Issue 4: April 25, 2006

• CIO Spotlight: Barry C. West, Federal Emergency Management Agency



• CIO Council Leadership Award winners: USA Services, Brett Bobley, John Lussier and John McManus



• CIO Council: HUD's Lisa Schlosser briefs Mexican CIOs on Enterprise Architecture



• The Buzz: ITAA Survey - CIOs on the Clinger-Cohen Act 10 years later



• Lines of Business: Government issues Requests for Information for the 3 new Line of Business initiatives



• State and Local: Interoperability is again the top priority for State Homeland Security Directors



• Cyber Security: The White House issues Federal Plan for Cyber Security and Information Assurance Research and Development



• Issue Alert: Homeland Security Presidential Directive 12 (HSPD-12)



• Kudos: 25 "2005 Doers, Dreamers and Drivers," 9 Local Government Public Technology Institute Awards



• Transitions: Changes in the IT Community



• Public Service Recognition Week: May 1-7



• Upcoming Events Calendar



• Comments: We welcome your feedback at dotgovbuzz@gsa.gov.

You could say the past year has been a "perfect storm" for Barry West, but then it's easy to overdo the weather metaphors. A former meteorologist with the Air Force and then CIO of the National Weather Service, he has heard a lot of them. But now, as CIO of the Federal Emergency Management Agency (FEMA), he has been in the eye of the storm-and tries to stay out of the path of a tornado-as the dark clouds of the coming hurricane season gather on the horizon.

A volunteer fire-fighter and medical technician in the '70s and '80s, and one-time Air Force Weather Specialist of the Year, he's ready for the challenge. "My background has definitely helped in my role as the FEMA CIO," he said. "I came here in 2003 with a good understanding of the significance and characteristics of major weather events-the issues and requirements, and could pull from my military background on strategies and solutions to attack the problem."

Severely tested in 2005, FEMA's information systems, their reliability and their interoperability with other government systems will be under particular scrutiny in 2006, as West and his team undertake several retooling initiatives and strategies to strengthen their capabilities.

"We are updating our infrastructure, installing new equipment and reconfiguring servers and databases so systems will be able to operate faster, with less internal replication, and more capacity," West said. "We have several very sophisticated geographical information systems that provide almost real-time data, updates and forecast models to help make informed strategic decisions during disaster events. And we can provide digitized maps immediately on request." FEMA also will provide a common platform to help State and local governments and other early responders exchange and report situational information during disasters.

Recognizing the need to make Federal assistance readily available to disaster victims, FEMA is doubling its capacity to help individuals in need of aid quickly and easily online and by phone. At its post-Katrina peak, FEMA registered over 100,000 people a day for support and assistance - 45% online and the rest by phone - for a total of 3 million individuals. It will soon be able to register 200,000 people a day. FEMA also boosted its call-center capacity, employing 10,000 phone-answering agents to help affected citizens around the clock. Traffic to FEMA's national emergency portal, www.DisasterHelp.gov, has increased significantly, too, to almost 134,000 visitors in February 2006, 75% more than in February 2005.

As the hurricane season opens in June, Barry West's attention will be focused on the weather, but the scope of his impact on Federal IT is much broader. He has worked with technology across the government: for the Census Bureau during the 1990 Census, with FirstGov.gov, the U.S. government's official Web portal, as deputy director of e-government in GSA, and leader of the government's early PKI efforts.

Now, in addition to being CIO of FEMA and an adjunct assistant professor in the graduate school at the University of Maryland University College, he is president of the nonprofit American Council for Technology (ACT). Its mission is to bring together government, industry and academia to improve the acquisition and use of IT resources in government.

"ACT provides a place where new technologies, strategies, lessons learned, ideas and solutions can be discussed, debated and examined across the technology industry (commercial and Federal)," he said. It "allows a free exchange of information, and concepts that can help improve the overall industry." As ACT president, West is also the U.S. representative to the International Council for IT in Government Administration (ICA), the major international organization of government IT officials.

From this perspective, he can see several issues that will confront government IT executives in the future.

"First, our workforce is becoming older; most are eligible to retire within the next 5 years," he said. "CIOs must develop strategies to develop the workforce so we have experienced and qualified staff to maintain momentum and ensure that long-term e-government goals are achieved.

"Second, security will always be a major concern. Identity theft, privacy, viruses, experienced and more stealthy cyber criminals will continue to be on the CIO's radar.

"Third is meeting citizens' expectations. Citizens are increasingly becoming more experienced with technology and expect delivery of government services in an expedited timeframe-fast, accurate, 24 by 7. Federal CIOs must be able to quickly incorporate solutions, implement projects, and provide service to meet this evolving expectation."

The fourth most urgent issue is interoperability and standards for interoperable communications across Federal, State and Local levels.

"The role of the CIO is becoming even more important, as technology touches every major process, service and major initiative in the Federal government," he said. "The Federal CIO will continue to play a bigger role in enterprise-wide strategic business initiatives. Federal CIO's are being consulted and included in strategy discussions in the beginning instead of at the end; they are being viewed as business and enterprise leaders."

His forecast for e-government is equally sunny. "In 10-15 years," he said, "we will see the majority of all citizens interacting with the Web to perform every task that we perform today using paper and pencil. By 2020, 90-95% of citizens will be going online to communicate with the government."

The USA Services presidential E-Gov initiative won the 2006 CIO Leadership Award for teamwork in developing its Citizen Services Cost Calculator to help agencies estimate contact center costs.

Individual CIO Leadership Awards went to: Brett Bobley, CIO, National Endowment for the Humanities and co-chair, Small Agency CIO Council; John Lussier, Director of Operations for the Department of the Navy's Office of the CIO; and John McManus, Deputy CIO and Chief Technology Officer, NASA.

Sponsored by the CIO Council, the awards were presented April 24 at the annual Interagency Resources Management Conference (IRMCO) in Williamsburg, VA.

The Citizen Services Cost Calculator helps agencies determine the costs of establishing and operating efficient and effective contact centers to handle telephone and e-mail requests for government information. It is contained in a software package available to all Federal agencies online at http://www.usaservices.gov/calculator.htm.

The calculator is designed to identify all the cost elements involved in running a call center or contact center and the approximate cost of each. It is especially helpful to agencies that are establishing contact centers for the first time. Its ability to run "what-if" scenarios allows agencies to explore options for adding services or for contracting out operations using the multiple-award FirstContact or another contract vehicle.

With input based on operational estimates, the calculator will compute workforce, hardware, software, telecommunications, and facilities costs. Initial and recurring cost calculations are based on certain assumptions and business rules developed by USA Services and its partners, the Centers for Medicare and Medicaid Services; the Departments of Commerce, Housing and Urban Development, Labor and the Interior; the Federal Trade Commission; Internal Revenue Service; Office of Personnel Management; U.S. Geological Survey; and the U.S. Mint; and the MITRE Corporation.

The Leadership Awards are given for "electronic government and information technology advancements that will have a major impact on the way government conducts business on a government-wide basis." Individuals are honored for their dedication and commitment to advancing and substantially improving the way government does business.

The awards were instituted in 2004 to ensure that IT innovations and achievements are recognized and maximized by government.

At the request of the Mexican government, Lisa Schlosser, CIO of the U.S. Department of Housing and Urban Development (HUD), briefed the Mexican CIO Council April 20 on the U.S. Enterprise Architecture program. Schlosser is co-chair of the U.S. CIO Council's Architecture and Infrastructure Committee.

"The audience loved her," said John Beed, Deputy Director, Agency for International Development (USAID) Mexico, which sponsored Schlosser's meeting with the group in Mexico City. "She took a complex subject and simplified it so it made sense to everyone.

"She also included a variety of tools for getting buy-in from program managers, like holding focus groups, developing feedback loops with front-line employees, fixing the low-hanging fruit, doing the little things that everyone appreciates while making the major changes. We did evaluations and they were all excellent and very relevant."

Schlosser spoke as one of a series of U.S. experts who are sharing their knowledge with the Mexican CIO Council under the auspices of USAID and an agreement between Karen Evans, OMB Administrator for E-Government and IT, and Mexican CIO Abraham Sotelo

John Sindelar, Acting Associate Administrator of the GSA Office of Governmentwide Policy, addressed the group in March, providing an overview of the U.S. CIO Council and the Lines of Business initiative. Tim Young, OMB Associate Administrator for E-Government and IT, is scheduled to meet with the Mexicans on May 19, to discuss the use of business cases to support e-government.

While in Mexico City, Schlosser also met with the Executive Committee of the Mexican Association of IT Industry Representatives. The industry representatives are preparing a white paper for Mexico's presidential candidates on a strategy for IT in the next administration, and "much appreciated their insights," according to USAID.

As the Clinger-Cohen Act of 1996 reached its 10th anniversary, the Information Technology Association of America (ITAA) found that current and former CIOs view the landmark legislation as "a very positive development for the Federal IT community."

In its 16th annual survey of Federal CIOs, ITAA interviewed 39 CIO/Information Resources Management officials representing 29 executive, judicial and legislative branch organizations. In addition, 16 former CIOs responded to a similar survey. The former CIOs are members of the Council for Excellence in Government's Chief Information Officers-Senior Advisors to Government Executives (CIO-SAGE) network.

The survey report, Looking Forward Looking Back, published by Grant Thornton LLP, summarized the CIOs' views on the key benefits of Clinger-Cohen, the key achievements of Federal CIOs during the past 10 years, and the challenges ahead.

The CIOs identified the following as the key benefits accruing from the Act:

• It established the framework for managing IT in the Federal government.
• It created and positioned the CIO in a senior leadership capacity in agencies; provided a seat at the senior leadership table for IT.
• It improved specific business processes associated with IT, and has resulted in better-defined and -justified investments that more clearly align to the mission.
• It repealed the Brooks Act, which established the IT acquisition and oversight environment before Clinger-Cohen.

Asked to identify areas where the objectives and intent of Clinger-Cohen were not yet being met, the CIOs noted their greatest concern was "the inability of CIOs and CIO organizations to execute" and a lack of effective project management.

The CIOs cited the following as their greatest achievements in recent years:

• IT security and privacy
• Maturing enterprise architecture
• Consolidating/modernizing IT infrastructure
• Improving President's Management Agenda scores
• Portfolio management and governance
• Data strategy/information sharing.

The overall conclusion of the report was that "modest progress is being achieved by the Federal CIO community both in delivering value to the constituencies they serve and in strengthening the CIO position…a fairly consistent finding over the past few years."

"We find the areas of greatest progress for the CIOs in improving IT management in their organizations tend to be in the areas emphasized by OMB through the President's Management Agenda," the report said. "All of the CIOs surveyed reported focusing attention, making progress and developing future plans to accomplish more for the initiatives that constitute the PMA."

The report projected a number of key initiatives that will be major challenges to CIOs:

• Completing the current phase of consolidation and modernization of IT infrastructure
• Consolidating and modernizing key management and mission application systems, consistent with architectural plans
• Using and making the Line of Business solutions work for common government functions
• Continuing to expand and solidify the CIO role in Federal organizations.

"If Federal CIOs are able to work with their peer executive counterparts across their agencies and effectively complete these initiatives, they will most certainly deliver great value to their respective organizations and further enhance the CIO role," the report concluded.

OMB and the GSA Office of Governmentwide Policy have issued Requests for Information (RFIs) for the three new Line of Business (LoB) initiatives-Geospatial, IT Infrastructure Optimization, and Budgeting, Formulation and Execution.

Best practices and other information gathered in this process will help the LoB taskforces build business cases to support these three cross-government consolidation initiatives. Since the RFI is directed toward those in the private sector with experience in these areas, Practitioners Day Forums were held April 18-19 for potential private-sector responders to ask questions of OMB and GSA. Responses to the RFIs are due to GSA on May 5.

The objectives of the three new LoBs established by OMB are:

• The Geospatial LoB will result in a more coordinated approach to producing, maintaining, and using geospatial data, and establish a collaborative model for geospatial-related activities and investments.
• The IT Infrastructure Optimization LoB will refine the opportunities to consolidate and optimize IT infrastructure and develop government-wide common solutions.
• The Budgeting, Formulation and Execution LoB focuses on building a "budget of the future," employing standards and technologies for electronic information exchange to link budget, execution, performance, and financial information throughout all phases of the annual budget formulation and execution cycle.

The LoB initiatives are a major focus of the President's Management Agenda's drive to expand e-government. OMB estimates they can save the Federal government billions of dollars by developing common business processes and systems for use across the government. They are created when OMB finds duplication in systems among Federal agencies and affirms the benefits of consolidating those functions.

The National Governors Association Center for Best Practices conducted its second annual survey of the 55 State and territorial homeland security directors during December 2005 and January 2006. Results were released in an issue brief published April 3.

Asked to identify the top homeland security priorities for their states, the 40 respondents cited interoperability, specifically "developing interoperable communications for first respondents." Interoperability was listed by 83%, making it the top priority for the second year in a row.

This year's list of priorities includes two new mentions-related to natural disasters and an influenza pandemic-and three other repeat categories. The topics mentioned most often as top priority were:

83% Developing interoperable communications for first responders

70% Developing a State intelligence fusion center**

70% Coordinating efforts of state and local agencies

55% Identifying and protecting critical infrastructure

43% Planning for a possible influenza pandemic

40% Improving preparedness for and response to, natural disasters

** Fusion centers are places where personnel and IT networks from state, local and Federal agencies are brought together in a single facility to develop joint intelligence. Several states have set up such centers and others are interested in doing so, according to the survey.

The survey also queried State homeland security directors about their relationships with Federal and local government partners, as well as with the private sector. Responses reveal challenges of dealing with the Federal government in the areas of funding, coordination with states prior to the implementation of policies, Federal interagency coordination and intelligence sharing. They also illustrate the growing importance of the private sector in State homeland security efforts.

The National Science and Technology Council (NSTC) in the Executive Office of the President issued a preprint version of its Federal Plan for Cyber Security and Information Research and Development on April 18 as the first step in developing a national R&D agenda for strengthening the security of the nation's IT infrastructure.

The plan, developed by the Cyber Security and Information Assurance Interagency Working Group under the auspices of NSTC, presents a coordinated interagency framework for addressing critical gaps in current cyber security and information assurance capabilities and technologies.

The plan focuses on interagency R&D priorities that complement agency-specific efforts. It calls for concerted Federal activities on several fronts, as well as collaboration with the private sector.

The strategy includes findings and recommendations to guide cyber security R&D:

1. Target Federal R&D investments to strategic cyber security and information assurance needs.
2. Focus on threats with the greatest potential impact.
3. Make cyber security and information assurance R&D both an individual agency and an interagency budget priority.
4. Support sustained interagency coordination and collaboration on cyber security and information assurance R&D.
5. Build security in from the beginning.
6. Assess security implications of emerging information technologies.
7. Develop a roadmap for Federal cyber security and information assurance R&D.
8. Develop and apply new metrics to assess cyber security and information assurance.
9. Institute more effective coordination with the private sector.
10. Strengthen R&D partnerships, including those with international partners.

The top technical and funding priorities listed in the plan include authentication, authorization, and trust management; access control and privilege management; attack protection, prevention, and preemption; wireless security; and software testing and assessment tools.

The GSA Office of Citizen Services and Communications provides the Federal/State Issue Alert series on emerging issues for quick reference by busy managers with a need to know, particularly those without a technical background.

Background

Inconsistent agency approaches to facility security and computer security were seen as inefficient, costly and risky for the Federal government. There was a need to take steps to improve the security of Federal facilities and information systems. To address this concern, the following steps were taken:

• The White House issued Homeland Security Presidential Directive 12 (HSPD-12), Policy for a Common Identification Standard for Federal Employees and Contractors, on August 27, 2004. It requires the development and agency implementation of a mandatory government-wide standard for secure and reliable forms of identification for federal employees and contractors.
• Federal Information Processing Standard (FIPS) 201, entitled Personal Identity Verification of Federal Employees and Contractors, was issued February 25, 2005, to set minimum requirements for a Federal personal identification system under HSPD-12. FIPS 201 covers the personal identity proofing, registration, and issuance process for employees and contractors.
• OMB, in a memorandum published August 5, 2005, issued guidance for implementing the HSPD-12 policy by October 27, 2007.

Implementing HSPD-12

FIPS 201 guides implementation of HSPD-12 by providing minimum requirements for common identification, security and privacy, and detailed specifications to support government-wide technical uniformity and interoperability. It specifies:

• All departments and agencies were required to issue new ID credentials for new employees and contractors in accordance with Part 1 provisions of FIPS 201 by October 27th of last year.
• Also by that date, departments and agencies were to begin conducting background investigations for all current employees not already investigated.
• Investigations of current employees or contractors must be completed by October 27, 2007, except for those who have been employed more than 15 years. They are allowed another year, until October 27, 2008.
• All departments and agencies must begin deploying products and operational systems that meet the HSPD-12 requirements by October 27, 2006.
• A forthcoming Federal Acquisition Regulation will require the use of only approved products and services that meet the standard. GSA, the executive agent for government-wide acquisition of information technology, will ensure that approved suppliers provide products and services that comply with HSPD-12. GSA will make approved products and services available to all Federal agencies through blanket purchase agreements under Federal Supply Schedule (FSS) 70 for IT.
• Under the cooperative purchasing provisions of the E-Gov Act of 2002, State and local governments may use the FSS contracts to purchase approved identity management products and services.

Once HSPD-12 is fully implemented, government departments and agencies will be able to issue, recognize and accept identity credentials for their employees and for contractors who require long-term access to government-controlled facilities and information systems.

Additional Information

1. "Implementation of Homeland Security Presidential Directive (HSPD) 12 - Policy for Common Identification Standard for Federal Employees and Contractors", OMB memo dated August 5, 2005:
   http://www.whitehouse.gov/omb/memoranda/fy2005/m05-24.pdf.
2. "Sample Privacy Documents for Agency Implementation of Homeland Security Presidential Directive (HSPD) 12", OMB memo dated February 17, 2006:
   http://www.whitehouse.gov/omb/memoranda/fy2006/m06-06.pdf.
3. FIPS 201: Personal Identity Verification for Federal Employees and Contractors, 2/25/05:
   http://www.csrc.nist.gov/publications/fips/fips201-1/FIPS-201-1-v5.pdf.
4. NIST Special Publication 800-79: Guidelines for the Certification and Accreditation of PIV Card Issuing Organizations, 7/05:
   http://www.csrc.nist.gov/piv-project/publications/sp800-79.pdf.
5. OMB Memorandum M-04-04: E-Authentication Guidance for Federal Agencies, 12/16/03:
   http://www.whitehouse.gov/omb/memoranda/fy04/m04-04.pdf.
6. Under Cooperative Purchasing, state and local government entities may purchase a variety of information technology (IT) from contracts awarded by GSA:
   http://www.gsa.gov/cooperativepurchasing.

Government Technology Doers, Dreamers and Drivers: Each year in March, Government Technology Magazine honors 25 individuals who are redefining and advancing technology's role in government and society. This year's Top 25 showed that change is possible despite the age-old belief that institutional barriers impede government reform. These "2005 Doers, Dreamers and Drivers" include 10 State and city CIOs and other technology officials. They are:

• P.K. Agarwal, Director, California Technology Services Department
• Ron Bergmann, Deputy Commissioner, Office of the CIO, New York City
• George Boersma, Director of Technology Partnerships, Michigan
• Thera Bradshaw, CIO, Los Angeles
• Richard Lewis, CIO, Houston
• Greg Meffert, CIO, New Orleans
• Larry Olson, Chief Technology Officer, Texas
• Laura Parma, Director of Interactive Technologies, Washington
• Leonard Scott, Wi-Fi project manager, Corpus Christi, Texas
• Lemuel C. Stewart Jr., CIO, Virginia

The other 15 "doers, dreamers and drivers" include governors, mayors, and other State and local officials, as well as a foundation president, a superintendent of schools, a law firm and journalist Tom Friedman, author of The World is Flat.

Public Technology Institute Local Government Awards: The Public Technology Institute (PTI), a Washington-based non-profit technology R&D organization for cities and counties, has chosen nine local government winners of its 2005/2006 Technology Solutions Awards.

The award winners were selected based on three criteria: cost savings and improved services to internal or external customers; the resourcefulness or vision of the solution; and the likelihood that the solution could be used by other governments facing similar issues or problems.

The awards will be presented May 2 at the 2006 Congress for Technology Leadership in Chicago. The winners are:

Also available in pdf 40 kb

Also available in pdf 52 kb

Public Service Recognition Week honors Federal, State and local government employees in festivities during the first week in May. The annual celebration on the National Mall in Washington, DC, will feature more than 100 military and civilian program exhibits.

Council for Excellence in Government Evening of Excellence
Washington, DC
April 26

Fed Sources' Federal Outlook Conference
Tysons Corner, VA
April 27

Congress for Technology Leadership
Chicago
April 30 - May 2

World Congress on Information Technology (International Technology Association of America)
Austin, TX
May 1-5

Public Service Recognition Week
Washington, DC
May 1-7

SOCAP (Society of Consumer Affairs Professionals) International Symposium
Washington, DC
May 7-10

Stockholm Challenge Event
Stockholm, Sweden
May 8

AFCEA's Transformation TechNet
Hampton, VA
May 9-10

Council for Excellence in Government Evening of Excellence
Washington, DC
May 10

GSA International Products and Services Expo
San Antonio
May 15-18

International City/County Management Association Restoration 2006
New Orleans
May 16-17

Spring Government CIO Summit
Naples, FL
May 21-23

GCN Government IT Leadership Conference
Washington, DC
May 24

National Association of State CIOs Mid-Year Conference
The Capitol Hilton
Washington, DC
May 31-June 2

ACT Management of Change Conference
Hilton Head Island, SC
June 5-7

Government Customer Support Conference 2006
Arlington, VA
June 14-15

AFCEA's TechNet International
Washington, DC
June 19-20

Western Information Technology Council
Stateline, NV
August 6-8

Executive Leadership Conference
Williamsburg, VA
October 29-31

Comments: We welcome your feedback.

Please send your comments, concerns, complaints and questions to dotgovbuzz@gsa.gov.

The DotGov Buzz is produced by:

Darlene Meskell
Ted Cogdell
Bryant Jones
Ernestine Ramsay