"Georgia's technology investments have not resulted in a reliable, recoverable and secure system that ensures data is protected and needs are being met." -- Gov. Sonny Perdue, November 2008.
In announcing that the state had signed contracts with IBM and AT and T to outsource much of its IT infrastructure, Georgia Gov. Sonny Perdue called the bold step necessary because he could no longer assure Georgians about the security of their data.
"Imagine a CEO saying that to his customers," said Patrick Moore, CIO of Georgia. "A governor shouldn't have to say that to his citizens."
As executive director of the Georgia Technology Authority (GTA), Moore saw himself as someone leading an agency that was failing its constituencies in many ways. Shortcomings he identified included unnecessary duplication of efforts, inefficient allocation of resources, and an inability to promote and adopt best practices.
After several years of studying the issue, in 2008 Georgia decided to become the second state to outsource most of its IT infrastructure. (In 2005 Virginia entered into a 10-year, $2 billion partnership with Northrop Grumman for the provision of most of its IT infrastructure services. Texas has outsourced its data center provisioning.)
"Many states are reaching the same conclusion to consolidate infrastructure," Moore explained in a recent interview with Public CIO. "Then the question becomes: Do you outsource or insource those services?" That's up to each state to decide, he said. Texas and Virginia have been pioneers in outsourcing, and Michigan has been for insourcing. "We looked at all their experiences in our decision calculus."
The infrastructure services deal with IBM, which took effect April 1, is valued at $873 million over eight years with two, one-year options to renew. It includes mainframes, servers, printers, service desk, end-user computing and disaster recovery. Dell and Xerox are subcontractors. The telecommunications pact with AT and T starts May 1, 2009, and includes wide-area network, local-area network and voice services. It's valued at $346 million over five years with two, one-year options to renew. The state said it expects to save an estimated $180 million compared to existing IT spending across the 12 agencies affected by the change.
The Bigger Picture
Georgia's decision to outsource IT infrastructure is part of a larger effort by the Perdue administration to focus on bringing private-sector practices to state government services. Describing himself as the "CEO of the ninth largest, third fastest-growing state," Perdue, the state's first Republican governor since the 1870s, has stressed the principles of efficiency, transparency, accountability and customer service.
Among his first steps after becoming governor in 2003 was the establishment of the Commission for a New Georgia (CNG), a group of business executives that creates task forces to examine state practices and makes efficiency recommendations. The state is carrying through many of the commission's streamlining recommendations on procurement and management of real-estate assets. Early in its deliberations, the CNG identified the GTA as an outsourcing target.
Perdue also created a state chief operating officer position and named Jim Lientz, a former Bank of America executive, to the post in 2003.
Lientz said he has spent the past six years applying business principles to state government activities. "When we came in, the state didn't know what real estate and leases it had or how many vehicles it owned," he said. "These are things that are basic for the private sector."
Photo: Georgia COO Jim Lientz
A 2008 CNG report noted that today, detailed records on every government building, piece of land and lease are available on a public Web site. And since 2004, 1,867 government vehicles have been taken off the road and sold at public auctions, reducing the fleet by nearly 10 percent and saving $3.9 million in annual operating costs.
Lientz stressed that it was important to see operations, such as accounting and personnel, on an enterprisewide level. "We wanted processes and procedures standardized across all departments," he said. "That has a big impact on the value proposition."
He called the IT outsourcing one of the biggest transformational projects the state will undertake, but added that it was in line with his basic philosophy. "We realized that delivering certain types of services is not a core competency of government and that we were putting ourselves at risk by our inability to manage them well." The outsourcing was not a money-saving move, he added, but rather a risk-reduction strategy.
Making the Decision
It's not surprising that Moore and Lientz see eye to eye on the outsourcing effort, because before becoming CIO, Moore worked as Lientz's deputy and before that as deputy chief of staff in the governor's office. He became interim CIO in September 2006 and has been the permanent CIO since February 2007.
But Moore stressed that outsourcing was not a foregone conclusion. "I did not walk into it with a preconceived notion of what we were going to do."
Photo: Georgia CIO Patrick Moore
He said the GTA began an outsourcing project in 2001, but because the requirements kept shifting, vendors got spooked, and the effort was eventually scrapped. "That left the GTA in disarray and with a bad reputation among agencies," he said. "Over time, that made it difficult to get things done."
He does note several recent GTA accomplishments, including a state-of-the-art data center and a new network backbone. In 2008, the Brookings Institution ranked the Georgia.gov portal No. 2 in the country behind only Delaware. "We were getting things done," Moore said, "but nothing transformational."
Before any decision was made, Moore took an in-depth look at GTA operations. In 2007, he hired consultancy TPI of Woodlands, Texas, to assist with the assessment.
After collecting and analyzing data, TPI's observations about the IT operations of the GTA and participating agencies included:
The GTA is not operating effectively; it's a highly inefficient and dysfunctional organization -- delivering expensive services. The agencies mistrust the motives and capabilities of the GTA. Agency decisions and current practices are placing key business systems and operations at risk. The state is paying more than it should for IT services as agencies create redundant islands of operations to work around the GTA. The capabilities within the state to fix the problem have deteriorated to such an extent that only an enterprisewide initiative that draws services and skills from the market has the opportunity to make timely repairs. Moore accepted TPI's recommendation to consolidate the responsibility for managing the state's technology infrastructure under the GTA and outsource the delivery of services to the private sector. Throughout 2008, the state developed requirements and released RFPs. The contracts were awarded in November 2008.
One glitch in the outsourcing process was that during the procurement, Northrop Grumman and EDS pulled out of the bidding, leaving IBM as the only bidder for the infrastructure contract.
"Would I have preferred to have three or four bidding? Yes," Lientz said. But he added that the state had great confidence in IBM and "didn't have any second thoughts about going ahead."
With the GTA's new service-based approach, Moore explained, issues such as security and backup that used to trouble agencies become components built into the solutions they are buying.
"We didn't have the capacity to audit and monitor compatibility and security issues as new equipment was rolled out," Moore said. "Now we will just be buying a service with those capabilities built in."
Having a clear-eyed assessment of your own competencies and those functions where you would be better served by a third party can lead to a sustainable and financially responsible outsourcing relationship, noted Paul W. Taylor, chief strategy officer for the Center for Digital Government.
"That's best-case scenario," he said. "Where these arrangements tend to go wrong is when public agencies convince themselves that they can outsource a problem without fixing it, either by themselves or with the help of a third party. So even when the contractor makes a broken process move faster, it is still broken and likely to fail at the most unfortunate moment. The contractor then gets kicked to the curb, and the broken process returns home -- older but no less broken."
Moore said his biggest challenge now is to transform the GTA as it downsizes. "We are no longer a big group running around setting up data centers. We are moving to a service-management organization of 80 people or smaller," he said. As of May 1, the GTA will have 150 staffers, down from 600 when Moore started as CIO in 2006. IBM offered 290 GTA employees jobs, and they all accepted. On the telecom side, 33 accepted jobs with AT and T and 92 have been laid off.
Staffers did not readily accept the changes, Moore admitted. "All change is difficult," he said. The agency tried to open up communication channels by holding monthly question and answer sessions and sending weekly e-mails, mostly about the transition.
"The toughest issue is that some people will not reach retirement milestones with the state government because of this agreement," he said. "That's very difficult. It's not lost on anybody because you are having an impact on their lives."
Seeking to make the transition smoother, Moore and his staff studied the examples of Virginia and Texas. "We have spent a lot of time working on this and have not gone into it blindly," he said. "We are incorporating lessons learned from other states." An example, he said, is that Georgia leaders understood they needed a service-management organization fully operational on the first day IBM employees walked in the door.
The GTA leaders also spent time studying what would work best in terms of service-level agreements. They developed a consumption-based pricing model, with agencies billed for the services they use.
Moore's own job as CIO is shifting to a focus on ensuring that vendors meet the agreed-upon service levels. "Some government organizations make the mistake of setting up an agreement with the vendor and throwing it in a drawer," Moore said. "It can't work that way. We have to be made whole if they mess up." If IBM doesn't hit agreed upon service levels, it will be financially penalized, but if it can return to and exceed service levels, it can earn back some of that penalty. "We thought it was important," Moore said, "to have both carrots and sticks in the agreement."
Moore is convinced that if outsourcing had been attempted eight or nine years ago, it would have failed. "Within state agencies, we didn't have people in place who could handle the change-management challenge this represents. Now we do," he said.
"IBM can consolidate servers and meet uptime goals. We know that," Moore added. But more importantly, he believes, the GTA can now focus some of its efforts on helping agency CIOs improve their transparency and build stronger cases for application-development funding.
"We are moving to a more mature state in which agencies can focus on providing services to constituents," he said, "instead of worrying about servers being down or network outages."