Wednesday, July 8, 2009

North Dakota Information Technology Advisory Committee Meeting in Bismarck

MEETING MINUTES

State Information Technology Advisory Committee

Thursday, June 25, 2009
1:15 – 4:30 PM
ND State Capitol, Brynhild Haugland Room


1:15 pm – 1:20 pm Welcome Lisa Feldner
Call to Order: The meeting was called to order by Lisa Feldner.

Members present:
Lisa Feldner - Information Technology Dept.
Rep. Bob Skarphol – Legislative Assembly
Eric Hardmeyer – Bank of North Dakota
Carol Olson – Dept. of Human Services
Francis Ziegler – Dept. of Transportation
Alvin Jaeger – Secretary of State
Pam Sharp – Office of Management and Budget
Sparb Collins – Public Employees Retirement
Tom Trenbeath – Office of Attorney General
Cory Fong – Tax Dept.
Sally Holewa – Supreme Court
Bryan Klipfel –Workforces Safety & Ins.
Randell Thursby – Representing University Systems
Members Absent:
Craig Hewitt, MeritCare Health System
Arvy Smith – Dept. of Health
Maren Daley – Job Service
Sen. Rich Wardner – Legislative Assembly
Kurt Link – MDU Resources Group
Laura Glatt – University Systems

Guests Attending / Presenting:
Cher Thomas – Attorney General’s Office
Joe Herslip – Bank of North Dakota
Tim Horner – Dept. of Transportation
Russ Buchholz -- Dept. of Transportation
Jason Steckler – Legislative Council
Tim Schenfisch – Workforce Safety and Insurance
Jim Silrum – Secretary of State
Don Laflour – State Auditor’s Office
Steve Kahl – Public Service Commission
Cindy Moos – Job Service ND
Kathleen Bachmeier – Dept. of Corrections & Rehab.
Vince Salzer – Dept. of Corrections & Rehab.
Jim Silrum – Secretary of State
Jennifer Witham – Dept. of Human Services
Aon Project Consultants

Jeff Swank – Information Technology Dept.
Mike Ressler – Information Technology Dept.
Gary Vetter – Information Technology Dept.
Mark Molesworth – Information Technology Dept.
Dirk Huggett – Information Technology Dept.
Brandi Fagerland – Information Technology Dept.
Val Brostrom – Information Technology Dept.
Justin Data – Information Technology Dept.
Pat Forster – Information Technology Dept.
Jeff Quast – Information Technology Dept.





1:20 pm – 1:30 pm Adoption of Standards &
Study Team Updates
Cher Thomas

Cher Thomas (Architecture Review Board Chair) provided an update on EA activity:

Domain Name Standard EGT005-04.2: Added language to clarify domains as public facing so that internal application servers could continue to use “state.nd.us” names.

Desktop Operating System Standard DT003-06.2: Removed language that could be interpreted to allow unsupported operating systems. Also changed the standard from operating system specific to operating systems that meet criteria defined by other standards; including anti-virus, authentication, network protocols, critical updates, and patches.

Lisa Feldner accepted a motion from Al Jaeger to adopt the changes, a second from Eric Hardmeyer, and a unanimous vote for approval.

Data at Rest/Encryption study team is conducting an analysis of disk encryption products from various vendors. The goal is to identify products that offer the features and cost structure necessary to protecting sensitive data in the event that a computing device or storage device is lost, stolen, or compromised.

Collaboration study team is evaluating several product categories that are commonly referred to as Collaboration, including Wiki, Forums, Blogs, RSS feeds, and Document Sharing. The initial focus has been on requirements for Wiki tools, and the team is nearly completed with that category.

Resource Finder study team has looked at the feasibility of using PeopleSoft’s Resource Finder module as a solution for an enterprise resource directory of employee information. Active Directory has also been considered, as has a hybrid repository consisting of data from multiple existing repositories. The team is currently preparing a report to present to the ARB.

Electronically Stored Information study team is reviewing the storage, management, retention and discovery of electronically stored information, especially as it applies to open records laws and litigation holds.

Single Sign-On study team is reviewing products that allow Single Sign-On or Managed Sign-On. This would simplify end user authentication processes and allow system administrators to effectively support authentication processes. The Dept. of Human Services is considering such a tool, and the team is reviewing security requirements, enterprise feasibility, and cost/benefit.

Social Networking study team is looking at how Web 2.0 technologies could apply to government functions. An initial meeting found several areas that are already using technologies. This team is not focused at limiting usage. Rather, they are looking at any implications that must be addressed, such as security, open records, etc.

1:30 pm – 1:40 pm Internet Filtering
Lisa Feldner
While upgrading the existing K-12 web content control devices, ITD found an affordable way to provide adult-content web-filtering for state government and political subdivisions. It will be implemented by July 1, 2009. Blocking inappropriate content is more effective than monitoring/reporting improper behavior.


1:40 pm – 2:00 pm ADA Compliance & Site Testing
Jeff Swank

The Accessible Web Development Standard (EGT004-04.1) requires compliance with state and federal laws. This appears to be a duplication of policy, as agencies must comply with the laws with or without the EA standard. After studying what other states do and what federal/state statutes address, it is the recommendation of ITD, the Architecture Team, and the Architecture Review Board that the standard is rescinded.

Lisa Feldner accepted a motion to rescind the standard from Tom Trenbeath, a second from Sparb Collins, and a unanimous vote from approval.

Historically, ITD has tested state websites for ADA compliance at no direct charge to agencies. However, the toolset has become obsolete, and the resource commitment has become extensive. Starting at the end of August, ITD will no longer produce free accessibility reports.

Committee members expressed concerns for keeping websites ADA compliant and acknowledge that this is a risk management issue. Agencies may choose to test their own websites, work with ITD to procure testing services, contract with an outside vendor for testing, or focus efforts on writing/developing ADA complaint sites.

2:00 pm – 2:15 pm WSCA PC Contract Update
Pat Forester

The state has been utilizing Standard Configurations on PCs for five years. The Western State Contract Alliance (WSCA) contract expires August 31, 2009. ND participated in the RFP process for a new WSCA contract which goes into affect September 1, 2009.

An EA study team reviewed the WSCA PC contract and ongoing use of standard configurations. The WSCA Premium Savings Packages (PSP) was added to WSCA in 2008 which expanded the range of models (desktop, laptop, ultra-light, tablet, education models, and monitors). Fifteen states currently participate in WSCA PSP, which provides models from three vendors (HP, Dell, and Lenovo).

Recommendations supported by the Desktop Domain Team, The Architecture Team, and the Architecture Review Board:
1) ITD/OMB will execute state contracts with WSCA vendors
2) State agencies will use WSCA Premium Saving Package configurations as the ND standard PC configurations
3) Enterprise Support Providers will work with their customers regarding supported WSCS PSP configurations
4) Agencies with their own support staff may purchase agency-specific WSCA PSP configurations (recommending agencies use a single vendor to maintain support efficiencies)
5) ITD/OMB will participate in WSCA PSP standards group and provide communications/guidance to agencies regarding PC standards
6) Usage is mandatory; state agencies shall use WSCA PSP configurations when business needs can be met. An exception process exists.

Lisa Feldner accepted a motion from Al Jaeger, a second from Sparb Collins, and a unanimous vote from approval.

2:15 pm – 2:30 pm Break

2:30 pm – 3:30 pm Agency Reports Mark Molesworth

Dept. of Transportation’s Facial Recognition: Tim Horner notified SITAC of a new project designed to improve the integrity of ND drivers’ licenses. The DOT was awarded a $500,000 grant from the US Dept. of Homeland Security for protecting drivers’ licenses against identity theft and fraud. This is a 4-5 month project scheduled to begin in August; after obtaining spending authority from the Emergency Commission. It does not involve any modifications to the existing drivers license application. The vendor, L1 Technologies, will install facial recognition software to cleanse ND’s 1.2 million images for possible matches. Law enforcement will be notified of any fraudulent activity.

Dept. of Corrections and Rehabilitation’s Electronic Medical Records System (EMRS): Kathleen Bachmeier and Vince Salzer explained why project milestones had been missed; including resource constraints and the difficulties with implementing the product in a detention setting rather than a traditional hospital environment. The DOCR Medical Staff is very satisfied with the new application, and the project will be completed successfully.

Workforce Safety & Insurance’s ITTP: Tim Schenfisch described a multi-year project to replace WSI’s Claims and Policy systems with commercial-off-the-shelf products. The initial project baseline was determined in September, 2008; the Claims system implementation was expected in August, 2009, and Policy system implementation was expected in March, 2010. Using that baseline, the project is 26% behind schedule. In March, 2009, a new schedule was established because of delays with software design; Claims is now scheduled for January, 2010, and Policy is now scheduled for June, 2010. Free maintenance/support has been negotiated with the vendor to compensate for past and future variances in schedule. However, the project continues to see slippage in schedule and concerns with quality. Another major release of the software is expected in the beginning of August. Primary lesson learned: Never under-estimate schedule.

Secretary of State’s DPS: Jim Silrum described the vision to convert all filings from paper to electronically stored documents. Initially, North Carolina had a product that ND thought could be customized and converted to meet our needs. After several months of effort, ITD was confident it could complete the project, but the architecture would need to be replaced shortly thereafter. A decision was made to stop. Using remaining budget, an RFP was submitted for building a solution from the ground up. A vendor was awarded the contract based on price/ability, and the initial estimate was to complete work by September, 2009. It now appears that May, 2010 is more realistic. Internal resources have been stretched beyond their capacity. Primary lesson learned: Spend specific budget to allow vendors to understand your business. This is a fixed-price project, so overall cost/quality will be met at the expense of schedule.

Job Service North Dakota’s Appeals/UI Easy Enhancement: Mike Fischer explained a 21% overage in project schedule. Five unexpected, emergency projects (related to flooding and federal recession-based initiatives) have been given higher priority and are consuming critical resources. The project is moving ahead now. Acceptance testing was completed today, and the project will go-live on July 6th. Primary lesson learned: Project priorities may shift due to unforeseen legislative changes.

Dept. of Human Services’ EBT: Val Brostrom reported that funds were turned back to the Child Support Program because the Electronic Benefit Transfer project finished under-budget.

3:30 pm – 4:00 pm Direction of Enterprise Architecture
Jeff Swank

A fully mature EA process includes technical, data, business process, and application components. Traditionally, ND’s focus has been on technical governance. The next step would be to expand into Business Process Architecture and Data Architecture. Some small steps are already underway with initiatives related to electronically stored information, .GOV domain names, business development engine, and master client index.

The committee sought clarity among the various architectures and expressed concerns regarding cost/benefit.

Lisa Feldner accepted a motion for further analysis from Sparb Collins, a second from Rep. Bob Skarphol, and a unanimous vote from approval.

4:00 pm – 4:20 pm Large Project Oversight Process Review Mark Molesworth
Presented the history and governance of project management in ND, and articulated the four outstanding strategic priorities of Enterprise Project Management:

1) Review/Rewrite the guidance, tools, and templates
2) Create a Lessons Learned Database
3) Train/Mentor
4) Conduct Project Portfolio Management

Reviewed the Enterprise Project Management Office. It consists of three people with a goal of extending project management practices as to minimize the need for oversight. Also reviewed the SITAC responsibilities for reviewing project variances and un-ranked projects.

4:20 pm – 4:30 pm Wrap-up

Lisa Feldner

No comments: