While the IC’s research organization looks into adding security to cloud environments, in the here and now, intelligence agencies are sharing more data.
The Federal Enterprise Architecture Program Management Office is urging agencies to use a simple formula to measure the soundness of their EA implementations: Calculate IT spend as a % of discretionary spending.
Agencies don’t like it, says Richard Burk, chief architect in the Office of Management and Budget. Why? Because it makes it appear as if information technology spending is going down. But really it’s a ratio, so if the overall budget rises while the figure declines, it reflects how well systems are serving the enterprise, Burk says.
OMB’s latest assessment of EA finds agencies making progress. In its recent summer ratings, 19 of 24 agencies merited green (or satisfactory) scores on the use of EA to drive planning and performance.
Grab a Partner
With less than a year until agencies must have their networks ready for Internet Protocol Version 6, there’s still hope for agencies to meet the June 2008 deadline if they rely on one another. That’s the recommendation of the Internal Revenue Service’s Gerald Lepisko. “If everyone is working alone, we’re going to get nowhere fast,” says Lepisko, engineering and capacity management chief in the Office of the CIO for IRS Enterprise Networks and the agency’s lead for IPv6 efforts.
The Treasury Department has formed a cross-department team with representatives from all its bureaus, and Lepisko’s organization has set up an IPv6 testing lab at the IRS to validate product and system readiness. “Small bureaus have the opportunity to partner with the large bureaus that have more resources,” he says.
What does the mandate require by next summer?
Lepisko says there’s a lot of intensive work once you get past these three basic requirements. Agencies should evaluate their applications portfolio and prioritize the work and investment necessary for conversion to IPv6. The age-old practice of hard-coding IP addresses throughout apps will magnify the cost of updating them. Code designed to handle an IPv4 address (32 bits) will not be sufficient for an IPv6 address (128 bits). In an ideal world, agencies should recast apps so that they are IP-agnostic.
Besides his work on the Treasury IPv6 team, Lepisko is helping the CIO Council IPv6 Working Group by heading up its Security Subcommittee. The subcommittee is creating basic security recommendations and testing procedures that the council will promote for use by agencies before they upgrade networking gear.
Read "A Sticky Situation" to learn about IPv6 and how to handle DNS snafus.
Off the Shelf/Recommended Reading
By Whom: Michael Novak, senior analyst at the Internal Revenue Service and 2006 co-chairman of the CIO Council’s
Knowledge Management Working Group
Book: Knowledge Organizations: What Every Manager Should Know by Jay Liebowitz and Tom Beckman
Why: “In the fast-paced, uncertain environment of the early 21st century, the effective use of knowledge may be the sole determining factor between organizational success and failure.”
Most books on knowledge management (KM) have focused on the subject from academic, philosophical or technological perspectives. Knowledge Organizations puts KM right where it belongs: on the manager’s desk. This book, more than any other, takes KM out of the theoretical realm and gives managers practical guidance on how to apply the concepts in the routine, day-to-day managing of an organization.
Most Important Takeaways: One important takeaway is an elegant description (Page 52) of “the knowledge management process.” Another is the 80 pages of advice on how to implement each stage of the process. Finally, there is a series of vignettes showing
how real-life organizations have put the advice into practice.
Developing computer models to gauge disaster risks and to aid in post-disaster planning takes time. Almost two years after Hurricane Katrina swept ashore along the Gulf Coast, the Army Corps of Engineers has released what it says is the first systematic review of risk estimates for future hurricane planning based on studying 152 computerized hurricanes.
The Corps has created a site (nolarisk.usace.army.mil) for all federal, state and local agencies to use to base hurricane planning and evacuations on given the current state of the levees, flood walls and other protection measures for a 350-mile sweep around New Orleans.
Despite the work and findings, the Interagency Performance Evaluation Task Force says that more data would improve the modeling, especially relative to planning to save people’s lives. The models all rely on no evacuations. But as these plans emerge, the task force recommends creating models that could be adjusted to reflect explicit evacuation scenarios.