Password:
Born of Necessity: The CISO Evolution--Bringing the Technical and the Policy Together July 2006
This brief examines the role of the state Chief Information Security Officer (CISO) as it has evolved in response to the growing complexities of the IT threat environment, homeland security concerns, and the increasing demands for enhanced citizen services. Specific points this brief addresses include critical success factors for state CISOs, the importance of a CISO’s relationship-building across the state and among levels of government, and a few predictions on the future evolution of the state CISO.
Bowling for Broadband 2: Toward Citizen-Centric, Broadband-Based E-Government August 2006
This brief highlights the continued evolution of the broadband environment and the need for states to understand both the enhanced public service opportunities and citizen expectations of high-speed Internet access.
Bowling for Broadband: The Role of the State CIO in Promoting High-Speed Internet Access September 2004
Connecting the Silos: Using Governance Models to Achieve Data Integration June 2005
NASCIO’s Interoperability & Integration Committee is proud to present Connecting the Silos: Using Governance Models to Achieve Data Integration. This research brief attempts to answer questions such as, “What needs to be addressed when contemplating an information integration initiative, and what is being done in the states and at the federal level to develop information integration governance models?” It also includes other factors that are impacting governance in integration and offers references to models that have been successfully completed by other states and links to resources on information sharing. The committee is currently exploring the following topics for future briefs: Interoperability Governance; Legal Ownership of Shared Data; Data Standards; Master name Indices; and Integration Maturity Models.
Connecting State and Local Government: Collaboration through Trust and Leadership November 2007
Citizen demand for efficient government often drives state agencies to seek out opportunities to deliver traditional services in non-traditional ways. Engaging in cross-boundary collaboration can be a way for states to leverage costs while providing citizens with streamlined services. Such collaboration is inevitable for state CIOs and this brief, a product of NASCIO’s Cross-Boundary Collaboration Committee, explores the unique challenges and opportunities of cross-boundary collaboration between state and local government entities. Highlighting successful examples of state-local collaborations already underway, this brief features the governance and financial models that were utilized for these collaborations. In addition, this brief examines the unique challenges facing state-local challenges and explores the ways in which states and localities can work together to achieve success and to lay the groundwork for future collaborative efforts.
Data Governance - Managing Information As An Enterprise Asset: Part I - An Introduction April 2008
Data governance entails a universe of concepts, principles, and tools intended to enable appropriate management and use of the state’s investment in information. Part I on data governance presents an introduction that describes the basic concepts. Governance, and particularly data governance, is an evolutionary process. It begins with an understanding of the current investment and then manages that investment toward greater value for the state.
Electronic Records Management and Digital Preservation: Protecting the Knowledge Assets of the State Government Enterprise PART I: Background, Principles and Action for State CIOs May 2007
Electronic records management and digital preservation are necessary disciplines for managing the knowledge assets of the enterprise. Attention to these disciplines must be part of every IT investment decision. The lifecycle of "born digital" is presented with emphasis on the decision making process at each major phase. The series will present the current issues and recommendations for action. This first release in this series deals with the principles of records management, and highlights the most significant challenges facing the states.
Electronic Records Management and Digital Preservation: Protecting the Knowledge Assets of the State Government Enterprise PART II: Economic, Legal, and Organizational Issues July 2007
NASCIO continues its series on electronic records management and digital preservation with Part II which focuses on economic, legal, and organizational issues and recommended actions for State CIOs. Part II builds on the theme that the state CIO and the state enterprise architect will need to view electronic records management and digital preservation as disciplines that comprise an enterprise architecture domain. Partnering with the state’s archivists, librarians, and records managers to fully leverage their expertise will help ensure the state’s knowledge assets are managed for value with a long term view. eDiscovery and offshoring present significant challenges to the state enterprise. CIOs will need to build their awareness of these subject areas and author necessary compliance and risk management strategies.
Enterprise Repositories Issue Brief August 2005
NASCIO has identified the need for a repository for sharing a variety of enterprise artifacts, presentations, and white papers across the NASCIO community. CORE.gov is the preferred repository for meeting the needs of state and territorial government. This research brief describes the issues, constraints, options and recommendations.
Getting Started in Cross-Boundary Collaboration: What State CIOs Need to Know May 2007
State agencies are increasingly crossing organizational boundaries and combining resources in order to achieve joint goals, produce innovation and serve citizens. This brief examines the drivers behind cross-boundary collaboration and outlines the top ten considerations for state CIOs at the outset of collaboration. This brief not only illustrates why state CIOs should consider cross-boundary collaboration and how collaboration begins, but also identifies various types of collaboration, and provides tangible success stories and lessons learned.
Getting What You Need on the Way to the Win-Win! Leveraging the RFP in State Technology Procurements May 2005
This publication was co-produced by NASCIO and NASPO (National Association of State Procurement Officials). This brief provides a broad view of how a variety of stakeholders can use the RFP (Request for Proposal) process to the state’s and the citizens’ benefit.
Governance of Geospatial Resources: “Where’s the Data? Show Me” - Maximizing the Investment in State Geospatial Resources July 2008
Geospatial resources refer to a whole discipline around managing data with a spatial orientation or component to support better decision making. Geospatial resources include a field of knowledge, people, policies, processes, standards, and technology that are not only necessary for everyday decision making but also critical for continuity of operations and disaster recovery. A new emphasis on location aware is evidenced further as State CIOs named “GIS” on their Top Ten list of Priority Technologies for 2008. Geospatial resources are so ubiquitous anymore that state government as well as citizens and industry think “where?” regarding almost every issue. This issue brief explores government’s demand for geospatial resources and offers recommendations and calls to action for the state Chief Information Officer to meet that demand.
Green IT in Enterprise Practices: The Essential Role of the State CIO May 2008
Green IT has become one of the fastest-growing trends in IT today, across all sectors and levels of government. Examining the ways in which state CIOs can become involved in shaping and promoting green IT practices and policies, this brief explores the critical role that state CIOs play in reducing their state’s carbon footprint. Featuring examples of successful green IT initiatives in state enterprise practices today, this brief highlights the many ways in which states are managing their IT hardware as well as utilizing technology to reduce their carbon footprint. With the states taking the lead in many aspects of green efforts nationwide, state CIOs have an opportunity to move the green benefits of an initiative to the forefront of strategic thinking and project planning, and this brief provides several starting points from which state CIOs can begin on the path to incorporate green IT efforts into their enterprise practices.
Harmony Helps: A Progress Report on State Government Internet Presence March 2007
This brief explores how state web portals have matured and examines the impact of the 2003 expansion of the dot-gov domain to state and local governments; trends in state portal domain naming conventions; trends in Internet portal branding and marketing; the alignment of agency websites and state email addressing with the state portal; areas of cross-boundary collaboration for online services; and areas for future progress in cross-boundary collaboration for online services.
HAVA (the Help America Vote Act 2002)—A Briefing Paper April 2004
This briefing paper provides an overview of the Help America Vote Act of 2002 (HAVA) and explores its IT-related challenges as well as NASCIO’s role in helping states to implement the Act.
Insider Security Threats: State CIOs Take Action Now! April 2007
This brief examines the often overlooked threats from within. Media attention has focused primarily on external threats with federal government and industry reports revealing alarming hacking and identity theft statistics. However, threats from within both public and private sector organizations may be even more prevalent than external threats and can have equally if not more serious consequences.
This brief discusses five significant insider threats and provides insight on ways to prevent, detect and respond to them. The threats are as follows:
IT Consolidation and Shared Services: States Seeking Economies of Scale March 2006
The (IT) Doctor is In: The Role of the State CIO in Health IT February 2006
The brief is intended to help state CIOs—along with other stakeholders and policymakers—determine the appropriate role of the state CIO in guiding their states’ enterprise IT in keeping with the larger national effort to save lives and money in healthcare.
IT Governance and Business Outcomes – A Shared Responsibility between IT and Business Leadership March 2008
IT Governance is all about ensuring that state government is effectively using information technology in all government lines of business. This requires that the decision rights for IT investments and deployment are properly shared between the business and IT functions within state government. This issue brief provides an introduction to this very broad topic.
IT Management Frameworks: A Foundation for Success August 2005
NASCIO’s IT Governance & Service Reform Committee is proud to present IT Management Frameworks: A Foundation for Success. This research brief provides an overview of four successful IT Management frameworks that can improve investment decisions, accountability, and management of IT organizations. These successful frameworks represent a variety of management approaches that emphasize the different disciplines of investment management, service oriented management, and line of business or process management. They include the North Carolina Framework for Managing IT Investments; the Government Accountability Office IT Investment Management Framework; the IT Infrastructure Library; and, the Federal Business Reference Model.
IT Procurement and Enterprise Architecture: Recognizing the Mutual Benefits October 2005
This brief highlights the benefits of a closer alignment between IT Procurement and Enterprise Architecture (EA), which includes improving and streamlining IT investment decisions in a way that supports the state’s overall strategic goals and intent. It also identifies “touchpoints” at which these two disciplines can establish stronger ties and concludes with recommendations on how states can start down the path to greater EA-IT Procurement alignment.
IT Security Awareness and Training: Changing the Culture of State Government August 2007
Most state government employees use technology to do their daily work, yet they may not realize the dramatic consequences that can flow from one mistake. As data breaches and security incidents that originate from within state government appear to be on the rise, cultural change is needed. All state employees need to understand that IT security is everyone’s job and understand how to use the state’s IT resources in a way that does not create the risk of a security incident. NASCIO’s Research Brief, "IT Security Awareness and Training: Changing the Culture of State Government" , highlights awareness and training activities that State CIOs can implement to avoid internal threats that can lead to a full-on state government crisis. To assist CIOs in pursuing these efforts, this brief includes many examples of awareness and training activities that are currently taking place with the states. This brief is a product of NASCIO’s Information Security and Privacy Committee.
The IT Security Business Case: Sustainable Funding to Manage the Risks May 2006
This brief takes a holistic approach to constructing the case for enterprise IT security investment by outlining for the state CIOs the following steps:
Keeping the Citizen Trust: What a State CIO Can Do To Protect Privacy October 2006
This Research Brief examines how privacy in the state government context has evolved as a defining issue in response to rapidly changing technological advances and the complexities of a fast-paced world. The brief then explores some initial areas in which a state CIO may encounter privacy issues, including in the context of IT governance, enterprise architecture, policy, security and business processes, and offers some potential ways of addressing those issues.
Keys to Collaboration: Building Effective Public-Private Partnerships June 2006
This research brief explores the role of public-private partnerships in the increasingly technology-driven public sector. It also provides a look at best practices and building blocks for successful public-private partnerships.
The MITA Touch: State CIOs and Medicaid IT Transformation August 2008
Medicaid transformation, and incorporating information technology into these efforts, is among the fastest-growing trends in healthcare today. With the introduction of the federal Medicaid IT Architecture (MITA) initiative, states are beginning to assess their current Medicaid systems and explore how the MITA initiative can foster information exchange and improve healthcare quality outcomes. This brief, a product of NASCIO’s Health IT Working Group, examines the ways in which state CIOs can play a role in the MITA effort, and how their enterprise view contributes to the holistic vision that MITA promotes across state agencies and all levels of government.
NASCIO Enterprise Architecture Business Case Summary October 2005
NASCIO has collected success stories from a variety of sources including its various awards programs. NASCIO members have found that success stories provide an invaluable dimension of the underlying analysis when presenting the business case for EA related projects. These are now being made available to the greater NASCIO community to provide anecdotal information for developing a strong business case for EA. Much can be learned from these experiences and the reader is encouraged to contact the original source for any additional information or comment regarding those success stories that are most relevant.
A National Framework for Collaborative Information Exchange: What is NIEM? March 2006
The NIEM initiative is in its beginning stages but is already anticipated to be a major breakthrough initiative, which will have a tremendous impact on how government interoperates with the intention of making possible the communication among government lines of business at all levels of government.
This brief both summarizes the intention of this national initiative and provides guidance on participation in this effort.
Negotiating IP on the Way to the Win-Win: NASCIO’s Intellectual Property Recommendations March 2005
These recommendations seek to identify state and contractor interests regarding the ownership of IP and suggest realistic considerations to help make the negotiation of IP rights easier and more successful for all involved.
The New and Improved DST: Are You Ready? February 2007
This issue brief calls attention to the change in Daylight Savings Time in 2007, as a provision of the United States Energy Policy Act of 2005, and gives pointers to state CIO’s about how the change may affect their applications and systems.
On the Road to RHIO: What State CIOs Need to Know July 2007
A product of NASCIO’s Health IT Working Group, this brief examines the ways in which state CIOs can be involved in RHIO efforts in their states and emphasizes the importance for state CIOs to be aware of developments in health information exchange. It also explores the opportunities and challenges that all RHIOs face, despite the unique characteristics they each hold, and features real-world examples of how state CIOs are already involved in their state’s RHIO efforts.
Pandemic Planning and Response for State IT: Where’s My Staff? November 2007
Without the flow of electronic information, government comes to a standstill. When a state’s data systems and communication networks are disrupted, the problem can be serious and the impact farreaching. The consequences can be much more than an inconvenience. Serious disruptions to a state’s IT systems can lead to public distrust, chaos, fear and potential loss of life. Traditionally, IT disruptions are planned for based on anticipated disasters both natural and manmade that can physically damage facilities and equipment. However, we live in a time that holds the potential for a pandemic outbreak in your city, state or possibly the nation. What would you do as state chief information officer (CIO) if one day your staff did not come to the office because of a pandemic outbreak?
Proposed GSA Rule: New Policy on the .gov Domain May 2002
This brief provides an overview of the Proposed Rule promulgated by the U.S. General Services Administration (GSA) that made the .gov Top-Level Internet domain available for states, local governments and Native Sovereign Nations to register domain names for their official government websites.
Protecting the Realm: Confronting the Realities of State Data at Risk September 2008
This brief underlines the criticality of managing states’ digital assets and identifies key, high-level elements for establishing better data security programs within states. The brief covers data ownership and governance issues, recommends grounding data protection efforts in states’ enterprise architecture frameworks, and outlines nine primary elements that a comprehensive data protection program must incorporate or address. It describes data classification frameworks that have been developed in both state and federal agencies, and includes summaries of operational data classification and security initiatives in the states of Ohio, Arkansas, and Iowa.
Ready for the Challenge? State CIOs and Electronic Records: Issues, Opportunities and Best Practices July 2008
States continue to struggle with new challenges presented by a growing portfolio of electronic records and digital content that must be preserved. Within this context, the issue of electronic records management has emerged as a high-priority policy and technology issue for State CIOs. This issue is now driven by emerging trends such as of new Web 2.0 collaboration tools that create e-records in forms that are transitory, yet still document the business of government, the vulnerability of essential e-records during disasters and a growing emphasis on transparency and accountability in state government, including online public access to records on spending, performance, procurements and contracts. This research brief underscores the need for enterprise collaboration for e-records management, provides information on fundamental concerns, outlines a framework for action and provides best practice examples from the states.
The Real Phantom Menace: Spyware and its State Implications January 2005
This brief addresses the security, privacy, citizen trust and business process-related implications of spyware and other forms of malware for state government IT systems and suggests some potential technical, legal and awareness-raising solutions for the menace of malware.
Relationships Matter: Customer Service Strategies to Promote Enterprise Services October 2006
This brief provides an overview of the challenges state CIOs face when promoting enterprise services under statewide IT consolidation and shared services initiatives. The brief also identifies methods for achieving strategic initiatives using proven customer service strategies and examines the types of business processes used to successfully launch and promote consolidation and shared enterprise services.
The Search Is On: State CIO Starting Points for E-Discovery November 2007
In its September 2007 Issue Brief entitled “Seek and Ye Shall Find? State CIOs Must Prepare Now for E-Discovery!”, NASCIO raised the importance of State CIO involvement in e-discovery and the need for collaborative state electronic records management activities to properly address e-discovery requests. In this follow-up Research Brief, NASCIO provides starting points for State CIOs to improve the state’s ability to successfully address legal requests for electronic information.
Topics include:
Seek and Ye Shall Find? State CIOs Must Prepare Now for E-Discovery September 2007
In increasingly consolidated state technology environments, State CIOs may have heightened responsibility for the storage, preservation and retrieval of electronic information in response to e-discovery requests. Since government information is a knowledge asset, State CIOs must ensure the proper management of state information assets in addition to the technological infrastructure for locating and retrieving that information. This issue brief explains the impact for State CIOs of e-discovery requests and encourages State CIOs to pursue a holistic approach to enterprise records management as part of a team of state government stakeholders, including state legal counsel, archivists, records managers, and agency business leaders.
Service Oriented Architecture: An Enabler of the Agile Enterprise May 2006
This brief identifies what state CIOs need to know now regarding Service Oriented Architecture (SOA), including its business value, the vision for SOA, SOA governance, SOA as a program and SOA security.
Staying Connected to Your Customers: Strategies and Tactics to Grow Enterprise IT Services December 2006
This brief covers the topic of utilizing CRM strategies and tactics to sustain and grow relationships with agencies once the CIO has established buy-in for consolidated and shared enterprise services.
Think Before You Dig: The Privacy Implications of Data Mining & Aggregation September 2004
This brief examines the business benefits and privacy issues related to government’s use of data-mining technologies. It also takes a look at high-profile government data-mining programs and suggests ways to infuse privacy protections and transparency into government’s use of data-mining technologies.
TLK2UL8R: The Privacy Implications of Instant and Text Messaging Technologies in State Government May 2005
This brief explores the privacy implications of Instant Messaging (IM) applications—both consumer and enterprise-grade—in the context of the state workplace. It also addresses the privacy implications of text messaging and chat technologies.
Walking the Road to the Win-Win: NASCIO Procurement Subcommittee’s Recommendations on Liability Limitations for State IT Contracting September 2004
These recommendations are intended to elucidate the various state and vendor interests that are involved in negotiating liability limitations and to help states and vendors negotiate better IT contract liability limitations that are “win-win” for both sides.
We Need to Talk: Governance Models to Advance Communications Interoperability November 2005
This research brief provides an overview of the challenges states face in developing communications interoperability initiatives and also attempts to answer questions such as, "What needs to be addressed when contemplating a communications interoperability initiative; and what is being done at the state and federal levels to develop communications interoperability governance models?" It includes other factors that are impacting governance in interoperability and offers references to models that have been successfully completed by other states.
Welcome to the Jungle: The State Privacy Implications of Spam, Phishing and Spyware February 2005
This brief explores the privacy implications for state government created by the threats of spam, phishing and spyware and potential ways of preventing and mitigating this triple threat to state IT systems.
Who Are You? I Really Wanna Know: E-Authentication and its Privacy Implications December 2004
This brief explores the business drivers behind e-authentication and the privacy implications that states and others should consider in pursuing e-authentication efforts.
The Workforce Evolution: Recruiting and Retaining State IT Employees April 2008
An upcoming shortage of state IT government workers is predicted by many to be evident and quickly approaching. As the state IT workforce begins to face the challenges of a potential worker shortage, and as it evolves to reflect the modern workforce of the future, employee recruitment and retention tactics must be examined in order to attract and retain top IT talent. A product of NASCIO’s State IT Workforce Working Group, this brief focuses on these recruitment and retention tactics for state CIOs by examining traditional and innovative recruitment strategies, successful retention initiatives and state best practices in each of these areas. By taking steps to augment a potential state IT worker shortage, state CIOs will be better prepared to face these challenges as they arise.
The Year of Working Dangerously: The Privacy Implications of Wireless in the State Workplace—Part I August 2005
Part I identifies the privacy implications of wireless technologies in the state workplace, including the privacy implications of mobile technologies such as laptop computers, PDAs and other similar devices.
The Year of Working Dangerously: The Privacy Implications of Wireless in the State Workplace—Part II September 2005
Part II of this brief provides privacy policy and security measures to help states address the potential privacy implications of wireless technologies identified in Part I.
