cot town hall thursday, aug. 27, 2015. agenda opening remarks cio jim fowler employee of the month...
TRANSCRIPT
AgendaOpening remarks CIO Jim Fowler
Employee of the Month recognition AwardsSoftware SunsetWindows FutureFY 17/18 Billing philosophy and rates
•Office 365 – Rick Woodruff, Jim Barnhart and Tamara Pigeon
•I.3 Status Update – Andrew Smith
•KECC Drive – Liz Rodgers
•GIS Award Presentation
•Service Development Lifecycle (SDLC) Presentation – James Koontz
•Strategic Plan Update – Glenn Thomas
•Security Roadmap – David Carter / Elwyn Rainer
•Service Catalog Overview – Liz Rodgers •Getting Ready for the Cloud – Stuart Johnston
•Questions & Answers – Jim Fowler
Jim FowlerChief Information Officer
Employee of the Month recognition Awards
Software SunsetWindows Future
FY 17/18 Billing philosophy and rates
Employee of the Month
Winners
JanuaryFebruary
MarchAprilMay
JuneJuly
Tary FullerNeil HamiltonBarrett Richardson Michael Powell John Modlin Matt Lewis Sessani Withers
Why Office 365
Considerations for moving to the Office 365 platform•New features in Office 365
– Native encryption for email: Type a word in the subject line like “Secure” and the system will see the word and automatically encrypt the email
– Data Loss Prevention: Control what happens to an email after you’ve sent it. If you only want it to go to your intended audience you can prevent it from being forwarded.
– Automatically encrypt emails that have certain types of private information: Policies scan content that looks like social security numbers or protected data and automatically encrypts emails.
– License users and not machines: Users can have Office 365 on up to 5 different devices•Projected Cost savings over the next 6 years
– $600k -$1.2 Million
•A step to becoming a true service delivery organization– Allows COT to be spending time on higher value service delivery activities
How are we going to do it?
• Proof of Concept– Identify candidates \ migrate 100 users email and personal network drives into
the cloud– Perform normal day to day operations and get feedback from users– COT members to execute test scripts
• Solicit feedback from agencies– Explain the baseline security of Office 365 via the BRMs– Identify exceptions\agency requirements on what else they need to be
compliant in the cloud with email or personal files • Create a plan on how to execute a large Enterprise rollout
– What agencies first?– Do we need to upgrade any existing systems before rolling out?– Establish training and communication plans for large audiences
• Evaluate the feedback from all items. Make a decision…do we take the Enterprise to Office 365?
10
I.3 Program Implementation Roadmap (Initial)
FY14T
ran
sfo
rmat
ion
Man
agem
ent
Tec
hn
olo
gy
Tra
nsf
orm
atio
n
Facilities Transformation
Technology Services (Server, Storage,
Databases, Tools)
Security
Program Management
Financing & Sourcing
IT Service Management
(ITSM)
Workforce Transformation
Organizational Development &
Training
Develop Program
Financial ModelManage & Update Program Financial Model (Continuous Improvement)
Document COT Service
Descriptions & Rates
Document Detailed
Application / Infrastructure
Mapping
Create Enterprise
Architecture -
Develop Upgrade
Plans
Develop Security Framework Update
Security Req. & Plan
Review Current IT
Service Management
Organization, Policy,
Processes, & Tools
Review Current Services & Service
Level Requirements
Begin Service Management (ITSM) Upgrade Program
Implement & Manage Security Projects (Continuous Improvement)Update Security
Policy & Processes
Program Charter Executive Management & Oversight
Cabinet Transitioned InfrastructureLocation/Space Selection
Facility Design/Upgrade Upgrade Data Center Facilities for Cabinet Transitioned InfrastructureAnalyze Requirements
Measure & Refine
Workforce Organization
Develop Transition
PlanExecute Workforce Transition, transitions occur with Cabinet Infrastructure Transition
Implement / Refine / Update Service Catalog & Rates (Continuous Improvement)
Develop Process to Capture Financials (Current &
Future)
Analyze COTTechnology
Upgrade Requirements
Implement New Operations Model(ITSM Phase 1 Projects)
Develop Training Content
Execute Training
Develop Workforce Training
Plans
Identify Implementation Team (roles &
responsibilities)
Select Implementation Teams Members
Monitor and Update I.3 Program Plan
Commit Milestones
Provide Ongoing COT IT Operations Management
Decommission Cabinet IT Infrastructure Operations & Assets – Post Transition
Tra
ns
form
ati
on
Pro
gra
mO
p s
Work Threads FY15 FY16
Migrate CPE Data Center
FY13
POC(OSBD)
Migration
Business Continuity &
Disaster Recovery
Update BC & DR Architecture and
Services
Review Cabinet BC & DR
Requirements Implement & Manage BC & DR ArchitectureUpdate DR
Infrastructure Develop Cabinet
BC & DR Plans
Service DeskUpdate Service
Desk Processes & Front Range Tool
Review Service Desk Req.(Tools & Process)
Develop Service Desk Upgrade Plan
Service Desk Transitions occurs with Cabinet Infrastructure TransitionsDevelop Service Desk
Training Program
Execute Service Desk
Begin Infrastructure Transition
Execute Security Architecture
Design Program Governance
Implement Program Governance Manage Program Governance (i.e., TAC, CAB, Configuration Mgmt, Change Control, Release Mgmt, etc.)
Create Implementation
Processes, Metrics & Templates
Migrate EDU Data Center
Migrate GAPS Data Center
Migrate Justice Data Center
Develop Cabinet/Agen
cyDetailed
Transition & Test Plans
Migrate CHFS Data Center
Migrate FIN Data
Center
Migrate KYTC Data Center
Migrate CED
Data Center
Migrate Labor Data
Center
Migrate General Gov. Data Center
Stabilize COT
Environments-
Review Infrastructure Architecture Performance
Optimize COTEnvironments
-Develop
Optimization Plans & Future
Architecture Revisions
Service Level Baseline Period occurs with Cabinet Infrastructure Transitions Service Level Optimization & Continuous Improvement
Migrate Personnel Data Center
Document POC
Lessons Learned
Program Plan
Test Cabinet BC & DR Plans
Monitor & Report COT Service Level (Baseline Review)
Infrastructure TransitionCompleted
Security Access Mgt. Installed
Manage Cabinet IT Infrastructure Operations & Assets – Pre-transition
Ongoing Training & Development
Implement New Operations Model (ITSM Phase X Projects)
(Continuous Improvement)
POC(OSBD) Network
Document POC LLs
Network Services
(Data & Voice)
Stabilize COT
Network Environments
Review Network Performance
Optimize NetworkDevelop
Optimization Plans Future Architecture
Develop Desktop Implementation
PlanDesktop Services
Optimize Desktop Refresh Program(Continuous Improvement)
Continuous Improvements
Analyze Network
Requirements
Create Enterprise Network
Architecture
Develop Cabinet/AgencyDetailed Network
Transition & Test Plans
Develop COT Network and Toolset Upgrade
Plans
Define IT Service Management
(ITSM) Architecture
Define Process, Roles, Tools
Service Level Monitoring & Reporting occurs with Cabinet Infrastructure Transitions
Migrate Tourism
Data Center
Migrate CPE Network
Migrate EDU Network
Migrate GAPS Network
Migrate Justice Network
Migrate CHFS Network
Migrate FIN Network
Migrate KYTC Network
Migrate CED
Network
Migrate Labor
Network
Migrate General Gov.
Network
Migrate Personnel
Network
Migrate Tourism Network
Ser
vice
s T
ran
sfo
rmat
ion
Organization
Change Manageme
ntCabinet Communications
Identify Business
Relationship Managers
Deploy Business Relationship Managers
Executive Leadership / Stakeholder Workshops
Define & Implement Proof of Concept
Define & ImplementCampaign Initiatives
Define & ImplementCompliance & Audit Reviews
Stabilize Service Desk Delivery
Optimize Service Desk
Delivery Performance
Continuous Improvements
Upgrade Desktop Support
Processes
Ongoing Security & Compliance Assessments
Ch
ang
e L
ead
ers
hip
Quarterly Desktop Refresh
Quarterly Desktop Refresh
Quarterly Desktop Refresh
Quarterly Desktop Refresh
Perform Infrastructure and Tool Set Upgrades
Update Rates FY15/16Implement COT Service Descriptions & Rates
Implement Service Desk Training Program occurs with Cabinet Infrastructure Transitions
Where are we now?
• Majority of desktops in the executive branch are managed by COT (n>90%)
• Majority of servers in the executive branch are managed by COT and (if possible) located at the CDC (n>90%)
• Majority of Network systems are managed by COT (n>90%)
• Most agencies are either integrated into COT Operations or preparing to transition to COT Operations
Where are we now?
• Database Administration is in transition to COT • Storage has been centralized allowing more
effective provisioning and use of the Commonwealths storage arrays
• Disaster recovery is now handled by COT via the ADC (as requested) with TSM backups by default replicated to the ADC for high protection
What have we learned?
• COT departments and agencies need to collaborate more successfully and to be successful
• Self reported data is misleading in many cases• The level of application documentation for many
Commonwealth applications is not consistent• Foundation processes are not available in most
agencies, too many relied purely on “tribal” knowledge
• Backup, virus protection, inventory and other foundation items were not always being done
What have we learned?
• Active Directory processes were not consistent among agencies, some agencies had never deleted older employees making cleanup longer
• Multiple Windows 2000 servers and older made virtualization difficult to impossible
• With no SDLC (Software Development Life Cycle), many agencies did not consider long term solutions for application delivery, causing issues with out of date software, equipment and processes
The Future
As I.3 ends we will need to continue to foster a culture where collaboration and
cooperation (Inside of COT and with our customers) continues to take advantage of
the tools and experience across the Commonwealth. We have seen the ability for all areas of COT and agencies to be great partners and need to capitalize on these positives to continue to succeed.
Special Achievement in GIS
Office of Application DevelopmentDivision of Geographic Information
Award Presentation
Workgroup Charge
It is the purpose of this committee to consider a Systems Development Life Cycle (SDLC) for adoption by
all cabinets to include all project phases (initiation, planning, execution, installation instructions, release
management, and change management).
Workgroup Representatives• Jim Fisher, Co-Chair (KYTC)• James Koontz, Co-Chair (COT)
• Matt Burberry (CHFS)• Stephanie Clay (COT)• Michele Kays (Personnel)• Steve King (Personnel)• Tim McClain (CHFS)• Daniel Miller (Education-WF)• Charles Robb (COT)• Phil St. John (PPC)• Steven Vest (CED)
Workgroup Activities• Conducted weekly meetings to complete SDLC
guidelines
• Created base content for the five phases
• Project Management processes were separated from the technical tasks documented in the guideline
SDLC Guideline Overview
• Document Overview• Five Phases
o Phase Description, Objectives, Inputs, Deliverables, Key Tasks, Roles
• Appendices (A-D)o Glossary and Acronyms, Role Descriptions, SDLC Process Flow,
Acknowledgements
SDLC• Outstanding Tasks
o Complete remaining two templateso Finalize for publishing purposes
• Key Takeaways o Multiple agencies working together to accomplish a
common goalo Flexible process designed to accommodate multiple
development methodologieso Material used from existing states SDLC processes
Strategic Plan Update
• Our Mission – to provide an enterprise technology framework and services supporting the current and future needs of the Commonwealth.
• Our Vision – to enable a proficient government and support a 21st century economy by being a national leader in public sector information technology that is a trusted and valued business partner.
Strategic Plan Update
Goal 1: Customer Service ExcellenceStrategy 1: Provide timely, accurate & consistent service delivery
Strategy 2: Establish a comprehensive & transparent process for customer service education & response
Strategy 3: Improve ongoing COT/customer communication
HEAT project underway to replace Front RangeUpdated CIO-085 Authorized Agency Contacts
Including authorized agency contacts in GovDelivery systemAlerts, ACMs and Calendar events posted to COT website
Integration of BRMs with the agencies and ongoing meetings with CIOCustomer Survey planned in 2016
Strategic Plan Update
Goal 2: Effective, Efficient & Innovative Government through the use of Enterprise Information Technology
Strategy 1: Optimize infrastructure service delivery within Executive BranchStrategy 2 : Leverage opportunities afforded by new technologies to enhance
service delivery
I.3 program – 90+% consolidated with support transitioned to CSDOnce completed COT will begin process to optimize consolidated infrastructure
New Technologies:Cloud – O365 POC; RFP development for IT “as a Service”
Strategic Plan Update
Goal 3: Collaborative & Participatory Information Technology Governance
Strategy 1: Refine the enterprise governance modelStrategy 2: Prioritization of agency legacy system modernization
Strategy 3: Develop a technology life cycle model
TAC subcommittees established for: Strategic Plan, Enterprise SLA template, Web standards, SDLC standard, Enterprise Document Management, Legacy System
Identification, Capital IT Project ReviewEASC now ITSC and is a TAC subcommittee
LSI established a Risk Modernization Assessment for inclusion in Capital IT project scoring criteria. Multiple systems recommended for funding.
Strategic Plan Update
Goal 4: Highly Skilled, Motivated & Effective WorkforceStrategy 1: Coordinate & streamline COT HR & staffing functions
Strategy 2: Build a skilled, cohesive workforce w/ increased understanding of COT operations
Strategy 3: Explore alternatives to the current staffing model
Becky Joyce – COT Human Resource coordinatorStaff Augmentation approval process
Employee of the Month programSkills Assessment coming 2016
SDS contract – under review/rebid early 2016
Strategic Plan Update
Goal 5: Security Focused Information Technology Environment & Culture
Strategy 1: Enhance and continually improve IT securityStrategy 2: Raise awareness of the significance of security threats
and vulnerabilities
CIO-091 Enterprise Information Security ProgramUpdates to existing CIO security policies underway
Annual security training program for COT staffEnd user security training video being used by all agencies
and promoted by Personnel CabinetNew Security Roadmap kicked off in 2015. Work continues.
Purpose• Customers cannot and should not build their
own solutions for infrastructure
– Expertise lives in COT
– Opportunities for using economies of scale and pooled resources are overlooked
– Undue cost and complexity
Purpose• Customers want services, but don’t always
know what we offer or how to get it
– Centralize
– Simplify
– Standardize
Objectives
• Design an intuitive, customer-friendly interface• Manage access to ensure requests are authorized• Standardize service offerings • Streamline and simplify request procedures• Communicate the new service delivery strategy to
customers• Secure internal buy-in to reinforce the message
ApproachWhat is a service?
•A service is a means of delivering value to the customer by facilitating outcomes.
•A service is a combination of technology , people and processes.
•A service is an action, not a thing.
Approach• What services does COT provide?
– Began with rated services
– Brainstorming session with teams
– Weeded out incident response, maintenance and back-office processes
Approach• Hybrid approach to bridge the gap
– Give savvy customers and frequent flyers a direct route to specific items
– Gradually introduce the concept of holistic service delivery to improve buy-in
– Allow COT to mature
Approach• Keep supporting processes in the back office
These are part and parcel to the services that use them, not services themselves
• Procurement • Billing• Incident Management• Change Management
Approach• Align resources with service delivery
– Service Owner will be responsible for design, scope, cost and delivery strategy
– Service Delivery Manager will be responsible for ensuring the service is delivered timely and as designed
– Teams built around service delivery activities, not necessarily the org chart
Next Steps• Meet with teams to make sure all services
have been identified• Ensure service descriptions are accurate and
include deliverables• Map processes from customer to completion • Estimate times to deliver
Definition
Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.”
3 Service Models: 5 Essential Characteristics:Software as a Service (SaaS) On Demand Self-servicePlatform as a Service (PaaS) Broad Network AccessInfrastructure as a Service (IaaS) Resource Pooling
Rapid Elasticity4 Deployment models: Measured ServicePublic, Private, Community, Hybrid
COT Strategic Plan
Core Values for IT across the enterprise:
Being Forward Thinking Enterprise-wide IT strategic direction:
Cloud
COT Strategic Plan Goals:
1. Customer service excellence 2. Effective, efficient and innovative government through the use of enterprise IT 3. Collaborative and participatory IT governance
4. Highly skilled, motivated and effective workforce
5. Security-focused IT environment and culture
COT Strategic PlanGoal 2:
Effective, efficient and innovative government through the use of enterprise IT
Objective 2.1- To optimize infrastructure service delivery within the Executive Branch
Objective 2.2- To leverage opportunities afforded by new technologies to enhance service delivery.
Strategy
Pre-qualify vendor(s) in the areas of IaaS, PaaS and SaaS in order to procure cloud services in a secure, reliable, and measurable manner that will support the business & technical requirements of the enterprise.
Activities to Date
1. Cloud models and services2. Review Storage as a Service RFP3. NASCIO documentation 4. Review GSA and NASPO (WSCA) websites 5. Gartner conference call - Cloud Best Practices6. Cloud Computing & FedRAMP Security Workshop 7. RFP Team kickoff meeting8. Gartner Catalyst Conference
Next Steps
1. Ongoing strategy discussions 2. Review cloud policy3. Inventory cloud applications 4. Procurement
Potential modification(s) Explore alternate options
5. Gartner visit September 2, 2015 6. RFP Team meeting September 3, 2015 7. RFP - third party review