Return to Homepage


Home   |   Site Map   |   Privacy   |   Contact Us   |   RSS YouTube Twitter Linked In Facebook NASCIO Community
publications
Email This Page     |     Print This Page     |    
Comments?     |     Share This Link

PUBLICATIONS   |   Chronological List

All publications are available in PDF format. Click here to download acrobat reader.

Capitals in the Clouds Part VI: Cloud 
Procurement: From Solicitation to Signing
Capitals in the Clouds Part VI: Cloud Procurement: From Solicitation to Signing
April 2014

As first reported in the NASCIO/TechAmerica/Grant Thornton 2013 State CIO Survey, The Enterprise Imperative: Leading Through Governance, Portfolio Management, and Collaboration, states continue to turn to cloud solutions, with services such as email and storage remaining the most popular. 74% of respondents said that their state has some applications in the cloud. For several years now, the NASCIO has discussed the transition in the state information technology environment as state CIOs sought new approaches to traditional delivery models. The recession prompted state leaders to examine new approaches and leverage technology opportunities. The use of cloud services by state government is the most obvious manifestation of this transition. In 2011, NASCIO launched its Capitals in the Clouds series on this topic. Three years later, states continue to investigate and to leverage cloud solutions, software as a service (SaaS) and infrastructure as a service, with services such as email and data storage remaining the most popular.


Sharing costs in cross jurisdictional collaboratives Sharing costs in cross jurisdictional collaboratives
March 2014

State Chief Information Officers have made the case for forming cross jurisdictional collaboratives when addressing state government services. State CIOs have come to understand the opportunities and the value proposition in forming collaborative arrangements. Cost sharing is foundational to any collaborative and is often the primary reason for the initial formation of a collaborative. This report proposes a list of essential design elements for cost sharing and provides some examples of successful collaboratives.


Rethinking the Dynamics of the RFP Process for Improved IT Procurement Rethinking the Dynamics of the RFP Process for Improved IT Procurement
February 2014

The RFP process is multifaceted with a broad set of stakeholders including state CIOs, agency heads, state procurement officials, state procurement attorneys, private sector vendors, and many others. Taking this information into consideration, NASCIO has continually sought ways to encourage collaboration between CIOs, chief procurement officials and private IT sector vendors. As such, NASCIO identified the RFP process as one to which special attention must be paid.


Destination: Advancing Enterprise Portfolio Management – First Stop: Issues Management Destination: Advancing Enterprise Portfolio Management – First Stop: Issues Management
December 2013

State CIOs are managing a growing and diverse set of investments, services and collaborative arrangements. Enterprise portfolio management (EPM) is a discipline that provides the tools and best practices necessary for doing this proactively and successfully. EPM provides a view into the enterprise – not only projects, but also services, operations, programs and resources. EPM essentially turns enterprise architecture into action. EPM involves many portfolios. The first portfolio that drives the others is the portfolio of issues that identifies, scores and prioritizes the very issues we’re trying to solve through projects, programs, management initiatives and operations.


State CIO and Legal Counsel: JOINING FORCES FOR BETTER GOVERNMENT State CIO and Legal Counsel: JOINING FORCES FOR BETTER GOVERNMENT
November 2013

On a daily basis, a number of situations may arise where a state chief information officer (CIO) and legal counsel need to work together. Procurement and contract negotiations, privacy, cybersecurity, personnel actions and litigation including e-discovery are just some of the issues for which having a good working relationship is mutually beneficial. The NASCIO Legal Advisory Committee, with contributions from some veteran state CIOs and legal counsel, came up with the list below. This practical guide is intended for newbie and seasoned legal counsel and CIOs.


State CIO Top Ten Policy and Technology Priorities for 2014
November 2013

Each year NASCIO conducts a survey of the state CIOs to identify and prioritize the top policy and technology issues facing state government. The top ten priorities are identified and used as input to NASCIO’s programs, planning for conference sessions, and publications.


The Enterprise Imperative:  Leading Through Governance, Portfolio Management, and Collaboration The Enterprise Imperative: Leading Through Governance, Portfolio Management, and Collaboration
October 2013

NASCIO, TechAmerica, and Grant Thornton LLP have collaborated for a fourth year on the annual survey of state government IT leaders. The 2013 survey report, The Enterprise Imperative, offers the latest insights from State CIOs and concludes these leaders are emphasizing effective enterprise governance models, adopting business disciplines, and forging the right relationships for collaboration.  The 2012 survey – Advancing the C4 Agenda – focused on the balancing act that CIOs must maintain both in providing high-quality services and in delivering new, innovative solutions. These demands have not decreased over the past year. CIOs are responding by focusing on the enterprise, and by coordinating across boundaries. The enterprise focus may involve integrating governance and portfolio management across the state, improving the effectiveness of IT procurement, or deploying statewide identity and access management solutions.


State CIO Leadership in Government Innovation and Transformation State CIO Leadership in Government Innovation and Transformation
October 2013

One of NASCIO’s guiding principles is to “promote the CIO as the technology leader who drives innovation and transformation.” To advance this belief, this leadership white paper explores the various structures and relationships of the State Chief Information Officer’s (CIO) role and how these differences impact the CIO’s participation in government transformation and innovation. The NASCIO CIO Leadership Working Group explored these differences and caution that a “one size fits all” approach is not the objective given that there are clear reasons for these variations. We looked at how the role of the CIO might evolve given ‘forces’ that could impact this evolution, such as technology disrupters and innovation. We discussed these ‘forces’ and critical success factors with private sector CIOs to learn how they have evolved their position, authority, and responsibility to support corporate transformation. We prepared this paper as a guide for CIOs, Governors, and other state officials to learn more about the various models that exist and how those models could evolve to support the direction of the enterprise.


NASCIO Cybersecurity Awareness Resource Guide NASCIO Cybersecurity Awareness Resource Guide
September 2013

For the 2013 observance of National Cyber Security Awareness Month, NASCIO has updated its Resource Guide for State Cybersecurity Awareness, Education, and Training Initiatives. The guide includes new information from our state members, who provided examples of state awareness programs and initiatives. This is an additional resource of best-practice information, together with an interactive state map to allow users to drilldown to the actual resources that states have developed or are using to promote cyber awareness. It includes contact information for the CISO, hyperlinks to state security and security awareness pages, and information describing cybersecurity awareness, training, and education initiatives.

The Resource Guide is a work-in-progress that should provide a valuable reference resource for Cyber Security Awareness Month, as well as the ongoing planning of security awareness and training efforts state programs may undertake thereafter.


Procurement: Avoiding Risky Business Procurement: Avoiding Risky Business
September 2013

The NASCIO Procurement Modernization Committee, in partnership with TechAmerica and the National Association of State Procurement Officials, continues to focus on state IT procurement reforms and highlight best practices at the state level. This brief is the third in a series of recommendations set forth by this collaborative. The purpose of the brief is to highlight some of the strategies used to first identify, then to avoid, transfer, mitigate, and ultimately accept the risks associated with the procurement of IT products or services. Although not all risks can be identified, the goal should be to understand how much risk is associated with a specific IT procurement and what tools, processes, benchmarks, and methodologies are available to uniquely address IT procurement risks.


Effective Cross-Jurisdictional Collaboration – Governance is Critical! Effective Cross-Jurisdictional Collaboration – Governance is Critical!
July 2013

Cross-jurisdictional collaboratives are on the rise.  As the number of such collaboratives increases, there are essential ingredients for framing and sustaining successful and even exceptional collaborative arrangements that deliver real outcomes.  As NASCIO reviewed successful collaboratives, proper governance continually surfaced as one of those essential ingredients for effective sharing of government information and services and effective employment of technology across two or more enterprises.  This issue brief presents examples of effective governance and describes what constitutes effective governance


The Health IT Landscape: Through the Lens of the State CIO The Health IT Landscape: Through the Lens of the State CIO
June 2013

The Healthcare Information and Management Systems Society (HIMSS) and National Association of State Chief Information Officers (NASCIO) formed a collaboration to determine how the State Chief Information Officer (CIO) views the current health information technology landscape. Specific areas of focus for this study included Medicaid Management Information Systems (MMIS), Medicaid Eligibility Systems, Data Governance and Identity Management, State Level Health Information Exchanges, Shared Services and Collaborations. This study combined HIMSS' expertise in health information technology and information exchange with NASCIO's expertise representing state CIOs and information technology executives from the states, territories and the District of Columbia. The results of this collaborative survey will serve those seeking to understand the current environment of State healthcare technology initiatives ranging from governance models to data exchange activities. This analysis will also facilitate understanding of the intersection of the state CIO's role with state health information technology (HIT) projects. This collaboration represents one of the first holistic analyses focused on the state CIO perspective of State HIT projects.

Examining State Social Media Policies: Closing the Gaps Examining State Social Media Policies: Closing the Gaps
June 2013

The issue brief focuses on state use of social media, specifically on state social media participation policies (“SMPP’s”). NASCIO’s Legal Advisory Working Group took a look at 31 SMPPs, which focus specifically on guidance/policy given to state employees regarding their participation in social media.

States have come a long way in the past few years, with the majority implementing social media policies or working towards one. However, some of the gaps found have the potential to open up states to some severe heartburn: including employee discontent, management concerns, public perception and liability.

The issue brief also addresses the inclusion of clauses on confidentiality, ethical conduct, security and privacy, and transparency in SMPP’s.


Capitals in the Clouds Part V: Advice from the Trenches on Managing the Risk of Free File Sharing Cloud Services Capitals in the Clouds Part V: Advice from the Trenches on Managing the Risk of Free File Sharing Cloud Services
April 2013

Cloud-based file sharing solutions have become very popular and certainly a growing and significant part of day-to-day computing. It is easy to see why these services are attractive to state government users after using them in many facets of their personal life. With a wide variety of choices in the market, these solutions are easy to access, configure and use. They support multiple devices (especially mobile), and data in multiple formats. The most important consideration for state employee users – these file sharing services are free. Since the release of the 2012 NASCIO and Deloitte Cybersecurity Study, more security and policy questions have been raised on the use of free cloud services by states. In addition to the May 2012 Capitals in the Clouds IV guidance on rogue cloud users, states have continued to seek out leading practices on how to put the proper controls in place, meet security standards, craft acceptable use policies, and identify the open records and legal concerns regarding terms of service. This brief helps to provide real experience from Commonwealth of Pennsylvania on free cloud services.


Limitations on Liability Infographic Limitations on Liability Infographic
January 2013

NASCIO’s 2004 publication NASCIO on Unlimited Liability - Gaining Traction on the Road to "Win-Win" recommended changes to the state IT procurement policy regarding limitations on liability, and research from 2010 and 2012 show subtle changes have occurred in the states. This infographic indicates which states have limitations on liability in statute, which states have none, and which states are able to negotiate limitations on a case by case basis, and compares the current situation to previous NASCIO research.


NASCIO Call-to-Action: The Necessity for Maturing Identity and Access Management in State Government NASCIO Call-to-Action: The Necessity for Maturing Identity and Access Management in State Government
November 2012

As state leaders act to streamline services, consolidate IT infrastructure and perform more efficiently, trusted digital identities and their authentication becomes a critical enabler with the digital ecosystem. All levels of government and the private sector, are confronted by this challenge and are working together to create common policy, guidelines, standards, and responsibilities to protect cyber assets and ensure appropriate mechanisms are in place for a coordinated identity ecosystem. This guidance presents the value proposition along with key factors for establishing an enterprise-wide approach to identity management.

State CIO Top Ten Policy and Technology Priorities for 2013
November 2012

Each year NASCIO conducts a survey of the state CIOs to identify and prioritize the top policy and technology issues facing state government. The top ten priorities are identified and used as input to NASCIO’s programs, planning for conference sessions, and publications.


2012 Deloitte-NASCIO Cybersecurity Study
State governments at Risk:  A Call for Collaboration and Compliance 2012 Deloitte-NASCIO Cybersecurity Study State governments at Risk: A Call for Collaboration and Compliance
October 2012

This study reports findings and analysis of a comprehensive survey of State Chief Information Security Officers conducted by NASCIO in partnership with Deloitte in July and August of 2012. Both a repeat and extension of a Deloitte-NASCIO survey originally conducted in 2010, it documents the relative strengths and weaknesses of the security programs that protect state governments’ vital systems and data. The study identifies areas of concern expressed by state CISOs, and provides a call to action for state CIOs and policy officials on the critical need to support and enhance cybersecurity programs.


Advancing the C<sup>4</sup> Agenda Advancing the C4 Agenda
October 2012

NASCIO, TechAmerica, and Grant Thornton LLP have collaborated on the third annual survey of state government IT leaders. Since the last survey of state chief information officers (CIOs) in 2011 - A New C4 Agenda (Consolidation, Collaboration, Clout, and Change) – we find that CIOs continue to be confronted with myriad responsibilities and leadership challenges. Some of these focus on continuing to provide many high-quality IT services to state agencies and employees (such as email and networking) as well as to citizens (such as online registration and licensing). Others focus on procuring, implementing, and managing new IT services, such as cloud platforms, mobile devices and applications, and social media. CIOs must maintain a balancing act, not allowing either the old or the new to dominate their attention.


What Makes Collaborative Initiatives Work? What Makes Collaborative Initiatives Work?
October 2012

Collaboration is a major part of the solution to sustaining and thriving government organizations and services. But it has to be done correctly so it is effective, can sustain through the life of the initiative’s intent, and can adapt with changing environmental circumstances. No matter what service area, mode of delivery, management area, or technology, collaborative arrangements should be considered as an alternative that may deliver the most effective outcomes.

NASCIO is actively investigating existing collaboratives in order to promote collaborative arrangements across government and to uncover operating discipline and best practices that make for successful collaboratives.These best practices support strategy, governance, program and project management, organization, operations and effective application of technology.Collectively these best practices are imbedded in the enterprise architecture of successful collaboratives.


NASCIO Cyber Security Awareness Resource Guide NASCIO Cyber Security Awareness Resource Guide
October 2012

For the 2012 observance of National Cyber Security Awareness Month, NASCIO has updated its Resource Guide for State Cyber Security Awareness, Education, and Training Initiatives. The guide includes new information from our state members, who provided examples of state awareness programs and initiatives. This is an additional resource of best-practice information, together with an interactive state map to allow users to drilldown to the actual resources that states have developed or are using to promote cyber awareness. It includes contact information for the CISO, hyperlinks to state security and security awareness pages, and information describing cyber security awareness, training, and education initiatives.

The Resource Guide is a work-in-progress that should provide a valuable reference resource for Cyber Security Awareness Month, as well as the ongoing planning of security awareness and training efforts state programs may undertake thereafter.


The State Identity Credential and Access Management Guidance and Roadmap (SICAM) The State Identity Credential and Access Management Guidance and Roadmap (SICAM)
September 2012

The State Identity and Credential Access Management (SICAM) Guidance and Roadmap outline a strategic vision for state-based identity, credential, and access management efforts, and emphasizes the importance of implementing the SICAM architecture and services in support of the challenges associated with trust, interoperability, security, and process improvement. States can, and should, provide a secure, auditable environment for the processing and exchange of information across the entire spectrum of state business. This guidance promotes an enterprise approach and it is essential that state governments take the initiative to ensure the integrity of the data entrusted to them and provide a high level of security and privacy to citizens, customers, and partners.


Why Should Government Join Up? Why now?  What do we gain? Why Should Government Join Up? Why now? What do we gain?
September 2012

Maintaining and increasing government service delivery in the current economic circumstances is nearing the impossible. What is the answer? Part of the answer is the formation of collaborative relationships across agencies and jurisdictions to share and in some circumstances consolidate investments. State and local governments can not afford to go it alone. Through collaborative governance structures, jurisdictions can pool funding, increase buying power, remove or reduce redundant investments in technology and actually make significant gains in the quality of service.


Is Big Data a Big Deal for State Governments? The Big Data Revolution – Impacts for State Government – Timing is Everything Is Big Data a Big Deal for State Governments? The Big Data Revolution – Impacts for State Government – Timing is Everything
August 2012

The volume and velocity of data creation is at all time high – and is accelerating. State government is a veritable data engine creating vast amounts of data from a vast number of sources. That data is being used to comply with regulations; uncover fraud, waste and abuse; and ultimately improve the lives of citizens. The sky is the limit in terms future data generation based on the growth in mobile applications, sensors, cloud services and the growing public private partnerships that must be monitored for performance and service levels, according to NASCIO’s latest in its series of issue briefs on analytics - “Is Big Data a Big Deal?”

In this issue brief, the universe of “big data” will be explored in order to:

  • Create a foundation preliminary to further description and exploration in future briefs, conference sessions and innovations forums.
  • Set common characteristics of big data versus simply lots of data.
  • Emphasize the necessity of data governance and data management within a broader state government enterprise architecture.
  • Present some early recommendations for state government regarding big data.

Leaving Performance Bonds at the Door for Improved IT Procurement Leaving Performance Bonds at the Door for Improved IT Procurement
August 2012

This is the second in a series of briefs on IT procurement modernization. The brief focuses on performance bond trends for state IT projects and is intended to give an overview of how the surety market has significantly changed because of a wave of factors external to the IT industry. The amount of readily available performance bonds has become a challenge and, in some instances, bond companies have begun to require companies to partially or fully collateralize performance bonds with bank letters of credit. In order for states to lower costs and create a competitive procurement pool, states need to consider finding ways of leveraging existing protections and adjusting performance bond requirements if necessary. This brief was developed in partnership with TechAmerica and with contributions from the National Association of State Procurement Officials (NASPO).


Leveraging Enterprise Architecture for Improved IT Procurement Leveraging Enterprise Architecture for Improved IT Procurement
July 2012

This brief seeks to present an overview of how the discipline of Enterprise Architecture (EA) can be used to improve and lower costs of state IT procurement. The degree of EA maturity in states can vary as much as the very rules that govern IT procurement, but a closer look will provide guidance on alignment of these vital functions of government. As stewards of tight budgets, it is imperative that state chief information officers (CIOs), state procurement officials, and other state leaders find the best values and are accountable for IT investments. State leaders should consider the benefits of aligning IT procurement and enterprise architecture not only as a way to deliver IT services more effectively, but also as a way to find savings through streamlined investments. This brief was developed in partnership with TechAmerica and with contributions from the National Association of State Procurement Officials (NASPO).
 


A Golden Opportunity for Medicaid IT Transformation: State CIOs and the MITA Framework A Golden Opportunity for Medicaid IT Transformation: State CIOs and the MITA Framework
May 2012

This is an unprecedented time for health IT in the United States, and the backbone of achieving lower costs, better health outcomes, and system interoperability relies on an enterprise view. In response to the CMS release of Medicaid Information Technology Architecture (MITA) 3.0, the NASCIO Health Care Working Group has formulated guidance to states as they navigate Medicaid IT transformation. NASCIO continues to be an advocate for enterprise solutions and view the MITA framework as a way state CIOs can decouple legacy systems and break down existing silos in state government. State CIOs grasp the importance of modernizing the Medicaid enterprise in a way that is flexible, interoperable, and takes into consideration emerging technologies like cloud computing. In addition to emphasizing conformity to the MITA vision, the report calls attention to emerging security threats in the states and the importance of protecting personally identifiable information and personal health information.


Capitals in the Clouds Part IV – Cloud Security:  On Mission and Means Capitals in the Clouds Part IV – Cloud Security: On Mission and Means
May 2012

This brief presents an emphasis on the cultural and organizational aspects of cloud computing. “Cloud services” imply shared services. When agencies come together to share such a resource there will necessarily have to be an evaluation of the variance in security policies in place in the various partner agencies. Engaging external cloud services can be quite risky if such services have not been properly vetted by state security staff. Much education, awareness, and ongoing communication will be required to ensure state government employees are fully aware of the risks of external cloud services. The imperative for states is to stay connected and maintain the dialogue, sharing intentions and solutions, as state government moves forward with adoption of cloud services. Cloud is not the only solution or avenue for sharing resources. When it is the right solution, it must be employed with proper attention to the security aspects of cloud services, particularly with external cloud services.


Capitals in the Clouds Part III – Recommendations for Mitigating Risks: Jurisdictional, Contracting and Service Levels Capitals in the Clouds Part III – Recommendations for Mitigating Risks: Jurisdictional, Contracting and Service Levels
December 2011

Cloud computing will continue to be an invaluable resource for state and local governments in their efforts to rationalize and optimize computing resources. Cloud computing should be seen as an IT innovation that can support rationalization and optimization of business services as well as IT services. Due diligence prescribes the necessity of exploring and evaluating jurisdictional issues in order to ensure long term sustainability and growing adoption of collaborative government operations in state and local government.


The Heart of the Matter: A Core Services Taxonomy for State IT Security Programs The Heart of the Matter: A Core Services Taxonomy for State IT Security Programs
October 2011

To ensure that IT security remains robust in the current difficult budget environment, the National Association of State Chief Information Officers (NASCIO) has identified a taxonomy of core, critical IT security services to facilitate the analysis of requirements, sourcing options, and costs for delivering appropriate security. For each of the twelve services that were identified, the brief includes a description, a list of the key activities associated with the service, and a list of tools that commonly support service delivery.


State CIO Top Ten Policy and Technology Priorities for 2012
October 2011

Each year NASCIO conducts a survey of the state CIOs to identify and prioritize the top policy and technology issues facing state government. The top ten priorities are identified and used as input to NASCIO’s programs, planning for conference sessions, and publications.


2011 Best Practices in the Use of Information Technology in State Government Booklet 2011 Best Practices in the Use of Information Technology in State Government Booklet
October 2011

Released in conjunction with NASCIO's Best Practices in the Use of Information Technology in State Government Awards, this booklet contains summaries of innovative state government programs in the following areas: Cross-Boundary Collaboration and Partnerships; Data, Information and Knowledge Management; Digital Government – G to B; Digital Government – G to C; Fast Track Solutions; Enterprise IT Management Initiatives; Improving State Operations; Information Communications Technology (ICT) Innovations; Open Government Initiatives; and Risk Management Initiatives.


The 2011 State CIO Survey The 2011 State CIO Survey
October 2011

NASCIO partnered with TechAmerica and Grant Thornton LLP to survey state and territorial chief information officers (CIOs) on their most challenging issues and significant opportunities. At a high level, the survey reveals this to be a time of evolving roles, changing organizational capabilities and demanding workloads for the CIOs. The themes that emerge from the 2011 survey results center on consolidation, collaboration, clout and change — a new state CIO agenda. The report, which is the second Annual Survey of State Chief Information Officers, is titled: “A New C4 Agenda: Perspectives and Trends from State Government IT Leaders.”


Capitals in the Clouds - The Case for Cloud Computing in State Government Part II:
Challenges and Opportunities to Get Your Data Right Capitals in the Clouds - The Case for Cloud Computing in State Government Part II: Challenges and Opportunities to Get Your Data Right
October 2011

Cloud computing brings with it opportunities, issues and risks. One major consideration that must be addressed is the management of data – governance, stewardship, consistency, ownership and security. Data is the lifeblood of state government operations and critical for service delivery. With the fiscal stress and operational pressures that are driving state and local governments toward serious consideration and adoption of cloud computing, the data must not be ignored. These pressures must be managed intelligently to avoid pushing government into a future situation that could constitute greater cost, and more difficulty in achieving interoperability of government lines of business and government jurisdictions.


State Cyber Security Resource Guide: Awareness, Education, and Training Initiatives State Cyber Security Resource Guide: Awareness, Education, and Training Initiatives
September 2011

For the 2011 observance of National Cyber Security Awareness Month, NASCIO has updated its Resource Guide for State Cyber Security Awareness,Education, and Training Initiatives. The guide includes new information from our state members, who provided examples of state awareness programs and initiatives. This is an additional resource of best-practice information, together with an interactive state map to allow users to drilldown to the actual resources that states have developed or are using to promote cyber awareness. It includes contact information for the CISO, hyperlinks to state security and security awareness pages, and information describing cyber security awareness, training, and education initiatives.

The Resource Guide is a work-in-progress that should provide a valuable reference resource for Cyber Security Awareness Month, as well as the ongoing planning of security awareness and training efforts state programs may undertake thereafter.
 


CIO Leadership for State Governments: Emerging Trends and Practices CIO Leadership for State Governments: Emerging Trends and Practices
March 2011

Public Technology Institute has published CIO Leadership for State Governments: Emerging Trends and Practices, a book that illuminates the role of the state CIO, and shares leading technology practices and innovative programs in state government.
Published in partnership with the National Association of State CIOs (NASCIO), this is the first book written exclusively by and for the state CIO.


Sustainable Success: State CIOs and Health Information Exchange Sustainable Success: State CIOs and Health Information Exchange
September 2011

While NASCIO has continued to track the role of the State CIO in Health Information Exchange (HIE), the recently released issue brief highlights the importance of a sustainable public HIE. Included in the brief are best practices for creating potential revenue streams, considerations for systems development, and innovative options that may reduce maintenance and lower costs. State CIOs and state policy officials need to consider the business drivers that will ensure that revenues exceed costs to plan, implement and operate an interoperable HIE. State CIOs recognize that there is no better opportunity than now for carrying out these goals, but continued ingenuity will be imperative in ensuring a state-run HIE is independently sustainable when public grants may no longer be available.


Capitals in the Clouds - The Case for Cloud Computing in State Government Part I: Definitions and Principles Capitals in the Clouds - The Case for Cloud Computing in State Government Part I: Definitions and Principles
June 2011

Cloud computing has arrived as a serious alternative for state government. There are outstanding issues that must be faced and dealt with in order to maintain the reliability, responsibility, security, privacy, and citizen-confidence in government services. Government is exploring technology and business process innovations that will make the way for government to deliver existing services more economically. Cloud computing provides a number capabilities that have the potential for enabling such innovation.


On the Fence: IT Implications of the Health Benefit Exchanges On the Fence: IT Implications of the Health Benefit Exchanges
June 2011

Despite the contentious debate over national health care reform there seems to be one trend that has gained some degree of consensus at the state level – planning for implementation of state health benefit exchanges. The Patient Protection and Affordable Care Act (PPACA) has already provided $2.8 billion in funding to states to build benefit exchanges, expand Medicaid eligibility and continue prevention efforts. In addition to the substantial amount of funding states have already received, they will receive billions more during 2011 and beyond. The Affordable Care Act provides states with the unique opportunity to either develop and run their own exchange or default to the federal government to establish and operate the exchange. State CIOs will play varying roles in health care reform, but irrespective of their responsibilities it will be imperative to provide sound leadership and provide feedback to governors on any IT gaps that may exist during this momentous time.


A Call to Action: Information Exchange Strategies for Effective State Government A Call to Action: Information Exchange Strategies for Effective State Government
April 2011

NASCIO Recommends State Government Adopt the National Information Exchange Model (NIEM) to Enable Government Information Sharing
 
The National Information Exchange Model (NIEM) provides a broad range of products and capabilities for planning and implementing enterprise-wide information exchanges. Government effectiveness and citizen centric government services require effective cross line of business collaboration and communication. Use of national standards will avoid redundant investment and unnecessary variation. What is needed is a common discipline for information sharing that is employed by all government lines of business.  NIEM exists as that discipline for federal, state and local government.


State IT Workforce: Under Pressure State IT Workforce: Under Pressure
January 2011

In 2007, state CIOs had offered anecdotal evidence that states could face a potential shortage of government IT workers in the near future due to anticipated retirements of baby boomers and a waning interest in government IT employment from a younger generation. To revisit this looming issue, in November 2010 NASCIO conducted a web-based survey for state CIOs to assess the landscape of the state IT workforce. The results of the survey State IT Workforce: Under Pressure have been compiled and NASCIO members should use the results as a tool in identifying and addressing state IT workforce trends. The state responses provide a broad perspective on state IT workforce issues as a whole, and also allow CIOs to further assess the IT employment outlook within their respective states.


State CIO Top Ten Policy and Technology Priorities for 2011
October 2010

Each year NASCIO conducts a survey of the state CIOs to identify and prioritize the top policy and technology issues facing state government. The top ten priorities are identified and used as input to NASCIO’s programs, planning for conference sessions, and publications.

State Governments at Risk: A Call to Secure Citizen Data and Inspire Public Trust State Governments at Risk: A Call to Secure Citizen Data and Inspire Public Trust
September 2010

People put a lot of trust in state governments to collect, maintain and protect the appropriate information necessary to execute their programs, protect individual rights, and ensure public safety. The volume of that information expands at an ever-increasing pace, and maintenance and protection of that information, particularly where it involves Personally Identifiable Information (PII) and Personal Health Information (PHI), becomes more and more challenging. The 2010 Deloitte-NASCIO Cybersecurity Study finds that states need to do more to secure citizen data and maintain public trust.

2010 Best Practices in the Use of Information Technology in State Government Booklet 2010 Best Practices in the Use of Information Technology in State Government Booklet
September 2010

Released in conjunction with NASCIO's 2009 Best Practices in the Use of Information Technology in State Government Awards, this booklet contains summaries of innovative state government programs in the following areas: Cross-Boundary Collaboration and Partnerships; Data, Information and Knowledge Management; Digital Government – G to B; Digital Government – G to C; Digital Government – G to G; Enterprise IT Management Initiatives; Improving State Operations; Information Communications Technology (ICT) Innovations; Open Government Initiatives; and Risk Management Initiatives.

Friends, Followers, and Feeds: A National Survey of Social Media Use in State Government Friends, Followers, and Feeds: A National Survey of Social Media Use in State Government
September 2010

In the summer of 2010, NASCIO’s Social Media Working Group implemented a survey of social media adoption by state governments to clarify existing use of social media by states and extend its knowledge of how the tools are being deployed in state governments across the country. The survey examined adoption trends, current applications and expectations of social media technologies, the extent to which implementation is governed by formal policies or individual agency initiative, and perceptions of risk associated with social media tool use. This brief reports on the survey results, and makes recommendations about next steps states need to take as they adapt these tools to expand engagement with citizens and improve government programs.

DO YOU THINK? OR DO YOU KNOW? PART II: The EA Value Chain, The Strategic Intent Domain, and Principles DO YOU THINK? OR DO YOU KNOW? PART II: The EA Value Chain, The Strategic Intent Domain, and Principles
September 2010

Investment in business intelligence and business analytics must be driven by enterprise strategic intent. Proper leverage of analytics should start with a clear understanding of the outcomes state government is trying to achieve. This issue brief presents the rationale for analytics using the NASCIO Enterprise Architecture Value Chain as a framework for organizing the thinking and the questions which eventually drive investment in analytics capabilities. It builds on the foundational concepts discussed in NASCIO’s first issue brief on this subject, and strongly recommends an enterprise approach. Without an enterprise approach to analytics, investment across the enterprise is un-orchestrated and uncoordinated. That creates redundant investment in tools and training, and creates barriers to cross line of business collaboration. State government can not afford redundant and disconnected investment. One of the values of enterprise architecture is the management, optimization and simplification of investment within state government. Proper investment and application of analytics is essential to deploying effective and efficient government services. Finally, the level of complexity of analytical methods and tools depends on the complexity of the decisions and the issues.

Profiles of Progress 4: State Health IT Initiatives Profiles of Progress 4: State Health IT Initiatives
July 2010

Since Profiles of Progress was last released in April of 2009, there has been a tremendous flurry of activity due to the Office of the National Coordinator for Health Information Technology (ONC) announcing the recipients of the State Health Information Exchange Cooperative Agreement Program (State HIE). In addition, the funding from the American Recovery and Reinvestment Act (ARRA) has started to be dispensed to state and regional efforts across the nation and will be used to invest, solidify and make sustainable health IT efforts in the states. The updated compendium, “Profiles of Progress 4: State Health IT Initiatives,” serves as a snapshot of how states are responding to the challenge of leading the implementation of health IT and what role, if any, the state CIO is playing in these efforts. The numerous revisions within the compendium reflect the expeditious growth and adoption of health IT over the past year. As government leaders increasingly support Health IT as a means to improve patient care and reduce costs it is imperative that states implement an enterprise-wide architecture for the statewide exchange of health information.

The 2010 State CIO Survey: Perspectives and trends from state government IT leaders The 2010 State CIO Survey: Perspectives and trends from state government IT leaders
July 2010

Just as information technology undergirds every aspect of doing business in the corporate sector, so is it now a mainstay of state government. NASCIO has joined forces with the Grant Thornton and TechAmerica to survey state and territorial CIOs or their equivalents on their most challenging issues -- from tight budgets to the continual flow of new technologies. Results are based on the responses of 40 participants, or about three-fourths of eligible jurisdictions. The 39-question survey covered a range of topics:

  • IT governance: Many CIOs shoulder much of the responsibility for statewide IT governance but do not have the same level of authority.
  • IT investments and budgets: Two-thirds of CIOs expect lower IT budgets in 2011 through 2013.
  • Statewide IT business models and sourcing strategies: In the next three years, most CIOs plan to expand IT shared services and managed services.
  • Procurement and procurement reform: CIOs give state IT procurement processes a grade of C and say processes and practices need updating.
  • Emerging technologies: Half of CIOs are investing in cloud computing, and one-third are running active or pilot cloud projects.

Security at the Edge: Protecting Mobile Computing Devices 
Part II: Policies on the Use of Personally Owned Smartphones in State Government Security at the Edge: Protecting Mobile Computing Devices Part II: Policies on the Use of Personally Owned Smartphones in State Government
March 2010

Due to the pervasive use of personally owned smartphones in the U.S., practical concerns have arisen around state employee requests to use these devices for state business. The potential for security incidents and data breaches is a practical concern that state CIOs and CISOs must address when establishing security standards. While these devices make the work lives of employees less complicated, and perhaps reduce state IT acquisition costs, officials must once again face the classic dilemma of balancing risks and rewards. Policies on the Use of Personally Owned Smartphones in State Government highlights the trend toward states establishing security policies and standards for connecting personally owned smartphones to government networks.

Gaining Traction on the Road to Win-Win: Limitations on Liability in State IT Contracting Gaining Traction on the Road to Win-Win: Limitations on Liability in State IT Contracting
March 2010

As state CIOs continue to deploy IT solutions, it is important to recognize the fiscal benefits of transforming the procurement process to meet the needs of a smaller workforce, budget constraints, and consolidation efforts. Because of current economic factors the state CIO is faced with not only budget constraints for needed IT goods and services, but also advocating for procurement reform that meets the needs of the 21st century. Gaining Traction on the Road to Win-Win presents the challenges associated with unlimited liability, and encourages the inclusion of risk management strategies for state IT contracts. The report also calls attention to the fact that state CIOs are better equipped to provide services to the state when flexible terms and conditions for procurement provisions are in place.

DO YOU THINK? OR DO YOU KNOW? Improving State Government Operations Through Business Analytics DO YOU THINK? OR DO YOU KNOW? Improving State Government Operations Through Business Analytics
February 2010

Business analytics provides an evidence-based approach for decision making. With the current emphasis on transparency and visibility into the operations of government, government leaders need to anticipate more questions and evaluation related to not only what decisions are being made, but also what rationale was applied in making those decisions. As stated in this issue brief, intuition alone is not adequate for evaluating alternatives and making decisions. Effective implementation of a business analytics capability will promote an enterprise-wide culture of fact-based decision making. State government is encouraged to seriously look at business analytics as a means for fully understanding current circumstances and make predictions about the future. The predictive nature is particularly important as we continue to face ongoing fiscal challenges and increasing demand for state government services.

State CIO Top Ten Policy and Technology Priorities for 2010
November 2009

Each year NASCIO conducts a survey of the state CIOs to identify and prioritize the top policy and technology issues facing state government. The top ten priorities are identified and used as input to NASCIO’s programs, planning for conference sessions, and publications.

2009 Best Practices in the Use of Information Technology in State Government Booklet 2009 Best Practices in the Use of Information Technology in State Government Booklet
October 2009

Released in conjunction with NASCIO's 2010 Best Practices in the Use of Information Technology in State Government Awards, this booklet contains summaries of innovative state government programs in the following areas: Business Continuity and Disaster Recovery ; Cross-Boundary Collaboration and Partnerships; Data, Information and Knowledge Management; Digital Government – G to B; Digital Government – G to C; Digital Government – G to G; Enterprise IT Management Initiatives; Information Communications Technology Innovations; Information Security and Privacy; and IT Project and Portfolio Management.

A Call to Action for State Government: Guidance for Opening the Doors to State Data
September 2009

Transparency initiatives and websites are proliferating across government and industry globally. One aspect of the transparency trend is broader access to government data. NASCIO has published this report as initial guidance and recommendations to help state governments get started with data transparency portals. This guidance presents the value proposition along with principles and guidance on how states should move forward.

Resource Guide for State Cyber Security Awareness, Education, and Training Initiatives Resource Guide for State Cyber Security Awareness, Education, and Training Initiatives
September 2009

For the observance of the sixth annual National Cyber Security Awareness Month, NASCIO has created a Resource Guide of examples of state awareness programs and initiatives. The compendium augments previously gathered information with data from a just-completed, short survey of state CISOs. It includes links to state security awareness pages, contact information for state CISOs, and information describing cyber security awareness, training, and education initiatives that target four categories: Executives/Elected Officials; Citizens; State Workers; and IT Security Personnel.

The Resource Guide is a work-in-progress that should provide a valuable reference resource for Cyber Security Awareness Month, as well as the ongoing planning of security awareness and training efforts state programs may undertake thereafter.

HITECH in the States: Action List for State CIOs HITECH in the States: Action List for State CIOs
August 2009

In recent years, health information technology has grown from a burgeoning trend to a top policy priority for NASCIO as state CIOs from across the nation have become increasingly involved in health IT initiatives in their states. With billions of dollars now allocated to flow into health IT and health information exchange (HIE) initiatives around the country under the American Recovery and Reinvestment Act (ARRA), this trend is only poised to accelerate. HITECH in the States: Action List for State CIOs examines the impact on states—and the implications for state CIOs—of the HITECH Act (ARRA’s health IT requirements) and outlines four broad areas in which state CIOs can have an immediate, and long-term, impact in regards to HIE: Planning, Governance, Financing/Sustainability and Policy. Additionally, this brief highlights the questions that state CIOs should be asking as they work to begin exploring their role within these HIE efforts and also features the affect of the HITECH Act on the Medicaid IT Architecture (MITA) initiative.

Security at the Edge — Protecting Mobile Computing Devices
July 2009

The business of government is increasingly conducted or supported by mobile computing devices as states adopt these tools to un-tether traditional office workers from their desks or employ them for a wide variety of purposes in the field. Use of mobile devices is so widespread that it is difficult to imagine how state governments can operate without them, given their increased computing power and the ease with which they may be integrated with state networks and databases via the Internet. At the same time, however, mobile devices are unusually vulnerable to loss, theft, mis-use, or misconfiguration, which can and does lead to the loss of sensitive data. Security at the Edge highlights the risks associated with uncontrolled use of mobile devices, and targets the standards and procedural controls that allow state CIOs to better secure them.

Data Governance Part III: Frameworks – Structure for Organizing Complexity
May 2009

This issue brief presents the concept of frameworks that describes what constitutes a data governance program, with a focus on frameworks from the Data Management Association (DAMA), the Data Governance Institute (DGI), and IBM. Use of frameworks can assist state government in planning and executing on an effective data governance initiative. They assist in achieving completeness in a program. In any subject or discipline frameworks and maturity models assist in describing the scope – both breadth and depth – of an initiative. This holds true as well for data, information and knowledge management.

Profiles of Progress 3: State Health IT Initiatives Profiles of Progress 3: State Health IT Initiatives
April 2009

The passage of the American Recovery and Reinvestment Act (ARRA), which allocated billions of dollars to flow into health IT initiatives across the country, has ushered forth a new era for health IT. This is an unprecedented moment for healthcare stakeholders and government, at all levels, to invest significant resources toward health IT and health information exchange initiatives. This compendium, “Profiles of Progress 3: State Health IT Initiatives,” is a product of NASCIO’s Health IT Working Group. It provides a state-by-state “snapshot” of progress that each state has made toward developing and implementing health information exchange and other health IT initiatives. It specifically examines the role of the state CIO in these efforts, and also includes an overview of the implications for health IT since the passage of the ARRA.

Desperately Seeking Security Frameworks – A Roadmap for State CIOs
March 2009

State CIOs, chief security officers, and the IT security professionals who work with them face a challenging and sometimes confusing array of security frameworks – these may be pushed down by Federal agencies, issued by national or international standards bodies, promoted by industry as best practice, or in some instances, be written into law or federal regulation. Desperately Seeking Security Frameworks provides an overview of the primary security standards, regulations, and laws that impact state IT security programs, highlights how states have used the frameworks to shape their security architectures, policies, standards, and controls, and identifies the key issues for CIOs as they establish and maintain IT security programs.

Data Governance Part II: Maturity Models – A Path to Progress
March 2009

Data governance maturity models provide a foundational reference for understanding data governance and for understanding the journey that must be anticipated and planned for achieving effective governance of data, information and knowledge assets. This report continues to build on the concepts presented in Data Governance Part I. It presents a portfolio of data governance maturity models.

Taking the Lead: Green IT in the States Taking the Lead: Green IT in the States
February 2009

States are proven leaders in the green movement. In the face of tightening budgets that demand a departure from business as usual, states are demonstrating leadership through an array of green initiatives.

Government runs on IT. And green IT is a growing movement that requires attention from government leaders. State governments, with their state CIO, can start greening IT practices today.

This short, informational video Taking the Lead: Green IT in the States is designed to help state CIOs assist government leaders in demonstrating that, by exploring these opportunities now, states can lead by example.

How green is your IT?

Order a complimentary copy on DVD.

Digital States at Risk!: Modernizing Legacy Systems Digital States at Risk!: Modernizing Legacy Systems
December 2008

A product of NASCIO's Legacy Systems & Modernization Working Group, this report is based on the findings of its 2008 national survey of state CIOs. The report provides an assessment of states’ primary points-of-concern as they relate to legacy system modernization and provides insight into strategies, options and approaches states are considering as they move towards a modern IT enterprise environment.

State CIO Top Ten Policy and Technology Priorities for 2009
October 2008

Each year NASCIO conducts a survey of the state CIOs to identify and prioritize the top policy and technology issues facing state government. The top ten priorities are identified and used as input to NASCIO’s programs, planning for conference sessions, and publications.

2008 Best Practices in the Use of Information Technology in State Government Booklet 2008 Best Practices in the Use of Information Technology in State Government Booklet
September 2008

Released in conjunction with NASCIO's 2008 Best Practices in the Use of Information Technology in State Government Awards, this booklet contains summaries of innovative state government programs in the following areas: Business Continuity and Disaster Recovery ; Cross-Boundary Collaboration and Partnerships; Data, Information and Knowledge Management; Digital Government – G to B; Digital Government – G to C; Digital Government – G to G; Enterprise IT Management Initiatives; Information Communications Technology Innovations; Information Security and Privacy; and IT Project and Portfolio Management.

Innovative Funding for State IT: Models, Trends, and Perspectives Innovative Funding for State IT: Models, Trends, and Perspectives
September 2008

Based on a survey of the states, this report examines the use of innovative, alternative and financing funding models for technology projects that enable states to deliver savings, and improve IT services to citizens. The results update NASCIO’s 2003 report on innovative funding, "Innovative Funding for Innovative State IT: New Trends and Approaches for State IT Funding," and provide state CIOs with information and insights for the facilitation of innovative funding initiatives in their own states. A product of NASCIO’s 2008 Innovative Funding for State IT Working Group, this report was developed based on results from an all states survey of state CIOs; thirty-one states responded concerning their IT funding initiatives.

Protecting the Realm: Confronting the Realities of State Data at Risk
September 2008

This brief underlines the criticality of managing states’ digital assets and identifies key, high-level elements for establishing better data security programs within states.  The brief covers data ownership and governance issues, recommends grounding data protection efforts in states’ enterprise architecture frameworks, and outlines nine primary elements that a comprehensive data protection program must incorporate or address.  It describes data classification frameworks that have been developed in both state and federal agencies, and includes summaries of operational data classification and security initiatives in the states of Ohio, Arkansas, and Iowa

The MITA Touch: State CIOs and Medicaid IT Transformation
August 2008

Medicaid transformation, and incorporating information technology into these efforts, is among the fastest-growing trends in healthcare today.  With the introduction of the federal Medicaid IT Architecture (MITA) initiative, states are beginning to assess their current Medicaid systems and explore how the MITA initiative can foster information exchange and improve healthcare quality outcomes.  This brief, a product of NASCIO’s Health IT Working Group, examines the ways in which state CIOs can play a role in the MITA effort, and how their enterprise view contributes to the holistic vision that MITA promotes across state agencies and all levels of government. 

Governance of Geospatial Resources: “Where’s the Data? Show Me” - Maximizing the Investment in State Geospatial Resources
July 2008

Geospatial resources refer to a whole discipline around managing data with a spatial orientation or component to support better decision making. Geospatial resources include a field of knowledge, people, policies, processes, standards, and technology that are not only necessary for everyday decision making but also critical for continuity of operations and disaster recovery. A new emphasis on location aware is evidenced further as State CIOs named “GIS” on their Top Ten list of Priority Technologies for 2008. Geospatial resources are so ubiquitous anymore that state government as well as citizens and industry think “where?” regarding almost every issue. This issue brief explores government’s demand for geospatial resources and offers recommendations and calls to action for the state Chief Information Officer to meet that demand.

Ready for the Challenge? State CIOs and Electronic Records: Issues, Opportunities and Best Practices
July 2008

States continue to struggle with new challenges presented by a growing portfolio of electronic records and digital content that must be preserved. Within this context, the issue of electronic records management has emerged as a high-priority policy and technology issue for State CIOs. This issue is now driven by emerging trends such as of new Web 2.0 collaboration tools that create e-records in forms that are transitory, yet still document the business of government, the vulnerability of essential e-records during disasters and a growing emphasis on transparency and accountability in state government, including online public access to records on spending, performance, procurements and contracts. This research brief underscores the need for enterprise collaboration for e-records management, provides information on fundamental concerns, outlines a framework for action and provides best practice examples from the states.

Green IT in Enterprise Practices: The Essential Role of the State CIO
May 2008

Green IT has become one of the fastest-growing trends in IT today, across all sectors and levels of government. Examining the ways in which state CIOs can become involved in shaping and promoting green IT practices and policies, this brief explores the critical role that state CIOs play in reducing their state’s carbon footprint. Featuring examples of successful green IT initiatives in state enterprise practices today, this brief highlights the many ways in which states are managing their IT hardware as well as utilizing technology to reduce their carbon footprint. With the states taking the lead in many aspects of green efforts nationwide, state CIOs have an opportunity to move the green benefits of an initiative to the forefront of strategic thinking and project planning, and this brief provides several starting points from which state CIOs can begin on the path to incorporate green IT efforts into their enterprise practices.

Data Governance - Managing Information As An Enterprise Asset: Part I - An Introduction
April 2008

Data governance entails a universe of concepts, principles, and tools intended to enable appropriate management and use of the state’s investment in information.  Part I on data governance presents an introduction that describes the basic concepts.  Governance, and particularly data governance, is an evolutionary process.  It begins with an understanding of the current investment and then manages that investment toward greater value for the state.

The Workforce Evolution: Recruiting and Retaining State IT Employees
April 2008

An upcoming shortage of state IT government workers is predicted by many to be evident and quickly approaching.  As the state IT workforce begins to face the challenges of a potential worker shortage, and as it evolves to reflect the modern workforce of the future, employee recruitment and retention tactics must be examined in order to attract and retain top IT talent.  A product of NASCIO’s State IT Workforce Working Group, this brief focuses on these recruitment and retention tactics for state CIOs by examining traditional and innovative recruitment strategies, successful retention initiatives and state best practices in each of these areas.  By taking steps to augment a potential state IT worker shortage, state CIOs will be better prepared to face these challenges as they arise.

IT Governance and Business Outcomes – A Shared Responsibility between IT and Business Leadership
March 2008

IT Governance is all about ensuring that state government is effectively using information technology in all government lines of business. This requires that the decision rights for IT investments and deployment are properly shared between the business and IT functions within state government. This issue brief provides an introduction to this very broad topic.

At Risk! Securing Government in a Digital World At Risk! Securing Government in a Digital World
January 2008

Technology makes so much possible for government. Yet, when a security breach disrupts government operations—the results can be disastrous.

How serious are the threats against government operating in a digital age? It is like fighting a storm that never ends. The threats are everywhere—outside and inside—and they are there all the time. Always changing and adapting.

Is your government ready to deal with security risks in a digital age?


The Search Is On: State CIO Starting Points for E-Discovery
November 2007

In its September 2007 Issue Brief entitled “Seek and Ye Shall Find? State CIOs Must Prepare Now for E-Discovery!”, NASCIO raised the importance of State CIO involvement in e-discovery and the need for collaborative state electronic records management activities to properly address e-discovery requests. In this follow-up Research Brief, NASCIO provides starting points for State CIOs to improve the state’s ability to successfully address legal requests for electronic information.

Topics include:

  • Getting Started on Electronic Records Management
  • Managing an Electronic Records Management Initiative
  • The Role of Records Retention Schedules · The Challenge of Retrieving Electronic Information
  • Electronic Records Management Training and Awareness for State Employees

Connecting State and Local Government: Collaboration through Trust and Leadership
November 2007

Citizen demand for efficient government often drives state agencies to seek out opportunities to deliver traditional services in non-traditional ways. Engaging in cross-boundary collaboration can be a way for states to leverage costs while providing citizens with streamlined services. Such collaboration is inevitable for state CIOs and this brief, a product of NASCIO’s Cross-Boundary Collaboration Committee, explores the unique challenges and opportunities of cross-boundary collaboration between state and local government entities. Highlighting successful examples of state-local collaborations already underway, this brief features the governance and financial models that were utilized for these collaborations. In addition, this brief examines the unique challenges facing state-local challenges and explores the ways in which states and localities can work together to achieve success and to lay the groundwork for future collaborative efforts.

Pandemic Planning and Response for State IT: Where’s My Staff?
November 2007

Without the flow of electronic information, government comes to a standstill. When a state’s data systems and communication networks are disrupted, the problem can be serious and the impact farreaching. The consequences can be much more than an inconvenience. Serious disruptions to a state’s IT systems can lead to public distrust, chaos, fear and potential loss of life. Traditionally, IT disruptions are planned for based on anticipated disasters both natural and manmade that can physically damage facilities and equipment. However, we live in a time that holds the potential for a pandemic outbreak in your city, state or possibly the nation. What would you do as state chief information officer (CIO) if one day your staff did not come to the office because of a pandemic outbreak?

Electronic Records Management and Digital Preservation: Protecting the Knowledge Assets of the State Government Enterprise
Part III: Management Leads and Technology Follows – But Collaboration is King!

October 2007

This research brief concludes the current NASCIO series on the subject of electronic records management and digital preservation. This subject area is very broad and has multiple dimensions, perspectives and challenges for the state IT community. The objective for the series is to highlight some of the key issues and make relevant recommendations to the state CIO. Ultimately, electronic records management and digital preservation must be a shared responsibility with understanding and support from the state CIO. Everyone within state government must play their part in managing the digital assets of the state.

State IT Workforce: Here Today, Gone Tomorrow? State IT Workforce: Here Today, Gone Tomorrow?
October 2007

The predicted shortage in the state government IT workforce has been discussed and debated for a decade. A product of NASCIO’s Corporate Leadership Council (CLC) Public Private Partnership Working Group, State IT Workforce: Here Today, Gone Tomorrow? is a research survey that was designed to assess the current and future landscape of the state IT workforce. Covering such topics as anticipated state IT workforce retirements, employee recruitment and retention, and options for future state IT staffing and service structures, this online survey garnered 46 state responses—among the highest response rates of any NASCIO survey. The results of this survey provide states with a broad perspective on state IT workforce issues as a whole, and also allow CIOs to further assess the IT employment outlook within their respective states.

2007 Best Practices in the Use of Information Technology in State Government 2007 Best Practices in the Use of Information Technology in State Government
October 2007

Released in conjunction with NASCIO's 2007 Best Practices in the Use of Information Technology in State Government Awards, this booklet contains summaries of innovative state government programs in the following areas: Business Continuity and Disaster Recovery ; Cross-Boundary Collaboration and Partnerships; Data, Information and Knowledge Management; Digital Government – G to B; Digital Government – G to C; Digital Government – G to G; Enterprise IT Management Initiatives; Information Communications Technology Innovations; Information Security and Privacy; and IT Project and Portfolio Management.

Profiles of Progress II: State Health IT Initiatives Profiles of Progress II: State Health IT Initiatives
September 2007

State governments are increasingly utilizing health information technology initiatives in order to reduce healthcare cost and improve patient care.  A product of NASCIO’s Health IT Working Group, this compendium provides a state-by-state “snapshot” of progress that each state has made in introducing health information technology (HIT) initiatives.  Each individual state profile features ways in which states are working toward HIT development and implementation.   An updated version of NASCIO’s 2006 document, this compendium highlights the rapid growth of state health IT initiatives and specifically examines the role of the state CIO in these efforts.

Seek and Ye Shall Find? State CIOs Must Prepare Now for E-Discovery
September 2007

In increasingly consolidated state technology environments, State CIOs may have heightened responsibility for the storage, preservation and retrieval of electronic information in response to e-discovery requests. Since government information is a knowledge asset, State CIOs must ensure the proper management of state information assets in addition to the technological infrastructure for locating and retrieving that information. This issue brief explains the impact for State CIOs of e-discovery requests and encourages State CIOs to pursue a holistic approach to enterprise records management as part of a team of state government stakeholders, including state legal counsel, archivists, records managers, and agency business leaders.

IT Security Awareness and Training: Changing the Culture of State Government
August 2007

Most state government employees use technology to do their daily work, yet they may not realize the dramatic consequences that can flow from one mistake. As data breaches and security incidents that originate from within state government appear to be on the rise, cultural change is needed. All state employees need to understand that IT security is everyone’s job and understand how to use the state’s IT resources in a way that does not create the risk of a security incident. NASCIO’s Research Brief, "IT Security Awareness and Training: Changing the Culture of State Government" , highlights awareness and training activities that State CIOs can implement to avoid internal threats that can lead to a full-on state government crisis. To assist CIOs in pursuing these efforts, this brief includes many examples of awareness and training activities that are currently taking place with the states. This brief is a product of NASCIO’s Information Security and Privacy Committee.

Survey on Enterprise Data Center Consolidation in the States: Strategies and
Business Justification Survey on Enterprise Data Center Consolidation in the States: Strategies and Business Justification
August 2007

A product of NASCIO's Infrastructure and Services Committee, this survey report provides an overview of the challenges states’ indicated they are facing in considering and implementing enterprise IT data center consolidation initiatives. NASCIO surveyed twenty-nine states concerning their data center consolidation initiatives. The survey, conducted through June 22, 2007, represents approximately 46 percent of the nations’ population. Participation included a wide distribution in geography, population, and budget.

On the Road to RHIO: What State CIOs Need to Know
July 2007

A product of NASCIO’s Health IT Working Group, this brief examines the ways in which state CIOs can be involved in RHIO efforts in their states and emphasizes the importance for state CIOs to be aware of developments in health information exchange. It also explores the opportunities and challenges that all RHIOs face, despite the unique characteristics they each hold, and features real-world examples of how state CIOs are already involved in their state’s RHIO efforts.

Electronic Records Management and Digital Preservation: Protecting the Knowledge Assets of the State Government Enterprise
PART II: Economic, Legal, and Organizational Issues

July 2007

NASCIO continues its series on electronic records management and digital preservation with Part II which focuses on economic, legal, and organizational issues and recommended actions for State CIOs.  Part II builds on the theme that the state CIO and the state enterprise architect will need to view electronic records management and digital preservation as disciplines that comprise an enterprise architecture domain.  Partnering with the state’s archivists, librarians, and records managers to fully leverage their expertise will help ensure the state’s knowledge assets are managed for value with a long term view.  eDiscovery and offshoring present significant challenges to the state enterprise.  CIOs will need to build their awareness of these subject areas and author necessary compliance and risk management strategies.

IT Disaster Recovery and Business Continuity Tool-kit: Planning for the Next Disaster
June 2007

A product of NASCIO's Disaster Recovery Working Group, this tool-kit is designed to assist state CIOs and their staff in IT disaster recovery and business continuity planning. It is an updated and expanded version of business continuity and disaster preparedness checklists utilized for a brainstorming exercise at the “CIO-CLC Business Continuity/ Disaster Recovery Forum” at NASCIO’s 2006 Midyear Conference.

Electronic Records Management and Digital Preservation: Protecting the Knowledge Assets of the State Government Enterprise
PART I: Background, Principles and Action for State CIOs

May 2007

Electronic records management and digital preservation are necessary disciplines for managing the knowledge assets of the enterprise. Attention to these disciplines must be part of every IT investment decision. The lifecycle of "born digital" is presented with emphasis on the decision making process at each major phase. The series will present the current issues and recommendations for action. This first release in this series deals with the principles of records management, and highlights the most significant challenges facing the states.

Getting Started in Cross-Boundary Collaboration: What State CIOs Need to Know
May 2007

State agencies are increasingly crossing organizational boundaries and combining resources in order to achieve joint goals, produce innovation and serve citizens. This brief examines the drivers behind cross-boundary collaboration and outlines the top ten considerations for state CIOs at the outset of collaboration. This brief not only illustrates why state CIOs should consider cross-boundary collaboration and how collaboration begins, but also identifies various types of collaboration, and provides tangible success stories and lessons learned.

Transforming Government through Change Management: The Role of the State CIO Transforming Government through Change Management: The Role of the State CIO
April 2007

This white paper reviews contemporary ideas surrounding the subject of organizational transformation, presents a state perspective on the issue, and provides the state CIO with relevant recommendations and calls to action. The accompanying research summary provides a short overview of the research findings presented in the white paper.

The paper illustrates that change is an ongoing process that requires organizations to become change competent. It emphasizes that as with enterprise architecture, the best approach to organizational change involves incremental, step-by-step transformation that is effectively delivered through valued relationships involving all stakeholders.

Insider Security Threats: State CIOs Take Action Now!
April 2007

This brief examines the often overlooked threats from within. Media attention has focused primarily on external threats with federal government and industry reports revealing alarming hacking and identity theft statistics. However, threats from within both public and private sector organizations may be even more prevalent than external threats and can have equally if not more serious consequences.

This brief discusses five significant insider threats and provides insight on ways to prevent, detect and respond to them. The threats are as follows:

  • Malicious Employees
  • Inattentive, Complacent or Untrained Employees
  • Contractors and Outsourced Services
  • Insufficient IT Security Compliance, Oversight, Authority and Training
  • Pervasive Computing-Technology is Everywhere and Data is on the Move

Government At Risk: Protecting Your IT Infrastructure Government At Risk: Protecting Your IT Infrastructure
March 2007

Without the flow of electronic information, government comes to a standstill. When a state’s data systems and communication networks are damaged and its processes disrupted, the problem is serious and the impact far-reaching.

The consequences can be much more than an inconvenience. Serious mistakes may lead to public distrust, chaos and fear. It can mean a loss of vital digital records and legal documents. A loss of productivity and accountability. And a loss too of revenue and commerce.

How real is the possibility? It’s not a question of if—but a question of “who” and “when."

Copyright © NASCIO 2007. All rights reserved. Public distribution is prohibited without express written NASCIO permission.


Harmony Helps: A Progress Report on State Government Internet Presence
March 2007

This brief explores how state web portals have matured and examines the impact of the 2003 expansion of the dot-gov domain to state and local governments; trends in state portal domain naming conventions;  trends in Internet portal branding and marketing; the alignment of agency websites and state email addressing with the state portal; areas of cross-boundary collaboration for online services; and areas for future progress in cross-boundary collaboration for online services.

The New and Improved DST: Are You Ready?
February 2007

This issue brief calls attention to the change in Daylight Savings Time in 2007, as a provision of the United States Energy Policy Act of 2005, and gives pointers to state CIO’s about how the change may affect their applications and systems.

Building Better Government through Enterprise Architecture Building Better Government through Enterprise Architecture
February 2007

State government is becoming increasingly more complex.  Policy makers are facing significant challenges ranging from global economics to rising citizen expectations to ongoing fiscal crisis.  How can today's policy maker manage the complexity of state government in today's world?  The answer is the discipline of enterprise architecture.

2006 Compendium of Recognition Awards for Outstanding Achievement in the Field of Information Technology 2006 Compendium of Recognition Awards for Outstanding Achievement in the Field of Information Technology
December 2006

A product of NASCIO’s Recognition Awards program, this compendium highlights the most innovative initiatives and best practices identified from this year’s record number of submissions. Included are the complete nomination materials from the twelve award-winning initiatives as well as the projects commended with honorable mentions.

Staying Connected to Your Customers: Strategies and Tactics to Grow Enterprise IT Services
December 2006

This brief covers the topic of utilizing CRM strategies and tactics to sustain and grow relationships with agencies once the CIO has established buy-in for consolidated and shared enterprise services.

Profiles of Progress: State Health IT Initiatives Profiles of Progress: State Health IT Initiatives
November 2006

A product of NASCIO’s Health IT Committee, this compendium provides a state-by-state “snapshot” of progress that each state has made in the health information technology (HIT) implementation process. Each individual state profile highlights the steps that states are taking in regards to HIT issues, from Executive Orders and legislative-driven initiatives to public/private or public/non-profit partnerships. Most importantly, the compendium examines the roles and responsibilities the state CIO has in these efforts.

Best Practices in the Use of Information Technology in State Government Best Practices in the Use of Information Technology in State Government
October 2006

Released in conjunction with NASCIO's 2006 Best Practices in the Use of Information Technology in State Government Awards, this booklet contains summaries of innovative state government programs in the following areas: Business Continuity; Cross-Boundary Collaboration and Partnerships; Data, Information and Knowledge Management; Digital Government – G to B; Digital Government – G to C; Digital Government – G to G; Enterprise Architecture; Enterprise IT Management Initiatives; Information Communications Technology Innovations; and IT Project and Portfolio Management.

Looking to the Future: Challenges & Opportunities for Government IT Project Management Offices Looking to the Future: Challenges & Opportunities for Government IT Project Management Offices
October 2006

This brief, developed by NASCIO's State IT Project Management (PM) Forum, addresses several of the top state government challenges including portfolio management and strategic planning, PM skill maturity, political risks, structures/organizations, procurement processes/rules, as well as funding models and spending cultures particular to government.

Keeping the Citizen Trust: What a State CIO Can Do To Protect Privacy
October 2006

This Research Brief examines how privacy in the state government context has evolved as a defining issue in response to rapidly changing technological advances and the complexities of a fast-paced world. The brief then explores some initial areas in which a state CIO may encounter privacy issues, including in the context of IT governance, enterprise architecture, policy, security and business processes, and offers some potential ways of addressing those issues.

Relationships Matter: Customer Service Strategies to Promote Enterprise Services
October 2006

This brief provides an overview of the challenges state CIOs face when promoting enterprise services under statewide IT consolidation and shared services initiatives. The brief also identifies methods for achieving strategic initiatives using proven customer service strategies and examines the types of business processes used to successfully launch and promote consolidation and shared enterprise services.

A Current View of the State CISO: A National Survey Assessment
September 2006

These aggregate survey results reflect a snapshot of the state CISO role as of summer 2006. The survey results indicate that the state CISO position has become highly prevalent and is evolving into a state IT security policy and strategy leader. The survey was conducted during the preparation of NASCIO's July 2006 Research Brief entitled Born of Necessity: The CISO Evolution-Bringing the Technical and the Policy Together.

Bowling for Broadband 2: Toward Citizen-Centric, Broadband-Based E-Government
August 2006

This brief highlights the continued evolution of the broadband environment and the need for states to understand both the enhanced public service opportunities and citizen expectations of high-speed Internet access.

Born of Necessity: The CISO Evolution--Bringing the Technical and the Policy Together
July 2006

This brief examines the role of the state Chief Information Security Officer (CISO) as it has evolved in response to the growing complexities of the IT threat environment, homeland security concerns, and the increasing demands for enhanced citizen services. Specific points this brief addresses include critical success factors for state CISOs, the importance of a CISO’s relationship-building across the state and among levels of government, and a few predictions on the future evolution of the state CISO.

Keys to Collaboration: Building Effective Public-Private Partnerships
June 2006

This research brief explores the role of public-private partnerships in the increasingly technology-driven public sector. It also provides a look at best practices and building blocks for successful public-private partnerships.

NASCIO Enterprise Architecture SOA Webinar Archive CD
June 2006

This CD contains audio and presentation files from the 2006 NASCIO Enterprise Architecture Committee's webinar series on Services-Oriented Architecture. Topics include:

  • SOA and Decision-Support Services for Government Operations
  • The Value Add of a Spatially Enabled Service Oriented Architecture
  • SOA - Making It A Reality
  • Deploying SOA for Criminal Justice: Iowa & Colorado Case Studies
  • Delivering Greater Government Flexibility with Service Oriented Architecture
  • Service Infrastructure: A Practical Approach to SOA for an Enterprise
  • SOA Adoption Model and SOA-Based Project Methodology: Emerging Best Practice for SOA Governance

Service Oriented Architecture: An Enabler of the Agile Enterprise
May 2006

This brief identifies what state CIOs need to know now regarding Service Oriented Architecture (SOA), including its business value, the vision for SOA, SOA governance, SOA as a program and SOA security.

The IT Security Business Case: Sustainable Funding to Manage the Risks
May 2006

This brief takes a holistic approach to constructing the case for enterprise IT security investment by outlining for the state CIOs the following steps:

  • Understanding state government’s IT environment that drives the need for security
  • Starting with an enterprise-wide IT risk assessment
  • Making the case for IT security through demonstrating the risks (bolstered by the IT risk assessment results), the benefits of security, and how security aligns with the state’s business needs.

Survey on IT Consolidation and Shared Services in the States: A National Assessment Survey on IT Consolidation and Shared Services in the States: A National Assessment
May 2006

NASCIO is pleased to announce the release of its survey summary publication, NASCIO’s Survey on IT Consolidation and Shared Services in the States: A National Assessment. A product of NASCIO's 2005 IT Governance & Service Reform Committee, this survey summary provides an overview of the challenges states’ indicated they are facing in considering and implementing enterprise IT consolidation and shared services initiatives.

IT Consolidation and Shared Services: States Seeking Economies of Scale
March 2006

A National Framework for Collaborative Information Exchange: What is NIEM?
March 2006

The NIEM initiative is in its beginning stages but is already anticipated to be a major breakthrough initiative, which will have a tremendous impact on how government interoperates with the intention of making possible the communication among government lines of business at all levels of government.

This brief both summarizes the intention of this national initiative and provides guidance on participation in this effort.

The (IT) Doctor is In: The Role of the State CIO in Health IT
February 2006

The brief is intended to help state CIOs—along with other stakeholders and policymakers—determine the appropriate role of the state CIO in guiding their states’ enterprise IT in keeping with the larger national effort to save lives and money in healthcare.

Findings from NASCIO’s Cybersecurity Survey
January 2006

We Need to Talk: Governance Models to Advance Communications Interoperability
November 2005

This research brief provides an overview of the challenges states face in developing communications interoperability initiatives and also attempts to answer questions such as, "What needs to be addressed when contemplating a communications interoperability initiative; and what is being done at the state and federal levels to develop communications interoperability governance models?" It includes other factors that are impacting governance in interoperability and offers references to models that have been successfully completed by other states.

Discipline Succeeds: Findings from the NASCIO State IT PM Assessment Discipline Succeeds: Findings from the NASCIO State IT PM Assessment
November 2005

The National Association of State Chief Information Officers (NASCIO) surveyed state IT project managers concerning their approaches to IT project management in August-September of 2005. The trends discovered in responses from 34 state project management offices reveal a baseline regarding perceived success of project management as an overarching discipline in state government.

The States and Enterprise Architecture: How Far Have We Come? Findings from the NASCIO 2005 EA Assessment
October 2005

NASCIO conducted a survey or "census" of the U.S. states to assess the level of enterprise architecture (EA) adoption and the experience with the NASCIO EA portfolio of products. NASCIO and the U.S. Department of Justice are interested to know the progress made in building awareness and EA capabilities at the state level. This survey effort and report supports the NASCIO program management function, which is responsible for measuring ongoing progress and effectiveness of NASCIO programs and initiatives.

Best Practices in the Use of Information Technology in State Government Best Practices in the Use of Information Technology in State Government
October 2005

Released in conjunction with NASCIO's 2005 Best Practices in the Use of Information Technology in State Government Awards, this booklet contains summaries of innovative state government programs in the following eight areas: Communications Infrastructure, Digital Government – G to B, Digital Government – G to C, Digital Government – G to G, Enterprise Information Architecture, Innovative Use of Technology, Security & Business Continuity, and State IT Management Initiatives.

IT Procurement and Enterprise Architecture: Recognizing the Mutual Benefits
October 2005

This brief highlights the benefits of a closer alignment between IT Procurement and Enterprise Architecture (EA), which includes improving and streamlining IT investment decisions in a way that supports the state’s overall strategic goals and intent. It also identifies “touchpoints” at which these two disciplines can establish stronger ties and concludes with recommendations on how states can start down the path to greater EA-IT Procurement alignment.

NASCIO Enterprise Architecture Business Case Summary
October 2005

NASCIO has collected success stories from a variety of sources including its various awards programs. NASCIO members have found that success stories provide an invaluable dimension of the underlying analysis when presenting the business case for EA related projects. These are now being made available to the greater NASCIO community to provide anecdotal information for developing a strong business case for EA. Much can be learned from these experiences and the reader is encouraged to contact the original source for any additional information or comment regarding those success stories that are most relevant.

The Year of Working Dangerously: The Privacy Implications of Wireless in the State Workplace—Part II
September 2005

Part II of this brief provides privacy policy and security measures to help states address the potential privacy implications of wireless technologies identified in Part I.

The Year of Working Dangerously: The Privacy Implications of Wireless in the State Workplace—Part I
August 2005

Part I identifies the privacy implications of wireless technologies in the state workplace, including the privacy implications of mobile technologies such as laptop computers, PDAs and other similar devices.

Enterprise Repositories Issue Brief
August 2005

NASCIO has identified the need for a repository for sharing a variety of enterprise artifacts, presentations, and white papers across the NASCIO community. CORE.gov is the preferred repository for meeting the needs of state and territorial government. This research brief describes the issues, constraints, options and recommendations.

IT Management Frameworks: A Foundation for Success
August 2005

NASCIO’s IT Governance & Service Reform Committee is proud to present IT Management Frameworks: A Foundation for Success. This research brief provides an overview of four successful IT Management frameworks that can improve investment decisions, accountability, and management of IT organizations. These successful frameworks represent a variety of management approaches that emphasize the different disciplines of investment management, service oriented management, and line of business or process management. They include the North Carolina Framework for Managing IT Investments; the Government Accountability Office IT Investment Management Framework; the IT Infrastructure Library; and, the Federal Business Reference Model.

Connecting the Silos: Using Governance Models to Achieve Data Integration
June 2005

NASCIO’s Interoperability & Integration Committee is proud to present Connecting the Silos: Using Governance Models to Achieve Data Integration. This research brief attempts to answer questions such as, “What needs to be addressed when contemplating an information integration initiative, and what is being done in the states and at the federal level to develop information integration governance models?” It also includes other factors that are impacting governance in integration and offers references to models that have been successfully completed by other states and links to resources on information sharing. The committee is currently exploring the following topics for future briefs: Interoperability Governance; Legal Ownership of Shared Data; Data Standards; Master name Indices; and Integration Maturity Models.

TLK2UL8R: The Privacy Implications of Instant and Text Messaging Technologies in State Government
May 2005

This brief explores the privacy implications of Instant Messaging (IM) applications—both consumer and enterprise-grade—in the context of the state workplace. It also addresses the privacy implications of text messaging and chat technologies.

Getting What You Need on the Way to the Win-Win! Leveraging the RFP in State Technology Procurements
May 2005

This publication was co-produced by NASCIO and NASPO (National Association of State Procurement Officials). This brief provides a broad view of how a variety of stakeholders can use the RFP (Request for Proposal) process to the state’s and the citizens’ benefit.

VoIP and IP Telephony: Planning for Convergence in State Government VoIP and IP Telephony: Planning for Convergence in State Government
May 2005

The keen interest in Voice over Internet Protocol (VoIP) and Internet Protocol (IP) Telephony and its accelerated adoption rate has led to the realization that the long-established Public Switched Telephone Network (PSTN) voice business model will be facing its end of life in the next 10 to 15 years. This report, a product of NASCIO's Infrastructure Subcommittee, is intended to provide an understanding of the fundamental issues facing organizations as they assess VoIP and IP Telephony. It contains a description of the operation and functionality of the legacy PSTN, an explanation of voice transport over the Internet and IP Telephony, and a discussion of the issues and drivers associated with the migration from the PSTN to converged voice and data networks.

2004-05 NASCIO Compendium of Digital Government 
in the States 2004-05 NASCIO Compendium of Digital Government in the States
May 2005

The Most Complete Compilation of Objective Data on Digital Government in the States
NASCIO is proud to announce the release of the 2004-05 Compendium of Digital Government in the States, a great reference source for government decision makers, IT solutions providers, consultants, and academic researchers as well as the nation's emerging digital citizenry. The Compendium is your source for up-to-the-minute information on digital government initiatives in the states, including:

  • Executive IT Authority
  • Enterprise IT Management
  • IT Financial Management and Funding
  • Access, Usability, and Visibility
  • Privacy, Security, and Reliability
  • Application Development, E-Commerce, and Internal Automation

Complimentary copies of this publication are available to government and academic organizations. Contact Shawn Karrick at svaughn@NASCIO.org.


Negotiating IP on the Way to the Win-Win: NASCIO’s Intellectual Property Recommendations
March 2005

These recommendations seek to identify state and contractor interests regarding the ownership of IP and suggest realistic considerations to help make the negotiation of IP rights easier and more successful for all involved.

PERSPECTIVES - Government Information Sharing: Calls to Action PERSPECTIVES - Government Information Sharing: Calls to Action
March 2005

NASCIO is pleased to announce the release of a new publication on the subject of information sharing. NASCIO has pulled together interviews and articles from a variety of contributors from integrated justice, homeland security, environmental protection, transportation, public health and economic development. Perspectives includes discussions from federal, state and county government. Not so surprisingly, according to the contributors to this first issue of Perspectives, technology is not the major barrier. This report presents barriers to information sharing and the “Calls to Action” to overcome these barriers.

Welcome to the Jungle: The State Privacy Implications of Spam, Phishing and Spyware
February 2005

This brief explores the privacy implications for state government created by the threats of spam, phishing and spyware and potential ways of preventing and mitigating this triple threat to state IT systems.

The Real Phantom Menace: Spyware and its State Implications
January 2005

This brief addresses the security, privacy, citizen trust and business process-related implications of spyware and other forms of malware for state government IT systems and suggests some potential technical, legal and awareness-raising solutions for the menace of malware.

Who Are You? I Really Wanna Know: E-Authentication and its Privacy Implications
December 2004

This brief explores the business drivers behind e-authentication and the privacy implications that states and others should consider in pursuing e-authentication efforts.

Enterprise Architecture Development Tool-Kit v3.0 Enterprise Architecture Development Tool-Kit v3.0
October 2004

The enhancements in the third version of the Tool-Kit result from the expertise and continued dedication of enterprise architecture practitioners from all levels of government and the private sector. Version 3.0 incorporates an updated governance architecture framework with added roles and responsibilities and a focus on multi-level communication. Process models with explanatory narrative are included for governance and the architecture lifecycle. The Tool-Kit also includes fully populated security domain and application domain blueprints.

In Hot Pursuit: Achieving Interoperability Through XML In Hot Pursuit: Achieving Interoperability Through XML
October 2004

CD version is higher quality than the streaming version.

Enterprise Architecture Assessment Tour Report Enterprise Architecture Assessment Tour Report
October 2004

2004 Best Practices in the Use of Information Technology in State Government 2004 Best Practices in the Use of Information Technology in State Government
September 2004

Released in honor of NASCIO's 2004 Best Practices in the Use of Information Technology in State Government Awards, this booklet contains summaries of eight innovative government programs in the areas of Communications Infrastructure, Digital Government, Enterprise Information Architecture, Innovative Use of Technology, Security and Business Continuity, and State IT Management Initiatives.

Bowling for Broadband: The Role of the State CIO in Promoting High-Speed Internet Access
September 2004

Think Before You Dig: The Privacy Implications of Data Mining & Aggregation
September 2004

This brief examines the business benefits and privacy issues related to government’s use of data-mining technologies. It also takes a look at high-profile government data-mining programs and suggests ways to infuse privacy protections and transparency into government’s use of data-mining technologies.

Walking the Road to the Win-Win: NASCIO Procurement Subcommittee’s Recommendations on Liability Limitations for State IT Contracting
September 2004

These recommendations are intended to elucidate the various state and vendor interests that are involved in negotiating liability limitations and to help states and vendors negotiate better IT contract liability limitations that are “win-win” for both sides.

Wireless in the Workplace: A Guide for Government Enterprises Wireless in the Workplace: A Guide for Government Enterprises
April 2004

The use of wireless technology in our personal lives has become almost commonplace with the proliferation of cell phones, personal digital assistants and wireless PC modems. Our demand for anytime, anywhere communications and access to information is quickly spreading to the workplace. Wireless local area networks (WLANs) and Wi-Fi “hot spots” are sprouting up everywhere, yet many individuals and organizations fail to fully understand the security risks of this inherently open technology and expose their systems unnecessarily.

This publication is intended to help government enterprises make informed decisions about wireless technology and guide IT professionals through the opportunities and challenges of working in the wireless world. It highlights key issues such as:

  • wireless applications & uses
  • wireless technology options
  • wireless standards
  • wireless security
  • wireless network management & performance
  • wireless installation & maintenance

HAVA (the Help America Vote Act 2002)—A Briefing Paper
April 2004

This briefing paper provides an overview of the Help America Vote Act of 2002 (HAVA) and explores its IT-related challenges as well as NASCIO’s role in helping states to implement the Act.

Information Privacy: A Spotlight on Key Issues Information Privacy: A Spotlight on Key Issues
February 2004

NASCIO is pleased to announce the release of its newest publication, Information Privacy: A Spotlight on Key Issues. This publication, produced by the Privacy committee, serves as a resource for states developing privacy policies that protect citizen information and are compliant with federal and state legal requirements. This publication highlights key issues in the following areas of privacy: Children’s Information, Drivers’ Information, Health Information, Financial Information, Education Information, Social Security Numbers, Homeland Security-Related Information, Website Privacy Policies, and Government Data Matching Activities and Agreements.

In addition, the publication includes state examples for many of these areas of information privacy, an overview of recent privacy events at the federal level and a glossary of privacy related terms.

Digital Government
January 2004

Architecture: A Blueprint for Better Government
January 2004

Enterprise Architecture – Government Leader Perspective
January 2004

Enterprise Architecture – Information Technology Professional Perspective
January 2004

Enterprise Architecture Maturity Model Enterprise Architecture Maturity Model
December 2003

An adaptive, dynamic enterprise architecture enables the enterprise to change and manage the complexities inherent in large government enterprise. Enterprise architecture brings an operating discipline to the organization and prescribes the necessary traceability from strategic intent to the capabilities that enable that intent. These capabilities include both business and technology components. Enterprise architecture doesn’t happen at once. It is an iterative, maturing discipline that provides management the operating discipline for organizing and engaging business and technology components to fulfill the mission of the organization. This maturity model provides a scale or metric for understanding where the organization is in its evolving discipline, and what steps are required to take it to the next level of maturity.

The NASCIO Enterprise Architecture Maturity Model provides a path for architecture and procedural improvements within an organization. As the architecture matures, predictability, process controls and effectiveness also increase. Development of the enterprise architecture is critical because it provides the rules and definition necessary for the integration of information and services at the design level across agency boundaries. Enterprise architecture includes business processes and representations, and supportive technology components. At its fullest maturity, enterprise architecture becomes an inter-enterprise concept and prescribes the infrastructure for inter-enterprise business processes and provides the design for allowing data to flow from agency to agency, just as water flows through the pipes and electricity flows through the wiring of a well planned home.

Enterprise Architecture Maturity Model Validation Report
December 2003

Innovative Funding for Innovative State IT Innovative Funding for Innovative State IT
November 2003

During the past several years, many states have found it increasingly difficult to obtain funding for state IT projects through traditional means, such as via appropriations from the state general fund. In spite of these tight economic times, citizens’ demand for improved ways of doing business with state government and 24 x 7 access to government services has remained strong. The purpose of Innovative Funding for Innovative State IT: New Trends and Approaches for State IT Funding is to provide states with innovative avenues of funding so that they can provide citizens with the government services they demand. This publication details eleven innovative funding models and provides case studies on how each model has been implemented by a state. Innovative Funding for Innovative State IT also includes a study conducted by NASCIO’s Corporate Leadership Council (CLC) that surveyed the states on the types of funding models they are currently using. The survey results from the twenty-three states that responded are included in this publication.

Innovative Funding for Innovative State IT is divided into three main sections, the first of which describes eleven innovative funding models as well as baseline requirements for implementing each model and the benefits each model may bring. The second section includes the compiled results of the CLC’s survey regarding states’ current use of innovative funding models. This section also details trends in state IT funding identified from the CLC’s survey. The third section includes case studies from nine states that exemplify how each innovative funding model has been implemented. The states that provided case studies for this publication are: Massachusetts, Texas, Minnesota, Tennessee, Ohio, Missouri, Delaware, Arizona and Hawaii. The appendices include checklists to give states a starting point for implementing each funding model as well as a chart of the CLC’s survey results and a list of other innovative funding resources.

Concept for Operations for Integrated Justice Information Sharing Version 1.0 
Concept for Operations for Integrated Justice Information Sharing Version 1.0
July 2003

ConOps provides a discipline-specific focus for justice information sharing, which in turn can be used to identify and expose broader IT architectural and infrastructure issues that must be addressed by CIOs. While this ConOps focuses primarily on information sharing in the justice arena, the concepts are applicable to any business domain.

ConOps defines the discipline-specific, business functions for integrated justice and explores the architectural implications for state CIOs, who are responsible for planning the IT enterprise architecture. Additionally, ConOps defines fundamental concepts, principles, functions and operational requirements for integrated justice information sharing, presents a scenario of integrated justice information sharing and a general methodology for states to use in validating their IT architecture for information sharing characteristics. Finally, this document articulates an action plan for the validation, implementation and expansion of this ConOps to other disciplines.

Concept for Operations for Integrated Justice Information Sharing Validation Report
July 2003

Federal Privacy Law Compendium, Version 1.0 

Federal Privacy Law Compendium, Version 1.0
April 2003

To help states identify and assess federal laws that may have privacy implications for their information systems and policies, the NASCIO Privacy Committee has developed the Federal Privacy Law Compendium, Version 1.0. It is intended to serve as a resource for summaries of federal laws that may have an impact on the privacy of citizens’ information that is entrusted to state government. The Federal Privacy Law Compendium provides a starting point for states in their assessment of whether the summarized federal privacy laws will impact state information system operations and/or policies.

The Federal Privacy Law Compendium summarizes ten federal laws that deal with the privacy of information and highlights instances of potential impact on state government. The federal privacy laws summarized are:

  • The Children’s Online Privacy Protection Act of 1998
  • The Computer Fraud and Abuse Act of 1984
  • The Computer Matching & Privacy Protection Act of 1988 & Amendments of 1990
  • The Driver’s Privacy Protection Act of 1994
  • The Electronic Communications Privacy Act of 1986
  • The Fair Credit Reporting Act of 1970
  • The Family Educational Rights and Privacy Act of 1974
  • The Gramm-Leach-Bliley Financial Services Modernization Act of 1999
  • The Health Insurance Portability and Accountability Act of 1996
  • The Privacy Act of 1974

Business Case Basics and Beyond: A Primer on State Government IT Business Cases Business Case Basics and Beyond: A Primer on State Government IT Business Cases
March 2003

This primer provides tools, concepts and a framework for addressing a number of critical challenges facing state Governors, CIOs and enterprise information technology (IT) organizations. These include leadership transitions in the offices of many Governors and in state legislatures, increasing budget deficits, the departure and replacement of state CIOs and a number of other long term concerns. These challenges will likely impact state government's ability to maintain the momentum of e-government implementation and meet the policy and service goals of the Governors in areas such as education, economic and workforce development, public safety, healthcare and the environment. Most importantly, these challenges may impact states' ability to deliver services to citizens and customers.

Proposed GSA Rule: New Policy on the .gov Domain
May 2002

This brief provides an overview of the Proposed Rule promulgated by the U.S. General Services Administration (GSA) that made the .gov Top-Level Internet domain available for states, local governments and Native Sovereign Nations to register domain names for their official government websites.

NASCIO Justice Report - Toward National Sharing of Governmental Information NASCIO Justice Report - Toward National Sharing of Governmental Information
February 2000



.

Capitals in the Clouds Part IV – Cloud Security: On Mission and Means States Run on IT Newsbrief Subscriptions