“While CIOs continue to face a wide variety of challenges in the effective delivery of technology services, the reforms they are driving consistently embrace a common philosophy: adopt an enterprise vision, drive enterprise thinking, and implement enterprise solutions,” the report states. The report also showed a rise in integration across the enterprise and across jurisdictions to the point that such occurrences are “becoming the norm rather than exception.”
The report showed that almost everyone surveyed recognized the importance of cybersecurity and that states were executing cyberinitiatives to varying extents, with varying degrees of success. Likewise, social media was found to no longer be a new trend, but an established medium, most commonly used for planning during emergencies and disasters, and citizen engagement. As for the cloud, 68 percent of respondents reported either having or planning on implementing cloud-based services.
IT Project and Portfolio Management
Formal oversight practices are nearly ubiquitous, the report states, but generally not considered very effective. These practices were found to be more effective, however, when enforced consistently throughout the state.Survey Question: How effective are your state’s practices for oversight of large IT projects?
52% Somewhat effective
31% Effective
13% Very effective
4% No formal project oversight practices
Survey Question: Do you use a formal IT enterprise portfolio management process to support decisions regarding planned initiatives, projects, or ongoing IT services such as application support?
63% Yes
28% No
7% Other
2% Do not know
Procurement
The biggest problems with procurement, according to respondents, is the length of time it takes and its risk-averse nature, which can stifle innovation. The most desired reforms are better training, more opportunities for negotiation, and the development of standards for cloud services.Survey Question: To what extent do you believe that the contract terms and conditions used by your state to procure IT goods and services are effective in sharing risk between the state and vendors?
48% Somewhat effective
33% Effective
9% Very effective
6% Don’t know/Does not apply
4% Very ineffective
Survey Question: Do you use a formal IT enterprise portfolio management process to support decisions regarding planned initiatives, projects, or ongoing IT services such as application support?
49% Somewhat ineffective
32% Effective
11% Very ineffective
8% Very effective
Survey Question: How satisfied are you with the current system of IT procurement in your state?
43% Satisfied
40% Somewhat dissatisfied
11% Very dissatisfied
6% Very satisfied
Identity and Access Management (IAM)
Almost half of states have an IAM model implemented, and many of these models include citizens.Survey Question: Has your state attempted to extend its IAM solution to identify and authenticate constituents seeking to access state services?
46% No
26% Yes, as a stand-alone capability
12% Other
10% Yes, following the National Strategy for Trusted Identities in Cyberspace (NSTIC) federated ecosystem framework
Disaster Recovery
As natural disasters and emergencies strike major cities and threaten government data and business continuity, disaster recovery becomes an area of increased focus, the report states.Survey Question: What is the CIO’s role in helping the state respond and recover from a natural or man-made disaster?
93% Coordinate with other state officials
85% Maintain a robust, reliable and secure infrastructure
85% Restore communication services
70% Assist in developing delivery work around processes while disaster recovery/business continuity implementations occur
68% Update state website with status reports, alerts and notifications
51% Provide portable communication services
45% Coordinate business process analysis in support of service restoration
19% Role of CIO is unclear or not well defined
4% Other
Survey Question: Please characterize the general approach to IT disaster recovery and business continuity in state government.
64% Federated – a mix of agency and CIO organization responsibility for disaster recovery/business continuity
21% Decentralized – agencies responsible for their own disaster recovery/business continuity
13% Enterprise – CIO delivering all disaster recovery/business continuity services
2% Other
Survey Question: How often is the state’s IT disaster recovery/business continuity plan reviewed and updated?
39% Annually
22% Other
19% Continually
14% Semiannually
6% Biannually
0% Quarterly
Business Intelligence (BI)/Business Analytics (BA)
Although almost one-third of CIOs consider BI and BA essential today, the majority of those respondents believe that states are not yet ready to derive full value from that technology, the report states. However, more than 75 percent of CIO respondents said it will be essential in the future.Survey Question: Where within state government is BI/BA being used effectively with positive outcomes?
61% Human services
59% Health-care services
52% Finance and administration/procurement
52% Revenue
41% Transportation
39% K-12 Education
36% Labor/unemployment
34% Justice-law enforcement, courts, corrections
30% Economic development
25% Higher education
21% Office of the Governor
18% Environmental protection/natural resources
11% Agriculture
11% Emergency management/homeland security
11% Occupation, professions, licensing
9% Recreation and tourism
7% Other
5% Regulator-insurance, utilities
2% Military affairs
The complete 24-page survey report, titled The Enterprise Imperative: Leading Through Governance, Portfolio Management, and Collaboration, can be downloaded for free from NASCIO.