4: Infrastructure
An integrated, accessible Federal infrastructure enabling interoperability across Federal Government 2.0 (Gov 2.0) that uses
new and emerging collaborative technologies to enable more streamlined information exchange with key external and internal
stakeholders, in particular the American Public.
Other Information:
The Best Practices Committee’s mission is to make Goal 4 work: to identify and advocate for the use of innovative collaboration
and communication technologies in government. The areas of privacy, accessibility and security bring challenges to Information
management in the Federal Government not necessarily faced in the private sector. The Best Practices Committee will keep these
areas in mind and focus on the improvements in productivity and ease of citizen access that these technologies will enable.
In addition to it’s leadership role in advocating new collaborative technologies, the Committee will provide executive level
training for key players in the Federal Information Technology (IT) Community, the Chief Information Officers. The Committee
serves an important role in educating new and established CIOs on their roles and responsibilities by conducting semi-annual
CIO Boot Camps. MAJOR ACTIVITIES: Develop a Government 2.0 Plan of Action and Milestones. The vision for moving Government
2.0 forward in the Federal Government will include the ability to articulate and demonstrate how Government 2.0 technology
enables successful mission execution through processes and procedures. Timeline: 2008-2011 and beyond. Promote the importance
of Section 508 compliance to the Federal IT Community, with particular emphasis on Government 2.0 technologies - ensuring
that persons with disabilities have equal access the information presented by these tools. Section 508 requires that Federal
agencies’ electronic and information technology is accessible to people with disabilities. In addition, promote this important
topic, through existing forums, by identifying and leveraging promising practices in this area. Timeline: 2008-2011 and beyond.
Develop a U.S. Government lifecycle acquisition processes and guidance. This includes the development and implementation of
policy guidance, expertise, security standards, and best practices to manage security risk to U.S. Government networks associated
with a global supply chain (e.g. network configuration guidance, commercial offshore outsourcing security standard, service
level agreement requirements for remote network maintenance by commercial vendors, etc.), for use by federal systems security
and procurement personnel. Timeline: 2008-2010. Encourage Federal Advisory Committee Act (FACA) training throughout the Federal
CIO Community. Especially in today’s complex environment, with a mixed workforce (active duty military, civil servants, and
contractors), it is important to ensure the Federal CIO’s receive this information. FACA applies to groups that provide advice
to the federal government. Timeline: 2008-2011 and beyond. Conduct CIO Boot camps. The target audience for the Boot Camps
is Federal CIOs and Deputy CIOs who have been in their jobs less than one year or who have not attended a prior boot camp.
As another tool in the CIO’s toolbox, this educational opportunity allows them to receive the latest information on issues
that will likely face them while performing their duties as a CIO. Topics presented during the bootcamps include strategic
planning, information technology / information resource management workforce planning, capital planning, investment management,
and enterprise architecture. Timeline: 2008-2011 and beyond. Offer Federal CIO field trip opportunities annually in order
to search the private sector for promising commercial technologies. Timeline: 2008-2011 and beyond. KEY PERFORMANCE INDICATORS:
Increase the percentage of agencies actively using the capabilities of Government 2.0. Recognize key players in Government
2.0 via a special CIO Council awards ceremony each year. Increase the percentage of the number of agencies participating in
the CIO Boot Camp. Offer FACA training annually. SUCCESS STORY: The Architecture and Infrastructure Committee (AIC), in conjunction
with OMB, created the Federal Enterprise Architecture Security and Privacy Profile v2.0 (FEA SPP). The purpose of the FEA
SPP is to provide agency decision makers with a scalable and repeatable methodology for addressing information security and
privacy from a business enterprise perspective. To develop the FEA SPP, the AIC formed a cross-agency team to update the goals
and process for augmenting the FEA SPP. The process developed by the FEA SPP team to expand on the FEA SPP documentation was
a ground-breaking and innovative approach that allowed multiple disparate groups to collaborate and create a more effective
guidance document. The FEA SPP team linked system and program-level security and privacy activities to agency architectures
through the FEA reference models, providing agencies with a methodology for managing security and privacy issues according
to the business-focused enterprise viewpoint. The FEA SPP was field tested through validation exercises at the Department
of Housing and Urban Development and the Department of Justice. During these exercises, senior cross-functional teams applied
and reviewed the FEA SPP methodology to ensure its usability and applicability. Through the validation process, the FEA SPP
team identified best practices and developed recommendations designed to promote the successful incorporation of security
and privacy into an organization’s enterprise architecture. The validation process also helped to ensure appropriate consideration
of security and privacy requirements in agencies’ strategic planning and investment decision processes. The process used to
validate the FEA SPP benefited validating agencies by providing them with an opportunity to explore relationships between
security processes and enterprise resources within their agencies. In addition, this process allowed for the thorough testing
of the FEA SPP model before applying it to a wider audience. The execution of this process provided an exemplary method for
testing and validating best practices and recommended techniques for incorporating security and privacy activities into an
organization’s enterprise architecture. The validation process used to develop the FEA SPP will ultimately lead to the widespread
acceptance of information security best practices because the process allowed for transparent decision-making and a clear
understanding of the application of the proposed methodology. The FEA SPP provides agencies with a tool to facilitate the
incorporation of security and privacy activities within their architectures. The FEA SPP is designed to assist organizations
in understanding security and privacy requirements, their ability to meet those requirements, and the business risks associated
with failures to meet security requirements. In addition, the FEA SPP will help program executives select the best solutions
for meeting requirements and improving current capabilities, and improves agencies’ processes for incorporating privacy and
security into major investments by selecting solutions most in keeping with enterprise needs. It is expected that through
the implementation of the FEA SPP, federal agencies’ security and privacy programs will see an improvement in their effectiveness
by applying proven methodology to advance agency security and privacy. The FEA SPP exemplifies one of the many successes of
the AIC by demonstrating the value of a sound process for developing a methodology that will be applied across the Federal
government and by providing a repeatable methodology for addressing information security that will help to improve the business
of Federal agencies. Puget Sound Information Challenge - Gov 2.0 in Ac tion! In November 2007, the theme of EPA’s National
Environmental Information Symposium in St. Louis, Missouri, was “Getting It Right: Access to Environmental Information.” As
an innovative learning experience, Assistant Administrator of the Office of Environmental Information (OEI) Molly O’Neill
joined with former EPA Administrator Bill Ruckelshaus (currently the Chairman of the Puget Sound Leadership Council), to present
a practical challenge to the over 600 attendees. Instead of just panel presentations or demonstrations of technology that
featured ways to access information, the attendees were challenged to collaborate (real time) in providing data, analytical
tools, and strategies to support the mission of a healthy Puget Sound in Washington State. Furthermore, this collaboration
would not use the traditional work groups and break-out sessions on which conferences typically rely. It would occur via the
internet, using the same technology that produced the publiclysourced encyclopedia, Wikipedia. The challenge operated at two
levels. First, it was to provide Bill Ruckelshaus with what he asked for: sound scientific data about the region, tools that
the Partnership might use to plan their action agenda and analyze information and ideas for how to involve Puget Sound citizenry.
But second, it was a test of so-called “Web 2.0” technologies for speeding the pace of collaboration and improving its outputs.
It was an experiment about means as well as ends. The challenge was to mirror, in a small way, the problems of full-scale
regional environmental management. How can we marshal the best scientific data available? How can we achieve consensus about
plans and objectives? And how can we effectively engage the public in such complex, science-driven problemsolving? In the
Symposium exhibit hall, EPA had already set up a “mash-up camp” where every hour people could learn how to mashup different
data sets. This quickly became the Puget Sound Information Challenge Wiki Central. People immediately began to submit a continuous
stream of data, ideas, and links. Their participation was on their “own “time; the Agenda Symposium was packed with other
activities. Small groups spontaneously formed and began collaborating. National Librarians were culling data from library
sources; working with search companies to harvest Puget Sound documents from EPA’s online Libraries. Special searches were
set up to continually harvested the web for relevant data. Global Earth Observation data from NASA and NOAA was interpreted
by university scientists and posted. Others volunteered to organize and tag the data on the site. A few worked into late into
the night to build real applications. The interesting thing was how many hits the wiki was getting through social networking.
People attending the conference had forwarded an email they received from Molly O’Neill and that email continued to be forwarded.
A blogger from Germany even weighed in. In a 36 hour period, the wiki site had over 17,000 page views and 175 separate worthwhile
contributions. An added benefit was that EPA was able to see which of its data assets could be quickly accessed over the web
to work on a problem in a particular place. Web 2.0 tools have tremendous potential to help geographically-based efforts achieve
their goals. The Puget Sound Leadership Council is now considering the use of Web 2.0 technologies to work with the public
and to align plans and activities among different levels of government and their numerous stakeholders. The usefulness of
Web 2.0 interaction with stakeholders has become self-evident over the past several years. The Puget Sound Information Challenge
only adds to the weight of evidence that internet-based collaboration, in all public arenas, will be a fact of life for the
foreseeable future. The challenge is to adapt these tools to public policy development. The government sector is just beginning
the adoption process and policy issues such as privacy, security and official records are still evolving. This is a new application,
with exciting potential. And for EPA, the Puget Sound Information Challenge was an interesting start. Knowledge Management
Best Practic e: “Communities @ State.” U.S. Department of State, Bureau of Information Resource Management. Started in 2005,
the Communities @ State program enables American diplomats in Washington and abroad to form and manage online communities
that focus on shared interests, from foreign policy issues to professional tasks. The program helps State employees bridge
the gaps caused by a highly mobile, highly dispersed workforce assigned to more than two dozen strategic business units domestically
(primarily bureaus that cover specific regions or foreign policy subjects) and more than 260 offices and missions abroad.
Community members can easily and quickly post their information, suggestions, questions, images, and documents to their community
sites. Anyone at State – and for most communities, anyone in the U.S. Government – can add and comment on the content in the
site. The communities use Movable Type, a centrally hosted, lightweight, commercial, off-the-shelf web application. The online
communities are recognized as a key part of the Department’s knowledge management effort and, as such, are the responsibility
of the Deputy Chief Information Officer. The IRM Bureau’s Office of eDiplomacy administers the program, providing technical
and business consulting support to the administrators of the site. Most administrators are non-technical diplomatic professionals
and locally employed staff in State Department bureaus and overseas posts. In 2007, the American Productivity and Quality
Center in Houston, TX, recognized State as a “Best Practice Partner” for the Communities @ State and other innovative knowledge
management approaches that use evolving information technology. eDiplomacy began the C@S Program in 2005 on the unclassified
interagency network, Intelink-U. Intelink provided server space and an installation of Movable Type so that State could host
community sites that would be available to the entire USG community. eDiplomacy worked to modernize State’s internal regulations
to make it clear that this type of community blogging is a valuable and approved activity. During this time, several more
communities joined the program on Intelink-U, and in 2006, C@S expanded to State’s OpenNet network. In 2007, Communities @
State expanded yet again, this time to the classified interagency network, SIPRNet. At present, there are 42 communities in
the program. Thirty-one of these are on the interagency network Intelink-U, 10 are on State’s unclassified OpenNet, and one
is on the classified SIPRNet. To date, these communities have a combined 10,559 entries and 1,758 comments. Since eDiplomacy
began collecting formal metrics on these sites in September 2007, Communities @ State has tallied over 41,000 visits and 100,000
page views. eDiplomacy makes these statistics available to office management on a weekly basis and to site administrators
every month. Communities tend to fall under at least one of three categories: office- or bureau-based communities, topic areas,
or professional dialogues. PD in Europe, a bureau- and professional-based community, allows public diplomacy staff from more
than 40 European posts to share their best practices. Another highly successful bureau-based, inter-mission community focuses
more on a particular topic than any one profession: The North American Partnership, a community of staff in the U.S.’s large
diplomatic missions in Canada and Mexico, provides forum to discuss common homeland security, commercial, economic and environmental
issues. One of the newest communities in the program spans all three categories: Iran Watchers allows staff in the Near East
& Asia bureau to report and discuss Iran-related issues at the classified level. These community sites give State and interagency
colleagues, wherever they are stationed, access to knowledge resources and expertise that otherwise would be difficult or
impossible to find.
Objective(s):
|
