CIO Council wants standards-based best practices
Connecting state and local government leaders
The council's focus over the next year will be on collecting agency and industry examples in telecommunications, IT security, portfolio management, disaster recovery and contingency planning, and the business value of IT.
The CIO Council is on the lookout for more best practices.
With about 60 examples already submitted to their Solutions Exchange program over the past year, Dave Wennergren, the Navy's CIO and co-chairman of the council's best practices committee, said the focus over the next year will be on collecting agency and industry examples in the areas of telecommunications, IT security, portfolio management, disaster recovery and contingency planning, and the business value of IT.
'Best practices must be standards-based or based on commercial software,' he said today at a luncheon in Washington, sponsored by the Association for Federal Information Resource Managers. 'It cannot be a best practice if it is not based on standards because it would not then be in wide use.'
The CIO Council launched the Solutions Exchange'a registry of applications for program and project managers to search and possibly deploy'last October. Wennergren said the registry includes basic information about systems, tools and processes that can be reused by agencies, and where program and project managers can find out more about these best practices. He added that agencies have had success using it.
The CIO Council plans to move the Solutions Exchange to the Component Organization and Registration Environment in early 2006, Wennergren said.
Wennergren also said other areas ripe for best practices include identity management, Web services, information-sharing and management services.
Charlie Havekost, the Health and Human Services Department CIO and the other co-chairman of the best practices committee, said standards are important to move agencies forward toward new technology and away from 'monolith' legacy systems.
'Those monolith systems embodied business processes, and it was hard to streamline them,' Havekost said. 'Everything we want to do means we have to work on these legacy systems. We have to replace the entire system because it is too hard to replace individual pieces.'
Havekost said systems need to be in modules so components can be swapped out as technology evolves.
Wennergren added that encouraging the use of best practices starts with providing tools in addition to policy documents to do the job.
'We provided bases with a vulnerability assessment tool as a way to get them all to improve their IT security,' Wennergren said. 'That was a good way to align them to a best practice.'
Havekost said sometimes best practices give workers the tools they need to make their jobs easier or more effective, but sometimes best practices must be implemented by 'pure muscle.'
'You have to get people to realize they can work with this after all,' he said. 'You have to prove it is possible, then prove it is practical and then show them it is inevitable.'