Georgia Infrastructure Transformation (GAIT) 2010 update, Vol. 1, Issue 2 (Feb. 20, 2009)

Georgia Infrastructure Transformation (GAIT) 2010 Update

Issue: No. 2

February 20, 2009

In This Issue

IT transformation will reduce information security risk

How will IBM safeguard agency data?

Making sure agencies receive the services they need

Quick Links Previous Newsletters

Ensuring "business as usual" at service commencement
The transition of IT infrastructure services to IBM takes place in just over one month, followed 30 days later by AT&T assuming responsibility for managed network services. GTA is working closely with state agencies and our new technology service providers to make sure everyone is ready for service commencement. Our goal is "business as usual" on April 1 and May 1.
We recently completed the development of initial transition and transformation plans for the 12 agencies in scope to receive IT infrastructure services from IBM.

GTA Website Milestones

q Transition plans provide a detailed list of activities and processes to prepare for service commencement.
q Transformation plans look beyond service commencement to focus

on improvements to the state's technology environment over the next two years and beyond.
State agencies are critical to their development. Each agency has its individual transition and transformation plans, and key agency staff are reviewing the plans so they reflect the agency's unique requirements. These are not static documents, and we will continue working with agencies on updates.
We are also tracking preparations for service commencement through our Transition Readiness Document and Checklist. It covers every detail, down to workstations, PCs and access badges for transitioning employees. We are doing everything possible to ensure IBM is ready to take responsibility for providing the "as is" services starting April 1.
It is difficult to review large, complex documents, but the work is important. I want to thank agency staff for their dedicated efforts and agency heads for their ongoing support.

April 1 - IBM begins providing IT Infrastructure Services
April - AT&T service pilot
May 1 - AT&T begins providing managed network services
June 1 - Statewide Service Desk with 24/7/365 coverage launches
View All Milestones

Patrick Moore GTA Executive Director State Chief Information Officer

IT transformation will reduce information security risk

Reducing the significant risks associated with the way we currently operate the state's IT services is the primary reason for our technology consolidation and transformation initiative. Those risks exist on many fronts:
q rapidly aging equipment, q a failure to meet minimum standards, q an absence of processes, q duplicate spending, and q under funding of critical functions.
But the most significant risk may well be around information security, and our IT transformation will go a long way toward reducing the likelihood of security breaches by implementing consistent security procedures based on industry standards and federal requirements.
Georgia currently maintains federally regulated records for about 10 million people, and information security breaches at state agencies are jeopardizing constituents' private information and costing agencies millions of dollars each year.
Georgians entrust state agencies with their most confidential and sensitive information, and they expect us to maintain appropriate safeguards. By transforming the state's IT operations, particularly in the area of information security, they will know we are taking the proper steps to meet those expectations.
To learn more, read Patrick Moore's blog about GAIT 2010 and what it means to the security of state data.
Back to top
How will IBM safeguard agency data?

IBM is scheduled to conduct a pre-transformation security assessment of the state's primary data center and the data environments of all agencies that are currently in-scope to receive their IT infrastructure services through the state's new contract. These assessments will take place between service commencement on April 1 and the end of 2009.
IBM will then create and implement an enterprise security plan that will address the individual security needs of the agencies. Activities are already underway with the agencies and include the collection of each one's unique security requirements. IBM will also rollout various security tools and monitoring capabilities across the enterprise.
Another security assessment will be conducted following the consolidation of servers at the data center. The second assessment will look at the data center environment, all systems hosted there and any systems remaining at agency sites so we can ensure the goals and objectives of the enterprise security plan are being met. This type of security assessment will be conducted on a periodic basis throughout the contract lifecycle to ensure the established security controls are working effectively.
More GAIT 2010 questions and answers
Back to top
Service Level Agreements: Making sure agencies receive the services they need

When it comes to the delivery of technology services, the contracts with IBM and AT&T are putting an important component in place for the first time: Service Level Agreements.
Our SLAs specify the performance levels for the delivery of technology services to state agencies. The levels in our agreements were determined by state agencies in accordance with cost and business needs.
When we contracted with IBM and AT&T, the state entered into what are called "service relationships." These relationships are defined by contractual provisions and requirements, such as the delivery of defined services for defined prices. SLAs are established to meet and maintain the level of service for which the state contracted. Our SLAs:
q measure the quality of services provided by the service providers, q include incentives for the service providers to meet or exceed every
service level every month, q include incentives for the service providers to meet service levels in
such a way that continuous improvement in service delivery happens over time, q offer flexibility for the state to adjust service levels with minimal negotiations as our business needs change, and q include an agreed-upon method of calculating service levels with the service providers.
The state has used SLAs for other types of services, but those SLAs typically focused on financial penalties. In some instances, it was easier for the service provider to pay the penalties rather than meet the targeted service levels. As we have often said, we do not want our technology service providers' money. We want their services, and our SLAs also include incentives to ensure they provide the services we need.
More information about SLAs - including FAQs and common service level terms - can be found on GTA's website.
Back to top

We welcome your comments and questions about the upcoming service transition and the state's IT transformation. Submit your comment or question
Email Marketing by