Technology is now available to truly integrate government's many enterprises and enable realtime, dynamic interactions between California state government and the Californians it serves, regardless of organizational boundaries or technological platforms.[1] Software applications can integrate programs and back office business processes across organizational boundaries; there is now no longer any need for one department to have one accounting software package and another department to have a different software application to do the same thing, for example. The process can be collapsed, information can be integrated, communication can be speeded up and government, ultimately, can become more accessible, both to its citizens and to its own various parts. Information and the revolution in information technology (IT) have given state government the means to revolutionize, at a fundamental level, the way it does business.
Technology governance must be integrated with an organization's business governance. It must have a set of clearly articulated goals that reflect an organization's strategic business goals, the full participation and support from business leadership, and a clearly defined set of processes.[5] The Legislative Analyst's Office (LAO) defined the key objectives for IT governance to be leadership, oversight and accountability.[6]
At the outset, it is noted that the most successful state technology governance models have had direct support from the Governor's office and a statewide or enterprise focus.[7] They also emphasize collaboration, and the modular, incremental development and implementation of major initiatives.[8]
California has not equipped or mandated its leaders to fully utilize technology potential, and it has not aligned its technology capacity to achieve efficiencies and leverage its buying power. In California there is no overarching technology strategy for state government. As a result, technology initiatives are developed and implemented piecemeal-agency by agency, department by department or division by division-dissipating financial and technical capacity on disparate infrastructures that do not interact. Even though there have been many positive advancements in technology over the last decade, on the whole the state has failed to leverage these developments.[11] Information and telecommunications technologies are rapidly converging. Within state government, however, each entity operates in isolation from the other.
In 1995, Senate Bill 1 established the Department of Information Technology (DOIT) which was charged with providing leadership, guidance and oversight of IT in state government. SB 1 included a sunset provision that automatically repealed the act unless statutorily extended before January 1, 2001.[13] While SB 1 transferred IT leadership to DOIT, DOF retained financial authority in a newly created Technology Investment and Review Unit (TIRU). This, along with the lack of active support from the Governor's office, doomed DOIT's ability to become truly effective and raised doubts about whether it had any real authority to provide statewide IT leadership.[14] The controversy over DOIT's performance mounted until the department was allowed to sunset in July 2002.
After DOIT went out of existence, IT oversight was assigned by executive order to respective departments and singular approval authority for IT projects defaulted to DOF. A new special advisor for IT was appointed in September 2002 to function as the state Chief Information Officer (CIO) and to assist in identifying a permanent solution to IT governance.[15] While the new CIO is responsible for providing IT policy leadership and facilitating collaboration across the state, he is little more than an advisor on technology and has no real authority to oversee state technology initiatives.[16]
More recently, LAO has identified a need to develop a permanent structure to oversee IT.[17] In its analysis of the 2004-2005 state budget, LAO cites deficiencies in the state IT policies and review procedures, and is critical of inadequate departmental and DOF oversight, departmental project management and DOF project approval and oversight requirements. The LAO said over half of IT projects were not getting adequate oversight, and most were experiencing significant changes in scope, costs and schedules, which indicate they are not being properly managed. Departments are preparing poor estimates for project budgets and schedules and DOF change approval process risks project continuity and cost escalation while departments suffer lengthy waits for approval. [18]
"Departments and agencies . . . reflect traditional business structures, and they continue to struggle to overcome inherent barriers in an effort to drive down costs and deliver services through effective use of information technology . . . Policymakers should heed the "stove pipe" message and begin to build an enterprise business strategy that incorporates the funding streams to create true business/IT transformation."
-META Group [20]
Agencies and departments lack a state-wide blueprint for the design, implementation and management of technology initiatives. There are little or no useful planning criteria, no specific guidelines for how to appropriately use technology, no library of lessons learned, and no enterprise analysis to assist in the selection of best strategies. There is no strategic focus on technology across the Executive Branch. Although current statutes require each agency to develop strategic plans and submit them each year to the Governor and Joint Legislative Budget Committee, there is no requirement to integrate these plans into a single statewide strategic plan and there is no mechanism for deriving a statewide technology strategic plan.[21]
The State Administrative Manual requires state agencies to adopt specific technology standards for application within each respective agency.[22] Yet the requirements are without provisions for coordinating policy and standards development from a statewide perspective. Little or no work has been completed to establish a statewide set of standards for the development of technology projects, or to determine the appropriate degree of centralization or consolidation of technology services for the overall benefit of the state.[23]
Assessing the business and technical merit of proposed technology projects is a complex and convoluted process, made worse by DOF's delegating only limited authority to agencies.[24] There is mounting frustration over the time and cost required to complete Feasibility Study Reports (FSR) and obtain funding and approval for projects.[25] In their frustration, some agencies now avoid reporting accurate project status, lest they expose themselves to the arduous DOF control process, which has become increasingly mired in mistrust.[26] The approval process can take so long that by the time a project gets the go-ahead from DOF, the system requirements and technology have changed. That, in turn, requires a new, lengthy approval process. This also complicates multi-year project funding for long term projects.[27] The Statewide Workgroup Computer Policy, which was developed to exercise DOF control over agency computer technology usage, has ceased to provide continuing value, while it burdens departments with yet another arduous reporting requirement. [28]
Furthermore, the annual state budget cycle, coupled with the phasing of project submittal deadlines, effectively gives departments one chance per year to get projects approved. The primary document agencies must submit to DOF, the FSR must be submitted within a very short window of opportunity in order to have any chance of being approved. However, the FSR must address an exhaustive list of requirements, many of which are simply not known at the time the FSR is developed.[29] To meet these requirements many agencies resort to hiring consultants to write their FSRs, at a cost of $100,000 or more each. This produces FSRs which are laced with extrapolated detail that constitute potential snags and sometimes hold up approval. Any delay imposed while agencies respond to DOF's requests for clarification or rewrite could cause projects to miss the window of opportunity for approval altogether until the next budget cycle.[30]
Agencies are also frustrated by the effective double jeopardy resulting from DOF's approval requirement for project expenditures. DOF initially prepares the Governor's Budget, which includes budgets for programs and their IT initiatives. However, individual projects still must receive expenditure approval from the DOF Technology Investment and Review Unit (TIRU) before they can go forward. In their review, the TIRU exercises what amounts to a line item control to independently make cuts to project funding or staffing.[31] These cuts often cause projects to enter a death spiral due to inadequate funding or staffing.
Efforts to implement technology initiatives across state agencies are complicated by the annual "incremental" state budgeting process which buries IT funding in individual program budgets, making it difficult to aggregate funding and allocate development costs based on how much a system or service will be used by each agency.[32]
"Government executives experience frustration in implementing and institutionalizing new IT strategies because of the traditional institutionalized 'silo' government program delivery and categorical funding model. Government staff charged with program delivery and IT infrastructure are not incented to collaborate, because rewards (increases in funding, meeting program targets) occur only within a singular silo program area. The executive, unable to set innovative delivery strategies across program boundaries, faces increased pressure because internet-savvy constituents anticipate doing business with a "virtual government" at their convenience. The successful executive will proactively change the face of government services to present a single, common service and delivery interface while increasing taxpayer value (measured as cost-effective on-demand access to services by constituents). Funding constraints must be overcome as part of the governance process, ensuring a single infrastructure and a common citizen interface."
-META Group [33]
The Department of General Services (DGS), has struggled with procurement reform for years, but frustrations continue regarding the time and cost of major complex procurements, obtaining contracts that meet the state's needs, and vendor performance management.[34] While the federal government has reformed its technology acquisition methodology to be more representative of the best practices in the commercial marketplace, the state has not.[35] DGS was criticized by the California State Auditor in 2003 for not ensuring adequate legal review of large IT system integration projects or IT contracts over a specified dollar amount, exposing the state to increased risk arising from the complexity of these contracting actions.[36] Efforts are now underway to provide such reviews, but it took a formal audit finding to get them started, reflecting the general lack of integration between various disciplines that have a stake in IT acquisition.
The DGS has suspended the IT project management training program in its Procurement Division as a means of trimming its budget, despite specific recommendations from the state auditor.[37] This successful program produced more than 100 certified project managers in 29 state agencies and trained more than 1,000 state employees in the principles of project management.[38] When coupled with the absence of proper training for strategic sourcing in IT, this raises doubts of whether the state is doing anything to ensure that people responsible for managing IT systems acquisition have the appropriate qualifications.
California state government is unable to produce a complete inventory of its technology assets, and so cannot account for the total amount of money being spent on technology. This makes it very difficult to plan for system obsolescence, find redundancies or measure excess capacity.[39] Little or no work has been completed to establish a set of standards for developing technology projects, and there is no effective mechanism for determining the appropriate degree of centralization or consolidation of IT services for overall state benefit.[40] There is little evidence of statewide adoption of best practices for portfolio management or enterprise forecasting, and there is no agency designated to do basic research needed to keep the state in the forefront of technology.[41]
"The institutionalization of portfolio management responsibility can begin to build relationships across the government enterprise that effectively bring budget and finance offices and IT organizations into better understanding and consensus on strategic IT investments during fluctuating budget cycles. Creating portfolio management awareness within government can begin to build the bridge of understanding between IT and budget organizations and program agencies to more effectively and strategically invest in executive branch and legislative public-policy priorities."-META Group [42]
It results in sub-optimized efforts which dissipate resources and produce inconsistent results. It exposes the state to higher overall operational costs from program overlaps, redundancies, inefficient use of human and physical resources and increased vulnerabilities to security threats and architecture breakdowns.
Implementing modern, strategically focused technology governance will ensure the strategic use of technology. Accountability, affordability and accessibility would be achieved through the clear assignment of responsibility and authority, consolidation of overlapping functions and aggregation of resource potential.
A prerequisite, however, is the institution of statewide business focused strategic planning. Successful technology governance depends on having a statewide strategic plan that has technology strategic planning integrated within it. Strategic planning is a key process of leadership. Without a statewide strategic plan the state cannot provide the necessary statewide focus on achieving overarching goals and objectives. Without those overarching goals and objectives, technology leaders cannot be sure that their initiatives address the most important business issues of the state. Strategic business planning and strategic technology planning must be integrated and focused on the same goals and objectives.
Performance based budgeting is also essential to effective technology governance. It will allow the state to determine exactly how much it spends on new technology initiatives and on the maintenance of existing technology. Without that ability, the state cannot strategically manage its technology.
A unified governance structure that embodies the appropriate integration of leadership, decision making authority, structure and processes statewide will allow the state to address these compelling issues and will drive the modernization of state government.
Statewide Technology Governance Model
The CIO should be provided with a staff comprising the essential functions and capability to administer these responsibilities. The state CIO should advise the Governor and the Legislature on the strategic planning, management and direction of the state's information technology resources. The CIO responsibilities should include:
The authorities and responsibilities invested in the state CIO should extend to all departments and agencies of the executive branch of state government and exclude offices of constitutional officers, the Legislature and the office of the courts. The State Chief Information Officer should be vested with the authority and flexibility to organize these functions and resources to carry out his/her mandate with the greatest efficiency and effectiveness.
The PMO is an important instrument of the CIO's leadership. It is the primary activity that implements the CIO's policies, standards and procedures for project development and management and provides the statewide orientation and training on these subjects. It will ensure standardization in project management processes and project performance metrics so that effective project management is assured and so that project performance can be uniformly assessed. It will also coordinate and affect the implementation of project remediation actions that may be directed by the CIO or the Technology Commission.
The intent of this policy will be satisfied through the implementation of technology policies and standards, master computer commodity contracts, project development support and oversight provided by the PMO and the implementation of Technology Portfolio Management.
The annual IT spending statewide is estimated by the Legislative Analyst's to be at least $2 billion.[50]
CIO Magazine estimates that companies with better than average IT governance earn at least a 20 percent higher return on assets than organizations with weaker governance.[51] Using the conservative $2 billion annual IT spending estimate, this governance structure may generate a savings of at least $38 million annually.
Eight of the recommendations are expected to be either cost-neutral or generate some savings and there are minor costs for the remaining four recommendations. The cost to implement statewide technology portfolio management is not known. Total annual personnel costs for the four recommendations is about $500,000.
The following charts show the impact assuming an implementation date of January 2005.
Fiscal Year | Savings | Costs | Net Savings (Costs) | Change in PYs |
---|---|---|---|---|
2004-05 | $9,500 | $125 | $9,375 | 1.5 |
2005-06 | $19,000 | $250 | $18,750 | 3 |
2006-07 | $19,000 | $250 | $18,750 | 3 |
2007-08 | $19,000 | $250 | $18,750 | 3 |
2008-09 | $19,000 | $250 | $18,750 | 3 |
(dollars in thousands)
Fiscal Year
Savings
Costs
Net Savings (Costs)
Change in PYs
2004-05
$9,500
$125
$9,375
1.5
2005-06
$19,000
$250
$18,750
3
2006-07
$19,000
$250
$18,750
3
2007-08
$19,000
$250
$18,750
3
2008-09
$19,000
$250
$18,750
3