Governance & Planning
Latest News:
GTA adopts 10 new IT standards
GTA consolidates data submission for IT reports
Learn more about Enterprise Governance and Planning
GTA adopts 10 new IT standards
GTA has adopted 10 new IT standards whose purpose is to ensure the appropriate management of IT-related expenses, risks and benefits. The most prominent are the Enterprise Operating Environment (EOE) standard and the Enterprise Performance Lifecycle (EPLC) standard.
The EOE standard requires all new IT systems or existing systems undergoing significant modification to be designed to take advantage of the cost-effective, world-class IT services offered by GTA through its infrastructure and managed network service providers. The goal is to ensure state government obtains the maximum value and benefit possible from these services.
The EPLC standard combines GTA’s existing standards for IT operations, strategic planning, project management and information security into a single, 10-stage framework. The framework is designed to control risk and to ensure IT investments deliver on their projected value. Each stage includes requirements to be met before a system moves on to the next stage. During a system’s operational stage, the business owner must conduct annual reviews to determine if the system is continuing to deliver on its original commitments, or if remediation, including possible disposal, is appropriate.
Learn more and download all 10 new standards
GTA consolidates data submission for IT reports
GTA has consolidated and streamlined data submission for three different IT reports with a Web-based reporting system.
The new approach makes it quicker and easier for agencies to comply with data submission requirements for the:
- Agency Information Security Report
- IT Expenditures Report
- IT Governance Report
The reports share much of the same data, so agencies now need to enter information only once.
For most agencies, all required information is gathered using the Agency Information Security Report process. Information reported in the security report is detailed in Information Security Reporting Standard SS-08-053.2.
The deadline for submitting all required data was August 28, 2009. Information can be submitted only through the Web-based reporting system due to the large amount of information collected and processed.
Agencies participating in GAIT 2010
The 12 agencies participating in Georgia Infrastructure Transformation (GAIT) 2010 submitted most of the information required in the three reports as part of the IT transition and transformation initiative. GTA completed as much of the reports as possible on behalf of these agencies, then notified them to review the reports and submit additional or updated data as needed.
Questions? E-mail GTA’s Enterprise Information Security Office at gta-eis@gta.ga.gov.
About Enterprise Governance and Planning
Enterprise Governance and Planning (EGAP), led by Mark Reardon, brings value to the state’s IT enterprise by:
- supporting agencies in doing a better job of governing their IT initiatives, and
- gathering IT metrics from agencies and reporting them to state leaders.
It is comprised of the following work units.
Enterprise Strategic Planning (ESP), led by Mike Curtis, works closely with the Office of Planning and Budget to ensure IT portions of agency strategic plans are properly created. It develops policy statements and standards to ensure an agency’s IT strategy aligns with its overall business strategy and business continuity planning.
Enterprise Program and Project Management Office (EPMO), led by Tom Fruman, continues to develop policies and standards to ensure IT projects of all sizes and costs are properly managed within agencies.
Enterprise Information Security, Compliance and Measures (EISCM), led by Charlie Sasser, is concerned with agency- and state-level metrics for determining compliance with GTA’s policies and standards. Since the initial emphasis is on information security, the office consists of:
- Enterprise Information Security (EIS), led by Walter Tong, which focuses on security awareness and training for state agencies as they implement requirements based on the Federal Information Security Management Act (FISMA). It develops related policy statements and standards, works with vendors and agencies to conduct risk-management assessments, and coordinates enterprise security with law enforcement agencies, the state Attorney General’s office and the Department of Homeland Security.
- Enterprise Policy, Standards and Architecture (EPSA), led by Sree Shama, which works with EGAP work units and other stakeholders to develop IT policy statements and standards. It ensures they are consistent, their impacts have been fully considered, and they have simple compliance mechanisms and metrics.
Enterprise Information Security
