Dr. George Strawn


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Dr. George Strawn

  1. 1. IT Management at NSF George O. Strawn NSF CIO
  2. 2. Outline <ul><li>GAO Study of Agency IT Management </li></ul><ul><li>GAO Recommendations to NSF </li></ul><ul><li>BAH Draft Recommendations to NSF </li></ul>
  3. 3. Statutory Framework for IT Mgmt <ul><li>Paperwork Reduction Act of 1995 Clinger-Cohen Act of 1996 E-Government Act of 2002 FISMA Act of 2002 Exec Order 13011, Fed IT Exec Order 13103, Software Piracy </li></ul><ul><li>GAO identified 30 IT management practices and reviewed 26 agencies for compliance </li></ul>
  4. 4. GAO Study of Agency IT Management <ul><li>The title says it all: “Government-wide Strategic Planning, Performance Measurement (SP&PM), and Investment Management (IM) Can Be Further Improved” </li></ul><ul><ul><li>46% of SP&PM practices are in place, 41% are partially in place, and 7% are not in place </li></ul></ul><ul><ul><li>44% of IM practices are in place, 37% are partially in place, and 17% are not in place </li></ul></ul>
  5. 5. SP&PM Recommendations to NSF <ul><li>Document IT strategic mgmt processes </li></ul><ul><li>Include IT security requirements in annual performance plan </li></ul><ul><li>Implement a process for assigning roles and responsibilities for achieving IT goals </li></ul><ul><li>Develop performance measures for controls to prevent software piracy </li></ul><ul><li>Develop mechanism for benchmarking IT management processes </li></ul>
  6. 6. IM Recommendations to NSF <ul><li>Develop an IT management investment guide (IT IM vs other plans and processes; IT capital planning and invest control) </li></ul><ul><li>Implement a structured IT selection process </li></ul><ul><li>Involve the “IT investment management board” in controlling and evaluating IT investments </li></ul><ul><li>Define and document the elements of post-implementation reviews </li></ul>
  7. 7. IT Management Strategy Source: Business Analysis Technical Proposal & Statement of Work IT Governance Frmwrk IT Vision Technology Forecast IT Mgmt Structures CPIC Performance Enterprise Arch. Long Term Imple. Plan Detailed Imple. Plan Business Cases EA Version 2.0 EMO Corp. Dir. SIA NGGMS Annotated LT plan IT Vision & Strategy Sustained Operations Plan EMO Data Quality Assurance ConOps* Disaster Recovery* * Already established
  8. 8. IT Governance Framework Source: Business Analysis Technical Proposal & Statement of Work Shaded components are addressed in the DRAFT NSF TT Governance Framework v0.51 1/16/04.doc. Non-shaded areas will be addressed in the final document v1.0 3/31/04 Baseline (As is) SDLC Technology Network Data Security Target (To Be) Implementation Plan CPIC Performance Enterprise Arch. Performance Meas. Reporting IT Capital Planning Investment Management Business Cases Mgmt. Structures Committees Working groups NSF Personnel Investment Calendar Schedules IT Risk Management Change Control Standards Mgmt.
  9. 9. The CIO Advisory Committee (CIOAC) could become an IT Management Board as envisioned by GAO SMIG CIOAC KMAT E-Bit SWG WAG CIMG
  10. 10. Possible CIOAC sub-teams and functions <ul><li>Capital Planning Investment Control </li></ul><ul><ul><li>coordinate IT capital investments made by NSF </li></ul></ul><ul><li>Enterprise Architecture </li></ul><ul><ul><li>updating and maintaining EA </li></ul></ul><ul><ul><li>managing the adoption, modification and retirement of standards in : Technology, Data, Network and Security </li></ul></ul><ul><ul><li>address new projects, updates to existing systems and retirement of legacy systems </li></ul></ul><ul><li>Performance & Risk management </li></ul><ul><ul><li>helps to control risks for major IT investments through and Identify Assess, Prioritize & Maintain procedure </li></ul></ul>NB: The CIOAC, if expanded as described here, would probably take the place of the SASB