Chief Information Officers Council Chief Information Officers Council CIOC _2f91fc52-3883-403c-8e4a-ee2c4641dfd9 A Federal Government that strategically, efficiently and effectively uses IT to serve and protect our citizens. _74e8fa4e-62ef-4467-87c3-38319b4e9a4b To foster the collaboration of Federal Government Chief Information Officers (CIOs) in strengthening Government-wide IT management practices. _e8edc563-5636-48ed-a062-7dd0a0b27ac7 Continuous Improvement IT success is programs working better every year. High Performance Attracting and retaining a high performance IT workforce. Optimization Optimizing Federal Government information resources and investments. Alignment Aligning IT solutions with Federal enterprise business processes. Best Practices Adopting and sharing best IT management practices. Risk Management Managing risk for government information and services while ensuring privacy and security. Workforce A cadre of highly capable IT professionals with the mission critical competencies needed to meet agency goals. _42074909-ca4f-44f3-a36c-19b72ccb6853 1 The IT Workforce Committee is government’s advocate for strategies to help develop and maintain an effective IT workforce. Its broad agenda encompasses the full employment life cycle: workforce planning, recruitment, retention, and career development. As the Federal government continues to streamline IT resources, resulting in more enterprise-wide programs, it must ensure that the IT workforce is well versed in areas such as IT project management, IT Security and Enterprise Architecture. It is for this reason that workforce planning is of critical importance. The complexity of the work environment, combined with the rapid pace of change amplifies the need for robust IT workforce planning. Our future workforce will be more diverse than at in any time in history. Agencies must recognize generational issues when focusing on recruitment and retention. IT Workforce Committee members represent nearly every Federal agency, and work in partnership with OPM, OMB, GSA, the Chief Human Capital Officers Council, academia, and many private sector organizations in the IT industry. These partnerships enhance IT product and service delivery by developing, communicating and implementing strategies to recruit, retain and manage a fully trained and qualified IT workforce, to meet current and future mission requirements. MAJOR ACTIVITIES: Conduct Federal-wide IT Workforce Capability Assessment (ITWCA) Survey. This online survey is designed to collect information regarding the types of work that Federal IT employees carry out to inform agency workforce planning. The survey allows agencies to capture the “supply” of IT workforce capabilities, including proficiency in a set of IT-related competencies and skills, the percentage of the workforce possessing certain IT-related certification areas, the amount of time spent on selected specialized job activities, and a demographic profile of the IT workforce. Analyze Government-wide results of IT Workforce Capability Assessment. The Federal CIO Council developed the Survey and a Capability Planning and Analysis Tool (CPAT) for Federal agencies to identify a “demand” model of capabilities needed to support their IT mission. A Federal-wide analysis is conducted to present a comprehensive picture of strengths and gaps. Individual agencies can compare their agency capabilities against Federal-wide capabilities. This tool also allows agencies to compare the current capabilities of its IT workforce to its desired target capabilities, and to identify specific competency and skill gaps. Strengthen the utilization of the IT roadmap. Activities over the next several years include refreshing the content of the roadmap to align with changing job activities and competencies, reviewing and enhancing privacy and security related controls, and facilitating access and use of the tool. Develop and institute changes to GS-2210 titling. The ability to identify and target specialties in the dynamic field of IT is essential to workforce planning and successful recruiting. The Council is working with the Office of Personnel Management to update and add critical specialty titles. Issue updated Clinger-Cohen Core Competencies. Core universal knowledge requirements have been identified for IT staff across the Federal Government. The Competencies are updated biennially and are used to define learning objectives for Federal educational institutions which support IT workforce development, including the Federal CIO University consortium, the National Defense University’s (NDU’s) Information Resources Management College and the USDA Graduate School. Expand strategic IT recruitment and workforce planning activities to include examination of multi-generational influences and opportunities. In FY 2008 the Federal CIO Council began to identify trends and leading initiatives associated with attracting and retaining the internet-savvy “Net-Generation.” The Council will continue to promote Federal IT careers by working closely with the National Science Foundation to facilitate use of the Scholarship for Service Program to place qualified information assurance students and graduates in agency summer and permanent positions. The Council will also continue with student outreach efforts such as career fairs and its annual IT Job Shadow Day, a cooperative venture in conjunction with Junior Achievement and the Association For Federal Information Resources Management (AFFIRM). Conduct IT Forums. Since April 2005, over 3,275 federal IT workers and their colleagues have attended forums that focus on “hot” topics in Information Technology. The goal of the IT Forums is to provide education on key issues to increase competency in mission critical work. In addition, the sessions allow networking and information-sharing to promote best practices. These forums are normally held quarterly, and information about them is available at: Continue to work with OPM and participating agencies to encourage IT Exchange Program. This program allows for temporary details (3 months to 1 year) of civilian IT employees to the private sector or for temporary details of private sector employees to agency positions. Interested agencies are currently developing ITEP agency plans and programs in order to implement IT exchanges. KEY PERFORMANCE INDICATORS: 50% of agencies actively using the Capability Planning & Analysis Tool for IT workforce planning in support of the President’s Management Agenda. 75% of agencies sending participants to IT Quarterly Forums and Federal IT Summits; and programs are evaluated as good to excellent by 90% of agency participants. 10% increase in the number of agencies participating in the scholarship for Service Job Fair each year. SU CCESS STORY: Developing the strategies and actions to recruit, develop, and maintain a best-in-class professional IT workforce has been a Federal CIO Council priority since the establishment of the Council. Workforce issues are real, compelling, and rank consistently at the top of CIO critical issues lists. Initiatives supported by the Council target both today’s employees and tomorrow’s leaders. In years past, IT workforce planning was an afterthought, now it is a targeted approach. The CIO Council established the IT Workforce Capability Assessment (ITWCA) Survey in 2003 with the goal of identifying IT employees, assessing existing skill gaps and determining agency IT bench strength across the Federal Government. This was the first time that a specific section of the Federal civilian workforce was analyzed in such detail. Significant economies of scale have been achieved by the use of one survey and gap analysis tool for all agencies. The utility to agencies is evident in the continual improvement in survey response rates: 26% in 2003, 28% in 2004, and 40% in 2006. The Survey and resulting data have informed the Title 40 IT workforce management obligations and activities originally conveyed upon Chief Information Officers through the Clinger-Cohen Act, as well as the IT workforce assessment requirements levied by the E-Government Act. Periodic workforce assessment has been recognized as a promising federal practice and the ITWCA is serving as the basis for the new Federal Competency Assessment Tool, which will be used to measure human capital competencies across the Federal Government. Both the National Defense University’s Information Resources Management College and the Federal CIO University consortium have built highly successful, graduate level education programs based upon knowledge requirements contained in the Federal CIO Council’s Clinger-Cohen Core Competencies for IT managers and their staffs. Since these programs’ inception, over 2,600 individuals from government, military, private industry and coalition partner organizations have earned CIO certificates. Graduates of the programs have an understanding of relevant laws and regulations, existing and emerging technologies, as well as project management, information security, enterprise architecture and E-Government requirements. The Federal IT Summits have been very successful. This free, annual one-day training event provides Federal IT workers at all levels the opportunity to discuss topical government IT issues with recognized Federal Government experts. A highlight of these Summits is the capability to dialogue with Clay Johnson, OMB’s Deputy Director for Management, and Karen Evans, OMB’s Administrator of E-Government and Information Technology, regarding the strategic direction of Federal IT management. Powerful sessions like these help to build a sense of community among Federal IT workers. The 2006 IT Summit was quickly filled with 500 registrants, and the 2007 IT Summit had 700 registrants in only three days. Part of this program’s success is due to the careful selection of speakers that are fully vetted with CIO Council Leadership. Ninety-five percent of attendees reported that they “learned something at the IT Summit that will help them do their jobs.” The Council is also reaching out to tomorrow’s IT leaders through its co-sponsored Federal IT Job Shadow Day program with Junior Achievement and AFFIRM. Working with high schools throughout the metropolitan Washington area, Federal agencies are providing a day’s view on the many missions within the Federal Government and how information technology is used to provide an extensive array of services to the American public. Based on a successful 2007 Shadow Day, more agencies, high schools and students will all participate in the 2008 event. The goal is to continue to build upon this initial outreach program as part our recruitment strategies for the Net-Generation. Recruitment and Retraining Identify and explore strategies and tools needed to recruit and retain the next generation of IT workforce members. _5a4fe04b-af88-47c8-a981-7699e435a347 1.1 e5be3a31-886c-4a29-9012-bf6018150788 9f817c10-59db-4c05-92ad-b55004967bdc Requirements Assessment Improve IT workforce identification, assessment and reporting capabilities to support agency requirements and to respond to overall Federal IT workforce trends. _490f72cf-9938-4c4d-8d40-f0c15bcd6589 1.2 b3e67aca-063d-44c8-b7c2-5fa5cc367219 4b986024-191a-45dd-be2f-80685bb41cd6 Professional Development Ensure that robust Federal IT professional development programs are offered that reflect current initiatives and the Federal Government’s strategic direction. _a8bfcc04-36ad-4ef9-abf2-f7c3cfe814fe 1.3 b18a69d1-4719-492f-8997-1603eb2c243d 7fa6b3d1-09e7-48a3-a1f1-2edaf2a29322 Project Management Identify opportunities to strengthen and leverage IT project management skills in the Federal Government. _bbab9e0d-c73f-414a-b65c-6460302c9f7c 1.4 2d4edfda-9e09-4d43-90a1-0252b4491844 25e59217-2351-4a18-9821-a58f87750cb7 Information Relevant information securely, rapidly, and reliably delivered to our stakeholders. _f6252a17-8b41-451f-8118-d6c1064057b1 2 Information is an asset used by the public to comprehend the myriad activities performed by the Federal Government. It is also an internal asset to be leveraged across the single, unified enterprise to improve processes, support decision-making, document agency activities, and enable accurate reporting. The effective functioning of our constitutional democracy depends upon the participation in public life of a well-informed citizenry, thus information must be readily available to them, and information must be shared among agencies as well, in order to maximize the effectiveness of business decision-making throughout the Federal Government and beyond to external partners. The Federal CIO Council supports timely and equitable delivery of Government information and services transcending organizational and geographic barriers. MAJOR ACTIVITIES: Provide updates to the FEA Data Reference Model (DRM) and establish DRM implementation strategies, best practices, and success stories. The purpose of these activities is to contribute to the usability of the DRM by maintaining an effective process for modifying the DRM and sharing strategies for success. Establish an authoritative knowledge center for Federal data issues and opportunities. Given the need for data-sharing in the Federal Government, a resource for Government employees to access relevant data information will be developed. Pilot DRM in the Financial Line of Business and Document Lessons Learned. KEYPERFORMANCE INDICATORS: All agencies begin to document their architectures in conformance with DRM 2.0. All of the e-Government and Lines of Business project management offices have fully documented their data architectures in alignment with the abstract model in DRM 2.0. Agencies begin to use DRM to fulfill obligations of the e-Gov act sub-section 207(d) to make agency information readily available to the citizens. SUCCESS STORY: Extensive research was conducted by the Knowledge Management (KM) Working Group of the Federal CIO Council in 2005 and 2006 to determine the status of the implementation of KM practices in U.S. Federal agencies. The research determined the factors that influence the success of KM practices within Federal agencies - e.g., the size of the agency, whether the agency is a Cabinet-level department or an independent agency, the longevity of established KM Practices in the agency, whether or not the agency had adopted an effective KM policy or strategy, and whether the primary responsibility for KM practices was directed by a Chief Knowledge Officer or KM unit (as opposed to another type of functional unit in the agency, such as Information Technology or Human Resources). The results of the research will be used over the next several years for a number of purposes including: serving as a source of best practices and opportunities for improvement in KM practices; serving as a basis for identifying knowledge, skill, and competency gaps, with a view to developing a comprehensive KM blueprint for the Federal sector; serving as a basis for demonstrating the relationships between effective KM practices and improved individual and organizational performance; and serving as a basis for follow-on and spin-off research projects. Policies and Practices Develop policies and promulgate best practices to improve the integrity, delivery and usability of Federal Government information. _95046752-503b-4c20-8e76-e6e52c12b575 2.1 a311580e-ce12-4d5e-88ce-2d5fcb6f46c4 84a60a42-8b65-40fd-86e3-7809ee3c2f90 Framework Implement the Data Reference Model (DRM) as a common framework for managing and sharing information across the Federal Government. _765d8b9c-beea-43e0-bf0b-60be3676eef4 2.2 54a33378-b412-41c9-83b7-54ef10c9033b ae78a2c4-d06e-4a22-b30b-fa1a0860bfa7 Knowledge Management Establish and communicate best practices to improve the management of knowledge and the use of knowledge-based solutions in providing Government products and services to the public. _5e75b82e-d9f9-4386-9fe3-d8abcabfa55d 2.3 f60b7a92-c836-43b0-89aa-4812f9a9043a f719c115-0de8-49cd-83d6-28a39cf89984 Data Implement DRM by reliably delivering data. _478fa1e0-2849-4f0f-81ee-08421b8c49e2 2.4 4dbb664f-40bd-4864-9754-bba7ad5bc909 b0980d4f-a61c-4616-91d6-22f59ae4f96f Interoperability Interoperable IT solutions identified and used efficiently and effectively across the Federal Government. _4d1e5ffa-1e4c-4dd1-98ec-ee523704d897 3 In accordance with the eGovernment component of the President’s Management Agenda (PMA), the CIOC will champion the Lines of Business (LoB) initiatives to identify and consolidate functions performed widely and with little differentiation across many, if not all agencies. Target business processes are being developed through a collaborative approach and implemented through shared solutions, enabling standardization throughout the Federal Government. Reducing the number of redundant systems decreases both cost and risk, while reducing distractions from the performance of agency core missions. Competitive selection among public and private service providers will leverage economies of scale, reduce costs, and increase the quality and consistency of service. Programs like SmartBUY will allow agencies to acquire software under better terms and at lower prices. Such programs will encourage and enable service providers competing to support the Federal government to propose the best service and most innovative solutions at the lowest cost. To carry out its objectives, the CIOC works in close cooperation with OMB, GSA, and other organizations such as the Interagency Management Council for Federal Telecommunications, Federal Chief Acquisition Officers Council, and Federal Chief Financial Officers Council. These partnerships enhance our ability to optimize our investment in IT to enable more efficient and effective Government service to our citizens. MAJOR ACTI VITIES: Facilitate the development of collaborative management processes and best practices for e-Gov shared services. Continue to implement and refine the life-cycle management process and website (ET-gov) to enable the identification and discovery of emerging technology components and specifications, via full-text searching as well as mappings to the FEA Service Component Reference Model (SRM) and Technical Reference Model (TRM). Encourage and assist agencies, LoBs, and e-Gov project managers to use the Federal Transition Framework (FTF) Catalog to identify and incorporate shared solutions into their architectural plans and IT acquisitions. Offer training and awareness through CIO Bootcamps, best practices, forums, and other council meetings. KEYPERFORMANCE INDICATORS: 50% of agencies with OMB EA assessment ratings of 4.0 or higher. 100% of e-Gov and LoB solutions implemented by agencies targeted to partner in the use of those solutions. Number of IT solutions, components, services, and specifications identified and demonstrated to be reusable across multiple agencies, programs, eGov projects, and LoBs. Percentage of shared solutions used by agencies in relation to the number of lines of business in which each agency is engaged and amounts of money they spend on IT. Annual growth rate of spending by agencies on IT products and services in relation to the number of functions they are required to perform and the volumes of records they must compile and maintain. SUCCESS STORY: Early in 2003 the co-chairs of the Architecture and Infrastructure Committee (AIC), tasked the Emerging Technology (ET) Subcommittee to assist in responding to paragraph 3602(f)(4) of P.L. 107-347, the Electronic Government Act of 2002 (e-Gov Act), which requires the Administrator of the Office of Electronic Government to: “Promote innovative uses of information technology by agencies, particularly initiatives involving multiagency collaboration, through support of pilot projects, research, experimentation, and the use of innovative technologies.” One co-chair explained that a process was needed whereby the emerging technology life-cycle could be more efficiently and effectively managed on a Government-wide basis. The other stated the problem more colloquially when he said, “Look guys, we can’t deal with all of the vendors coming at us with intergalactic solutions.” The ET Subcommittee deliberated on how best to address the task, and then outlined a logical eight stage process. With volunteer development support, an ET-gov prototype (Stage 1) was demonstrated at the XML 2003 conference. Subsequently, the project was included as task 6 in the AIC’s FY 2005 spend plan. Funds that had been set aside were allocated to the project, and following a short development cycle, Stage 1 was unveiled at the GovCon05 conference in 29 March 2005. Through a substantial volunteer effort, Stage 1 of the site and process has now been operational for more than a year. More than 50 emerging technology components and specifications have been identified and communities of practice have formed around an increasing number of them. While few, if any of them might be considered to be “intergalactic” in nature, Government officials now have a Web site and a process to which to refer vendors offering innovative information technology products and services. The site is a step toward fostering multi-agency collaboration, pilot projects, experimentation, and use, as required by the e-Gov Act. In turn, vendors can use the process to map their products and services to the FEA Service Component Reference Model (SRM) and Technical Reference Model (TRM). In addition, anyone can use the process to propose additions to the SRM and TRM. The IPv6 Work Group plans to refer vendors to the site. As others begin to do likewise, the ET-gov site and process will become an increasingly valuable shared service benefiting the entire Federal enterprise. FEA/Budget Integration Integrate the FEA into the Federal budget process as a tool for evaluating IT investments to identify redundancies and opportunities for shared solutions. _3ae75ed4-8840-4fa4-9c7f-e56049f29149 3.1 b568b24d-7f26-4759-bbe4-6f9cbae299b3 86ffcbca-d032-4354-9bc6-d2e83b94fc40 SmartBUY Implement the SmartBUY project plan. _ee23f699-42ac-4a3d-90f1-06a3e1492e75 3.2 c97d0fc8-9acc-45da-add7-ddcb20b880c0 06465b4f-5721-4660-89c4-1c298702e6da Shared Services Collaborate with the LoBs to identify and establish shared service providers for select crossagency business processes. _cbd559d4-e9e4-4053-b1d5-36f66a9585a1 3.3 3b1575bc-82be-44a8-a93d-9ab6946f6e0e 5cbd28ff-c495-46d1-820a-077e7feb99c0 e-Gov Solutions Accelerate the use of e-Gov solutions across all departments / agencies. _f71d4d04-7b99-4d36-8e89-583bf3c53e5f 3.4 48145f8f-2be2-4735-888b-611de1d00b3a 5c24d78d-c239-4028-addc-d2421937a9e4 Service-Oriented Design Adopt service-oriented design allowing integration of standard business service components across the Federal Government. _b32a523c-5120-48b3-b371-1dda40e11dbc 3.5 893c6775-afdd-44b7-8831-6c7e9b6393c2 a96407a5-3481-4a69-8940-2dcc44e6a955 Standards-Based Best Practices Encourage the adoption of standards-based best practices across government. _8619829d-a8b8-4989-8625-f67a2ddc8c8d 3.6 0b394744-50c6-4515-a9e4-1e3ed407db37 9baa111a-fb4a-4820-821d-288d07e398c3 Inherently Governmental Processes Incorporate best practices into the inherently governmental processes to be developed and deployed by agencies, LoBs, and e-Gov projects. _de3d9a9a-8403-4d2e-be3f-f285bec39121 3.7 c629d6df-7c1f-4a80-871d-2e772799b9f9 4e0cb8a6-6984-49b4-b326-735211b92cbd Forums, Bootcamps, Website, and Collaboration Tools Provide the government’s IT leaders with the knowledge and skills they need through best practices forums, CIO Bootcamps and an effective website and collaboration tool. _b7acd529-19c0-4fc8-b516-ef510b182e14 3.8 b8bd6801-70bd-400b-b2d0-2594c79f6940 419edbdf-7de8-4193-8821-14ad94af3af5 Emerging Technologies Continue to develop more efficient and effective methods for sharing information on emerging technologies. _b58008e4-ad42-4594-9fca-86e562dd28e2 3.9 e0cfea21-6999-4562-9083-642ca8ddad86 f6c013da-aa94-47cc-95b4-6550213eb6de Infrastructure An integrated, accessible Federal infrastructure enabling interoperability across Federal Government 2.0 (Gov 2.0) that uses new and emerging collaborative technologies to enable more streamlined information exchange with key external and internal stakeholders, in particular the American Public. _807ee71e-e7a8-49d1-9026-0293918b1237 4 The Best Practices Committee’s mission is to make Goal 4 work: to identify and advocate for the use of innovative collaboration and communication technologies in government. The areas of privacy, accessibility and security bring challenges to Information management in the Federal Government not necessarily faced in the private sector. The Best Practices Committee will keep these areas in mind and focus on the improvements in productivity and ease of citizen access that these technologies will enable. In addition to it’s leadership role in advocating new collaborative technologies, the Committee will provide executive level training for key players in the Federal Information Technology (IT) Community, the Chief Information Officers. The Committee serves an important role in educating new and established CIOs on their roles and responsibilities by conducting semi-annual CIO Boot Camps. MAJOR ACTIVITIES: Develop a Government 2.0 Plan of Action and Milestones. The vision for moving Government 2.0 forward in the Federal Government will include the ability to articulate and demonstrate how Government 2.0 technology enables successful mission execution through processes and procedures. Timeline: 2008-2011 and beyond. Promote the importance of Section 508 compliance to the Federal IT Community, with particular emphasis on Government 2.0 technologies - ensuring that persons with disabilities have equal access the information presented by these tools. Section 508 requires that Federal agencies’ electronic and information technology is accessible to people with disabilities. In addition, promote this important topic, through existing forums, by identifying and leveraging promising practices in this area. Timeline: 2008-2011 and beyond. Develop a U.S. Government lifecycle acquisition processes and guidance. This includes the development and implementation of policy guidance, expertise, security standards, and best practices to manage security risk to U.S. Government networks associated with a global supply chain (e.g. network configuration guidance, commercial offshore outsourcing security standard, service level agreement requirements for remote network maintenance by commercial vendors, etc.), for use by federal systems security and procurement personnel. Timeline: 2008-2010. Encourage Federal Advisory Committee Act (FACA) training throughout the Federal CIO Community. Especially in today’s complex environment, with a mixed workforce (active duty military, civil servants, and contractors), it is important to ensure the Federal CIO’s receive this information. FACA applies to groups that provide advice to the federal government. Timeline: 2008-2011 and beyond. Conduct CIO Boot camps. The target audience for the Boot Camps is Federal CIOs and Deputy CIOs who have been in their jobs less than one year or who have not attended a prior boot camp. As another tool in the CIO’s toolbox, this educational opportunity allows them to receive the latest information on issues that will likely face them while performing their duties as a CIO. Topics presented during the bootcamps include strategic planning, information technology / information resource management workforce planning, capital planning, investment management, and enterprise architecture. Timeline: 2008-2011 and beyond. Offer Federal CIO field trip opportunities annually in order to search the private sector for promising commercial technologies. Timeline: 2008-2011 and beyond. KEY PERFORMANCE INDICATORS: Increase the percentage of agencies actively using the capabilities of Government 2.0. Recognize key players in Government 2.0 via a special CIO Council awards ceremony each year. Increase the percentage of the number of agencies participating in the CIO Boot Camp. Offer FACA training annually. SUCCESS STORY: The Architecture and Infrastructure Committee (AIC), in conjunction with OMB, created the Federal Enterprise Architecture Security and Privacy Profile v2.0 (FEA SPP). The purpose of the FEA SPP is to provide agency decision makers with a scalable and repeatable methodology for addressing information security and privacy from a business enterprise perspective. To develop the FEA SPP, the AIC formed a cross-agency team to update the goals and process for augmenting the FEA SPP. The process developed by the FEA SPP team to expand on the FEA SPP documentation was a ground-breaking and innovative approach that allowed multiple disparate groups to collaborate and create a more effective guidance document. The FEA SPP team linked system and program-level security and privacy activities to agency architectures through the FEA reference models, providing agencies with a methodology for managing security and privacy issues according to the business-focused enterprise viewpoint. The FEA SPP was field tested through validation exercises at the Department of Housing and Urban Development and the Department of Justice. During these exercises, senior cross-functional teams applied and reviewed the FEA SPP methodology to ensure its usability and applicability. Through the validation process, the FEA SPP team identified best practices and developed recommendations designed to promote the successful incorporation of security and privacy into an organization’s enterprise architecture. The validation process also helped to ensure appropriate consideration of security and privacy requirements in agencies’ strategic planning and investment decision processes. The process used to validate the FEA SPP benefited validating agencies by providing them with an opportunity to explore relationships between security processes and enterprise resources within their agencies. In addition, this process allowed for the thorough testing of the FEA SPP model before applying it to a wider audience. The execution of this process provided an exemplary method for testing and validating best practices and recommended techniques for incorporating security and privacy activities into an organization’s enterprise architecture. The validation process used to develop the FEA SPP will ultimately lead to the widespread acceptance of information security best practices because the process allowed for transparent decision-making and a clear understanding of the application of the proposed methodology. The FEA SPP provides agencies with a tool to facilitate the incorporation of security and privacy activities within their architectures. The FEA SPP is designed to assist organizations in understanding security and privacy requirements, their ability to meet those requirements, and the business risks associated with failures to meet security requirements. In addition, the FEA SPP will help program executives select the best solutions for meeting requirements and improving current capabilities, and improves agencies’ processes for incorporating privacy and security into major investments by selecting solutions most in keeping with enterprise needs. It is expected that through the implementation of the FEA SPP, federal agencies’ security and privacy programs will see an improvement in their effectiveness by applying proven methodology to advance agency security and privacy. The FEA SPP exemplifies one of the many successes of the AIC by demonstrating the value of a sound process for developing a methodology that will be applied across the Federal government and by providing a repeatable methodology for addressing information security that will help to improve the business of Federal agencies. Puget Sound Information Challenge - Gov 2.0 in Ac tion! In November 2007, the theme of EPA’s National Environmental Information Symposium in St. Louis, Missouri, was “Getting It Right: Access to Environmental Information.” As an innovative learning experience, Assistant Administrator of the Office of Environmental Information (OEI) Molly O’Neill joined with former EPA Administrator Bill Ruckelshaus (currently the Chairman of the Puget Sound Leadership Council), to present a practical challenge to the over 600 attendees. Instead of just panel presentations or demonstrations of technology that featured ways to access information, the attendees were challenged to collaborate (real time) in providing data, analytical tools, and strategies to support the mission of a healthy Puget Sound in Washington State. Furthermore, this collaboration would not use the traditional work groups and break-out sessions on which conferences typically rely. It would occur via the internet, using the same technology that produced the publiclysourced encyclopedia, Wikipedia. The challenge operated at two levels. First, it was to provide Bill Ruckelshaus with what he asked for: sound scientific data about the region, tools that the Partnership might use to plan their action agenda and analyze information and ideas for how to involve Puget Sound citizenry. But second, it was a test of so-called “Web 2.0” technologies for speeding the pace of collaboration and improving its outputs. It was an experiment about means as well as ends. The challenge was to mirror, in a small way, the problems of full-scale regional environmental management. How can we marshal the best scientific data available? How can we achieve consensus about plans and objectives? And how can we effectively engage the public in such complex, science-driven problemsolving? In the Symposium exhibit hall, EPA had already set up a “mash-up camp” where every hour people could learn how to mashup different data sets. This quickly became the Puget Sound Information Challenge Wiki Central. People immediately began to submit a continuous stream of data, ideas, and links. Their participation was on their “own “time; the Agenda Symposium was packed with other activities. Small groups spontaneously formed and began collaborating. National Librarians were culling data from library sources; working with search companies to harvest Puget Sound documents from EPA’s online Libraries. Special searches were set up to continually harvested the web for relevant data. Global Earth Observation data from NASA and NOAA was interpreted by university scientists and posted. Others volunteered to organize and tag the data on the site. A few worked into late into the night to build real applications. The interesting thing was how many hits the wiki was getting through social networking. People attending the conference had forwarded an email they received from Molly O’Neill and that email continued to be forwarded. A blogger from Germany even weighed in. In a 36 hour period, the wiki site had over 17,000 page views and 175 separate worthwhile contributions. An added benefit was that EPA was able to see which of its data assets could be quickly accessed over the web to work on a problem in a particular place. Web 2.0 tools have tremendous potential to help geographically-based efforts achieve their goals. The Puget Sound Leadership Council is now considering the use of Web 2.0 technologies to work with the public and to align plans and activities among different levels of government and their numerous stakeholders. The usefulness of Web 2.0 interaction with stakeholders has become self-evident over the past several years. The Puget Sound Information Challenge only adds to the weight of evidence that internet-based collaboration, in all public arenas, will be a fact of life for the foreseeable future. The challenge is to adapt these tools to public policy development. The government sector is just beginning the adoption process and policy issues such as privacy, security and official records are still evolving. This is a new application, with exciting potential. And for EPA, the Puget Sound Information Challenge was an interesting start. Knowledge Management Best Practic e: “Communities @ State.” U.S. Department of State, Bureau of Information Resource Management. Started in 2005, the Communities @ State program enables American diplomats in Washington and abroad to form and manage online communities that focus on shared interests, from foreign policy issues to professional tasks. The program helps State employees bridge the gaps caused by a highly mobile, highly dispersed workforce assigned to more than two dozen strategic business units domestically (primarily bureaus that cover specific regions or foreign policy subjects) and more than 260 offices and missions abroad. Community members can easily and quickly post their information, suggestions, questions, images, and documents to their community sites. Anyone at State – and for most communities, anyone in the U.S. Government – can add and comment on the content in the site. The communities use Movable Type, a centrally hosted, lightweight, commercial, off-the-shelf web application. The online communities are recognized as a key part of the Department’s knowledge management effort and, as such, are the responsibility of the Deputy Chief Information Officer. The IRM Bureau’s Office of eDiplomacy administers the program, providing technical and business consulting support to the administrators of the site. Most administrators are non-technical diplomatic professionals and locally employed staff in State Department bureaus and overseas posts. In 2007, the American Productivity and Quality Center in Houston, TX, recognized State as a “Best Practice Partner” for the Communities @ State and other innovative knowledge management approaches that use evolving information technology. eDiplomacy began the C@S Program in 2005 on the unclassified interagency network, Intelink-U. Intelink provided server space and an installation of Movable Type so that State could host community sites that would be available to the entire USG community. eDiplomacy worked to modernize State’s internal regulations to make it clear that this type of community blogging is a valuable and approved activity. During this time, several more communities joined the program on Intelink-U, and in 2006, C@S expanded to State’s OpenNet network. In 2007, Communities @ State expanded yet again, this time to the classified interagency network, SIPRNet. At present, there are 42 communities in the program. Thirty-one of these are on the interagency network Intelink-U, 10 are on State’s unclassified OpenNet, and one is on the classified SIPRNet. To date, these communities have a combined 10,559 entries and 1,758 comments. Since eDiplomacy began collecting formal metrics on these sites in September 2007, Communities @ State has tallied over 41,000 visits and 100,000 page views. eDiplomacy makes these statistics available to office management on a weekly basis and to site administrators every month. Communities tend to fall under at least one of three categories: office- or bureau-based communities, topic areas, or professional dialogues. PD in Europe, a bureau- and professional-based community, allows public diplomacy staff from more than 40 European posts to share their best practices. Another highly successful bureau-based, inter-mission community focuses more on a particular topic than any one profession: The North American Partnership, a community of staff in the U.S.’s large diplomatic missions in Canada and Mexico, provides forum to discuss common homeland security, commercial, economic and environmental issues. One of the newest communities in the program spans all three categories: Iran Watchers allows staff in the Near East & Asia bureau to report and discuss Iran-related issues at the classified level. These community sites give State and interagency colleagues, wherever they are stationed, access to knowledge resources and expertise that otherwise would be difficult or impossible to find. Government 2.0 Move Government 2.0 forward in the Federal Government by identifying and sharing examples of contemporary web technologies. _0919a1c6-8dfc-4868-acd2-b8aa413877f0 4.1 184d7e68-1c3a-4e62-ba74-d01891c96f0b d3d81a93-78ef-48ec-a3c4-4ab2e04fd879 Collaboration and Communication Technologies Facilitate Federal IT community dialogue on processes and procedures regarding implementing emerging collaboration and communication technologies. _f2f6c525-ff33-4120-ab41-d6f392c85803 4.2 d658b039-62d6-43eb-8a1b-bfd1be001826 55d292a0-d6b5-4eda-9d4d-4fd81a6daef1 Accessibility Promote the accessibility of the Federal Government’s electronic and information technologies by educating agencies about the technical and procurement requirements of Section 508 of the Rehabilitation Act. _d4506e1b-47eb-46cc-b1dd-139a05433232 4.3 9da5a857-7eec-4264-8ed2-3965739be2b2 616bda8e-6253-4565-a892-f45da955caa2 Educational Resources Provide educational resources for Federal CIOs and other IT executives. _17da3cb2-af36-4d46-8b19-7f15b50a42f2 4.4 e43d1cfc-7fbd-451b-8894-953d5b77db82 f675137b-5734-4cc8-961b-b228a5f90c58 2008-05-22 2009-09-30 2010-02-08 Arthur Colman ( Submit error.