DOI ITIM Maturity Framework

1

• DOI ITIM Maturity Framework
• Capital Planning
• Working Team Meeting
• October 25, 2006

2
What is the GAO ITIM Maturity Framework?

• Identifies and organizes 13 processes that are
  critical for successful management of
  investments.
• The framework provides three key capabilities
• Rigorous, standardized tool for internal and
  external evaluations of an agencys IT investment
  management process
• Consistent and comprehensible mechanism for
  reporting the results of these assessments to
  agency executives, the Congress, and other
  interested parties and
• Road map that agencies can use for improving
  their investment management processes.

3
Integration Requirements

• Framework requires integration with other key
• processes
• Strategic Planning
• project Management
• Enterprise Architecture (EA) management
• Human capital management
• Software and system acquisition management.

4
Achievement of Stage 3 Maturity at DOI

• Achievement of Stage 3 is DOI GPRA Goal
• The 1993 Government Performance and Results Act
  (GPRA or the Results Act) introduced the concept
  of performance management to government. This
  important law required strategic and performance
  planning. It required agencies to set annual
  goals and then report annually on the extent to
  which they were achieving their goals.
• DOI Expectations
• 70 of Key Practices by end of FY 2007
• 100 of Key Practices by end of FY 2008

5
GAO ITIM Maturity Framework Stages
6
Stage 3 Maturity Criteria

• 1) Defining the Portfolio Criteria
• Developing quantitative and qualitative factors
  to compare and select projects for the investment
  portfolio.
• Purpose To ensure that the organization
  develops and maintains IT portfolio selection
  criteria that support its mission, organizational
  strategies, and business priorities.
• Organizational commitments
• The organization has documented policies and
  procedures for creating and modifying IT
  portfolio selection criteria.
• Responsibility is assigned to an individual or
  group for managing the development and
  modification of the IT portfolio selection
  criteria.
• Activities
• The enterprise-wide investment board approves the
  core IT portfolio selection criteria, based on
  the organization's mission, goals, strategies,
  and priorities.
• Project management personnel and other
  stakeholders are aware of the portfolio selection
  criteria.
• The enterprise-wide investment board regularly
  reviews the IT portfolio selection criteria,
  using cumulative experience and event-driven
  data, and modifies the criteria as appropriate.

7
Stage 3 Maturity Criteria - continued

• 2) Creating the Portfolio Criteria
• Process of comparing worthwhile investments and
  then combining the investments selected into a
  funded portfolio.
• Purpose To ensure that IT investments are
  analyzed according to the organization's
  portfolio selection criteria and to ensure that
  an optimal IT investment portfolio with
  manageable risks and returns is selected and
  funded.
• Organizational commitments
• The organization has documented policies and
  procedures for analyzing, selecting, and
  maintaining the investment portfolio.
• Activities
• Each IT investment board examines the mix of new
  and ongoing investments and their respective data
  and analyses and selects investments for funding.
• Each investment board approves or modifies the
  performance expectations for the IT investments
  it has selected.
• Information used to select, control, and evaluate
  the portfolio is captured and maintained for
  future reference.

8
Stage 3 Maturity Criteria - continued

• 3) Evaluating the Portfolio
• Process that builds upon the Providing Investment
  Oversight critical process from Stage 2 by adding
  the element of portfolio performance to the
  organizations control process activities
• Purpose To review the performance of the
  organization's investment portfolio(s) at
  agreed-upon intervals and to adjust the
  allocation of resources among investments as
  necessary.
• Organizational commitments
• The organization has documented policies and
  procedures for reviewing, evaluating, and
  improving the performance of its portfolio(s).
• Activities
• Data on performance of the IT portfolio are
  defined and collected consistent with portfolio
  performance criteria.
• Adjustments to the IT investment portfolio are
  executed in response to actual portfolio
  performance

9
Stage 3 Maturity Criteria - continued

• 4) Conducting Post-Implementation Reviews
• The PIR is conducted to
• Examine differences between estimated and actual
  investment costs and benefits and possible
  ramifications for unplanned funding needs in the
  future and
• Extract lessons learned about the investment
  selection and control processes that can be used
  as the basis for management improvements.
• Purpose To compare the results of recently
  implemented investments with the expectations
  that were set for them and to develop a set of
  lessons learned from these reviews.
• Organizational commitments
• The organization has documented policies and
  procedures for conducting PIRs.
• Activities
• The investment board identifies which projects
  will have a PIR conducted.
• Quantitative and qualitative investment data are
  collected, evaluated for reliability, and
  analyzed during the PIR.
• Lessons learned and recommendations for improving
  the investment process are developed during the
  PIR, documented, and then distributed to all
  stakeholders.

10
CPWT Brainstorming

• What are the most significant challenges that
  each bureau faces in achieving Stage 3 maturity?
• What key practices are most challenging to
  implement?
• How can the Department help each bureau address
  these challenges?
• What do you need from your Bureau to address
  these challenges?

11
Validation of Achievement of Stage 3

• Three Options for DOI to Consider
• Independent assessment by contractors
• Department Assessment
• Independent assessment by peer team

12
Option One Independent Contractor Assessment

• Pros
• Less time by Government staff
• Validation would be independent outside source
• Thoroughly documented results
• Cons
• Cost for funding contract support.
• Staff time to coordinate with contracting staff
• CPIC Coordinators still have to evaluate work
  product and facilitate data collection
• Audit-like report

13
Option Two Department Assessment

• Pros
• In-depth knowledge of DOI processes and
  procedures
• Cost effective
• Demonstrates Departments commitment to achieving
  goal
• Cons
• Constrained DOI CPIC Resources.
• Bureau / Department tension Department
  judging performance of bureau.
• Validation would not be totally independent

14
Option Three Independent Peer Assessment

• Pros
• CPIC Coordinators would have greater opportunity
  to learn about other bureaus processes.
• Cost effective.
• Minimizes confrontation promotes collaboration
  
• Improved understanding on overall Department
  processes and other IT portfolios.
• Cons
• Requires CPIC Coordinators to take on additional
  responsibility
• Some training time commitment
• Validations would not be totally independent

15
DOI OCIO Preference Independent Peer Review Team

• Format for Review
• CPIC volunteers, teams of five to seven
• Develop process/methodology for conducting peer
  assessments (November/December)
• One bureau per quarter in order to spread out
  time-commitment
• Start in FY 2007 2nd Quarter

16
Closing Thoughts

• DOI and the bureaus need to partner and work
  together to meet ITIM Maturity Goals.
• Achievement of Stage 3 maturity is a GPRA goal
• Achievement of Stage 3 helps us better serve our
  customers