Office of the Chief Information Officer, Department of Energy Office of the Chief Information Officer, Department of Energy DOE/CIO _9106fdb2-9942-4ff9-9d0f-ca5fbe2c0e93 DOE’s IT Vision is to enable improved DOE mission accomplishment through effective use of information technology, at lowest cost, while strengthening the protection of systems and data. _fb2b0c70-2661-49ed-97b5-b10a3f36fc92 a0f85929-eba8-4795-bdeb-39a96b35a431 Cyber Security Revitalize Cyber Security across the Department of Energy _957b0104-ba94-4182-b8b3-65b432370f54 1 The Department has taken significant steps to improve the current state of Cyber Security within the enterprise. The first step in this effort involved developing a plan for the revitalization of the Department’s cyber security program. This plan was signed by the Deputy Secretary on March 6, 2006, and establishes a federated approach to implementing cyber security where the Department’s Under Secretaries are responsible for the implementation of cyber security in their organizations under the leadership of the Department Chief Information Officer. The plan defines a comprehensive cyber security program to address long-standing, systemic weaknesses in protecting our information and information systems. Technical Management Requirements Develop Cyber Security Technical Management Requirements for Departmental Elements that set a baseline for securing the Department’s systems and data _0563fc1a-2238-408d-8475-330b66f185a0 1 DOE continues to implement the Department’s plan for the revitalization of cyber security. DOE is focusing on high-priority activities that will have a significant impact over the next fiscal year such as certification and accreditation. bdccb46b-d449-492c-988b-2308fc840151 1dff3980-c390-4064-b087-d6be15b6c4d2 FISMA Compliance Improve Compliance with FISMA _f8f6ad86-bc7c-4c4d-a0ab-5dd50b8a1360 2 The OCIO will continue to provide Department-wide cyber security guidance and outreach to promote a higher level understanding and acceptance of requirements and to assist Senior DOE Management in program implementation. e5ba0c12-21ee-467d-946a-25bc6a780451 0cc739fc-528f-43a6-905d-32cf8800b309 Asset Management System Deploy a Corporate Asset Management system to identify and mitigate vulnerability in information systems, and maintain an up to date inventory of IT assets _89eba690-9f97-415f-b673-c1c5663d1525 3 DOE continues to improve its situational awareness through continuous monitoring and incident management. CAM will provide near-real time inventory, identification of minimum configurations and system interconnection and boundaries. cb3ee86f-3032-4672-b04e-771c7e423509 76645922-656a-4d08-bee0-39a91a59d01c IT Use Use Information Technology to improve mission accomplishment, at lowest cost _c9584aa8-6180-412e-8aed-8b30453a8f28 2 The overarching mission of DOE is “discover the solutions to power and secure America’s future.” Within this context this IRM strategic goal becomes an enabler to achieving DOE’s mission. The Department will successfully realize this goal primarily through leveraging E-Government opportunities and by development of the Department E-Government Strategy. DOE’s E-Government Strategy directly supports the PMA, the Federal Lines of Business initiative, and the Department’s core mission requirements by evaluating and applying new information technologies and simplifying access to energy-related Government information and services. The goal is to adhere to the three basic principles established by the PMA: 1. To be Citizen-centered, not bureaucracy or Agency-centered 2. To be Results-oriented, producing measurable improvements for citizens 3. To be Market-based, actively promoting innovation. Information Technology is also a key supporting element in accomplishing DOE goals. As such, it must be acquired, managed, and used in a way that maximizes its efficiency and effectiveness in supporting missions. To achieve this, the OCIO has established an IT governance structure and process that enables improved mission accomplishment at lowest cost, through the use of Information Technology. This governance structure includes a Departmental IT capital planning and investment control process, EA program, IT project and asset management processes, and IT acquisition framework to achieve efficiency. Continuous Improvement Create an environment that enables the Department to use technology to continuously improve its processes _598fa553-e6aa-4a1c-bad5-4c4e3c273908 1 DOE strives to use information technology as a key enabling mission service for clear and consistent information describing Department-wide IT policy objectives and cross-Departmental initiatives, such as mission program focus, E-Government and Line of Business (LoB) initiatives. cb18ec18-55a9-4b4f-824a-846516187581 83f9f597-0da4-4a2a-948d-110a1b5f4cee eGov Initiatives Support the President’s E-Government initiatives _93c14170-d72c-40c1-8451-8bfdd0649fcb 2 DOE continues to support the President’s E-Government Initiatives. DOE is an active participant in 19 of 24 of these initiatives and is involved in the six Federal Lines of Business initiatives. DOE is developing an enterprise IT acquisition framework that will govern Department IT acquisitions in accordance with the government-wide SmartBUY program. DOE recognizes that active partnership in these important government-wide initiatives will result in government cost reductions, improved services to citizens, business-process and technology standardization, and elimination of duplicative systems. Through the LoB initiatives, partner agencies will use EA based principles and best practices, proven through the E-Government initiatives and Federal Enterprise Architecture (FEA), to implement common solutions. The standardization and consolidation of each agency’s systems will decrease redundancy while driving cost savings through reduced full-time equivalent (FTE) requirements, system development and operation cost reductions, and process standardization. The end result of the LoB efforts will be to save taxpayer dollars, reduce administrative burdens, and significantly improve information management services across the government. fc0e10bf-e012-49de-a847-44b594dd4895 ab638688-ef33-430c-a7a3-5773ae90eeb2 Efficient Organization and Licensing Agreements Implement the Most Efficient Organization and create Enterprise Licensing Agreements to consolidate services and save the Department and taxpayer money _9d0d2c5a-32c0-4645-a317-96a1defaf4e6 3 DOE continues to experience significant success with its internal E-Government initiatives. In a continual effort to become more effective and efficient, the Department has integrated E-Government efforts with the Department’s EA effort. The EA program will institutionalize semi-annual strategic portfolio reviews to ensure that the Department’s information technology investments are in line with its strategic goals and missions. As part of an overall IT acquisition framework, DOE seeks to leverage cost efficiencies achievable through consolidation of like requirements and by leveraging economies of scale from enterprise-wide licensing agreements. Department-wide acquisition for widely used commercial software across the enterprise, otherwise known as enterprise licensing, consolidates IT Commercial Off the Shelf (COTS) software contracts. Integrating and building on existing capabilities within the Department, the Enterprise License Agreement (ELA) program will allow the Department to develop and enforce policies and procedures supporting the identification, acquisition, oversight and compliance of enterprise software agreements. The ELA program supports and complies with the Energy-Wide Strategic Sourcing (EWSS) program, Federal SmartBUY initiative, Clinger-Cohen, PMA, and other legislative and DOE policies. DOE achieves contract administration efficiencies by reducing multiple contracts to one. DOE negotiates a better price by leveraging the Department's total buying power thereby reducing total cost of ownership and cost for each individual user. By implementing these buying practices, acquisitions and support costs will be reduced, leading to the increase use of standards-compliant software. 4fa02c47-c3d2-4962-8101-bcdd7846f886 c7b9bc11-9830-4487-b82d-85cd10dc1c18 EA and CPIC Develop and maintain an Enterprise Architecture and Capital Planning process that allows the Department’s Senior Leaders to make informed decisions when managing Information Technology _8d3921a7-4e68-4674-9aea-401d9cfdce14 4 The Department views CPIC and IT portfolio management as a key tool in ensuring IT funding has the maximum impact on DOE mission accomplishment. Implementing a comprehensive CPIC process ensures that the Department’s portfolio of IT investments fully address DOE's business needs and strategies. A strong portfolio management will also allow DOE to achieve the expected benefits in accordance with accurate and complete cost, schedule, technical, and performance baselines. Ensuring that DOE has the right mix of IT investments that those investments are delivering real results for mission support, and that the portfolio is regularly reviewed for currency will enable the OCIO to deliver maximum value to the DOE mission. Monitoring operational investment performance is as important to ensure success as selecting the right portfolio of projects or investments. Investments are monitored over time and resources are shifted to investments that perform best, keeping in mind the established investment rules and parameters with regard to risks and returns. DOE recognizes that effective IT portfolio-management practices result in significant savings of Departmental annual IT budgets, enhanced efficiency, and increased mission alignment. To date, the Department has made significant progress in enhancing the CPIC process through the use of scorecards at the investment portfolio level and at the Program level. In addition, improved linkages between IT investments and the annual budget process have been implemented in partnership with the Office of the CFO. To further leverage these accomplishments; DOE is continuing to review its CPIC processes in an effort to identify additional opportunities for improvement. The Department envisions a CPIC process that provides decision-making bodies with the appropriate information to ensure that optimal decisions are made with regard to the selection and maintenance of the Department’s IT portfolio. The architecture has been developed in a manner that allows each completed piece to build momentum for successive efforts, heralding architecture as a business transformation and IT modernization tool to garner support for the EA practice. DOE continues to develop and mature its EA through an updated Target EA, Plan of Action & Milestones (POA&M), Enterprise Performance Model (EPM), and EA Transition Plan (EATP). Additionally, the DOE EA extends to the core mission program areas through the integration of Cross Cutting Segment Architectures. These efforts strive to add value to the core mission areas and accelerate adoption of cross agency initiatives for shared services across common mission functions, such as Geospatial, Cyber Security and Supply Chain Management. These EA products serve as a framework for managing investments and developing recommendations for improving DOE’s IT investment portfolio across the enterprise. The Chief Architect chairs a Department-wide Architecture Review Board (ARB) to facilitate collaboration across the Department and to collectively define and pursue an EA direction that provides value to all stakeholders at the Department of Energy. 281b1c8d-49cd-410a-9554-750e6f70ae3b 6d6ab2fe-050c-44bf-94f0-4ef96f061ded Bright People Recruit, develop, and retain the best and brightest people for the Department’s Information Technology workforce while ensuring effective management of IT Projects to successfully maximize the government’s investment. _c221dc05-ca49-4c8a-9114-ee32bceacf22 5 DOE recognizes the strategic management challenge required to hire and retain a highly skilled IT workforce and is working to address the criticality of strengthening human capital as a driver for organizational effectiveness. The PMA has identified a specific human-capital initiative that is directed toward aligning a professional workforce in support of a Department’s mission, goals, and strategies. DOE has developed recruitment requirements to focus efforts on identifying qualified candidates who are easily able to adapt to changes brought about by new technologies. In addition, initiatives have been implemented that focus on maximizing employee performance by instituting development programs and enrichment opportunities that motivate and inspire employees. DOE has already made significant progress in the area of human capital with the implementation of the Corporate Human Resource Information System (CHRIS) and the integration of the DOE Jobs Online application process with the Office of Personnel Management’s USAJOBS website. DOE will continuously strive to maintain a high-performing workforce through enrichment opportunities, comprehensive training programs, leadership development, and an open culture that promotes the sharing of intellectual capital and demonstrates high standards of integrity for employees. Because of competitive sourcing and constantly emerging technologies, a workforce must be maintained that is both easily adaptable and highly skilled in mission critical competencies. Technology investments provide DOE with the necessary means to achieve its five strategic goals as well as those goals identified in the PMA. However, as with any type of investment, the success of IT investments requires thorough planning and effective management throughout the investment life cycle. Currently, the Department evaluates the business cases on their baseline goals each year to ensure that milestones and costs are accurately planned and documented. Subsequent to the evaluation of planned baseline goals, DOE has implemented a quarterly review process that evaluates investments on their ability to achieve the planned cost, schedule, and performance goals that were established in the business cases. This review process is facilitated by the OCIO, and the Department’s IT Council is responsible for the final investment evaluations each quarter. DOE will continue to mature its methodologies for ensuring effective IT project performance by implementing standardized processes for developing and evaluating baseline goals for investments, as well as enhancing the quarterly review process for assessing the achievement of those goals. This effort will provide more stringent reporting requirements and evaluation criteria to ensure that each Program Office is accurately reporting their baseline goals and performing regular reviews of their investments. 5f1bd2ff-e499-4764-83e2-d366484f2bac ea4218e3-c252-41ee-aa3a-cec57ab661f2 2006-10-01 2009-09-30 2010-02-08 http://cio.energy.gov/DOE_IRM_Strategic_Plan_FY07-09_Final.pdf Arthur Colman (www.drybridge.com) colman@drybridge.com Submit error.