Nashville, TN - JW Marriott , October 13-16, 2019
Maryland, MD - Gaylord National Harbor, May 3-6, 2020
One of NASCIO's guiding principles is to "promote the CIO as the technology leader who drives innovation and transformation." To advance this belief, this leadership white paper explores the various structures and relationships of the State Chief Information Officer's (CIO) role and how these differences impact the CIO's participation in government transformation and innovation. The NASCIO CIO Leadership Working Group explored these differences and caution that a "one size fits all" approach is not the objective given that there are clear reasons for these variations. We looked at how the role of the CIO might evolve given 'forces' that could impact this evolution, such as technology disrupters and innovation. We discussed these 'forces' and critical success factors with private sector CIOs to learn how they have evolved their position, authority, and responsibility to support corporate transformation. We prepared this paper as a guide for CIOs, Governors, and other state officials to learn more about the various models that exist and how those models could evolve to support the direction of the enterprise.
NASCIO, TechAmerica, and Grant Thornton LLP have collaborated for a fourth year on the annual survey of state government IT leaders. The 2013 survey report, The Enterprise Imperative, offers the latest insights from State CIOs and concludes these leaders are emphasizing effective enterprise governance models, adopting business disciplines, and forging the right relationships for collaboration. The 2012 survey – Advancing the C4 Agenda – focused on the balancing act that CIOs must maintain both in providing high-quality services and in delivering new, innovative solutions. These demands have not decreased over the past year. CIOs are responding by focusing on the enterprise, and by coordinating across boundaries. The enterprise focus may involve integrating governance and portfolio management across the state, improving the effectiveness of IT procurement, or deploying statewide identity and access management solutions.
For the 2013 observance of National Cyber Security Awareness Month, NASCIO has updated its Resource Guide for State Cybersecurity Awareness, Education, and Training Initiatives. The guide includes new information from our state members, who provided examples of state awareness programs and initiatives. This is an additional resource of best-practice information, together with an interactive state map to allow users to drilldown to the actual resources that states have developed or are using to promote cyber awareness. It includes contact information for the CISO, hyperlinks to state security and security awareness pages, and information describing cybersecurity awareness, training, and education initiatives.
The Resource Guide is a work-in-progress that should provide a valuable reference resource for Cyber Security Awareness Month, as well as the ongoing planning of security awareness and training efforts state programs may undertake thereafter.
The NASCIO Procurement Modernization Committee, in partnership with TechAmerica and the National Association of State Procurement Officials, continues to focus on state IT procurement reforms and highlight best practices at the state level. This brief is the third in a series of recommendations set forth by this collaborative. The purpose of the brief is to highlight some of the strategies used to first identify, then to avoid, transfer, mitigate, and ultimately accept the risks associated with the procurement of IT products or services. Although not all risks can be identified, the goal should be to understand how much risk is associated with a specific IT procurement and what tools, processes, benchmarks, and methodologies are available to uniquely address IT procurement risks.
Commonwealth of Virginia’s EIA Strategy and NIEM Integration Plan
The Commonwealth of Virginia has completed an eight-month strategic planning process to develop an Enterprise Information Architecture (EIA) strategy. A central element of the EIA strategy involves building exchanges for “citizen-centric” data that conform with the National Information Exchange Model (NIEM).
Virginia’s NIEM integration plan will enable the state government to comply with new statutory requirements for standardizing Person data and promote enhanced capabilities for business-driven information exchanges.
This webinar will provide insight on Virginia’s emerging EIA strategy and NIEM integration planning. The primary focus will be on Virginia’s EIA strategic plan and successful implementation of the NIEM Engagement Process.
Cross-jurisdictional collaboratives are on the rise. As the number of such collaboratives increases, there are essential ingredients for framing and sustaining successful and even exceptional collaborative arrangements that deliver real outcomes. As NASCIO reviewed successful collaboratives, proper governance continually surfaced as one of those essential ingredients for effective sharing of government information and services and effective employment of technology across two or more enterprises. This issue brief presents examples of effective governance and describes what constitutes effective governance.
The Healthcare Information and Management Systems Society (HIMSS) and National Association of State Chief Information Officers (NASCIO) formed a collaboration to determine how the State Chief Information Officer (CIO) views the current health information technology landscape. Specific areas of focus for this study included Medicaid Management Information Systems (MMIS), Medicaid Eligibility Systems, Data Governance and Identity Management, State Level Health Information Exchanges, Shared Services and Collaborations. This study combined HIMSS' expertise in health information technology and information exchange with NASCIO's expertise representing state CIOs and information technology executives from the states, territories and the District of Columbia. The results of this collaborative survey will serve those seeking to understand the current environment of State healthcare technology initiatives ranging from governance models to data exchange activities. This analysis will also facilitate understanding of the intersection of the state CIO's role with state health information technology (HIT) projects. This collaboration represents one of the first holistic analyses focused on the state CIO perspective of State HIT projects.
The issue brief focuses on state use of social media, specifically on state social media participation policies ("SMPP's"). NASCIO's Legal Advisory Working Group took a look at 31 SMPPs, which focus specifically on guidance/policy given to state employees regarding their participation in social media.
States have come a long way in the past few years, with the majority implementing social media policies or working towards one. However, some of the gaps found have the potential to open up states to some severe heartburn: including employee discontent, management concerns, public perception and liability.
The issue brief also addresses the inclusion of clauses on confidentiality, ethical conduct, security and privacy, and transparency in SMPP's.
Three important findings have combined to motivate this topic:
Combined these three findings require a new look at these roles. This webinar will explore the role of a Chief Data Officer (CDO) as a function needed by organizations (especially state governments). While we don't yet have all the answers, we can at least lay out three necessary but insufficient prerequisites to making progress faster than we have achieved to date.
Cloud-based file sharing solutions have become very popular and certainly a growing and significant part of day-to-day computing. It is easy to see why these services are attractive to state government users after using them in many facets of their personal life. With a wide variety of choices in the market, these solutions are easy to access, configure and use. They support multiple devices (especially mobile), and data in multiple formats. The most important consideration for state employee users – these file sharing services are free. Since the release of the 2012 NASCIO and Deloitte Cybersecurity Study, more security and policy questions have been raised on the use of free cloud services by states. In addition to the May 2012 Capitals in the Clouds IV guidance on rogue cloud users, states have continued to seek out leading practices on how to put the proper controls in place, meet security standards, craft acceptable use policies, and identify the open records and legal concerns regarding terms of service. This brief helps to provide real experience from Commonwealth of Pennsylvania on free cloud services.
The NASCIO Enterprise Architecture program was developed to enable the mission of state and local government. Government must continually reinvent itself to remain relevant by effectively and efficiently providing services to the citizens of this country. The path to this continual transformation must embrace leadership, management, coordination, communication and technology throughout government. Enterprise architecture is the discipline to appropriately define and leverage these capabilities within the complexities of government.
Funding to support the NASCIO EA Program and information sharing initiative is provided by a grant from the U.S. Department of Justice, the Bureau of Justice Assistance, Office of Justice Programs.
The enhancements in the third version of the Tool-Kit result from the expertise and continued dedication of enterprise architecture practitioners from all levels of government and the private sector. Version 3.0 incorporates an updated governance architecture framework with added roles and responsibilities and a focus on multi-level communication. Process models with explanatory narrative are included for governance and the architecture lifecycle. The Tool-Kit also includes fully populated security domain and application domain blueprints.