Oklahoma CIO Alex Pettit aims to eliminate redundant systems in his state's IT infrastructure.

Setting the IT Agenda

New state CIOs can find their way by following these five action items.

As Oklahoma's first official state CIO, Alex Pettit has an unenviable task: helping trim 15 percent of the state budget while still delivering IT services vital to citizens.

Pettit, who was appointed in April 2010 after the Oklahoma State Legislature passed a bill creating the role, says he's in a unique position among state technology leaders.

"Oklahoma has such a heterogeneous environment and distributed-service delivery model that we can cut costs simply by optimizing and simplifying," he says. "Ultimately, we believe we won't have to cut any services -- in fact, we might even improve them. That sounds kind of weird, but it's the likely result."

Other state CIOs won't be so lucky. The November elections brought unprecedented change to U.S. statehouses. Twenty-nine new governors took office this winter, and nearly all of them wish to make their own CIO appointments. The IT leaders will be inheriting what National Association of State CIOs President Doug Robinson calls a "tough-times agenda."

"The last three years have been pretty miserable in terms of state fiscal conditions," Robinson says. "While this impacts a CIO's ability to make changes, it also provides them an opportunity to promote an agenda built around operational effectiveness, particularly around cost-saving strategies like consolidation and virtualization."

For newly appointed CIOs looking for help navigating the unique technical, political and budget concerns associated with their jobs, here's what some of the leading state CIOs have as action items for the administration.

1 Figure out what you have.

Before any cuts can be made, CIOs need to conduct a thorough audit of all hardware, software, services and licenses across all state agencies.

"When you're coming into something as complicated as state government, you almost have to have an audit performed to get a good snapshot of where you are in time and space," Pettit says. "There's often a great discrepancy between what people think they have and what is actually happening out in the field."

Oklahoma state agencies have been inventorying their technology assets over the past year, and the results aren't pretty.

"We have 76 different systems for doing accounting, 48 reporting systems, 17 imaging, 22 time and attendance systems, and 12 different service packages for tracking calls," he says. "The state of Oklahoma uses 357 unique software vendors, 25 different desktop operating systems, and eight versions of McAfee. We put the 'hetero' into heterogeneous."

The good news? The state should be able to cut costs from operations and maintenance merely by simplifying its software builds, Pettit says.

2 Rationalize and consolidate.

Once you've got a handle on what you have, you can employ economies of scale to reduce costs and ease the management burden. For example, in Virginia, CIO Sam Nixon is bringing all the state's IT organizations under one roof.

"We are working to complete transformation and consolidation of state agency IT operations into the Virginia Information Technologies Agency [VITA]/Northrop Grumman shared-services offering," he says. "Currently, 79 of 89 executive branch agencies have completed transformation as part of the common-wealth's partnership with Northrop Grumman."

3 Streamline your infrastructure.

If you haven't already deployed server virtualization to consolidate data centers and reduce IT costs, it's time to catch up with those who have.

"We're already doing all those big mainline best practices around centralization and consolidation," says Brian Arrowood, CIO for Indiana's Office of ­Technology. "No CIO wants to say they're living the dream, but we are reaping fruit from the decisions we made three and four years ago." The state has more than a third of its data centers virtualized, and work continues as technology advances.

4 Don't forget about security.

Regardless of budgetary pressures, no CIO can afford to ignore security, says NASCIO's ­Robinson. Cybersecurity ties into everything, whether the CIO is investigating new enterprise resource planning systems, business process improvements, new data centers or cloud computing.

"The last thing you want is a major security incident affecting a state agency 60 or 90 days after the governor has taken office. That immediately erodes citizens' confidence in government, and the governor's confidence in you."

Indiana's Arrowood says that continuing to bolster security is always a top priority. "Security is always on our plates, and some days it's No. 1," he says.

Number of new governors elected in November 2010, the largest turnover since 1920, when 27 new governors were elected

Source: Associated Press

5 Focus your efforts.

No CIO will be able to achieve everything they set out to do, so they need to pick their battles, says Christy Quinlan, acting secretary of the ­California Technology Agency.

"Know what you need to accomplish and have enough information to make that possible," she says. "Because you really do need information if you want to get these things done."

As in most cases involving elected officials, prioritization starts at the top.

"This transition provides every new state CIO with an opportunity to set his or her own agenda, which is what they were brought in for," says Robinson. "They need to go into the governor's office and ask 'What can I do for you? Are you the education governor? The economics governor? The environmental governor?' What got them elected, and who do they want to communicate with? That's what you need to do to get started."

Tough Times

A NASCIO survey of more than 40 state CIOs reveals some sobering statistics about the state of the states. Here's what the new CIOs face this year:

States anticipating staff reductions

States enacting hiring freezes

States planning to postpone staff retirements

States reporting difficulties recruiting new employees

States reporting difficulty recruiting qualified IT security specialists

Source: NASCIO, January 2011

Shane Bevel
Apr 01 2011