Applying Governance and Oversight

From AFCEAWiki

Jump to: navigation, search

Panelists: Mr. Gary Bliss - OSD Mr. Robert Kazimer - Army CIO G6 Lt. Gen Marc Rogers - USAF Mr. Clifton Williams - Genesis Government Solutions

Army IT Governance (Kazimer) History... Business Mission Area under NDAA 05 established DoD needs to be more active in business actions that use more than $1M. Army AI Center was intended to take inciatives out of MIT and put into use. IT Governance amounted to how high up the Pentagon chain of command do I need to go (usually vice chief) before I can get this software / harware into use? Also about do you have the money and can you find a guy to wire it? First LAN was macintosh with apple talk.

Governance is now can I do this enterprise wide, this is difficult. Clinger Cohen > OSD > guidlines for governance > DBMSC certified (fraction of what is viable)

IA trends: Need more education. APCs consolidating in accordance with GNEC.

Need true accountability in governance, push to command centric. Have data quality manager on staff from MIT Problem is, "we don't know what is on our network"

Lt. Gen Marc Rogers Governance is only effective if the "thing" being "governerned" is adequately understood and accurately defined. Oversight is Leadership and Management responsibility. Key benefits of information age > connect > collaborate Enable people (government) to create, reach, share, aggregate knowledge

Cliff Williams Need to keep up with current law / governance. What rules are out there and what do they say? That is what is important to stay current on, so no one (government or industry) get's in "trouble".

Tim Johnson OSD AT&LAV SOA project and it's relevance to governance 3/2009 acquisition visibility into major defense projects Importance of data governance > must define data > need source > data visibility rules (need to know you can trust the data) Governance is ensuring the data can be trusted Data Entity Package (DEP) - central respository of agreed upon terms for governance Need to come up with joint definitions of what the data means OSD must ensure data quality and integrity Need situational awareness of programs from acquisition side > need to discuss the data and it's importance and how beneficial it is in correct hands > don't want to get hung up on software and systems that will make that dream a reality.

Questions ? DIHMERS - HR ERP - based on governance how was it ensured that this was of value? Is this an example of stovepipe?

Need to build strong requirements in beginning or else it will go out of scope. Need governance from the top, DIHMERS did have that, yet we may have come to the conclusion that it didn't deliver as promised. Leadership and operators transforming their business practices = that's what an ERP is, NOT a technie solution Need a commitment to really CHANGE the business processes (PeopleSoft) in DoD.

People and processes is what failed. ERP is a band aid for broken process. Price tags for ERP go up because the people are standing in the way.

? Coalition / Multi National - standardization of data by service. Interoperability on an international scale? Tenants of GNEC architecture > how we do that is a challenge NATO XMPP Compliant CHAD system > mature our understanding of provisioning those environments ID Management is key with role based access

Language is a limitation > C2 structure and process guided by each country > if we can see the same picture and use the same map

? Does the service enforce real penalties for not following policies? People are responsible for "open safes" and similar things > should be same in cyber world Need to understand that a network compliance memo is an ORDER > there are orders out there months with no response > this is a commander education issue > this is part of us evolving in the info age Gate reviews should act as a governance - no money unless you comply

Retrieved from "http://www.afcea.org/wiki/index.php?title=Applying_Governance_and_Oversight"
Personal tools