The January 2003 issue of Government Technology reported on North Carolina's efforts to deploy a statewide ID management application. At the time, the North Carolina Identity Service (NCID) seemed promising. The story covered the proposal to roll out individual user IDs for both state employees and residents. The plan is that these IDs would eventually grant access to every state service available online.
When the story first ran, the outlook for NCID was bright. Unfortunately there were clouds on the horizon. North Carolina's Chief Information Security Officer Ann Garrett told a Government Technology reporter that with the state's 26 agencies and 80 boards and commissions, one challenge would be "getting everyone floating their boat in the same direction."
Interagency cooperation was but one of a number of factors that eventually derailed the project. Current Deputy CIO Bill Willis talks about what happened to the project, as well as how -- and why -- the state got NCID back on track.
The ID management initiative originally kicked off in 2001 with unsuccessful results. In 2005 you tried again. What was different this time?
Commitment, different laws and organizational structures.
In December 2004, the Legislature passed a law mandating an IT consolidation plan. They gave the CIO -- who prior to that, had sort of run a shared-services organization without a lot of control over agency things -- significant control over projects.
We have more teeth than we had before. That's part of it. The other part of it is, from my view, the organization -- even our own -- never made a commitment to it. You have an identity management solution sitting there and your own e-mail doesn't use it.
To reinvigorate this, we renamed it. All new projects are required to either use NCID or show to some significant degree why they cannot or why they should not. Our new HR/payroll system that will be rolling out over the next two years -- followed by a complete ERP [enterprise resource planning] on the same platform -- will be using it. So every state employee will have to have an ID to begin that. Our e-mail system will be switched to it.
Another part of it is, because nobody committed to it, they didn't beef up the infrastructure the way they should, and it just sat there and withered. We've now made a commitment to it, organizationally in the shared service, organizationally around the ERP program, and every IT project in North Carolina has to sit in front of me and tell me how they're going to do it, or why they can't. And why they can't is a significant burden. They have to tell us why they're going to invest more money and not move to this scenario.
It's got to be tough to explain why you shouldn't have to do this.
Someone asked me how we're getting people to do this. Generally we're bullying them into it. Everybody's going to come right off the bat and say, "Oh, I can't do it; this adds risk to my project."
It's one of those things you have to have leadership commitment to early on. So we just need to shove them over -- part of that's through force, part of that's through logic, part of it is getting them ready, so down the road we can lower the barriers to transition them in.
But it's mostly a commitment. The reason the first one didn't work is because they didn't commit to it. They didn't drive it. This is one of those things ... the absolute top-of-the-list thing for success is you must be committed to it. This is in that category. You can build it, but they will not come unless you make them.