Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Web Governance Plan - Work Sample

388 views

Published on

Web Governance Plan - Work Sample

Published in: Government & Nonprofit
  • Could you use an extra $1750 a week? I'm guessing you could right? If you would like to see how you could make this type of money, right from the comfort of your own home, you absolutely need to check out this short free video. ➤➤ http://scamcb.com/ezpayjobs/pdf
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Making a living taking surveys at home! I have been a stay at home mom for almost 5 years and I am so excited to be able to still stay home, take care of my children and make a living taking surveys on my own computer! It's so easy to get started and I plan to make enough money each week so that my husband can actuallly quit his second job!!! Thank you so much! ➤➤ https://bit.ly/2Ruzr8s
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • You can get paid up to $25 per hour to be on Facebook? ■■■ http://t.cn/AieX6y8B
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • I found this program very useful. The topics are laid out clearly for ease of reference. It is nothing like your usual revision guide because Jeevan's is a well-defined strategy; he shows you exactly what to do to achieve a top grade in GCSE maths, in a step-by-step format. He addresses issues such as how much time should be spent on revision, exam technique, tips for scoring 100%, motivation, freeing up 50% of your time etc. unlike a normal revision guide which is just packed with theory. He also explains concepts with more detail. For instance, I used to find solving equations tricky but after reading his section on algebra, I fully understand how to solve an equation. The DVDs are great because he teaches concepts both verbally and visually which is always helpful!  http://t.cn/AirraVnG
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Be the first to like this

Web Governance Plan - Work Sample

  1. 1. 1 MANUFACTURING.GOV WEBSITE GOVERNANCE PLAN Site Title: Manufacturing.gov (Internal/External) Office(s): AMNPO Draft 1, Date Last Updated: August 10, 2015 TABLE OF CONTENTS 1. Website Purpose 2. Audiences 3. Users, Roles and Responsibilities Appendices Appendix A: Content Management System Appendix B: Document Revision History Appendix C: Approvals
  2. 2. 2 I. WEBSITE PURPOSE Provide information regarding the federal government’s advanced manufacturing efforts, with a focus on the National Network for Manufacturing Innovation. II. AUDIENCES ■ General Public ■ Congress ■ Media ■ Agency Partners ■ Industry Thought Leaders ■ Academia ■ Students at the Upper-Level Undergraduate Level & Above III. USERS, ROLES AND RESPONSIBILITIES Note: Vendors will be provided access as needed. 1. Overall Coordination: Associate Director for Communications ■ Strategy ■ Design ■ Content ■ Web content oversight ■ Technical administration 2. Hosting and Cybersecurity: NIST OISM/IT Security ■ Cybersecurity ■ Availability ■ Hosting 3. Communication Compliance: NIST Public Affairs ■ Branding compliance with NIST/DOC policy ■ Messaging compliance with NIST/DOC policy ■ Consistency review ■ Usability review ■ Professionalism review 4. Institute Information: Federal Agency Program Managers ■ Institute updates ■ Institute-specific photography 5. Information Quality: Web Manager Refer to Table 1. ■ Review content once quarterly for updates ■ Make updates within 1 week or sooner as needed ■ Ensure content approval ■ Publish content when Technical Administrator not available
  3. 3. 3 ■ Overall responsible for accuracy, plain language, grammar, consistency of message, and usability (see Table 1) Table 1: Information Quality Checklist Usefulness & Relevance Does the content meet the intended audience’s needs? Is the content timely and relevant? Clarity, Accuracy & Completeness Is the content correct? Is the content free of typos and grammatical errors? Is the content organized logically and coherently? Is the content written in a manner that is understandable to the intended audience? Does the content complete, including all of the information customers need or might want about a topic? Voice & Style Is the content presented in a consistent voice with regard to other related content? Does its tone adjust appropriately to the context—for example, sales versus customer service? Does the content read, look, or sound as though it is professionally crafted? Usability & Findability Is the content easy to scan or read? Is the most important information presented first? Or bolded or highlighted in some way? Is the content broken up into manageable sections/pages as appropriate? Is the content in a usable format, including headings, bulleted lists, tables, white space, or similar techniques, as appropriate to the content? Is the content consistent with (and does not contradict) other related information available to the user? Does the content include a date last updated as appropriate? Does the content include a revision history as appropriate, or highlight revisions in some way? Document Usability & Control Does the document have a clear, descriptive and unique title? Does the document have a filename that is clear, descriptive, concise (as short as possible, while still being descriptive) and unique? (For documents posted to websites, avoid spaces and underscores in filenames.) Does the document contain the name of the document author, owner, and/or alternate person (or at least the office name) to contact for additional information or questions? If the document is archival, intended for longstanding use, and the contact person is likely to change overtime, the reader can be directed to a webpage URL where the current contact information is available or an email alias for multiple persons in that office.) Does the document contain the date the document was created or published and/or the date the document was last updated? Does the document (if longer than one page) contain appropriate page numbering? (When possible and appropriate, break up the document into clear, logical sections of information with headings and subheadings. Use a table of contents at the beginning of the document to aid the reader in finding the section sought.) Is the appropriate file format used? (Generally Adobe PDF, unless the file is intended for use as a template.) Does the document include a revision history as appropriate and/or make appropriate use of document numbering/revision numbering? 6. Site Quality: Technical Administrator Refer to Tables 2 & 3 and Appendices A-B. ■ Make content live ■ Ensuring content complies with all applicable policies
  4. 4. 4 ■ Records management; delete and archive outdated content ■ Technical updates and approvals Table 2: Technical Site Quality Checklist Web Content Use a site index or site map to locate all existing content on the site that falls under your topic area. Is the information on all pages up-to-date and correct? Is the information in all documents up-to-date and correct? - Are all documents in the appropriate file format (PDF unless meant as a template)? - Do all Presentations include the date presented, venue where presented and presenter’s name? - Do all documents include page numbers, author’s names and dates? Are there correct last updated dates on everything? Is there readily available and correct contact information on everything? If something has been recently updated, is it clear to the user what has changed and when? Is there any missing content that needs to be added? Is there any obsolete content that needs to be deleted? When you add, delete or update content, have you clearly communicated that to your users/stakeholders? Search Results Create and maintain a list of keywords/phrases applicable to your topic area. When you search for each keyword/phrase, do the appropriate pages/documents come up as the first results? (If not, contact your site administrator or OU Information Coordinator for help.) Are the titles that come up in the search results clear, sufficiently descriptive, concise and unique? Broken Links Obtain a current broken links report. Have you corrected all broken links? Policies Is your content compliant with all of the applicable policies for: Document Accessibility Copyright Graphics and Images Video and Audio Table 3: Policy Compliance Checklist Images & Graphics Are all images and graphics of appropriate size and scale to ensure both readability and usability? Has appropriate permission to use been obtained for all images and graphics? Are all images and graphics accompanied by appropriate credit and/or copyright statements? Do all images and graphics contain appropriate, useful ALT tags? Is the NIST Identifier properly used? Are images of written signatures properly protected against misuse? Audio & Video Do all videos have a written description provided? Do all al audio files, or videos with audio, have closed captioning or a transcript provide? Are all video and audio files of appropriate format to optimize usability? Metadata, Findability & Usability Does the content have the appropriate metadata and keywords assigned? Can customers find the content when searching using relevant keywords?
  5. 5. 5 Images & Graphics Is the placement of the content on the site logical and findable by the intended audience? Is the content linked appropriately to/from all other relevant content? If this content replaces other existing content, has the old content been removed from the site or marked as archive/superseded as appropriate? Document Accessibility, Official Publications & Copyright Is the document text readable with assistive technology? (not a scanned image of text) Does the document make proper use of structure tags to define the reading order and identify headings, paragraphs, sections, tables, and other page elements allowing the content to be presented in a logical order? Is the document free of applied security settings that may interfere with a screen reader’s ability to convert the on-screen text to speech? Is the document language specified in order to allow automatic screen readers to switch to the appropriate language? Does the document make appropriate use of alternative text and tool tips with images and interactive form fields to aid screen readers with these document elements? Are official, externally distributed NIST authored/co-authored publications placed in the official NIST publications database (not uploaded to other locations on the site)? Has proper permission been obtained for use of any non-NIST published/authored works? Mandatory Policy Compliance Does the content comply with all mandatory DOC and NIST web policies? Figure 1: Content Workflow IX. APPENDICES Appendix A: Department of Commerce Mandatory Web Policies A Note About Records Management ■ Technical Administrator is responsible for archiving and facilitating the deletion of content as determined and communicated to them by the Content Owner. ■ Prior to deletion from the site, a copy of the content will be preserved and stored as an archive. Step 1 • Author/Editor or Designee (Federal Agency Program Manager, Vendor) writes content Step 2 • Web Manager or Designee reviews and suggests modifications • Web Manager obtains approval from from AMNPO Director or Deputy Director Step 3 • Technical Administrator or Designee makes content live
  6. 6. 6 ■ Many types of internal communications meet the definition of “records” and are therefore subject to the retentions specified in the NIST Comprehensive Records Schedule1 , including: Formal Publications – including annual reports; special studies conducted by NIST; procedural or policy documents, handbooks, and other agency guidance; public relations and educational materials prepared to furnish information or to promote agency programs and operations; Administrative Issuances – including NIST directives, organization charts, functional statements, administrative manuals, and similar records; and NIST Committee Records – including records created by NIST sponsored committees, boards, standing administrative committees or other advisory, governing or policy bodies or organizations, minutes or meeting summaries, agendas, transcripts, reports, studies, and publications in the designated recordkeeping office. A Note About Video Uploading With the exception of embedded YouTube videos, only staff in the Public Affairs Office (PAO) are authorized to upload videos to the NIST internal and external websites. If you wish to have a video uploaded, please contact Leon Gerskovic of PAO’s Conference Program and Audiovisual Services Group to discuss your video needs. Table 1: Mandatory NIST/DOC Web Policies DOC POLICY DESCRIPTION NIST APPLICATION 1 Online Customer Service Policy All public-facing Commerce websites shall identify their audience and analyze qualitative and quantitative data about their customers, establish service standards against mission critical goals, track performance against those standards and benchmark customer service performance in order to improve the customer experience. Internal and external sites within the Content Management System (CMS) are analyzed with Google Analytics. External customers are randomly surveyed using ForeSee. 2 Social Media and Web 2.0 DOC employees are encouraged to use SM/W2.0 technologies in an official government capacity (i.e., used to transmit information pertaining to the DOC's work), as long as the use conforms to Public Communications (DAO 219-1), Web, and Internet Use policies. DOC employees are to use SM/W2.0 technologies in an official capacity only on DOC-approved services using DOC Approved accounts. NIST adheres to the DOC Policy on the Approval and Use of Social Media and Web 2.0. See also, NIST N 121.01, NIST Web 2.0/Social Media. For information how to obtain approval for a social media account, see: http://inet.nist.gov/pao/howdoi/socialmediaacct.cf m. 3 Web Measurement and Customizatio n Technologies Policy To optimize user experience and provide statistically accurate data about use of websites, the Department of Commerce allows the use of Web measurement and customization technologies. These technologies include, but are not limited to, cookies. This policy applies to all Department of Commerce operating unit public-facing NIST uses cookies to implement Google Analytics. See also the Digital Analytics Program (DAP). 1 NIST Comprehensive Records Schedule: http://inet.nist.gov/mando/services/upload/NIST-Comprehensive-Record-ScheduleN1- 167-92-1.pdf.
  7. 7. 7 DOC POLICY DESCRIPTION NIST APPLICATION websites. This policy does not apply to Commerce operating unit intranets. Commerce Web sites using tracking technologies that do not collect personally identifiable information (PII) from the public do not require authorization. See section 12 regarding the collection of personally identifiable information (PII). In some cases, third-party websites or applications use Web measurement and customization technologies solely for the third party’s own purposes. This Commerce policy does not apply as long as third parties do not use Web measurement and customization technologies on behalf of the Commerce operating unit, and personally identifiable information (PII), or any information that could be used to determine an individual’s online activity derived from such uses, is not shared with the Commerce operating unit. 4 Content Management All Department of Commerce websites, including intranet sites not available to the public, shall be related to the mission, goals, and objectives of the Department and be subject to appropriate management controls. The NIST OU Information Coordinators oversee processes to ensure the accuracy of website content and compliance with NIST and DOC website policies. 5 Links to DOC Home Page The home page of every organization listed in the Scope section shall prominently identify at the top of the page that it is part of the Department of Commerce and link to the Department's home page. Applies to NIST external homepage only. See NIST homepage footer. http://www.nist.gov/ 6 Links to Organizationa l Home Pages Any home page maintained by or for a Department of Commerce organization shall include a navigational link to the home page of a higher level organization within its hierarchy. Only needed at the NIST level, see NIST homepage footer. http://www.nist.gov/ 7 Required Administrativ e Links DOC Major websites must include the following links: 1. A link, called FOIA, to information made available under the Freedom of Information Act. The FOIA link can be either to the Department's FOIA web site or to the Operating Unit's FOIA website. 2. A link to the Web site Privacy Policy (as required by the Web policy on Use standard NIST footer on all web pages to satisfy this requirement. Note, if you have forms that collect information, or use persistent cookies, or any other privacy issues that are NOT directly addressed in the standard NIST Privacy Policy, you may need an additional Privacy statement. (see section 12)
  8. 8. 8 DOC POLICY DESCRIPTION NIST APPLICATION Privacy Policy Statements and Information Collection); 3. A link to http://www.USA.gov; 4. A link, called Information Quality, to the Department's or the Operating Unit's (as appropriate) Information Quality Guidelines; 5. A link, called either "About Us" or "About [Your Operating Unit or Line Office]," or "About DOC," to a page with links to the following : a. Summary statistical data about equal employment opportunity complaints filed with the agency and written notification of "Whistleblower" rights and protections, as required by the No FEAR Act of 2002. This can be done either through a link to the Department of Commerce No FEAR Act web page or through a link to an Operating Unit No FEAR Act page; b. The Department's strategic plan and annual performance plans; c. Descriptions of the Department's organizational structure, mission and statutory authority d. The agency point of contact for small businesses as required by the Small Business Paperwork Relief Act of 2002, at the Commerce and the Small Business Paperwork Reduction Act Web page; and any specific cross- government portals or links required by law or policy for your Operating Unit. 8 Identification of Web Site Owner All Department of Commerce organizations' webpages, both internal and public-facing shall identify the "Web site owner". Internal and external sites within the CMS use standard headers, footers and contact blocks to satisfy this requirement.
  9. 9. 9 DOC POLICY DESCRIPTION NIST APPLICATION This identification shall be accomplished in either of two ways: ● By placing the text "website owner: " followed by the name of the organization which manages the content of the Web site, anywhere on the page, or ● By placing a "Contact Us" link on the page, and placing the text "website owner:” followed by the name of the organization which manages the content of the Web site, on the page that is reached by the "Contact Us" link. Exceptions: ● Any Web page, document, or file which is a verbatim copy of a legal document. ● Any Web page or file which is part of a larger document and which is not the first Web page of the overall document. 9 Web Site Contact Information Every public-facing website of a Department of Commerce organization shall provide an electronic method for comments, inquiries and accessibility issues. A “contact us” link(s) should be provided. 1 0 Domain Names (other than .gov, .mil, or .fed.us.) All second-level domain names registered to the Department of Commerce shall adhere to federal domain naming conventions, i.e., .gov, .mil, or .fed.us. Unless approved by the Secretary of Commerce, the use of .com, .org, .edu, .net, .biz, .tv, or other domains is prohibited. Exceptions: Policy 1 level CIOs may grant exceptions to this policy. Approved non-.gov domains must only be used as either a redirect to services that provide official government information on an approved .gov domain name or to services covered under other formal terms of service agreement. This requirement also applies to the rare exceptions where the use of a non-.gov domain name is determined to be necessary to avoid misuse of a Commerce domain name. Requests for new top-level domains should be directed, with a business case, through the OU Information Coordinator to the PAO Director or their designee. Approvals will be granted jointly by PAO and OISM staff. Requests must be submitted through an operating unit CIO by filling out the Commerce domain name checklist and submitting it to the Commerce Registrar for final approval from the Commerce CIO. 1 1 Web Site Accessibility All websites of Department of Commerce organizations, including intranet sites Standards for Web Site Accessibility lists the nineteen specific accessibility requirements that
  10. 10. 10 DOC POLICY DESCRIPTION NIST APPLICATION for Persons with Disabilities not available to the public, shall be designed to ensure that members of the public with disabilities, and Federal employees with disabilities, have access to, and use of, information and data that is comparable to the access and use available to persons who do not have disabilities. The DOC adopts, as a Department of Commerce standard, the regulations implementing Section 508 of the Rehabilitation Act Amendments of 1998 that pertain specifically to websites Exceptions: Web pages posted before June 21, 2001, are grandfathered. However, Commerce organizations are encouraged to make all Web pages posted prior to June 21, 2001 accessible. Web pages that have remained static since 2001 should be reevaluated at least once a year to determine if they should still be on the Internet. your website must meet to make your site compliant. Accessibility Frequently Asked Questions provides answers to common questions about this policy. See also, this PDF document accessibility checklist, myths and facts about compliance, and guidance on creating accessible PDFs. 1 2 Privacy Policy Statements and Information Collection Major points of entry and any page where information is collected on any Department of Commerce organization's site, internal and public-facing, shall include a clearly identifiable link to a privacy policy statement which shall disclose the information collection practices of the site. This link must be called "Privacy Policy." This applies to both internal and public-facing websites. In addition to disclosing the information collection practices of the site, all Privacy Policy statements must notify website visitors of their rights under the Privacy Act, regardless of whether the website uses or collects any Privacy Act information, or any information at all. See also section 3 on the Web Measurement and Customization Technologies Policy. NIST Privacy Statement. Use the standard NIST footer to satisfy this requirement. Prior to engaging in any information collection activity, the NIST Privacy Officer should be consulted to determine if the information to be collected is subject to the Paperwork Reduction Act (PRA) and requires OMB approval. Additional privacy statements may be required by the Paperwork Reduction Act (PRA) on sites that use on-line forms to collect standardized information (other than contact information) from ten or more individuals outside the Government (e.g., applications, surveys, or questionnaires). An undifferentiated "suggestion box" that requests ideas and comments is not considered standardized information collection. An additional "Privacy Act Statement" is required when information is stored or retrievable by a personal identifier (e.g., name, social security number). Where Web forms are used, a link to the NIST Privacy Statement shall be viewable without scrolling OR located adjacent to the "submit" button on the form. When multi-page forms are used, a link shall be viewable without scrolling on the first page AND adjacent to any "submit" buttons.
  11. 11. 11 DOC POLICY DESCRIPTION NIST APPLICATION Where a website is directed toward children or information is knowingly collected from children, the Privacy Policy statement must also provide a contact and get parental consent before collecting, using or disclosing individually identifiable information about a child that is collected online. When information is collected from children, the site must also provide a mechanism to allow parents to review personal information collected from their children. You should consult with the Office of the General Counsel if your site is collecting information from children. 1 3 Machine- readable Privacy Policy In addition to a “human readable” Privacy Policy, all public-facing websites shall have a machine-readable privacy policy that alerts users automatically about whether site privacy practices match their personal privacy preferences. The machine-readable privacy statement can be implemented either on the individual Web site or on the Web server on which the Web site resides. However, if implemented on the server, all Web sites using the server's machine-readable privacy statement must, obviously, have the same privacy policy, at least with regard to the elements covered by the machine-readable privacy statement. If a Web site on the server does not conform to that statement, it must have its own separate machine-readable privacy statement. A machine-readable privacy policy has been placed on the NIST external web server. 1 4 Endorsement Disclaimer All Department of Commerce public- facing websites shall have a disclaimer stating that links to non-Federal Government Web sites do not constitute endorsement of any product, service, organization, company, information provider, or content. Standard NIST Disclaimer. Use the standard NIST footer to satisfy this requirement. 1 5 Offsite Notification Any link from a public-facing Department of Commerce Web site that directs a visitor to a site not under the control of a Federal Government agency or organization shall be accompanied by a clear notification that the visitor is leaving the site for a non U.S. government site. The exit script is automatically applied to all appropriate external links residing in the NIST central content management system (CMS). Code must be manually inserted for NIST sites/domains that are not in the CMS. Information about how to obtain the exit script code is available on NIST’s intranet. Exit scripts are not required on intranet sites. 1 6 Lobbying Prohibited Websites of Department of Commerce organizations, both internal and public- facing, shall not be used for direct or NIST web pages may not link to any web pages that engage in lobbying or encourage such activity. Also, NIST cannot host a website or web pages for any
  12. 12. 12 DOC POLICY DESCRIPTION NIST APPLICATION indirect lobbying or link to Web pages that engage in such activities. group or organization, if the hosted site or web pages engage in lobbying or link directly to any page that does, regardless of whether NIST has any control over the content of the site. 1 7 Searchable Web Pages Department of Commerce (DOC) websites, including intranet sites not available to the public, must assist the public in finding and using government information. Requirement 1: For All Department of Commerce webpages Use HTML/XHTML or XML <title> tags to describe the content of Web pages. All DOC webpages must contain a unique page title in the head section that specifically relates to the contents of that page. Requirements 2 and 3: For all DOC Major websites: Provide a search function. Major websites must include a search function. This may be in the form of a search box or a link to a search page. Sensitive Information: Agencies must ensure that sensitive or restricted information, or personally identifiable information (such as social security numbers), cannot be retrieved using a search engine. 3. Use Standard Metadata. As provided in OMB guidance, organizations should follow the recommendation of the Interagency Committee on Government Information (see Webcontent.gov - Use Standard Metadata) and use metadata syntax consistent with the Dublin Core Metadata standards posted at http://www.dublincore.org. At a minimum, the following six meta tags, following Dublin Core format, are required: ▪ Title - This tag is different from the HTML/XHTML or XMLtitle tag, but the same title text should be used. Requirements 2 and 3 – sites using NIST content management system (CMS) are compliant.
  13. 13. 13 DOC POLICY DESCRIPTION NIST APPLICATION Example: <meta name="DC.title" content="Home page of NOAA's National Weather Service" /> ▪ Description - A brief description of the contents and purpose of the individual page. Example: <meta name="DC.description" content="NWS Home page." /> ▪ Creator - The content owner; this should be the name of the organization. Example: <meta name="DC.creator" content="US Department of Commerce, NOAA, National Weather Service" /> ▪ Date Created - The original creation date of the page in ISO8601 format (YYYY-MM- DD). Example: <meta name="DC.date.created" scheme="ISO8601" content="2001-01-01" /> ▪ Date Reviewed - The date the page contents were last reviewed in ISO8601 format (YYYY-MM-DD). Example: <meta name="DC.date.reviewed" scheme="ISO8601" content="2005-09-22" /> ▪ Language - Declares to users the natural language of the document being indexed. Search engines which index websites based on language often read this tag to determine which language(s) is supported. This tag is particularly useful for non-English and multiple language websites. If the content is in more than one
  14. 14. 14 DOC POLICY DESCRIPTION NIST APPLICATION language, the element may be repeated. Example: <meta name="DC.language" scheme="DCTERMS.RFC176 6" content="EN-US" Additional Metadata: Organizations should include subject and keyword metadata if it is helpful for improving search relevancy and for content classification. If organizations do choose to use additional metadata, they should choose from Dublin Core standards, where possible. Robot Exclusion Protocol: In those instances where organizations determine that sites should not be indexed or that indexing should be limited, they may use the Robot Exclusion Protocol (see Resources below). Example: <meta name=”ROBOTS” content=”NOINDEX, NOFOLLOW” /> [This tag instructs robots not to index the Web page] 1 8 Evaluation of Information Before Publication Before publishing information on internal or public-facing websites, Department of Commerce organizations must ensure that the content is appropriate for dissemination and that the proposed level of access is appropriate to the content. The NIST OU Information Coordinators oversee processes to ensure the accuracy of website content and compliance with NIST and DOC website policies. 1 9 Annual Web Site Certification The CIOs listed in Policy One shall annually certify to the Department's CIO that all websites of their organization, internal and public-facing, comply with the Department's Web policies, located at http://www.osec.doc.gov/webresources. If any deficiencies exist, the CIO shall provide a plan to bring the websites into compliance. The Department's CIO will determine whether the proposed approach is acceptable, and retains the authority to shut down any site for non- compliance. The NIST Public Affairs Office disseminates and annual request the OU Information Coordinators for collection of OU submissions for the NIST Annual Web Site Certification Report. See also: http://www.osec.doc.gov/webresources/ APPENDIX C. OTHER POLICIES ● NIST P 150.01, NIST Web Content Policy (forthcoming)
  15. 15. 15 ● NIST 122.01, Public Communications ● NIST N 121.01, NIST Web 2.0/Social Media ● Department of Commerce Mandatory Web Policies ● The Digital Government Strategy - Building a 21st Century Platform to Better Serve the American People ● Executive Order 13571 - Streamlining Service Delivery and Improving Customer Service (April 2011) ● OMB Memorandum M-11-24, Implementing Executive Order 13571 on Streamlining Service Delivery and Improving Customer Service (June 2011) ● The Interagency Committee on Government Information (ICGI) Recommendations for Federal Public Websites – 2004 ● OMB Policies for Federal Agency Public Websites (OMB M-05-04) and the related OMB Circular A-130 ● The Government Performance and Results Act (GPRA) ● Plain Writing Act of 2010 (October 2010) President’s Memorandum on Transparency and Open Government (January 2009) ● U.S. Digital Service list of best practices ● NIST identifier ● Software disclaimer
  16. 16. 16 APPENDIX A: CONTENT MANAGEMENT SYSTEM The Sites platform is a shared service and is a product of the Digital Government Division of the Office of Citizen Services and Innovation Technologies in the U.S. General Services Administration. The Digital Government Division handles all software installs, updates, upgrades, add-ons, hosting, and storage. There is a 30-day build cycle for new features, with new releases at the end of the month. Security updates are performed as required and WordPress version updates will occur in tune with stable WordPress platform releases. It is anticipated roughly quarterly WordPress version updates. The Sites platform has passed the certification and accreditation process for federal web applications, including extensive industry standard security testing to ensure that it complies with all National Institute of Standards and Technology and GSA security guidelines. Comparison: HTML vs. Sites.usa.gov Content Management System August 10, 2015 Element Current site Sites.usa Analytics Uses Google Analytics; external customers randomly surveyed using Foresee plug in Google Analytics code is already included as part of the site themes Content migration Not needed if status quo maintained Tools available to help with migrating content into Sites.usa Cost In-house support No cost during this “alpha” period where working with initial clients; 90-day notice before implementing fees based on volume, services Design/development support In-house IT Not provided as staff resources but online self-help resources available Design of site Based on HTML and Cascading Style Sheets; Because of HTML limitations, site looks out of date Offers latest in design capabilities; Can use customized, modern themes; more opportunities to tag and structure content; plug-ins, widgets available for blogging, search, etc. Domain name Manufacturing.gov--existing URL secured Can apply for the same domain name; approval process takes a few weeks; new names must be requested through dotgov.gov Hosting NIST?? By Sites.usa Mobile/responsive format Limited Mobile friendly; responsive for all device formats; stay current with latest changes in responsive technology Multi-media capability Limited Expanded; can use plug-ins, upload video, graphics, photos more easily PII No PII stored or collected Does not store PII; collects PII only if someone registers to access software or asks a question but info is not stored Platform HTML Open source WordPress administered by Sites.usa/Digitalgov
  17. 17. 17 Element Current site Sites.usa Plug-ins AddThis social media plug-ins for Facebook, Twitter, email New ones deployed monthly; makes code for such things as surveys or forms available as they are developed; keeps agencies at cutting edge Policies Follows all executive and agency web and social media policies Follows all executive and agency web and social media policies Referrals (other clients) N/A Other sites in Sites.usa: fedstats.sites.usa.gov, eliminatechildabusefatalities.sites.usa.gov, challenge.sites.usa.gov-- White House, Department of Justice, NASA Data Portal are all using WordPress and may be within Sites.usa; millions of websites use WordPress Search Site search Search-optimized themes Security Compliant with federal and agency security policies Passed certification, accreditation and standards for federal websites; complies with NIST and GSA standards; Denial of Service protection; firewalls; attack response teams Service agreement N/A Sites.usa has terms of service; Need service agreement for incident response, monitoring Site availability Now available; minimal downtime Uptime is 99.9%; Once domain name and content are available, it takes a week for Sites.usa to set up new site Site administration NIST GSA is the Sites.usa owner; Sites.usa manages software installs, updates, upgrades, add-ons and hosting and storage; NIST can have site administrators and give users’ permission and manage content Social media Icons, feeds for Facebook, Twitter; AdThis plug-in for social media feeds Social sharing capability; can use shortcodes (WordPress codes that allow you to easily add multimedia content to your posts without any coding, including content from social media.) Storage Handled by Sites.usa in the Cloud Staging or production server Existing Not provided Styles and formatting Based on HTML Can choose from among 18 themes or submit theme for approval; can customize the Cascading Style Sheets in WordPress, which applies styles across site Support GSA Open source community; Digital.gov user community;Wordpress.org self-service and support Terms of Service GSA and NIST Must agree to and follow Terms of Use
  18. 18. 18
  19. 19. 19 APPENDIX B. DOCUMENT REVISION HISTORY REVISION DATE DESCRIPTION Initial Publication
  20. 20. 20 APPENDIX C: DOCUMENT APPROVALS _________________________________ Mike Molnar, Director AMNPO ________________ Date (mm-dd-yyyy) _________________________________ Rob Glenn, NIST Chief Information Security Officer ________________ Date (mm-dd-yyyy) _________________________________ Gail Porter, Director, NIST Public Affairs Office ________________ Date (mm-dd-yyyy)

×