IT execs look for guidance

Williamsburg, Va. - Federal information technology managers are searching for guidance on how to deal with new technologies and policies, and the CIO Council is determined to step forward and fill that role.

The CIO Council conducted an informal survey of the attendees of last week's Information Resources Management Conference '99 here, most of whom were senior information technology executives. It revealed that most are aware of IT issues such as security, privacy and capital planning but said they do not feel they have a grasp on exactly what needs to be done.

Attendees enthusiastically greeted all questions as to whether governmentwide guidance would be helpful.

IRMCO council co-chairman Jim Flyzik said one of the key goals of the CIO Council in the next fiscal year is to offer more guidance and direction for senior IT managers. "The idea is to take some action," said Flyzik, who also is vice chairman of the CIO Council. "[The] Clinger-Cohen [Act of 1996] gave us this opportunity, and it's important that we step up and take that opportunity."

The CIO Council's goals include incorporating its strategic plan in President Clinton's fiscal 2000 IT budget and creating useful guidance for agency CIOs, Flyzik said. That way, IT issues will attract more attention.

The CIO Council also plans to work more at the committee level. The council's IT Workforce Committee is working on several studies of the IT pay scale, an issue that 92 percent of executives at the conference said was needed.

But 55 percent of those executives said pay is not the only issue adversely affecting federal IT recruitment and retention. The committee also is working with the Office of Personnel Management to restructure federal IT job descriptions and on developing other methods for luring IT talent to the federal market.

"There are many other things that we are studying, and a lot of other issues that are involved," said Gloria Parker, co-chairwoman of the committee and CIO at the Department of Housing and Urban Development.

The CIO Council's Security, Privacy and Critical Infrastructure Committee is looking at several areas that the survey respondents felt would be helpful.

Because of requests from agencies, the security subcommittee is working with the General Services Administration and the U.S. Agency for International Development to help create the Model Information Security Systems Program best practices guidelines and training for federal employees.

The survey responses emphasized the immediate need for such guidance, with 60 percent of the executives saying their agency is not practicing basic security procedures.

The critical infrastructure group also has plenty of work to do. About 38 percent of the executives at the conference said they are aware of Presidential Decision Directive 63, which requires agencies to protect their critical information systems from cyberattacks, but the executives said their agencies are not doing enough to comply. And 45 percent of the executives said they were not aware of the directive.

The lack of awareness of the directive should not come as a surprise because the Year 2000 problem has dominated IT executives' agenda, said Fernando Burbano, head of the critical infrastructure subcommittee and State Department CIO. "I think you're going to see those numbers flip-flop rather rapidly after January," he said.

In the privacy area, executives overwhelmingly asked for guidance, with 70 percent saying there should be governmentwide guidelines on how to develop and place privacy policies on World Wide Web sites.

The Capital Planning Committee and its Information Technology Investment Portfolio System (I-TIPS) is the most obscure group, with 54 percent of the executives never having heard of the system. I-TIPS is a Web-based systems that helps federal CIOs and IT managers answer questions about IT spending and analyze proposals for how to spend an agency's IT budget. I-TIPS, designed to be used with an existing IT capital planning process, responds to CIOs' call for a system that takes into account procurement guidelines set by the Office of Management and Budget and the General Accounting Office

Almost all of the committees have been renamed and restructured to reflect their focus. Underlying each goal is the recognition that the council needs to connect more with the federal IT community.

Some agencies have established ways to share information, However, 45 percent of the executives at the conference said there is no structure in place to make sharing information easy. Half of them said they did not know if their agencies used the studies and reports that the council distributes.

This will be the focus of the Outreach Committee, but it is going to be a cooperative effort between the committee and agencies because it is the responsibility of many executives to pass information down through their organization, said Alan Balutis, co-chair of the committee and deputy CIO at the Commerce Department.