SO02 Technology Governance: Strategically Leveraging the Power of Technology to Transform State Government

PDF Version

California state government is in crisis. It is ironic that California is the cradle of technology, but that its state government is stuck in paper-based processes that perpetuate, even worsen the problems California faces. Smart governments are moving ahead with new, inventive digital government initiatives. The need for California to do so could not be more compelling. The synergy of statewide strategic planning and performance budgeting, applied to a new, leaner organization that has been transformed by technology, is the new imperative for 21st century California government. The technology is available and the need is urgent, but the leadership structure is not in place. It is a question of governance.

California's government has become too costly, too inefficient and increasingly unresponsive to constituent needs. Its organizational structure is "stove piped," each department insulated from other departments, even divisions with departments insulated from other divisions. There is no incentive to collaborate across divisional or departmental lines. Years of incremental, program-based budgeting and the piecemeal accumulation of programs and layers of administration puts the state in jeopardy of financial collapse.

Technology is now available to truly integrate government's many enterprises and enable realtime, dynamic interactions between California state government and the Californians it serves, regardless of organizational boundaries or technological platforms.[1] Software applications can integrate programs and back office business processes across organizational boundaries; there is now no longer any need for one department to have one accounting software package and another department to have a different software application to do the same thing, for example. The process can be collapsed, information can be integrated, communication can be speeded up and government, ultimately, can become more accessible, both to its citizens and to its own various parts. Information and the revolution in information technology (IT) have given state government the means to revolutionize, at a fundamental level, the way it does business.

Governance examined
Modern technology governance is mainly about leadership in effectively and efficiently managing an organization's use of technology to meet its business needs. It includes structures and processes for setting direction, establishing standards and principles, and prioritizing IT investments to leverage technology to improve business value.
[2] It is the mechanism for deciding who makes what decisions about technology use and creates an accountability framework that drives the desired us of technology.[3] Effective governance also includes the processes by which key decisions are made about IT investments, and it depends on effective, ongoing communication across all levels of an organization.[4]

Technology governance must be integrated with an organization's business governance. It must have a set of clearly articulated goals that reflect an organization's strategic business goals, the full participation and support from business leadership, and a clearly defined set of processes.[5] The Legislative Analyst's Office (LAO) defined the key objectives for IT governance to be leadership, oversight and accountability.[6]

At the outset, it is noted that the most successful state technology governance models have had direct support from the Governor's office and a statewide or enterprise focus.[7] They also emphasize collaboration, and the modular, incremental development and implementation of major initiatives.[8]

Industry trends
Industry and government leaders such as Intel, IBM, Hewlett Packard, the federal General Services Administration and Department of Defense have moved to unify their technology strategies, and to consolidate the management of their technology services so they can leverage their technology purchasing power. Many state governments are following this trend as well. Illinois, New York, Pennsylvania and Virginia have all been noted for their highly successful track records in their management of IT.

California is not aligned with these trends
California on the other hand, is struggling to establish a direction for its technology governance as reflected in several reports from the Bureau of State Audits, Legislative Analyst's Office, and as witnessed in several recent legislative hearings on this subject. For example, The LAO says there is a need for a permanent structure, that projects may not be properly managed. The BSA says that a need still exists for an effective governance structure, that there are problems with the cost and schedule of many projects, that the approval process is too lengthy, and that the state does not have an inventory of IT equipment.
[10] These circumstances reflect an overall lack of a unified technology governance structure, and as a consequence, California lacks the ability to fully utilize the transformational potential of technology.

California has not equipped or mandated its leaders to fully utilize technology potential, and it has not aligned its technology capacity to achieve efficiencies and leverage its buying power. In California there is no overarching technology strategy for state government. As a result, technology initiatives are developed and implemented piecemeal-agency by agency, department by department or division by division-dissipating financial and technical capacity on disparate infrastructures that do not interact. Even though there have been many positive advancements in technology over the last decade, on the whole the state has failed to leverage these developments.[11] Information and telecommunications technologies are rapidly converging. Within state government, however, each entity operates in isolation from the other.

Historical beginnings of today's problem
Since the early 1980s the state has tried several successive organizational models in an attempt to govern technology investments. Each came under criticism for inadequate project management and oversight stemming from large IT project failures. The state has twice established responsibility for IT management within the Department of Finance (DOF), with neither effort proving effective.

In 1995, Senate Bill 1 established the Department of Information Technology (DOIT) which was charged with providing leadership, guidance and oversight of IT in state government. SB 1 included a sunset provision that automatically repealed the act unless statutorily extended before January 1, 2001.[13] While SB 1 transferred IT leadership to DOIT, DOF retained financial authority in a newly created Technology Investment and Review Unit (TIRU). This, along with the lack of active support from the Governor's office, doomed DOIT's ability to become truly effective and raised doubts about whether it had any real authority to provide statewide IT leadership.[14] The controversy over DOIT's performance mounted until the department was allowed to sunset in July 2002.

After DOIT went out of existence, IT oversight was assigned by executive order to respective departments and singular approval authority for IT projects defaulted to DOF. A new special advisor for IT was appointed in September 2002 to function as the state Chief Information Officer (CIO) and to assist in identifying a permanent solution to IT governance.[15] While the new CIO is responsible for providing IT policy leadership and facilitating collaboration across the state, he is little more than an advisor on technology and has no real authority to oversee state technology initiatives.[16]

More recently, LAO has identified a need to develop a permanent structure to oversee IT.[17] In its analysis of the 2004-2005 state budget, LAO cites deficiencies in the state IT policies and review procedures, and is critical of inadequate departmental and DOF oversight, departmental project management and DOF project approval and oversight requirements. The LAO said over half of IT projects were not getting adequate oversight, and most were experiencing significant changes in scope, costs and schedules, which indicate they are not being properly managed. Departments are preparing poor estimates for project budgets and schedules and DOF change approval process risks project continuity and cost escalation while departments suffer lengthy waits for approval. [18]

Technology governance sorely needed
Today, the technology infrastructure of California state government is made up of overlapping, redundant and outdated systems and support structures that risk security and operational collapse. It is burdened by complex regulatory controls and archaic funding, approval and oversight processes. These frustrate agency leaders, undermine trust, discourage initiative, diffuse accountability, waste resources, and inhibit enterprise solutions that could empower and energize the workforce to bring about transformational change to government.

"Departments and agencies . . . reflect traditional business structures, and they continue to struggle to overcome inherent barriers in an effort to drive down costs and deliver services through effective use of information technology . . . Policymakers should heed the "stove pipe" message and begin to build an enterprise business strategy that incorporates the funding streams to create true business/IT transformation."
-META Group [20]                      

Agencies and departments lack a state-wide blueprint for the design, implementation and management of technology initiatives. There are little or no useful planning criteria, no specific guidelines for how to appropriately use technology, no library of lessons learned, and no enterprise analysis to assist in the selection of best strategies. There is no strategic focus on technology across the Executive Branch. Although current statutes require each agency to develop strategic plans and submit them each year to the Governor and Joint Legislative Budget Committee, there is no requirement to integrate these plans into a single statewide strategic plan and there is no mechanism for deriving a statewide technology strategic plan.[21]

The State Administrative Manual requires state agencies to adopt specific technology standards for application within each respective agency.[22] Yet the requirements are without provisions for coordinating policy and standards development from a statewide perspective. Little or no work has been completed to establish a statewide set of standards for the development of technology projects, or to determine the appropriate degree of centralization or consolidation of technology services for the overall benefit of the state.[23]

Assessing the business and technical merit of proposed technology projects is a complex and convoluted process, made worse by DOF's delegating only limited authority to agencies.[24] There is mounting frustration over the time and cost required to complete Feasibility Study Reports (FSR) and obtain funding and approval for projects.[25] In their frustration, some agencies now avoid reporting accurate project status, lest they expose themselves to the arduous DOF control process, which has become increasingly mired in mistrust.[26] The approval process can take so long that by the time a project gets the go-ahead from DOF, the system requirements and technology have changed. That, in turn, requires a new, lengthy approval process. This also complicates multi-year project funding for long term projects.[27] The Statewide Workgroup Computer Policy, which was developed to exercise DOF control over agency computer technology usage, has ceased to provide continuing value, while it burdens departments with yet another arduous reporting requirement. [28]

Furthermore, the annual state budget cycle, coupled with the phasing of project submittal deadlines, effectively gives departments one chance per year to get projects approved. The primary document agencies must submit to DOF, the FSR must be submitted within a very short window of opportunity in order to have any chance of being approved. However, the FSR must address an exhaustive list of requirements, many of which are simply not known at the time the FSR is developed.[29] To meet these requirements many agencies resort to hiring consultants to write their FSRs, at a cost of $100,000 or more each. This produces FSRs which are laced with extrapolated detail that constitute potential snags and sometimes hold up approval. Any delay imposed while agencies respond to DOF's requests for clarification or rewrite could cause projects to miss the window of opportunity for approval altogether until the next budget cycle.[30]

Agencies are also frustrated by the effective double jeopardy resulting from DOF's approval requirement for project expenditures. DOF initially prepares the Governor's Budget, which includes budgets for programs and their IT initiatives. However, individual projects still must receive expenditure approval from the DOF Technology Investment and Review Unit (TIRU) before they can go forward. In their review, the TIRU exercises what amounts to a line item control to independently make cuts to project funding or staffing.[31] These cuts often cause projects to enter a death spiral due to inadequate funding or staffing.

Efforts to implement technology initiatives across state agencies are complicated by the annual "incremental" state budgeting process which buries IT funding in individual program budgets, making it difficult to aggregate funding and allocate development costs based on how much a system or service will be used by each agency.[32]

"Government executives experience frustration in implementing and institutionalizing new IT strategies because of the traditional institutionalized 'silo' government program delivery and categorical funding model. Government staff charged with program delivery and IT infrastructure are not incented to collaborate, because rewards (increases in funding, meeting program targets) occur only within a singular silo program area. The executive, unable to set innovative delivery strategies across program boundaries, faces increased pressure because internet-savvy constituents anticipate doing business with a "virtual government" at their convenience. The successful executive will proactively change the face of government services to present a single, common service and delivery interface while increasing taxpayer value (measured as cost-effective on-demand access to services by constituents). Funding constraints must be overcome as part of the governance process, ensuring a single infrastructure and a common citizen interface."
-META Group [33]                      

The Department of General Services (DGS), has struggled with procurement reform for years, but frustrations continue regarding the time and cost of major complex procurements, obtaining contracts that meet the state's needs, and vendor performance management.[34] While the federal government has reformed its technology acquisition methodology to be more representative of the best practices in the commercial marketplace, the state has not.[35] DGS was criticized by the California State Auditor in 2003 for not ensuring adequate legal review of large IT system integration projects or IT contracts over a specified dollar amount, exposing the state to increased risk arising from the complexity of these contracting actions.[36] Efforts are now underway to provide such reviews, but it took a formal audit finding to get them started, reflecting the general lack of integration between various disciplines that have a stake in IT acquisition.

The DGS has suspended the IT project management training program in its Procurement Division as a means of trimming its budget, despite specific recommendations from the state auditor.[37] This successful program produced more than 100 certified project managers in 29 state agencies and trained more than 1,000 state employees in the principles of project management.[38] When coupled with the absence of proper training for strategic sourcing in IT, this raises doubts of whether the state is doing anything to ensure that people responsible for managing IT systems acquisition have the appropriate qualifications.

California state government is unable to produce a complete inventory of its technology assets, and so cannot account for the total amount of money being spent on technology. This makes it very difficult to plan for system obsolescence, find redundancies or measure excess capacity.[39] Little or no work has been completed to establish a set of standards for developing technology projects, and there is no effective mechanism for determining the appropriate degree of centralization or consolidation of IT services for overall state benefit.[40] There is little evidence of statewide adoption of best practices for portfolio management or enterprise forecasting, and there is no agency designated to do basic research needed to keep the state in the forefront of technology.[41]

"The institutionalization of portfolio management responsibility can begin to build relationships across the government enterprise that effectively bring budget and finance offices and IT organizations into better understanding and consensus on strategic IT investments during fluctuating budget cycles. Creating portfolio management awareness within government can begin to build the bridge of understanding between IT and budget organizations and program agencies to more effectively and strategically invest in executive branch and legislative public-policy priorities."
-META Group [42]                      

The need for modernizing California's technology governance now
The state's interim technology governance structure is a setback even from the relatively ineffective DOIT. It keeps the state from leveraging technology to transform state government.

It results in sub-optimized efforts which dissipate resources and produce inconsistent results. It exposes the state to higher overall operational costs from program overlaps, redundancies, inefficient use of human and physical resources and increased vulnerabilities to security threats and architecture breakdowns.

Implementing modern, strategically focused technology governance will ensure the strategic use of technology. Accountability, affordability and accessibility would be achieved through the clear assignment of responsibility and authority, consolidation of overlapping functions and aggregation of resource potential.

A prerequisite, however, is the institution of statewide business focused strategic planning. Successful technology governance depends on having a statewide strategic plan that has technology strategic planning integrated within it. Strategic planning is a key process of leadership. Without a statewide strategic plan the state cannot provide the necessary statewide focus on achieving overarching goals and objectives. Without those overarching goals and objectives, technology leaders cannot be sure that their initiatives address the most important business issues of the state. Strategic business planning and strategic technology planning must be integrated and focused on the same goals and objectives.

Performance based budgeting is also essential to effective technology governance. It will allow the state to determine exactly how much it spends on new technology initiatives and on the maintenance of existing technology. Without that ability, the state cannot strategically manage its technology.

A unified governance structure that embodies the appropriate integration of leadership, decision making authority, structure and processes statewide will allow the state to address these compelling issues and will drive the modernization of state government.

  1. The Governor should issue an Executive Order creating a statewide strategic planning office to lead strategic business planning to ensure it is accomplished at the state level and develops the desired business outcomes for the state.
    1. This office must ensure the state strategic plan addresses statewide technology goals and objectives within the framework of overall statewide goals and objectives. The plan must define how technology will contribute to the accomplishment of statewide strategic goals and objectives.
    2. It must also ensure strategic plans are developed for successively lower levels of the executive branch, written around mission areas, and that these plans link to the statewide plan and reflect the state priorities, goals and objectives. These plans must 1298 Issues and Recommendations define how technology will be used to meet strategic goals and objectives and they must link with the statewide technology strategic plan.

  2. The Governor should issue an Executive Order that aligns state technology governance to a new model, with authority and responsibility assigned to concentrate the state's technology potential while ensuring the maximum collaboration with and input from state agencies. (Exhibit 1)
    1. This model establishes a principle "architect" for statewide strategic planning to maintain focus at the strategic level, who has authority and responsibility for leading the state's efforts for leveraging technology to transform government.
    2. The skills and expertise of existing state agencies are the foundation for the governance structure.
    3. The responsibility for ensuring compliance with state policy and standards is ensured at each level of governance, with each level accountable for prompt, effective action.

      Exhibit 1
      Statewide Technology Governance Model
      This exhibit depects the proposed structure for the Technology Division, in relationship to the State Chief Information Officer and the Secretary, Office of Management and Budget.

  3. The Governor should appoint a State Chief Information Officer who is a senior advisor to the Governor with full responsibility and authority for statewide technology vision, strategic planning and coordination, technology policy and standards, data management policy and standards, information security policy and standards and streamlined technology project review and approval processes.[43]
  4. The CIO should be provided with a staff comprising the essential functions and capability to administer these responsibilities. The state CIO should advise the Governor and the Legislature on the strategic planning, management and direction of the state's information technology resources. The CIO responsibilities should include:

    1. Engaging in the formulation and maintenance of statewide technology strategic plans and the planning process for the state's use of technology.
    2. Ensuring that statewide strategic technology planning is integrated with overall statewide strategic planning and reflects executive branch strategic goals and objectives.
    3. Providing leadership and direction to state departments and agencies for the efficient and effective use of information technology and to minimize the duplication, overlap, redundancy and cost of technology in state operations.
    4. Providing functional direction to and oversight of agency information officers and departmental chief information officers with specific regard to ensuring the integration of statewide technology strategic planning, integration of statewide technology initiatives, compliance with statewide policies and standards, and alignment of technology resources and effective leadership of portfolio management teams.
    5. Establishing technology policies, standards and enterprise architecture which support the business mission of the state, the information necessary to perform the mission, the technologies necessary to perform the mission, and the transitional processes for implementing new technologies in response to the changing mission needs.
    6. Establishing a replacement to the current project review and approval processes. The review and approval processes should be in accordance with current industry best practices and should be established through collaboration led by the Office of the State Chief Information Officer with budgeting and project costing considerations provided by the Department of Finance, technology acquisition considerations provided by the Department of General Services Procurement Division, and project management considerations provided by the Health and Human Services Data Center, Systems Integration Division.
    7. The development of policy for promoting organizational capability maturity in project management, systems acquisition, and workforce development. 1300 Issues and Recommendations
    8. The institution of performance monitoring for technology projects and services to measure whether desired outcomes are being achieved, whether they address statewide strategic goals and objectives and whether costs of shared services represent best value.

    The authorities and responsibilities invested in the state CIO should extend to all departments and agencies of the executive branch of state government and exclude offices of constitutional officers, the Legislature and the office of the courts. The State Chief Information Officer should be vested with the authority and flexibility to organize these functions and resources to carry out his/her mandate with the greatest efficiency and effectiveness.

  5. The Governor should issue an Executive Order that establishes a Technology Commission (TC) consisting of the state CIO (chair), the Director of Finance, the Controller and all Cabinet Secretaries. The vice chair of the TC should be the Secretary of the Office of Management and Budget.
    1. The TC should advise the state CIO on the overall state technology program, oversee state technology leadership, approve the statewide strategic technology plan, approve the funding for programs and projects and rates charged by the technology services organization.
    2. The TC will provide oversight of the state's technology investments to ensure alignment with statewide strategic goals, to identify overall risks, and to ensure compliance with statute.[44]
    3. Funding will be approved for programs and projects upon consideration of alignment with statewide and agency strategic goals and objectives, overall statewide priority, funding availability, and project health.
    4. The TC will ensure that a management process is established to ensure alignment between funds allocation priorities and statewide strategic priorities, and to ensure that special funds are allocated as to their appropriate programs.
    5. Funding will be authorized on a project basis for enterprise and large integration projects and on a program basis to fund the expansion or continuation of services, capitalize project development and initial start up at the state data centers, and subsidize programs as deemed appropriate by the state CIO.
    6. The Department of Technology Services may be authorized to implement capacity expansions, technology refresh or new services based on overall business plan/ program approval by the TC and will then have direct authority to implement incremental projects in response to support agreements with state agencies.
    7. Agency CIO's may be delegated authority to approve projects within their portfolios and up to a threshold cost set by the TC.

  6. The Governor should work with the Legislature to establish a state Technology Investment Fund that is continuously appropriated, available for encumbrance without regard to fiscal years, and restricted from use for any other purpose than funding technology.
    1. The Department of Finance or its successor should determine the appropriate prorating of the costs for the implementation or operation of technology programs, projects or services for departments and agencies and ensure the transfer of moneys from the budgets of departments and agencies into the Technology Investment Fund.
    2. Moneys should be deposited in this fund from the following sources:
      1. Moneys appropriated and made available by the Legislature for the purpose of implementing or operating statewide information or telecommunications programs, projects or services.
      2. Any other moneys that may be made available to any agency of the Executive Branch for the purpose of funding technology and the return from investments of moneys by the Treasurer.
      3. Moneys reassigned or reallocated from the budgets of departments and agencies, that may originate from appropriations or other sources including the federal government, county or city governments, fees collected or otherwise obtained or appropriations received from any source for carrying out the activities of technology programs, projects or services.

  7. The state CIO should by January 1, 2005, implement technology portfolio management teams (ITPT) led by agency CIOs and responsible for overseeing progress on portfolios of projects, providing incremental direction and being accountable to the state CIO and TC for project delivery.
    1. Organize teams along the functional business lines of state government (i.e., Infrastructure, Management and Budget, etc.). Teams will include executive membership from business units within the agencies who have a stake in the successful implementation of the technology projects that they will oversee.
    2. Portfolios may contain projects with statewide impact but will be led by an ITPT with primary mission responsibility for the project business area.

  8. The state CIO should continue the existing CIO council and focus its efforts on policy and standards development, providing enterprise collaboration and coordination of technology initiatives, defining enterprise expectations for service levels and assisting in the establishment of ITPTs.[45]
    1. Membership should consist of Agency and departmental CIOs, selected telecommunications managers, and members from the federal, county, local and judicial governments.
    2. It will advise the state CIO on matters related to technology in the executive branch.
    3. It will provide a venue for statewide collaboration on technology issues such as the development of statewide policies and standards, and coordination of statewide technology strategic planning to ensure alignment across state government as well as vertically with the state strategic plan.
    4. The CIO will charter working groups from the CIO council for the development of recommended policies, standards and implementation strategies needed to acquire, operate and maintain technology solutions and infrastructure for the state.

  9. The state CIO should by January 1, 2005, establish a program management office (PMO) within DTS to provide primary support for program and project planning, economic analysis, project management and to provide the technical resources (systems engineering) needed to support enterprise projects or to support agency projects when needed or requested.
  10. The PMO is an important instrument of the CIO's leadership. It is the primary activity that implements the CIO's policies, standards and procedures for project development and management and provides the statewide orientation and training on these subjects. It will ensure standardization in project management processes and project performance metrics so that effective project management is assured and so that project performance can be uniformly assessed. It will also coordinate and affect the implementation of project remediation actions that may be directed by the CIO or the Technology Commission.

    1. The PMO has two tiers of operation:
      1. Program Management develops operational guidelines for all state technology projects and coordinates those activities on an ongoing basis. This is the function of project management standards setting and the integration of projects and project portfolios to make sure they don't conflict or duplicate.
      2. Project Management provides the execution leadership for specific initiatives, to include the responsibility for the change management components of initiatives, such as communications about objectives, roles and responsibilities, status and direction.[46]
    2. It must become a center of project management practice excellence for the state. It defines the standard, templates and methodologies and leads by example in the implementation.
    3. It provides support for developing initiative proposals to include opportunity evaluation, scope definition, schedule and cost analysis, risk analysis, life cycle support analysis, technology selection and overall project planning.
    4. It provides the overall tracking of portfolios and integration of portfolios and projects across the state and prepares "dashboard" and "roll up" reports and "stop light" health indicator notices. It "sets a flag" when things look like they are going in the wrong direction, and it facilitates getting decision-makers together to resolve issues. It maintains project status and communications on the web and provides direct support to portfolio managers when they submit initiative proposals or provide update briefings to the TC and CIO on a regular basis.
    5. It provides project managers and project technical and support resources from internal resources, coordinates to obtain them from external resources (other agencies) or obtains them from consultant contracts. When human resources are obtained from other state organizations, the PMO will provide a cost accounting charge-back mechanism to pay for the staff hours provided.
    6. It provides training, consulting services and advocacy for statewide capability maturity development in project management and related skills.
    7. It maintains the library of project documentation and repository for lessons learned, best practices, analysis and research.
    8. It provides and manages a project oversight framework, processes and database that include performance metrics such as "earned value" to monitor and assess project performance.

  11. The Governor should direct the discontinuation of the Technology Investment Review Unit (TIRU) and Technology Oversight and Security Unit (TOSU) in favor of implementing the new technology governance structure.
  12. The state CIO should reengineer the technology project approval process to eliminate the Feasibility Study Report (FSR) in favor of a simplified approval document based on a process standard such as "IEEE Standard 1362-1998, System Definition- Concept of Operations."[47]
    1. The IEEE Guide for Information Technology, System Definition-Concept of Operations (ConOps) Document, IEEE standard 1362-1998, provides a concept proposal outline that addresses the essential information needed to support a decision to approve and fund exploration of a project.
    2. It provides a useful format for describing the characteristics for the proposed system from the user's viewpoint, with focus on describing the existing system, providing justification for a new or modified system and describing the functionality of the 1304 Issues and Recommendations proposed system. Project proposals are to be approved and expenditures authorized by the TC for phased project development.
    3. Milestone reviews are used to approve and fund projects to proceed to planning, development or deployment upon meeting cost, schedule and deliverable milestone requirements (see Exhibit 2 below).
    4. Milestone reviews provide opportunity to terminate or commit a project to further development based on considerations of strategic alignment, project performance, funding availability and external factors.
    5. Large, high risk or high visibility projects are implemented in phases designed to ensure "walk away" value should a project be terminated at a milestone review. Small, low risk projects can be accelerated through the milestone review process.

    Exhibit 2 This chart illustrates a technology project lifecycle.

  13. The state CIO should by January 1, 2005, rescind the Statewide Workgroup Computer Policy.
  14. The intent of this policy will be satisfied through the implementation of technology policies and standards, master computer commodity contracts, project development support and oversight provided by the PMO and the implementation of Technology Portfolio Management.

  15. The Governor should issue an Executive Order that implements benefit sharing as a performance incentive for completing projects under cost, within schedule and with promised benefits.
    1. A portion of the cost savings from projects completed below budget should be paid out to the project management team as a superior performance award, a portion should be deposited in an account to fund further technology-related initiatives for the agency and the remainder should return to the technology investment fund.
    2. This concept should be extended to include the establishment of a technology innovation suggestion program, with a portion of the benefits from initiatives resulting from suggestions (10 percent) paid to the submitter, as long as the submitter was not primarily responsible for the area implementing the suggestion.
    3. Benefit sharing should also be measured and applied across agencies for enterprise-wide initiatives to further encourage enterprise-wide initiatives.

  16. The State CIO should implement statewide technology portfolio management to ensure technology is managed from a statewide "portfolio" perspective with emphasis on lifecycle systems management.
    1. Portfolio management is another important instrument of technology leadership. It forces decision-makers to develop an overall vision for IT.
    2. Project portfolio management should focus on how well the projects within the portfolios deliver on the goals of the organization.
    3. It should include four foundational techniques; selecting projects based on alignment with the statewide and agency strategic plans, maintaining a central repository of all project information, tracking performance using earned value, and measuring the technical performance of projects.
    4. Accordingly, projects within the state and agency portfolios should be prioritized taking into account the business goals, the return on investment, whether a project satisfies any mandatory legal or legislative requirements, how essential the project is to enabling core services and the degree to which the project mitigates specific business risks.[48]
    5. Projects within the state's and individual agency portfolios should also be balanced in terms of risk, technology, payback periods and capital allocation.[49]

Fiscal Impact
It is impossible to precisely quantify the benefits of a well-governed statewide IT investment process because the current IT investment environment is so poorly governed.

The annual IT spending statewide is estimated by the Legislative Analyst's to be at least $2 billion.[50]

CIO Magazine estimates that companies with better than average IT governance earn at least a 20 percent higher return on assets than organizations with weaker governance.[51] Using the conservative $2 billion annual IT spending estimate, this governance structure may generate a savings of at least $38 million annually.

Eight of the recommendations are expected to be either cost-neutral or generate some savings and there are minor costs for the remaining four recommendations. The cost to implement statewide technology portfolio management is not known. Total annual personnel costs for the four recommendations is about $500,000.

The following charts show the impact assuming an implementation date of January 2005.

General Fund
(dollars in thousands)
Fiscal Year Savings Costs Net Savings (Costs) Change in PYs
2004-05 $9,500 $125 $9,375 1.5
2005-06 $19,000 $250 $18,750 3
2006-07 $19,000 $250 $18,750 3
2007-08 $19,000 $250 $18,750 3
2008-09 $19,000 $250 $18,750 3
Note: The dollars and PYs for each year in the above chart reflect the total change for that year from FY 2003-04 expenditures, revenues and PYs.

Other Funds
(dollars in thousands)
Fiscal Year Savings Costs Net Savings (Costs) Change in PYs
2004-05 $9,500 $125 $9,375 1.5
2005-06 $19,000 $250 $18,750 3
2006-07 $19,000 $250 $18,750 3
2007-08 $19,000 $250 $18,750 3
2008-09 $19,000 $250 $18,750 3
Note: The dollars and PYs for each year in the above chart reflect the total change for that year from FY 2003-04 expenditures, revenues and PYs.

[1] American Management Systems, Inc., "Enterprise Integration: Enabling Digital Government" (Fairfax, Virginia, 2003).
[2] Gartner Research Inc., "The Need For IT Governance: Now More Than Ever," by Susan Dallas and Michael Bell (Raleigh, North Carolina, January 2004).
[3] Gartner Research Inc., "Work With, Not Against, Your Culture to Refine IT Governance," by A. Mac Neela and J. Mahoney (Stamford, Connecticut, November 2003).
[4] Gartner Research Inc., "Delivering Business Value Through Effective Governance," by J. Roberts (Stamford, Connecticut, October 23, 2003).
[5] Gartner Research Inc., "Creating an Effective IT Governance Process," by M. Gerrard (Stamford, Connecticut, November 20, 2003).
[6] Legislative Analyst's Office, "Overview of State Information Technology And Procurement, Presented to: Assembly Budget Committee" (Sacramento, California, March 2004), p. 2.
[7] RAND Science and Technology, "Effective use of Information Technology-Lessons about State Governance Structures and Processes" (Santa Monica, California and Pittsburgh Pennsylvania, 2003), pp. 48-49.
[8] California State Auditor, Bureau of State Audits, "Information Technology: Control Structures Are Only Part of Successful Governance" (Sacramento, California, February 2003), p. 1.
[9] California State Auditor, Bureau of State Audits, "Information Technology: Control Functions are Only Part of Successful Governance," p. 21; and RAND Science and Technology, "Effective use of Information Technology-Lessons about State Governance Structures and Processes," p. 33.
[10] Legislative Analyst's Office, "Overview of State Information Technology And Procurement, Presented to: Assembly Budget Committee;" California State Auditor, Bureau of State Audits, "Information Technology: Control Functions are Only Part of Successful Governance;" California State Auditor, Bureau of State Audits, "Statewide Procurement Practices: Proposed Reforms Should Help Safeguard State Resources, but the Potential for Misuse Remains" (Sacramento California, March 2003); and Legislative Analyst's Office, "Analysis of the 2004-05 Budget Bill, State Information Technology Projects" (Sacramento, California, February 2004).
[11] California State Auditor, Bureau of State Audits, "Statewide Procurement Practices: Proposed Reforms Should Help Safeguard State Resources, but the Potential for Misuse Remains," pp. 6-7.
[12] California State Auditor, Bureau of State Audits, "Information Technology: Control Structures Are Only Part of Successful Governance," pp. 6-7.
[13] Senate Bill No. 1, (Alquist), "Chapter 7, Part 1 of Division 3 of Title 2 of the Government Code," October 1, 1995.
[14] RAND Science and Technology, "Effective use of Information Technology-Lessons about State Governance Structures and Processes," p. 14.
[15] California State Auditor, Bureau of State Audits, "Information Technology: Control Structures Are Only Part of Successful Governance," p. 20.
[16] RAND Science and Technology, "Effective use of Information Technology-Lessons about State Governance Structures and Processes," p. 8.
[17] Legislative Analyst's Office, "Overview of State Information Technology And Procurement, Presented to: Assembly Budget Committee" (Sacramento, California, March 2004), p. 2.
[18] Legislative Analyst's Office, "Analysis of the 2004-05 Budget Bill, State Information Technology Projects." 1308 Issues and Recommendations
[19] California State Auditor, Bureau of State Audits, "Information Technology: Control Structures Are Only Part of Successful Governance," p. 5.
[20] META Group, "Policy Official: Government Is 'Totally Stovepiped,'"by Thom Rubel (Stamford, Connecticut, December 23, 2004).
[21] Gov. C. Section 11816.
[22] Department of General Services, "State Administrative Manual" (Sacramento, California, March 2003), Section 4819.31.
[23] California State Auditor, Bureau of State Audits, "Information Technology: Control Functions are Only Part of Successful Governance," p. 4.
[24] Department of Finance, "IT Budgeting Guidelines Budget Letter, BL04-09" (Sacramento, California, April 23, 2004).
[25] Legislative Analyst's Office, "Overview of State Information Technology And Procurement, Presented to: Assembly Budget Committee," p. 5.
[26] RAND Science and Technology, "Effective use of Information Technology-Lessons about State Governance Structures and Processes," p. 13.
[27] California State Auditor, Bureau of State Audits, "Information Technology: Control Structures Are Only Part of Successful Governance," pp. 41-42.
[28] Department of General Services, "State Administrative Manual," Section 4989.
[29] Department of Finance, "Feasibility Study Report Preparation Instructions" (Sacramento, California, June 2003).
[30] RAND Science and Technology, "Effective use of Information Technology-Lessons about State Governance Structures and Processes," p. 42; and Legislative Analyst's Office, "Analysis of the 2004-05 Budget Bill" (Sacramento, California, February 2004).
[31] RAND Science and Technology, "Effective use of Information Technology-Lessons about State Governance Structures and Processes," p. 13.
[32] California Department of Finance, "Governor's Budget, 2004-05" (Sacramento, California, January 9, 2004).
[33] META Group, "Governance: The Public-Sector Scenario," by Carol Kelly (Stamford, Connecticut, July 26, 1999).
[34] Legislative Analyst's Office, "Overview of State Information Technology And Procurement, Presented to: Assembly Budget Committee."
[35] Robert S. Metzger, Diana G. Richard, and Dawn Figueiras, "When "More Produces Less": California's IT Terms & Conditions Produce Less Competition & Lower Value" (April 2004).
[36] California State Auditor, Bureau of State Audits, "Statewide Procurement Practices: Proposed Reforms Should Help Safeguard State Resources, but the Potential for Misuse Remains," p. 86.
[37] California State Auditor, Bureau of State Audits, "Statewide Procurement Practices: Proposed Reforms Should Help Safeguard State Resources, but the Potential for Misuse Remains," p. 82.
[38] Interview with John Ashbee, Office of Risk Management, Department of General Services, former manager, Procurement Project Management Academy, Department of General Services, West Sacramento, California (April 1, 2004).
[39] California State Auditor, Bureau of State Audits, "Information Technology: Control Structures Are Only Part of Successful Governance," p. 43.
[40] California State Auditor, Bureau of State Audits, "Information Technology: Control Structures Are Only Part of Successful Governance," p. 4.
[41] State of California, Little Hoover Commission, "Better.Gov-Engineering Technology-Enhanced Government" (Sacramento, California, November 2000), p. 1.
[42] META Group, "Communicating and Institutionalizing the Value of Public-Sector Portfolio Management," by Thom Rubel (Stamford, Connecticut, March 9, 2004).
[43] California State Auditor, Bureau of State Audits, "Information Technology: Control Functions are Only Part of Successful Governance," p. 3.
[44] Gartner Research Inc., "Project Offices Are Key Components of IT Governance," by M. Light (Stamford, Connecticut, November 17, 2003).
[45] California Chief Information Officer, "IT Council Charter," (last visited May 24, 2004).
[46] David M. Fisher, "Optimize Now (or else)," (Lincoln NE: iUniverse Inc., 2003), pp. 58-65.
[47] The Institute of Electrical and Electronics Engineers, Inc., "IEEE Standard 1362-1998, IEEE Guide for Information Technology, Systems Definition-Concept of Operations (ConOps) Document" (New York, The Institute of Electrical and Electronics Engineers, Inc., 1998).
[48] Mark E. Mulaly, "Get Your Priorities Straight: Defending a Formal Approach to Making Project Choices," The Cutter IT Journal (April 2003). pp. 10-11.
[49] Bert Kersten and Chris Verhoef, "IT Portfolio Management: A Banker's Perspective on IT," The Cutter IT Journal (April 2003), p. 27.
[50] Legislative Analyst's Office, "Overview of State Information Technology and Procurements."
[51] Jeanne Ross and Peter Weill, "Recipes for Good Governance-Keynote," CIO Magazine (June 15, 2004).