Скачать презентацию Department of Information and Technology Services DOITS IT Скачать презентацию Department of Information and Technology Services DOITS IT

bcb1e9b2352eff4a60f67d5168e0a4a0.ppt

  • Количество слайдов: 22

Department of Information and Technology Services (DOITS) IT Strategic Plan 2018 – 2020 Addressing Department of Information and Technology Services (DOITS) IT Strategic Plan 2018 – 2020 Addressing Information Technology Opportunities, Risks and Threats Washington, D. C. April 2017

Department of Information and Technology Services Structure and Services … … Department of Information Department of Information and Technology Services Structure and Services … … Department of Information and Technology Services … 50 / 50 …

Department of Information and Technology Services 2006 2010 38 39 Data Usage Growth in Department of Information and Technology Services 2006 2010 38 39 Data Usage Growth in Terabytes Smartphones Helpdesk Tickets Cybersecurity Events 2014 35 2016 35 32 45 Applications Developed in-house 2013 36 Personnel 2012 83 31 80 86 59 65. 4 63 69 35 43 48 220 245 262 251 7, 595 8, 865 8, 388 7, 895 102, 756 99, 303 93, 656 8 5. 2 24 5, 300 18. 5 131 6, 700 50, 000 165 8, 212 89, 000 64, 000

SAF/DOITS Strategic Plan 2018 -2020 4 SAF/DOITS Strategic Plan 2018 -2020 4

SAF/DOITS Strategic Plan 2018 -2020 Software Development 5 SAF/DOITS Strategic Plan 2018 -2020 Software Development 5

Software Development Core/Departmental Application Development ERP Implementation Enterprise/Web Content Management Virtual Communities Collaborative Spaces Software Development Core/Departmental Application Development ERP Implementation Enterprise/Web Content Management Virtual Communities Collaborative Spaces Mobile Application Development 6 6

Software Development (Continued) Business Process Management SAF Services Portal Redefinition of Legacy Systems. Small Software Development (Continued) Business Process Management SAF Services Portal Redefinition of Legacy Systems. Small Business Process Automation Project 7 7

Short-Term Challenges Software Development Infrastructure and Communications • • • IT and Communications infrastructure Short-Term Challenges Software Development Infrastructure and Communications • • • IT and Communications infrastructure lease renewal Unified data storage architecture High availability in critical services ISO compliant data centers Cloud services • • Software Quality • • Technical accreditation program. Enforcement of GS/OAS software outsourcing policy GS/OAS business processes redefinition Upgrade existing ERP (OASES) Development of SBPs (SAF Services Portal) Implementation of a GS/OAS Content Management System Departmental applications. Mobile Applications Redefinition of legacy systems Information Security • • Human Resources • • • Retention of qualified personnel. Training. Convert CPR contracts into staff positions. Technical upgrade of GS/OAS Information Security Architecture (ISA) Disaster recovery upgrade Creation of OAS CERT Continuing awareness and training for GS/OAS personnel Information Structure • • Oracle/Microsoft engine databases upgrade Implementation of GS/OAS Dashboards.

Major Short Term Risks and Threats Software Development Infrastructure and Communications • IT and Major Short Term Risks and Threats Software Development Infrastructure and Communications • IT and Communications infrastructure lease renewal • • GS/OAS business processes redefinition Upgrade existing ERP (OASES) Information Security • • Human Resources • • • Retention of qualified personnel. Training. Convert CPR contracts into staff positions. Technical upgrade of GS/OAS Information Security Architecture (ISA) Disaster recovery upgrade

Addressing Information Technology Risks and Threats Current Situation Risk Mitigation Risk of Doing Nothing Addressing Information Technology Risks and Threats Current Situation Risk Mitigation Risk of Doing Nothing Threats Impact Infrastructure Lease is not renewed Cease of all Operations High Infrastructure Overhaul not completed Inability to provide additional services Medium Actions /Resources needed In progress - Lease Renewal Analysis of potential - Maintain existing IT vendors budget Analysis of potential vendors Additional Funds - Budgeted recurring cost/yr $0 $600, 000 $2, 000 $30, 000 $2, 500, 000 ~ $700, 000 ERP stays in current unsupported version. Financial systems failure High No upgrades to Information Security Systems GS/OAS data compromised High Ad/hoc internal developed software tools Additional Funds $200, 000 ~ $20, 000 Disaster Recovery platform not upgraded Cease of all Operations High Partial solution on third party provider Backup of core data in the cloud Additional Funds $0 ~$ 150, 000 Ad/hoc internal developed software tools Total IT Capital Fund needed: Year 1 Total yearly increase of IT budget - GS/OAS business processes redefinition Cloud migration IT Capital Fund $4, 700, 000 $900, 000

Major Short Term Risks and Threats Infrastructure and Communications National Offices HQ Remote Access Major Short Term Risks and Threats Infrastructure and Communications National Offices HQ Remote Access VPN 300 MB Internet GSB 1 GB 200 MB FULL LOOP Headquarters 1 GB 75% of existing infrastructure under a lease to expire on 31/12/2017

Major Short Term Risks and Threats Infrastructure and Communications National Offices HQ Remote Access Major Short Term Risks and Threats Infrastructure and Communications National Offices HQ Remote Access 1 GB GSB 1 GB “The Board notes that IT is an essential enabler for the day-to-day operations of the OAS; in fact the IT infrastructure is used by all staff for operational purposes and for the delivery of technical programs. ” 1 GB Risk of non renewal : Cease of all GS/OAS operations Total cost of renewal of the lease: $3. 000 over 5 years IT maintenance regular funds includes: $600. 000 per year Additional total funds needed in order to have a complete overhaul of GS/OAS infrastructure: $2. 000

Major Short Term Risks and Threats Upgrade of existing ERP – “OASES” RBCS DHR Major Short Term Risks and Threats Upgrade of existing ERP – “OASES” RBCS DHR DFS LMS Human Resources OPDB ORACLE DB Engine PES DP TECS General Ledger Payables Receivables Cash Management Grants/Projects Payroll Fixed Assets TXF DGS Fixed Assets (Inventory) Purchasing Legal CPR PIMS OASES

Major Short Term Risks and Threats Upgrade of existing ERP – “OASES” Color code: Major Short Term Risks and Threats Upgrade of existing ERP – “OASES” Color code: Supported Extended Support Unsupported Electronic Business Suite 11. 5. 8 11. 5. 10 12. 0. 0 ORACLE 12. 1 12. 2 Oracle Fusion Oracle ERP Cloud 2006 Timeline OAS 2007 2008 2009 11. 5. 8 2010 2011 11. 5. 10 2012 2013 2014 2015 2016 11. 5. 10 Data Base Engine 8 i 9 i 10 g 11 g ORACLE 12 c 2006 Timeline OAS 8 i 2007 8 i 2008 2009 10 g 2010 2011 10 g 2012 2013 2014 10 g 2015 2016 11 g

Major Short Term Risks and Threats Upgrade of existing ERP – “OASES” Board of Major Short Term Risks and Threats Upgrade of existing ERP – “OASES” Board of External Auditors Reports “The Board is concerned about the continued reliance on an aging OASES platform and associated databases. “ - Risk of Financial Systems Failure - Unable to implement International Financial Reporting Standards (IFRS/IPSAS)

Major Short Term Risks and Threats Upgrade of existing ERP – “OASES” $17. 15 Major Short Term Risks and Threats Upgrade of existing ERP – “OASES” $17. 15 $15. 81 $14. 48 $13. 15 $16 $11. 70 $10. 61 $14 $9. 27 $12 $7. 94 $6. 61 $10 $5. 16 $8 $6 $3. 70 $3. 35 $4. 75 $4. 40 $5. 80 $6. 15 $2. 30 $4 $2 $4. 05 $5. 45 $5. 10 $0. 66 TCO savings of $1. 5 M - $11 M* $1. 86 $2. 52 $0 YEAR 1 YEAR 2 YEAR 3 $3. 18 YEAR 4 $4. 50 $3. 84 YEAR 5 YEAR 6 EBS On-Premise vs. Oracle Cloud TCO Analysis 10 year Cumulative Cost Comparison Current EBS on-Premise (BAU) $5. 70 YEAR 7 Migrate to Cloud App $6. 36 YEAR 8 $7. 02 YEAR 9 YEAR 10 $7. 68 Re-Implement EBS Note: Estimates based on client data provided and assumptions for operational data not provided. Source: ORACLE Re-Imp Migrate to Cloud Current EBS on-Premise (BAU)

Major Short Term Risks and Threats Information Security Source: OAS Information Security Architecture Major Short Term Risks and Threats Information Security Source: OAS Information Security Architecture

Major Short Term Risks and Threats Information Security • Ever evolving and complex Information Major Short Term Risks and Threats Information Security • Ever evolving and complex Information Security threat landscape • Last capital investment made in 2010 (CIDA) • Increased risk of GS/OAS data being compromised. Additional funds needed to mitigate urgent needs: $200. 000 over one year period. Maintenance needed for subsequent periods: $20. 000 per year

Major Short Term Risks and Threats Disaster Recovery Board of External Auditors Reports “ Major Short Term Risks and Threats Disaster Recovery Board of External Auditors Reports “ Cyber Security and disaster recovery continue to be risks with current IT infrastructure. Without investment by OAS to improve and modernize the IT infrastructure, the organization will remain at risk of having potential losses of the use of the systems and data if a breach or disaster does occur within the OAS’ IT infrastructure. ” • In case of disaster it would take weeks to be operational again • Disaster Recovery as a Service in the cloud is needed. Funds required in order to setup Disaster Recovery services in the cloud: $150. 000 per year

Addressing Information Technology Risks and Threats Current Situation Risk Mitigation Risk of Doing Nothing Addressing Information Technology Risks and Threats Current Situation Risk Mitigation Risk of Doing Nothing Threats Impact Infrastructure Lease is not renewed Cease of all Operations High Infrastructure Overhaul not completed Inability to provide additional services Medium Actions /Resources needed In progress - Lease Renewal Analysis of potential - Maintain existing IT vendors budget Analysis of potential vendors Additional Funds - Budgeted recurring cost/yr $0 $600, 000 $2, 000 $30, 000 $2, 500, 000 ~ $700, 000 ERP stays in current unsupported version. Financial systems failure High No upgrades to Information Security Systems GS/OAS data compromised High Ad/hoc internal developed software tools Additional Funds $200, 000 ~ $20, 000 Disaster Recovery platform not upgraded Cease of all Operations High Partial solution on third party provider Backup of core data in the cloud Additional Funds $0 ~$ 150, 000 Ad/hoc internal developed software tools Total IT Capital Fund needed: Year 1 Total yearly increase of IT budget - GS/OAS business processes redefinition Cloud migration IT Capital Fund $4, 700, 000 $900, 000

Addressing Information Technology Risks and Threats “The Board notes that IT is an essential Addressing Information Technology Risks and Threats “The Board notes that IT is an essential enabler for the day-to-day operations of the OAS. ” Board of External Auditors Reports IT Capital Fund is needed

Department of Information and Technology Services (DOITS) IT Strategic Plan 2018 – 2020 Addressing Department of Information and Technology Services (DOITS) IT Strategic Plan 2018 – 2020 Addressing Information Technology Opportunities, Risks and Threats Washington, D. C. April 2017