Share this:

IT Modernization Best Practices Repository

Revision for “IT Modernization Best Practices Repository” created on July 23, 2018 @ 12:38:49

Title
IT Modernization Best Practices Repository
Content
The IT Modernization Best Practices Repository wiki was created for the <a href="http://it-cisq.org/cyber-resilience-summit/">Cyber Resilience Summit</a> series. Here you will find meeting notes, presentations, policy updates, press coverage and more. &nbsp; The IT Modernization Best Practices Repository is managed by <a href="http://it-cisq.org/"><img class="alignnone wp-image-4675" src="http://it-cisq.org/wp-content/uploads/2015/09/CISQ-LOGO-EMAIL.jpg" alt="" width="97" height="49" /></a> <a href="http://it-aac.org/"><img class="alignnone wp-image-3197" src="http://it-cisq.org/wp-content/uploads/2014/11/ITAAC-logo.jpg" alt="" width="55" height="57" /></a> &nbsp; &nbsp; <h2><span style="color: #ff6600; font-size: large;"><span style="color: #2a6891;">UPCOMING MEETING </span></span></h2> <a href="http://it-cisq.org/cyber-resilience-summit-oct-2018/">Cyber Resilience Summit: The Crossroads of IT Modernization &amp; Cybersecurity</a> October 16, 2018 at the Army Navy Country Club in Arlington, VA, USA Registration is now open! Admission is complimentary for government employees and elected officials, not-for-profit standards developing organizations, and universities; industry $250. &nbsp; &nbsp; <iframe src="https://www.youtube.com/embed/JYkpNlaKKA8" width="560" height="315" frameborder="0" allowfullscreen="allowfullscreen"></iframe> &nbsp; &nbsp; <h2><span style="color: #ff6600; font-size: large;"><span style="color: #2a6891;">MEETING NOTES </span></span></h2> Download <a href="http://it-cisq.org/wp-content/uploads/2018/04/Exec-Summary-Cyber-Resilience-Summit-Mar-2018.pdf">meeting notes</a> from the March 20, 2018 Cyber Resilience Summit &nbsp; Download <a href="http://it-cisq.org/wp-content/uploads/2017/11/Cyber-Resilience-Summit-Oct-2017-Executive-Summary.pdf">meeting notes</a> from the October 19, 2017 Cyber Resilience Summit <h1></h1> &nbsp; <h2><span style="color: #ff6600; font-size: large;"><span style="color: #2a6891;">PRESENTATIONS</span></span></h2> <a href="http://it-cisq.org/wp-content/uploads/2018/03/CISQ-Cyber-Resilience-Summit-2018-3-20-BILL-CURTIS-Standards-for-Managing-Cybersecurity-Risk-and-Technical-Debt.pdf">Standards for Managing Cybersecurity, Risk and Technical Debt</a> Dr. Bill Curtis, Executive Director, Consortium for IT Software Quality (CISQ) Cyber Resilience Summit, March 20, 2018 &nbsp; <a href="http://it-cisq.org/wp-content/uploads/2018/03/CISQ-Cyber-Resilience-Summit-2018-3-20-MARC-COHEN-Using-Software-Quality-Standards-with-Outsourced-IT-Vendors.pdf">Using Software Quality Standards with Outsourced IT Vendors - a Fortune 100 Case Study</a> Marc Cohen, Vendor Management practitioner at Fortune 100 institution Cyber Resilience Summit, March 20, 2018 &nbsp; <a href="http://it-cisq.org/wp-content/uploads/2018/03/CISQ-Cyber-Resilience-Summit-2018-3-20-ADAM-ISLES-Chertoff-Group.pdf">Security Risk Management</a> Adam Isles, Principal, Chertoff Group Cyber Resilience Summit, March 20, 2018 &nbsp; <a href="http://it-cisq.org/wp-content/uploads/2018/03/CISQ-Cyber-Resilience-Summit-2018-3-20-MICHAEL-CHUNG-Bugcrowd.pdf">Bugcrowd - The Pentagon Opened Up to Hackers and Fixed Thousands of Bugs</a> Michael Chung, Head of Government Solutions, Bugcrowd Cyber Resilience Summit, March 20, 2018 &nbsp; <a href="http://it-cisq.org/wp-content/uploads/2018/03/CISQ-Cyber-Resilience-Summit-2018-3-20-ROBERT-MARTIN-MITRE.pdf">Risk Management Standards in Practice</a> Robert Martin, Senior Principal Engineer, MITRE Cyber Resilience Summit, March 20, 2018 &nbsp; <a href="http://it-cisq.org/wp-content/uploads/2018/03/CISQ-Cyber-Resilience-Summit-2018-3-20-HERB-KRASNER-Texas-IT-Champion.pdf">Getting IT Quality Standards into Practice - Confessions of a Texas IT Champion</a> Herb Krasner, University of Texas at Austin (ret.), Texas IT Champion Cyber Resilience Summit, March 20, 2018 &nbsp; <a href="http://it-cisq.org/wp-content/uploads/2018/03/CISQ-Cyber-Resilience-Summit-2018-3-20-JEFF-BARKSDALE-UL-2900-Security.pdf">UL 2900 Security Standards</a> Jeff Barksdale, Principal Security Advisor, Underwriters Laboratories (UL) Cyber Resilience Summit, March 20, 2018 &nbsp; <a href="http://it-cisq.org/wp-content/uploads/2017/10/CISQ-CYBER-RESILIENCE-SUMMIT-2017-10-19-JOHN-WEILER-ITAAC-Roadmap-for-IT-Modernization-and-Cyber-Resilience.pdf">Roadmap for IT Modernization and Cyber Resilience</a> John Weiler, Vice Chair, IT Acquistion Advisory Council (IT-AAC) Cyber Resilience Summit, October 19, 2017 &nbsp; <a href="http://it-cisq.org/wp-content/uploads/2017/10/CISQ-CYBER-RESILIENCE-SUMMIT-2017-10-19-EMILE-MONETTE-SCRM-for-CDM-Products.pdf">Supply Chain Risk Management (SCRM) for Continuous Diagnostics and Mitigation (CDM) Products</a> Emile Monette, Senior Cybersecurity Strategist and Acquisition Advisor, DHS OCISO Cyber Resilience Summit, October 19, 2017 &nbsp; &nbsp; <h2><span style="color: #ff6600; font-size: large;"><span style="color: #2a6891;">PRESS COVERAGE</span></span></h2> <a href="https://www.federaltimes.com/civilian/dhs/2018/03/21/lack-of-resources-means-agencies-must-accept-threat-of-cyber-breach/">Resources-strapped agencies are leaving networks vulnerable to cyberattack</a> Jessie Bur, Federal Times, March 21, 2018 &nbsp; <a href="https://www.fedscoop.com/scott-says-workforce-drain-bigger-problem-y2k/">Tony Scott calls IT workforce drain a "creeping" crisis bigger than Y2K</a> Carten Cordel, fedscoop, October 20, 2017 &nbsp; <a href="http://www.executivegov.com/2017/10/report-dhs-tests-cyber-tech-acquisition-mgmt-model/">Report: DHS Tests Cyber Tech Acquisition Management Model</a> Nichols Martin, ExecutiveGov, October 20, 2017 &nbsp; <a href="https://www.fedscoop.com/dhs-piloting-agile-acquisition-cdm-for-cloud-ciso-says/">DHS piloting agile cyber acquisition, CDM for cloud, CISO says</a> Carten Cordel, fedscoop, October 19, 2017 &nbsp; <a href="https://www.meritalk.com/articles/dhs-to-stand-up-cdm-cloud-shared-services-for-small-agencies/">DHS to Stand Up CDM Cloud Services for Small Agencies</a> Morgan Lynch, Meritalk, October 19, 2017 &nbsp; <a href="https://www.meritalk.com/articles/learn-to-deal-with-cybersecurity-risk/">Learn to Deal With Cyber Risk</a> Morgan Lynch, Meritalk, October 19, 2017 &nbsp; &nbsp; <h2><span style="color: #ff6600; font-size: large;"><span style="color: #2a6891;">POLICY</span></span></h2> GSA is weighing "multiple initiatives" for the next wave of IT Modernization CoE (Centers of Excellence) projects in 2019, reports <a href="https://www.fedscoop.com/gsa-weighing-multiple-initiatives-next-coe-projects-2019/">fedscoop</a>. The CoE program, announced in December 2017, is built on five teams of IT talent specializing in cloud adoption, IT infrastructure optimization, customer experience, contact center services and service delivery analytics. Those teams are paired with contractors, as well as personnel at target agencies, to carry out IT modernization projects based on their skill sets. <a href="https://www.fedscoop.com/usda-modernization-centers-excellence-joanne-collins-smee/">They kicked off work in April.</a> The USDA was selected to be the “lighthouse” agency for the rollout of all five CoE teams. &nbsp; The <a href="https://tmf.cio.gov/">Technology Modernization Fund (TMF)</a>, which supports the transformation of agency IT to improve mission execution and delivery of services to the American public, has awarded funding for three projects (for more information see <a href="https://tmf.cio.gov/projects/">https://tmf.cio.gov/projects/</a>). The TMF website has launched for updates: <a href="https://tmf.cio.gov/">https://tmf.cio.gov/</a>. &nbsp; The White House Office of Management and Budget published the <a href="https://www.whitehouse.gov/wp-content/uploads/2018/05/Cybersecurity-Risk-Determination-Report-FINAL_May-2018-Release.pdf">Federal Cybersecurity Risk Determination Report and Action Plan</a> on May 20, 2018 in accordance with Presidential Executive Order 13800, <em>Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure</em>, (Executive Order 13800) and OMB Memorandum M-17-25, <em>Reporting Guidance for Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure</em>. &nbsp; The <a href="https://www.performance.gov/PMA/Presidents_Management_Agenda.pdf">Presidents Management Agenda</a> was released on March 20, 2018 and focuses on three drivers: IT modernization, modern workforce, data transparency and accountability. “A key part of the President’s Management Agenda is establishing cross-agency priority goals, or what we call CAP goals, to compliment the broad vision and get into execution and on the ground tactics,” says Office of Management and Budget Deputy Director for Management Margaret Weichert. “Each CAP goal will be led by an interagency team of senior federal leaders.” Read more on <a href="https://www.federaltimes.com/management/2018/03/20/trump-management-agenda-to-focus-on-multi-agency-goals/">Federal Times</a>. Says the White House, "Because accountability is important part of the PMA, CAP goal results will be tracked publicly each quarter online at <a href="http://www.performance.gov/PMA">www.performance.gov/PMA</a>." &nbsp; <a href="https://fcw.com/articles/2018/02/06/mgt-guidance-omb-memo.aspx">OMB's user guide to the MGT Act - </a>February 6, 2018 on <a href="https://fcw.com/articles/2018/02/06/mgt-guidance-omb-memo.aspx">FWC</a> The Office of Management and Budget is working on a rules-of-the-road document to cover how agencies can seek funds under the Modernizing Government Technology Act. In a <a href="https://fcw.com/~/media/GIG/FCWNow/Documents/2018/MGT_Act_Draft_Guidance.pdf">19-page draft memorandum</a> to agency heads obtained by FCW, OMB lays out what information agencies should include in their project proposals to receive money from the centralized modernization fund, housed by the General Services Administration, as well as how to navigate using their IT working capital funds. &nbsp; Gen. Burke "Ed" Wilson was promoted to OSD Policy on Cyber. <a href="https://www.defense.gov/News/News-Releases/News-Release-View/Article/1426514/senior-executive-service-announcements/">Read the announcement</a> published January 29, 2018 on www.defense.gov. &nbsp; Suzette Kent, principal at Ernst &amp; Young, is appointed new Federal CIO by President Donald Trump. Read <a href="https://fcw.com/articles/2018/01/26/kent-new-federal-cio.aspx">Trump picks federal CIO</a> (FCW) on January 26, 2018. &nbsp; Final <a href="https://itmodernization.cio.gov/">White House IT Modernization Plan</a> delivered to President Trump in December 2017 outlining plans to accelerate the modernization of legacy systems. See <a href="https://itmodernization.cio.gov/">https://itmodernization.cio.gov/</a>. &nbsp; <a href="http://it-cisq.org/wp-content/uploads/2017/10/IT-AAC-Federal-IT-Modernization-Rpt-Signed-9-20-17B.pdf">IT-AAC Federal IT Modernization Report</a> signed September 20, 2017 was submitted to White House American Technology Council (ATC) in response to Executive Order 13,800. &nbsp; <a href="http://it-cisq.org/wp-content/uploads/2017/11/IT-AAC_DoD_Cloud_RFI_2017_final.pdf">IT-AAC Recommendations for Embracing Commercial Cloud in DoD</a> signed November 17, 2017 submitted to DoD Cloud Executive Steering Group. &nbsp; &nbsp; <h2><span style="color: #ff6600; font-size: large;"><span style="color: #2a6891;">CYBER RESILIENCE STANDARDS</span></span></h2> Consortium for IT Software Quality (CISQ) <a href="http://www.it-cisq.org/standards">www.it-cisq.org/standards</a> <ul> <li>Standards for software sizing: <a href="http://it-cisq.org/standards/automated-function-points/">Automated Function Points</a>, <a href="http://it-cisq.org/standards/automated-enhancement-points/">Automated Enhancement Points</a></li> <li>Standards for structural quality: <a href="http://it-cisq.org/standards/automated-quality-characteristic-measures/">Automated Quality Characteristic Measures</a>, <a href="http://it-cisq.org/standards/technical-debt/">Technical Debt</a></li> <li>CISQ launched a new <a href="http://it-cisq.org/standards/embedded-extensions-working-group/">Embedded Extensions working group</a> to develop standards for securing embedded and real-time systems.</li> </ul> Also see <a href="http://it-cisq.org/standards/related-standards-and-guidelines/">related standards and guidelines</a> including NIST, ISO, CMM, etc. &nbsp; &nbsp; <h2><span style="color: #ff6600; font-size: large;"><span style="color: #2a6891;">WEBINARS</span></span></h2> <a href="http://it-cisq.org/cisq-webinar-new-automated-technical-debt-standard/">New Automated Technical Debt Standard </a> The CISQ measure of Automated Technical Debt has just been approved by the OMG® as a standard for measuring the future cost of defects remaining in system source code at release. Technical Debt hinders innovation and puts businesses at unacceptable levels of risk, including high IT maintenance costs, outages, breaches, and lost business opportunities. Dr. Bill Curtis, CISQ Executive Director, delivers an overview of the specification. &nbsp; <a href="http://it-cisq.org/cisq-webinar-using-software-quality-standards-with-outsourced-it-labor-vendor-engagements-a-fortune-100-case-study/">Using Software Quality Standards with Outsourced IT Vendor Engagements - a Fortune 100 Case Study</a> Marc Cohen led IT vendor management at American Express and discusses how to use software quality standards from CISQ in outsourcing engagements. He explains how to derive better software, better development resources, and better vendor relationships by leveraging software quality standards. &nbsp; <a href="http://it-cisq.org/cisq-webinar-using-software-quality-standards-at-scale-in-agile-devops-environments/">Using Software Quality Standards at Scale in Agile and DevOps Environments</a> Over the past two years Fannie Mae IT has transformed from a waterfall organization to a lean culture enabled by Agile and DevOps. Barry Snyder, DevOps Product Manager at Fannie Mae, discusses how to use software measurement standards from CISQ to demonstrate significant improvements in code quality and development productivity. Executive management monitors the organization’s Agile-DevOps transformation by reviewing quality, productivity, and delivery-to-speed. &nbsp; &nbsp; <h2><span style="color: #ff6600; font-size: large;"><span style="color: #2a6891;"><a id="itaac"></a>IT ACQUISITION ADVISORY COUNCIL (IT-AAC) DOCUMENTS</span></span></h2> <ul> <li><a href="http://it-cisq.org/wp-content/uploads/2018/03/IT-AACICH_Products-and-Services-2017.pdf">IT Acquisition Analytics &amp; Advisory Services </a></li> <li><a href="http://it-cisq.org/wp-content/uploads/2018/03/FITARA_Agile_Acquisition_Maturity_Model.pdf">Agile Acquisition Maturity Model (AAM) </a></li> <li><a href="http://it-cisq.org/wp-content/uploads/2018/03/IT-AAC_FITARA_Agile_Acquisition_Roadmap_CIO.pdf">FITARA Agile Acquisition for Assured IT Modernization (CxO briefing)</a></li> <li><a href="http://it-cisq.org/wp-content/uploads/2018/03/AgileAcq_Brochure_Updated.pdf">Agile Acquisition brochure</a></li> </ul> DoD's acquisition and sustainment chief, Ellen Lord, shares path forward for new office, envisioning an agile acquisition framework, reports <a href="https://federalnewsradio.com/defense-main/2018/05/dods-acquisition-and-sustainment-chief-shares-path-forward-for-new-office/">Federal News Radio</a> on May 25, 2018. &nbsp; &nbsp; <h2><span style="color: #ff6600; font-size: large;"><span style="color: #2a6891;">ADDITIONAL RESOURCES</span></span></h2> <a href="http://it-cisq.org/wp-content/uploads/2017/10/A-Useful-Point-of-Reference-for-Critical-Infrastructure-Resilience.pdf">A Useful Point of Reference for Critical Infrastructure Resilience </a>Don O'Neill, Independent Consultant &nbsp; <a href="https://www.omg.org/events/va-18/special-events/Modernization-agenda.pdf">Presentations</a> from <a href="https://www.omg.org/events/va-18/special-events/Modernization-Summit.htm">OMG® Modernization Summit</a>, March 21, 2018 in Reston, VA &nbsp; &nbsp; &nbsp; &nbsp; <h2><span style="color: #ff6600; font-size: large;"><span style="color: #2a6891;">PHOTOS</span></span></h2> <a href="http://it-cisq.org/cyber-resilience-summit-mar-2018/#photos">View more photos from the Cyber Resilience Summit here</a> <img class="alignnone size-full wp-image-8182" src="http://it-cisq.org/wp-content/uploads/2017/06/Cyber-Resilience-Summit-Oct-17-ANCC.jpg" alt="" width="1260" height="741" /> <img class="alignleft wp-image-8086 size-full" src="http://it-cisq.org/wp-content/uploads/2017/10/Untitled.png" alt="" width="292" height="164" />
Excerpt


OldNewDate CreatedAuthorActions
July 23, 2018 @ 12:38:49 TracieBerardi
July 23, 2018 @ 12:38:37 [Autosave] TracieBerardi
July 23, 2018 @ 12:37:48 TracieBerardi
July 17, 2018 @ 18:23:59 TracieBerardi
July 17, 2018 @ 18:17:47 TracieBerardi
July 17, 2018 @ 18:07:12 TracieBerardi
July 17, 2018 @ 17:50:41 TracieBerardi
July 17, 2018 @ 16:54:44 TracieBerardi
July 17, 2018 @ 16:43:30 TracieBerardi
July 17, 2018 @ 16:35:09 TracieBerardi
July 17, 2018 @ 16:33:57 TracieBerardi
July 17, 2018 @ 16:31:33 TracieBerardi
July 17, 2018 @ 16:09:12 TracieBerardi
June 28, 2018 @ 12:25:28 TracieBerardi
June 28, 2018 @ 12:12:08 TracieBerardi

Comments are closed.