Plan 4 3 S S Quality Management Plan 4 3 2 S Deliverable Acceptance Plan 4 3 2 S Risk Management Plan Project Management Plan 4 3 2 S 4 3 2 S 4 3 S S 4 3 2 S Issue Management Plan Procurement Management Plan Organizational Change Management Plan System Security Plan Requirements Traceability Matrix (RTM) Planning Gate R&C Assessment S = PP Summary 17
Execution Execute and manage all activities described in the Project Management Plan, WBS, SOW and other contract documents Use project change management & governance processes for all changes to the approved baseline Develop an Operations and Maintenance Plan (O&M Plan) Agency project management activities required during the Execution phase are further described in Monitoring and Controlling. Rule 74-1.005, Florida Administrative Code 18
Monitoring and Controlling Spans all phases of the project Regular review of project status Identify variances from approved project cost, schedule, and scope Monitor and control the project as described in the Project Management Plan or the Project Plan Summary Rule 74-1.006, Florida Administrative Code 19
Monitoring and Controlling Project Schedule 4 3 Use Earned Value Management (SPI and CPI) to assess schedule variance 2 1 Evaluate baseline schedule against current progress 4 3 2 1 Project Cost 20
Monitoring and Controlling Earned Value (EV) - Represents the value of the work that is actually accomplished as of a specific date. Earned Value is an objective way of measuring performance and predicting future outcomes by enabling: Reporting progress with greater confidence Decision-making by management EV combines measurements of scope, schedule, and costs 21
Monitoring and Controlling 4 3 2 R 4 3 2 R 4 3 2 R 4 3 R R Project Scope Project Change Project Procurement Project Risk Project Issues Decision Tracking Action Item Tracking Requirements Traceability Matrix Lessons Learned (gathered throughout project) R= Recommended 22
Monitoring and Controlling Status Reports The agency will report project status based on R&C Category 4 3 R R Bi-Weekly Interim Project Status Report (abbreviated report) Monthly Status Report (full report) 1 Project Status Overview AST-F-0505B Status Report Form 2 Project Progress 3 Project Issues / Risks 4 Project Spend Plan 5 Project Summary R= Recommended 23
Closeout 4 3 2 Lessons Learned Project Closeout Report (PCR) Post Implementation Review (PIR) Report Rule 74-1.007, Florida Administrative Code 24
COMPLIANCE Grandfather clause for existing projects AST annual assessment of agency compliance Agencies may request variance or waiver Section 120.542, F.S. Rule 74-1.008, Florida Administrative Code 25
AST PROJECT OVERSIGHT Section 282.0051, F.S. AST will complete oversight on: State agency IT projects $10 million+ Funded in the GAA or any other law Cabinet agency IT projects $25 million + Impacts one or more other agencies Rule 74-1.009, Florida Administrative Code 26
AST PROJECT OVERSIGHT The agency and AST will work together to: Establish oversight parameters Update and review project schedule weekly Perform monthly project reviews to determine schedule, scope or cost variance, and assess project risks and issues Create quarterly project reports 27
AST PROJECT OVERSIGHT If scope, schedule or cost variance is outside of acceptable variance range, the agency and AST will work together to: Perform Diagnostic Risk Assessment Review Project Documentation Develop Preliminary Findings / Recommendations Develop Corrective Action Plan 28
AST PROJECT OVERSIGHT If an IT project is identified as high-risk due to the project exceeding acceptable variance ranges, AST will report quarterly to: Executive Office of the Governor President of the Senate Speaker of the House of Representatives 29
AST PROJECT OVERSIGHT Other requirements of AST Oversight projects: The project must adhere to the requirements of an R&C Category 4 Project The project must use a PMP certified Project Manager The project must employ Independent Verification & Validation (IV&V) 30
RECAP AST Oversight requirement began January 1, 2015 Oversight Agreement Monthly Reviews Quarterly Reports Rule Chapter 74-1A, F.A.C. - Florida Information Technology Project Management and Oversight Standards became effective July 16, 2015 Formal AST Compliance Assessments begin July 1, 2016 Risk and Complexity Assessment Project Management and Documentation Based on R&C Category Earned Value Management (EVM) 31
32
AST PROJECT ASSURANCE OFFICE Director Shelley McCabe, PMP 850-412-6057 Shelley.McCabe@ast.myflorida.com Project Managers Lisa Hopkins, PMP 850-412-6064 Lisa.Hopkins@ast.myflorida.com Rebecca Green, PMP 850-412-6052 Rebecca.Green@ast.myflorida.com Mike Avello, PMP 850-412-6047 Michael.Avello@ast.myflorida.com Beverly Bonasorte, PMP 850-412-6051 Beverly.Bonasorte@ast.myflorida.com 33
Jason Allison Executive Director / State CIO Agency For State Technology 4050 Esplanade Way, Suite 115 Tallahassee, FL 32399 850.412.6050 For Rule 74-1, F.A.C. and Incorporated Forms: http://www.ast.myflorida.com/publications.asp 34