Final
STAFF SUMMARY OF MEETING

COMMITTEE ON JOINT TECHNOLOGY COMMITTEE

Date:08/11/2014
ATTENDANCE
Time:09:02 AM to 11:26 AM
Hill
*
Rankin
E
Place:SCR 356
Schwartz
A
Singer
*
This Meeting was called to order by
Newell
X
Representative Tyler
Tyler
X
This Report was prepared by
Matt Kiszka
X = Present, E = Excused, A = Absent, * = Present after roll call
Bills Addressed: Action Taken:
CORE Update
Introduction and Update from New OIT Secretary of Technology and CIO
Presentation on Status of Moving Data to the Cloud
Presentation on the Colorado Information Marketplace
Presentation on Broadband Mapping
Presentation on New Gating Process, OIT		Witness Testimony and/or Committee Discussion Only
Witness Testimony and/or Committee Discussion Only
Witness Testimony and/or Committee Discussion Only
Witness Testimony and/or Committee Discussion Only
Witness Testimony and/or Committee Discussion Only
Witness Testimony and/or Committee Discussion Only

09:02 AM

Representative Tyler, Chair, called the meeting to order.

09:05 AM -- Presentation on CORE Going Live

Kara Veitch, Deputy Executive Director, Department of Personnel & Administration (DPA), and Bob Jaros, State Controller, came to the table to present on the Colorado Operations Resource Engine (CORE) project to update the Colorado Financial Reporting System (COFRS). Ms. Veitch explained that DPA used an off-the-shelf product for the project. She laid out how first-round training for CORE ended in June 2014, across 30 different classes, with some departments also leading their own department-specific training. Training is continuing into the fall in conjunction with the Office of Information Technology (OIT) for additional web-based training. Ms. Veitch also addressed rumors about the status of the project, when the system went live, and how the system has been operating since roll-out.

09:07 AM

Representative Tyler asked if procurement was transparent for employees who wish to make bids, and Ms. Veitch addressed how bids can be made and how they have been communicated to users. Representative Tyler asked how the Department of State was doing with bids, and if access was live for them. Mr. Jaros explained that the department is completely engaged and that full functionality was up and running.



09:09 AM

Mr. Jaros discussed the activities that have been achieved since the roll-out of CORE, which include system stabilization and running payroll. Senator Hill asked Mr. Jaros when the first financial close under CORE would be. Mr. Jaros described the close process and said that it should occur August 29 for the month of July. Discussion of the difference in close transactions between the COFRS and CORE systems ensued.
09:15 AM

Mr. Jaros discussed the support system and hotline that have been established to provide user support for CORE. Representative Tyler asked if anything, other than labor allocation, had delayed the go-live date of the new system. Mr. Jaros detailed the challenges of labor allocation and payroll under the new system.

09:18 AM

Mr. Jaros discussed the security of CORE and whether any security risks exist within the system. He explained that access was very tightly controlled by user role, and that there is a privately-managed cloud that is not accessible from the internet by anyone but approved users. Representative Tyler asked Mr. Jaros to speak to federal-level security. Michael Brown, Director of Enterprise Architecture Applications for OIT, came to the table to speak to this. He described whether CORE meets federal security guidelines, and responded to a question on federal guidelines and certifications for security. Representative Tyler asked Mr. Brown to discuss how security is managed at the individual level, and Mr. Brown detailed the differing levels of security surrounding roles and users.

09:24 AM

Mr. Jaros stated that the system update would not have been possible without the 150 employees who made up the CORE team. Senator Newell stated that the success of the project should be touted and that recognition for the employees who were a part of the update should be considered. Ms. Veitch stated that a reception was going to be held at the Governor's mansion for the employees, and that there were other things that were being done to recognize them and the overall success of the project. Representative Tyler requested a report from DPA on the success of the project.

09:29 AM -- Introduction and Update from New OIT Secretary of Technology and CIO

Suma Nallapati, Office of Information Technology (OIT) Secretary of Technology and Chief Information Officer, came to the table to present to the committee on her new role within OIT and to update the committee on recent changes within the organization. A copy of the morning's OIT presentations was distributed to the committee (Attachment A). Ms. Nallapati outlined her vision for OIT, the collaboration she was implementing, and the initiatives she is rolling out. Ms. Nallapati spoke to OIT's priorities with different departments, meeting project deadlines with these departments, and the reduction of onboarding times that she was aiming towards. Representative Tyler spoke to the process of OIT service tickets and ensuring that tickets are closed in a timely fashion. Ms. Nallapati addressed the expectations of ticket resolution. She discussed the OIT playbook that had been created and the "OneView" dashboard that had been developed to provide a single dashboard view for service items that are important to OIT and the agencies it serves. She said that these had both been received very well. Senator Newell asked about the timeline for the design and deployment of the dashboard, which Ms. Nallapati explained was deployed across multiple agencies in a timely fashion. Representative Tyler asked Ms. Nallapati to explain the operation of the dashboards. Ms. Nallapati explained that they were not yet automated, but that OIT was first focused on providing the information that is most needed in a neat and timely fashion, with automation to follow.



09:39 AM

Ms. Nallapati went on to discuss the vacancies that had opened up recently within the OIT administration. She spoke to the Chief Information Security Officer (CISO) and Chief Technology Officer positions, and who had been hired to fill the vacancies. She also spoke to other critical roles within OIT. Ms. Nallapti then discussed system up-time and the number of outages that OIT had experienced in recent months. She stated that previously there was not a good system in place for tracking and measuring up-time, but that she was implementing one and had a goal of 99.9 percent uptime.

09:43 AM

Ms. Nallapati went on to discuss the OneView dashboards further, referencing an example dashboard (page 7 of Attachment A). She further discussed the specific individuals who were being hired by OIT, and Representative Tyler asked her to follow up at a later date with an overview of OIT employee turnover in the past few years so that the committee would know what to expect in the future. Ms. Nallapati then spoke to OIT's "Wildly Important Goals," which center around a "back to basics" strategy, protecting state assets and data, customer-focused employees, and IT job growth. Senator Hill asked Ms. Nallapati to speak further to the measurement of information security risks she had mentioned and for more context on the agency's 10% reduction in information security risk goal. Trace Ripak, acting CISO, came to the table to speak to measurements for security within OIT and its baseline goals for overall security. Representative Tyler asked Mr. Ripak to draw a comparison between the security levels of the private versus the public environment, and the committee requested for OIT to send more detailed information on its information security goals.

09:55 AM

Ms. Nallapati discussed employee engagement within OIT. She outlined the limitations of public sector hiring and retention. Senator Newell requested a report on past OIT customer and employee engagement. Ms. Nallapati stated that OIT's job growth goal was to create 1,000 more IT jobs in Colorado by the close of FY 2015-16. Senator Newell discussed the talent pipeline within Colorado and how it can be developed, and Ms. Nallapati provided an overview of how OIT is approaching the IT talent pool. Senator Newell made some suggestions for engagement with industry groups that could assist in this.

10:01 AM

Ms. Nallapati discussed the success of the CORE launch and the major ongoing projects of OIT (page 11 of Attachment A).

140811 AttachA.pdf140811 AttachA.pdf




10:03 AM -- Presentation on New Gating Process, OIT

William Chumley, acting Chief Customer Officer, came to the table to present on OIT's Gate Methodology for IT Sustainability and Enterprise Governance Standards (page 14 of Attachment A). Representative Tyler asked if projects of all sizes would fit under the governance standards that OIT had laid out, and Mr. Chumley confirmed that they did. Mr. Chumley discussed the total cost of ownership of IT within the state, and Representative Tyler asked him to speak to security at the desktop level.

10:09 AM

Mr. Chumley discussed the personal services budget of OIT (page 15 of Attachment A) and responded to a question from Senator Newell on the decision making process for its gate methodology and the agencies for which it provides IT security and services. He spoke further on the gate process and the different "gates" that a project must pass through, which include an "Intake Phase," "Initiation Phase," "Planning Phase," "Execution Phase," and "Closing Phase." Representative Tyler asked if the overall process was embedded within OIT culture. Mr. Chumley explained that the process was about 50 per cent embedded and that OIT was working towards more engagement of the process.

10:17 AM

Mr Chumley went on to discuss collaboration between OIT and state agencies. Representative Tyler asked Mr. Chumley to explain the point at which the Joint Technology Committee (JTC) would be engaged by OIT within its gate process. Mr. Chumley explained that the JTC would most likely serve within the first gate, for the intake phase, and described how it could assist. The committee discussed what agencies might need to present to the committee on for it to assist in the project consideration process, and how the overall process could best function. Senator Newell asked Mr. Chumley to describe the engagement model that has worked best for OIT, and whether this could be deployed at an enterprise level. Mr. Chumley spoke to the Department of Public Health and Environment's engagement model, explaining that the agency has IT coordinators across its organization that drive engagement and the different ways that it works alongside OIT. Senator Newell requested that the department communicate to the committee in the future on the development of engagement models with agencies and overall IT project processes.

10:25 AM

At the request of Senator Newell, Mr. Chumley talked to the engagement model that had been developed with the Office of State Planning and Budgeting.

10:27 AM -- Presentation on Status of Moving Data to the Cloud, OIT

Casey Carlson, Director of Enterprise Architecture, came to the table to provide an update on OIT's mission of moving state data to the cloud. He defined the different aspects of the cloud, discussed compliance with standards for cloud-based data storage, and responded to questions on how the cloud is built from the ground up, the security levels implemented for Colorado Department of Human Services data and whether these security levels meet federal requirements, the state's partnership with Century Link as a service provider, whether the hosting of data meets federal standards, and the state's funding sources for data security. The committee discussed the compliance of state systems with federal standards for hosting and security. Michael Brown provided some context on this matter and responded to questions from the committee surrounding the Federal Information Security Management Act (FISMA) and other federal standards for secure data management.






10:44 AM

Representative Singer asked for a comparison with the private sector for cloud migration standards, and Mr. Carlson stated that it is governed by the same standards. Mr. Carlson outlined the different building blocks of the state hybrid-cloud (page 26 of Attachment A). Representative Tyler requested that OIT provide a glossary of the structure of the state private cloud and its capabilities.

10:50 AM -- Presentation on the Colorado Information Marketplace

Mr. Brown explained the platform for data sharing within the state, known as the Colorado Information Marketplace. He discussed why the marketplace is needed and what it constitutes (page 28 of Attachment A), how the data is shared, and how datasets can be requested. Representative Tyler asked for information on how many people are visiting the marketplace, which is available at data.colorado.gov.

10:56 AM

Mr. Brown discussed the variety of individuals and organizations that use the state data that is made available, and how other governments are utilizing such local and state data within their own jurisdictions. He also outlined how the data is made available (page 34 of Attachment A) and how it can be manipulated by a user of the website (pages 39-42 of Attachment A). Mr. Brown then discussed mobile application capabilities surrounding the open data provided by the marketplace.

11:03 AM -- Presentation on Broadband Mapping

Jon Gottsegen, State Geographic Information Systems Coordinator, came to the table to present to the committee on broadband mapping within the state. He described the current issues that OIT was facing in its broadband mapping project (page 46 of Attachment A), which surround the maximum advertised speed, census block geography, over-reporting of data, validation of data, and the definition of broadband in terms of meeting state goals for mapping. Representative Tyler asked him to expand on the crowd sourcing of data surrounding broadband speed tests within the state.

11:10 AM

Senator Newell asked Mr. Gottsegen to discuss who is on local technology teams within the state as part of the mapping project. Mr. Gottsegen explained the different government officials and members of the public who are usually on such teams. He responded to another question on the success of these local teams in helping develop broadband within the state. Mr. Gottsegen then discussed the preferred data content that OIT is seeking on broadband development and deployment within Colorado and the process timeline that it has established (page 51 of Attachment A).

11:17 AM

Mr. Gottsegen responded to questions on the need to communicate during natural disasters and whether any information from constituents in rural areas who might be most affected by natural disasters could be of use to OIT, the areas that have Local Technology Planning Teams, towers within the state and how they play into the mapping project, and whether someone from the broadband mapping team could attend local town hall meetings to talk about data and broadband planning.

11:24 AM

Senator Newell made a request of OIT to reduce the amount of paper used in its presentations to match its mission of sustainability.



11:26 AM

The committee was adjourned.

10:03 AM -- Presentation on New Gating Process, OIT

William Chumley, acting Chief Customer Officer, came to the table to present on OIT's Gate Methodology for IT Sustainability and Enterprise Governance Standards (page 14 of Attachment A). Representative Tyler asked if projects of all sizes would fit under the governance standards that OIT had laid out, and Mr. Chumley confirmed that they did. Mr. Chumley discussed the total cost of ownership of IT within the state, and Representative Tyler asked him to speak to security at the desktop level.

140811 AttachA.pdf140811 AttachA.pdf

10:09 AM

Mr. Chumley discussed the personal services budget of OIT (page 15 of Attachment A) and responded to a question from Senator Newell on the decision making process for its gate methodology and the agencies for which it provides IT security and services. He spoke further on the gate process and the different "gates" that a project must pass through, which include an "Intake Phase," "Initiation Phase," "Planning Phase," "Execution Phase," and "Closing Phase." Representative Tyler asked if the overall process was embedded within OIT culture. Mr. Chumley explained that the process was about 50 percent embedded and that OIT was working towards more engagement of the process.

10:17 AM

Mr Chumley went on to discuss collaboration between OIT and other state agencies. Representative Tyler asked Mr. Chumley to explain the point at which the Joint Technology Committee (JTC) would be engaged by OIT within its gate process. Mr. Chumley explained that the JTC would most likely serve within the first gate, for the intake phase, and described how it could assist. The committee discussed what agencies might need to present to the committee for it to assist in the project consideration process, and how the overall process could best function. Senator Newell asked Mr. Chumley to describe the engagement model that has worked best for OIT, and whether this could be deployed at an enterprise level. Mr. Chumley spoke to the Department of Public Health and Environment's engagement model, explaining that the agency has IT coordinators across its organization that drive engagement and the different ways that it works alongside OIT. Senator Newell requested that the department communicate to the committee in the future on the development of engagement models with agencies and overall IT project processes.

10:25 AM

At the request of Senator Newell, Mr. Chumley talked to the engagement model that had been developed with the Office of State Planning and Budgeting.