The 7 Things I Know About Cyber Security After 25 Years | April 2024
Arabe Gov
1. Establishing and Managing E-Government Partnerships
OECD Good Governance for Development in Arab Countries
Tunis, Tunisia
May 28-29, 2008
2. Public-Private Partnership Continuum
Oversight Model Partnership Model
Purchase Public / Private
Contractors Alliance / Consortia
Agreements Competitions
HR LOB
Privatization
SmartBUY
• Public – Private
• Software Managed and partnerships
Acquired on the Right • Private sector gains FM LOB
Terms (SMART Buy) access to new customers
• Direct oversight • Government-wide • Public sector gains • Public – Private
• Contracts award mandatory contracts improved services at Competitions
consistent with • Pre-negotiated lowest low/no cost or capital • Selections made from
Federal Acquisition price investment qualified providers
Policy • Leverages bulk-buying • Private sector leverages (Public and Private)
• Contracts adhere to of US Government commercial service • Governed through
government-defined • Streamlined offerings regulation, OMB
requirements procurement access to • Risk/Reward balance Circular A-76 (partial)
software vendors 2
3. Additional Public-Private Partnership Tools
Share-In-Savings & IT Exchange Programs
Share-In-Savings IT Exchange Program
• Contract under which a contractor • An employee of a private sector
provides solutions for: organization assigned to an agency
1. Improving the agency's under the E-Gov Act is deemed, during
mission-related or the period of the assignment, to be on
administrative processes detail to the agency.
2. Accelerating the achievement • The supervision of an employee of a
of agency missions private sector organization assigned to
an agency under the E-Gov Act may be
governed by agreement between the
• Agency pays the contractor an agency and the private sector
amount equal to a portion of the E-Government organization concerned.
SS
savings derived by the agency from:
The employee:
1. Improvements in mission- Act of 2002
• may continue to receive pay and
related or administrative
benefits from the private sector
processes resulting from
organization from which he is assigned;
solution implementation
• is deemed to be an employee of the
2. Acceleration of achievement of
agency;
agency missions “Implementation Guidance for the
• may not access trade secrets or any
E-Government Act of 2002”
other nonpublic information which is of
E-Gov Act of 2002: Chapter 37 www.egov.gov commercial value to the private sector
Section 210, 2332, 317 organization from which assigned
E-Gov Act of 2002: Chapter 37
Section 3703, 3704
3
4. Public-Private Competition: Overall Benefits
The benefits of public-private competitions are compelling and apply across a
variety of functional areas…
Government-Wide Benefits (FY03-07)
Cumulative estimated net savings
surpassed $7 billion
Annualized expected savings
exceeded $1 billion
Improved efficiency of agency
operations (even when private sector
provider not selected)
Breakout by type of Competition
4
5. Selected Agency Benefits of Competition
Numerous examples at the agency as to how competition is benefiting agency
use of Information Technology…
Reduced cyber risk and reduction in IT redundancies through consolidation of
seven authentication domains, 17 separate messaging systems, and migration of
desktop computers to a common operating environment. (Department of Energy)
Enhanced IT security through the installation of encryption software on agency
laptops (Environmental Protection Agency)
Strengthened operational efficiency of enterprise application, customer service,
accounting, and visual service support activities through better use of technology
(Health and Human Services)
More efficient and standardized Web site development operations through the
migration of performance responsibilities from program offices to the Office of the
Chief Information Officer (Department of Justice)
Improved performance of IT functions through the realignment of human capital to
match qualified employees to each position (Department of Justice)
Realized greater economies of scale and reduced redundant IT activities by
consolidating program facilities from 46 locations to one (Veterans Affairs)
Increased cyber-security through the integration of three mainframe IT
environments (Office of Personnel Management)
5
6. Administrative Case for Partnering:
Lines of Business (LoB)
As common, government-wide functions, Line of Business can benefit especially
from public-private partnerships & competition…
($ millions)
Line of Business DME FY08 DME FY09
Financial Management (FM) $ 856 $ 889
Human Resources Management (HR) $ 508 $ 442
Case Management (Case) $ 128 $ 149
Grants Management (Grants)* - -
Federal Health Architecture (FHA) $ 1,211 $ 1,523
Information System Security (ISS)* - -
Other $ 22,649 $ 21,993
Total $ 25,352 $ 24,995
* - Investments in these lines of business represent "Horizonal (Cross-cutting) LoBs"
LoB DME Spending - FY2008 LoB DM E Spending - FY2009
FHA
FHA 6%
Other
5%
89% Other
88%
FM FM
3% 4%
HR HR
2% 2%
Case Case
1% 1%
6
7. Human Resources Management Line of Business
The Human Resources Management LoB continues to make progress in standardizing and
consolidating IT systems, business processes and interoperable HR solutions…
Federal Providers Private Providers
Department of Agriculture Competitively Awarded Vendors:
Department of the Interior Accenture
Approved Service Allied Technology Group
Department of the Treasury
Centers Carahsoft Technology
Department of Health and Human Services
IBM
Department of Defense
16 departments and large agencies serviced by a Private providers will compete with Federal
Federal Shared Service Center (SSC) SSCs as agency HR legacy systems fulfill
Service Coverage 77 small entities (boards, commissions, etc.) serviced their lifecycle and migrate to a SSC
by a Federal SSC
Progress to Date HR LOB / Enterprise Architecture (EA)
85% of Federal Employees are serviced through SSC The HR LOB EA was leveraged to develop the HR LOB
solutions as of Q1 FY 2008 Target Requirements for SSCs, the first-ever government
68% of Scorecard agencies are using Shared Service wide set of HR requirements. Target Requirements:
Center (SSC) solutions define HR business standards for the Federal
DoL selected DoI as a SSC after a public-private Government,
competition – potentially saving half on annually-recurring describe the role of the SSCs in the HR process and
costs provide specifications for delivery of services and
HUD avoided spending $15-$18M over six years with its solutions, and
modernization by migrating to Treasury. Instead HUD form the basis of an agency’s SSC selection decision
spent less than $1M and only took 6 months to migrate
7
8. Financial Management Line of Business
The Financial Management LoB continues to make progress in standardizing and
consolidating IT systems and business processes…
Federal Providers Private Providers
General Services Administration There are approximately 5-7 commercial entities supporting
Department of the Interior Federal agencies with the following software packages:
Designated Service
Department of the Treasury Peoplesoft SAP, Oracle, Savantage (FFMS), Momentum
Centers Financials, Integrated Financial Management Information
Department of Transportation
System (IFMIS), iCore, mySAP, Altimate
6 CFO agencies or agency components are Agencies planning to assess commercial services:
operating on Federal Shared Service Department of Agriculture
Service Coverage Providers (SSPs) Department of Housing and Urban Development
84 small agencies are operating on Federal Department of Labor
SSPs
Small Business Administration
Current Status / Recent Progress
Collecting standardized Financial systems performance metrics from 24 CFO
agencies
Revised and updated the Inventory of Government Core Financial Systems
Established and continue to enrich a lexicon to normalize the terminology in the
Federal Financial Management Community
Initiated data harmonization effort for financial data
Began creation of a standardized segment architecture for Federal Financial
Management
Developed standardized credit card data requirements for Financial Management
systems
Defined the standardized financial systems business processes for payment
processing, receivables and funds management
Established Common Government wide Accounting Code (CGAC) for all agency
use 8
9. IT Infrastructure Line of Business
Significant cost savings can be generated through consolidation and standardization… a
benchmarking based approaches leverages private sector best practices
Benchmarking Study
Observations Cautions
• Optimization requires investments • The Lowest Cost Provider may not be
• Desktop and help desk tools optimal for meeting an agency’s mission
Telecommunications • Standardization of desktop management and performance requirements
processes
• Establish common desktop environment • Avoid static, long-term contracts
IT Help Desks
• Closer monitoring and governance of
outsourcing • Avoid independent, autonomous IT
Data
• Centralization where possible organizations
Centers Data/Voice
Networks • Establish continuous improvement program
• Measuring Progress over time
Third Factor – Risk - An example of a program where performance
Desktop/Seat
Management
requirements and cost may be higher in order to lower
risk would be in our nation’s critical infrastructure.
Results - the cost and performance of Federal agencies IT infrastructures are
comparable to peers in the private sector.
Next Steps
• Complete benchmarking studies for both telecommunications and data centers.
• Complete agency five-year optimization plans by the end of March.
• Conduct interagency reviews of all optimization plans.
• Issue government-wide report from five-year plans in May that:
• Identifies common themes across the 23 agencies
• Leads to development of government-wide communities of practice to foster cooperation among agencies 9
• Target five observation areas identified (above)
10. ITI LoB Common Solutions
The ITI LoB approach achieves a strong degree of goal clarity and
accountability for the results.
This allows a department/agency to make reasoned and analytically-derived choices
among the common solution tools as well as which infrastructure areas to prioritize to
achieve the goals established.
• Agencies determine own
optimization strategies –
may use: Shared Service
Centers/Public-Private
Partnerships, IT
Infrastructure Library (ITIL),
Capability Maturity Model
(CMM), SMART Buy,
consolidation, etc.
• ITI LoB is assisting agencies
to share proven practices,
lessons learned.
10
11. Keys to Success
The keys to success are much the same as those that apply to public only
efforts…
Governance
Transparency > Clarity > Accountability >
Results
Defined Competition Frameworks
11
12. Keys to Success – Governance
Clear governance models – outlining roles and responsibilities – are required
regardless of the players (public or private) involved
Improve Mission Performance • Daily oversight of project
• Management schedule
• Track/Report progress
• Manage cross-project issues and risks • Strategic/ Major
• Establish work teams Decisions
Increase Resource Alignment on • Allocate resources across teams • Authorize
• Leverage best practices Funding/Agreements
Core Mission Activities • Support implementation
Initiative Governance
PMO Board
Realize Cost and Operational
Efficiencies
Service
Providers
Achieve Equal or Better Service (public or Advisory Board
private) or Various Working
Delivery Groups/Sub-committees
• Program Oversight
Increase Value to Citizens & • Partner Resource Support
• Help guide project direction
Agency Stakeholders • Project and budget planning
• Tactical decision support
• Program implementation
• Performance measurement
• Provide work products to facilitate the success of the initiative
Drive Transformation 12
13. Keys to Success – Transparency / Accountability
Implementation Plans Service Level Agreements
Service Metric Metric Description Formula/ Performance Metric Interval Expected Service
Category Name Calculation Category Level Objective
(SLO)
IT System Hours system is Available hours Time Monthly − 99%
Infrastructure Availability available, expressed as / Obligated − Penalty =
Hosting and a proportion of hours hours * 100 expected SLO
Administration the system is minus actual SLO
contractually obligated (e.g. if actual SLO
to be available. is 96%, a 3%
penalty will be
imposed).
PLEASE REFER TO SECTION 2.7 AND 2.8 OF THE MIGRATION PLANNIGN GUIDANCE DOCUMENT FOR POTENTIAL PERFORMANCE
METRICS. NOTE THAT NOT ALL PERFORMANCE METRICS LISTED IN SECTION 2.7 AND 2.8 ARE APPLICABLE TO THE SLA.
• Frequent and Open
Communications
• Relationships at All Levels
• Shared Definitions of
Performance Metrics
Success
Earned Value Management
Monthy Burn Rate ($)
$80,000
$70,000
$60,000
$50,000
$40,000
17 Feb
24 Feb
3- eb
n
10 Feb
- r
-A r
5- pr
14 Apr
20 Jan
27 Jan
3- an
13 Jan
- y
- y
-M y
2- y
- r
- r
-M r
7- ar
10 Mar
21 Ap
28 Ap
17 a
24 Ma
31 Ma
Ju
12 Ma
19 Ma
26 Ma
a
-F
-M
-J
-
-
-
-
-
6-
13
14. Keys to Success – Competition Frameworks
Clear guidance and well-define competitive frameworks foster full and open
competitions focused on results…
Key Framework Components
Request For Proposal (RFP) Templates
Due Diligence Checklists
Service Level Agreement (SLA) Templates
Performance Measurement Processes
Appropriate contract structure: Firm-Fixed Price vs. Time & Materials
FRAMEWORK: Financial Management Line of Business (FM LoB)
Issued by Federal Systems Integration Office (FSIO)
http://www.fsio.gov/fsio/fsiodata/fsio_fmlob_mpg_v1.shtml
FRAMEWORK: Human Resources Management Line Business (HR LoB)
Issued by the HR LoB through the Office of Personnel Management (OPM)
http://www.opm.gov/egov/documents/MPG/index.asp
14
15. E-Government Initiatives: Adoption Focus
FY 2008 - Beyond Focus
Cost-savings
Improved Mission Performance
FY 2006 - 2008 Focus Government-wide Adoption/Implementation
LoB Migrations – Public/Private Competitions
Utilization and Adoption of E-Gov Initiatives
Development of Self-Sustaining Business
FY 2006 and Prior
Models (e.g., Fee For Service)
LoB Framework Established
E-Gov Initiatives
Federal Enterprise Architecture
President’s Management Agenda
Not Started In progress Complete 15
16. Questions
For additional information, please visit
www.egov.gov
Tim Young
Deputy Administrator
Office of E-Government & Information Technology
Office of Management and Budget
725 17th Street NW
Washington DC 20503
202.395.0368
tkyoung@omb.eop.gov
16
17. Appendix: FY 2009 Resources
For more information, please visit the following online resources
REFERENCE LINK
The President’s Budget Fiscal Year 2009 www.budget.gov
Analytical Perspectives Volume (Crosscutting Programs, Chapter 9: Integrating Services with www.whitehouse.gov/omb/budget/fy2009/pdf/apers/crosscutting.pdf
Technology)
Table 9-1: Effectiveness of Agencies’ IT Management and E-Gov Processes www.whitehouse.gov/omb/budget/fy2009/pdf/ap_cd_rom/9_1.pdf
Table 9-2: Management Guidance www.whitehouse.gov/omb/budget/fy2009/pdf/ap_cd_rom/9_2.pdf
Table 9-3: Management Watch List for FY2008 www.whitehouse.gov/omb/budget/fy2009/pdf/ap_cd_rom/9_3.pdf
Table 9-4: High Risk IT Project List www.whitehouse.gov/omb/budget/fy2009/pdf/ap_cd_rom/9_4.pdf
Table 9-5: Agencies with Investments on the Management Watch List www.whitehouse.gov/omb/budget/fy2009/pdf/ap_cd_rom/9_5.pdf
Table 9-6: FY2009 Exhibit 300 Evaluation Criteria www.whitehouse.gov/omb/budget/fy2009/pdf/ap_cd_rom/9_6.pdf
Table 9-7 Comparison of the Management Watch List by Fiscal Year www.whitehouse.gov/omb/budget/fy2009/pdf/ap_cd_rom/9_7.pdf
Table 9-8: Number of Recurring Investments on the Management Watch List www.whitehouse.gov/omb/budget/fy2009/pdf/ap_cd_rom/9_8.pdf
Table 9-9 Lines of Business (LoB) Update www.whitehouse.gov/omb/budget/fy2009/pdf/ap_cd_rom/9_9.pdf
Table 9-10: Status of E-Government Initiatives www.whitehouse.gov/omb/budget/fy2009/pdf/ap_cd_rom/9_10.pdf
Report on Information Technology (IT) Spending for the Federal Government www.whitehouse.gov/omb/budget/fy2009/sheets/itspending.xls
Egov.gov: The Official Website of the President’s Electronic Government Initiative www.egov.gov
Results.gov www.results.gov
ExpectMore.gov www.expectmore.gov
17