IT Strategic Plan: Fiscal Years 2006-2010 -- Empowering Diplomacy

Message from the CIO

I am pleased to issue this update to the Department of State's Information Technology Strategic Plan (ITSP) which reflects current initiatives and priorities, and addresses State's requirements through 2010.

The Plan was updated to align it with the recently released Department of State and USAID Strategic Plan, which specifies seven strategic goals and 27 strategic priorities. The five IT goals and implementing strategies in this Strategic Plan are mapped to the Department and USAID goals, and examples are provided of how IT will further these goals and the Department's foreign affairs mission.

A second new theme is Transformational Diplomacy, a key initiative of Secretary of State Condoleezza Rice. Transformational Diplomacy focuses on two areas: (1) working with citizens and governments around the world to promote transformation toward greater peace, freedom, prosperity, and social justice; and (2) transforming the way State does its work to be more efficient and effective. The quote from Secretary Rice on the cover page of this Plan reflects the first focus while the quote below reflects the latter.

"Transformation in diplomacy, as in business and other fields, rests on the empowered individual who works (with) greater freedom and greater initiative and thus greater responsibility, ... and who, aided by the power of technology, can accomplish what was once required of many people." Secretary Rice.

As Chief Information Officer, I am committed to helping the Secretary and the Department use IT to promote both of these ambitious notions. We will continue to modernize our IT infrastructure and make value-added information and usable tools available to increase the efficiency and effectiveness of our diplomats operating around the world. As our personnel work with citizens, institutions, and governments anywhere in the world, we will partner with them to deliver the secure IT services and tools they need.

James Van Derhoff
Chief Information Officer

Introduction

This Information Technology Strategic Plan outlines a future-oriented technology program for the Department that directly supports U.S. foreign policy and diplomacy as articulated in the latest Department of State and USAID Strategic Plan. This Plan sets forth five key IT goals for FY 2006-2010. Several of these goals represent significant departures from the Department's current ways of doing business and allocating IT resources. To build consensus around the key IT goals and strategies, a Goals Paper was published and circulated throughout the Department for discussion and refinement. This IT Strategic Plan reflects the discussions that ensued as well as the Department's new Strategic Plan which was issued recently. The result is an ITSP that provides clear direction for the next five years and forms the basis for major decisions on IT investments and projects.

Current Status of IT in the Department

The Department's former IT Strategic Plan, which covered the period FY 2001- 2005, served as a starting point for this new Plan. Under the earlier plan, State successfully modernized its global IT infrastructure. Now, it will take the next step: putting in place end-user oriented tools and information resources that will aid the employees who carry out the Department's international affairs mission.

The Department has made extraordinary progress under the former IT Strategic Plan. Much demonstrable success has been achieved in all five goal areas, and the results have changed the way the Department does business. The enthusiastic support of the Secretary of State and senior management for rapid, continuous IT modernization in support of diplomacy has been, and will remain, critical to success. This support has led to improvements in IT governance processes, including broad representation in decision-making. It has also led to substantial increases in investment, enabling the Department to catch up rapidly in basic infrastructure technology. Table 1 highlights the major accomplishments under the 2001-2005 Plan.

Table 1: Accomplishments Under Department of State FY 2001-2005 IT Strategic Plan

Key impacts of IT modernization to date are:

• Remote posts are less isolated as a result of the global networks
• Fast, flexible e-mail replaced rigidly formatted cables for much of State's work
• The global unclassified and classified networks created a platform that encourages information exchange
• Desktop access to the Web is an important information resource and a vehicle for engagement and outreach
• Electronic commerce is well established for on-line acquisition

Strategic Mission and Business Drivers

A key driver for this new ITSP is the FY 2007-2012 Department of State and USAID Strategic Plan, which describes the Department's mission and strategic objectives and goals. The Department's mission is to:

"Advance freedom for the benefit of the American people and the international community by helping to build and sustain a more democratic, secure, and prosperous world composed of well-governed states that respond to the needs of their people, reduce widespread poverty, and act responsibly within the international system." [State/USAID Strategic Plan, FY 2007-2012]

The State/USAID Strategic Plan identifies seven strategic goals and priorities that constitute a strategic planning framework. A centerpiece of the plan is the notion of "transformational diplomacy," which calls for the integration of diplomacy and foreign assistance to advance U.S. security interests, development interests, and democratic ideals. In carrying out its mission, State works with other U.S. Government agencies, foreign governments, Non-Governmental Organizations (NGOs) and international organizations, foreign and domestic press, and foreign and domestic publics. The IT goals presented in this Plan are driven by the mission requirements articulated in the Strategic Plan, as shown in the mapping table in Appendix A.

A second key driver is input from end users, bureaus, and posts as documented in the Department's recently published joint State/USAID Enterprise Architecture, interviews and overseas visits conducted by the IRM Bureau Planning Office, and a survey conducted by the Office of e-Diplomacy of more than 3,000 policy and management officers worldwide.

A third driver is the President's Management Agenda (PMA) and related government-wide IT initiatives, especially e-Government (e-Gov). Through these initiatives, the State Department seeks to promote efficiency in the delivery of administrative services as well as increased coordination among agencies operating overseas.

The Strategic Plan, Enterprise Architecture, and e-Government initiatives all emphasize the value of information and information technology as key tools in diplomacy, foreign assistance, and operational excellence. The Enterprise Architecture calls for extensive communication, coordination, and collaboration within the Department and with external organizations. The objectives and initiatives in the Strategic Plan depend heavily on high quality information that can be accessed and shared appropriately and securely from anywhere and at anytime. World-class IT tools, such as video conferencing, mobile computing, intelligent data search and retrieval, sophisticated data integration and analysis, and knowledge management/data warehouse systems are essential if State is to achieve its strategic objectives and goals and satisfy its customers and constituents, notably the White House, Congress, other government agencies, U.S. allies, and above all, the American people.

A fourth driver is rightsizing. The Joint State/USAID Strategic Plan and the PMA both emphasize "rightsizing" the entire presence of U.S. Government agencies and personnel overseas. Rightsizing promotes enhanced mission capabilities, cost-efficiency, and security. This IT Strategic Plan supports rightsizing by promoting interagency integration, delivery of services from regional and central locations, mobile computing, a robust global IT infrastructure, and self-service through modern IT solutions.

This ITSP explains how IT will be a significant force helping State pursue its mission over the balance of this decade. As the lead international affairs agency, State is committed to being a leader in exploiting IT to further U.S. diplomatic aims.

Key IT Trends

State is committed to maintaining a high quality, global IT environment that can exploit advances in technology and government-wide initiatives such as e-Government. Table 2 identifies important trends and best practices that will affect IT for the next several years. The table contrasts these trends and best practices with outmoded ways of doing business.

Table 2: "In-Out" Table: Trends & Best Practices

In past years the Department's IT program has provided essential support for administrative and consular functions, but has not been able to offer similar support for core diplomatic activities. Advances in technology make increased support for diplomacy feasible, and new challenges and opportunities make it imperative.

The vision for 2010 is one in which IT becomes a much more active partner than it has been with the Department's organizations and employees most directly involved in our diplomatic activities. By organizing and improving access to critical information now scattered around the world, and delivering state-of-the-art systems, tools, and networks, IT will empower U.S. diplomacy.

Vision Empowering diplomacy with information and tools available anytime, anywhere

By 2010, the Department will achieve the following:

• Ready access to the vast stores of information needed for diplomacy and foreign assistance -- getting the right information in the right format to the right people at the right time to enable effective decisions and actions
  
  
• A highly integrated IT environment supporting State then expanding to provide a platform for all U.S. Government activities overseas
  
  
• Consistent achievement of customer service levels, based on cost-efficiency and best practices across agencies, with central management of all support operations
  
  
• A centrally managed, commercial-quality IT infrastructure, remotely accessible worldwide and operating like a utility at highly competitive prices
  
  
• Lowered administrative costs and rightsizing objectives through streamlining and reliance on e-Gov interagency solutions and services, with State delivering specialized services under a Foreign Affairs Line of Business (LoB)
  
  
• Rapid adoption of technology to support emerging business requirements
  
  
• Application of best practices in service delivery and innovation
  
  
• Fully tested, consistent business continuity program that ensures that mission critical operations will not be disrupted

• The diplomat of 2010 will have access to a broad range of useful information to help explain U.S. positions and promote our national interests. Effective multi-media information products will be available on demand, customized to meet the needs of the situation and target audience. Best-of-breed content and customer relationship management software will enable the production of these targeted information products. The modern diplomat will be freed from his or her desk, able to travel around the host country to present a positive image of the United States, address questions about U.S. policies, and engage with host country officials and citizens in pursuit of transformational diplomacy. Each officer will be able to choose his or her preferred device for mobile access to the foreign affairs virtual library -- whether it be a cell phone, laptop, or PDA.
  
  
• Ambassadors and Chiefs of Mission will be able to focus more fully on U.S. foreign policy imperatives and strategic interests in their host countries. Communication among members of the country team will be streamlined and highly automated, regardless of agency affiliation. Secure collaboration with external organizations will be available as well. Information needed to present U.S. positions on key topics will be readily available in the most effective form. Administrative services will be centralized and standardized, requiring minimal or no effort on the part of overseas posts and missions. Support for acquisitions, human resources, budget and finance, and IT will be delivered from central facilities a mere click or phone call away. Services will be delivered according to an established schedule of prices and terms.
  
  
• Humanitarian interventions will be coordinated across federal agencies and external partners using modern communication and collaboration tools. Workflow systems and dashboards will keep everyone informed of the status of all activities, the need for additional skills or resources at specific locations, and results achieved to date. Lightweight portable systems will be available for first responders to minimize delay and maximize effectiveness.

IT Strategic Goals

The five IT goals supporting this vision and State's mission priorities are:

1. The Right Information: Knowledge Leadership for Diplomacy - Superior diplomacy and decision-making facilitated by superior information.
   
   
2. Anytime/Anywhere Access: Diplomats on the Move - Technology that makes the knowledge and communication resources of the Department available to personnel when and where they need them.
   
   
3. External Partnership: Diplomacy Through Collaboration - Improved connectivity and collaboration with other U.S. Government agencies, non-governmental organizations (NGOs), businesses, and the public - domestic and abroad.
   
   
4. Risk Management: Mission Effectiveness and Security - An approach that recognizes and balances the needs of diplomacy and security risks.
   
   
5. Work Practices and Workforce: Leading Change - IT professionals highly trained for mission support and service delivery, and all non-IT staff trained to use technology effectively.

Descriptions of these five IT goals are set forth in the following pages. Until now, investments have produced a global IT infrastructure connecting all overseas and domestic locations. With this revised Plan, the focus shifts to using the global infrastructure -- bolstered with enhanced capabilities and capacities -- to empower transformational diplomacy.

1. The Right Information:  Knowledge Leadership for Diplomacy

Goal 1 will make available tailored foreign affairs information to meet the needs of individual officers, internal and external customers, and target audiences. The Department of State is an information-producing machine whose annual output includes more than 2 million cables, 200 million e-mails, hundreds of thousands of indexed documents on thousands of Department web pages, and other reports, analyses and information. In addition, Department personnel have access to the vast resources of the Internet and the networks of other government agencies. Yet much of this information fails to meet requirements because it is inaccessible, of questionable accuracy, out of context, not updated, or in the wrong format. As a result, our officers cannot easily find the information they need and are overloaded with marginally relevant information. Goal 1 will promote knowledge creation, dissemination, and management for internal use, interagency sharing, and outreach to various publics and State's other stakeholders.

Knowledge Leadership is the Department's approach to improve knowledge sharing and collaboration within the Department and with our foreign affairs partners. The approach draws on State's deep subject matter knowledge of the foreign affairs environment, coupled with superior technology to empower personnel at all levels to make informed decisions and lead foreign policy formulation and implementation. Knowledge Leadership will help establish a knowledge sharing culture within the Department and the broader foreign affairs community. Engineering such a cultural change will require a significant initiative that focuses on four fronts: people, processes, organizations, and technologies.

Knowledge and Information Management Tools Contact/customer relationship management (CRM)  Content management  Data warehousing  Customizable portals for organizing information and windows  Guided browsing and searching  Collaboration and social networking  Instant Messaging (IM)  Customized multi-media information products and presentation  Intelligent, personalized, adaptable search engines  Geographic Information Systems (GIS)  Visualization for presentation and analysis of information  User-friendly data management and analysis tools  Document abstracting, cataloging, and profiling  Data mining and pattern analysis  Dashboard for program monitoring and results  Knowledge Management -- expert locator, real-time question and answer  Media search and capture technologies Interactive web tools, such as Wikis (interactive encyclopedias) and Blogs (on-line journals) and other emerging technologies.

Department users will have access to an enterprise-wide content management service, staffed by researchers, information management specialists, and policy experts. This service will be responsible for managing the Department's substantive databases and content management tools and technologies, and assisting users with complex information management requirements.

State will continue to apply its centrally run and funded Content Management System to support broad-based information access and dissemination, providing U.S. citizens and foreign publics with information about U.S. foreign policy. The public-facing web sites are organized to be searchable by standard commercial search engines. We apply data architecture concepts (including the Federal Enterprise Architecture Data Reference Model) to ensure that our data is organized to promote maximum accessibility. Tests indicate that State sites appear near the top of search lists when relevant foreign policy terms are used. We plan to continue to monitor the performance of our public-facing web sites to ensure that they provide effective and broad access.

Value-Added Logical Knowledge Bases

Users will draw on the following:

• Value-added knowledge bases containing pre-processed, high-quality information about high priority topics. See box above for examples.
  
  
• Intelligent search and analysis tools to help people overcome information overload and find exactly what they are looking for.
  
  
• Collaboration tools that support self-forming, self-managing professional networks and communities of practice and interest that overcome boundaries of geography, time and organization - both classified and unclassified. Collaboration tools will also include an expert locator.
  
  
  

  Officers work on-line, using groupware software, with counterparts from other countries and agencies to draft a NATO resolution.

   
• Support for outreach through customer relationship management (CRM) systems that improve our ability to establish and sustain relationships with key contacts, support public diplomacy and advocacy, and strengthen content delivery to targeted audiences.
  
  
  

  Public Diplomacy officers create "Blogs " that contain specialized content drawn from Department knowledge bases to target specific audiences. Blogs may be interactive inviting commentary from outside organizations and individuals.

  
   
• An enterprise portal that gives Department users easy, desktop access to essential information and services, encouraging them to employ and share a full array of knowledge resources as part of their everyday work.
  
  

Modern concepts in knowledge management will provide access to implicit and tacit knowledge dispersed throughout State. Personnel will be encouraged and rewarded for sharing their expertise.

 

State needs a broad, unified policy that recognizes information as an enterprise-wide asset. This is in contrast to the current practice where the organization that gathers, compiles, or develops information treats that information as an organizational asset, sharing the information only upon specific request. This will require substantial culture change mandated from the top and reinforced through tangible incentives.

These practices and tools will position the Department to capitalize on the next wave of intelligent technologies and processes to strengthen the use of our knowledge resources -our databases and above all, our people-in the interest of foreign policy leadership. As discussed under Goal 5, these will also create a new, broader role for IT and Office Management Specialist (OMS) personnel as content managers and information consultants.

To accomplish this goal and provide top quality knowledge and information services for diplomacy, the Department will shift the balance among the competing demands for IT resources, tilting a greater share toward foreign policy requirements. This theme is discussed further under Goal 3, through which e-Government solutions will be employed to reduce the costs of administrative systems, thus freeing up resources for diplomacy.

Table 3-1: Goal 1 Strategies

2. Anytime/Anywhere Computing:  Diplomats on the Move

Goal 2 will provide an IT environment that allows full access to all needed knowledge and computing resources at anytime from anywhere in the world. The focus for State's IT infrastructure is two-fold: mobile computing and continuous and rapid technology innovation-absolute musts for modern diplomacy.

By its nature, diplomacy entails travel and mobility, as well as regular contact with people outside of State facilities. Effective diplomacy requires that our officers participate in policy discussions with the U.S. Government executive agencies and with Congress, meet with counterparts in foreign governments at executive leadership conferences, attend sessions of foreign parliaments and organizations, represent the U.S. before foreign and domestic organizations and publics and travel to other cities and countries. Our most effective diplomats cultivate relationships with foreign officials, parliamentarians and citizens, using these relationships to acquire expertise about the host country, to understand developments that affect U.S. national interests, to implement programs and to promote U.S. foreign policy objectives. Much like others involved in advocacy or public relations, our diplomats spend a good deal of their time out of their offices in circumstances where effective access to State resources is essential.

Through this IT goal, the Department will provide technology to support the mobile employee. It will enable State's officers to use standard commercial personal digital assistants (PDAs), cell phones, laptops, and new devices as they emerge. These devices will deliver the knowledge resource products described under Goal 1, and will also allow full connectivity from home, while on travel, or at meetings. Personnel will be able to telecommute and have access to all necessary information including their classified and unclassified e-mail, documents, files, voice mail, contact information, and will be able to participate in secure video and audio conferencing-all while at home or on the move.

They will be easily able to consolidate and manipulate information from these multiple sources and formats. Voice input and output will be supported, and voice and data will be fully integrated. New and improving technologies, such as video conferencing and video mail, Geographic Information Systems (GIS), and language translation software will be made available as they are proven feasible.

Five elements must be in place to enable "anytime, anywhere" connectivity:

• Always on-a global network as reliable as today's telephone and electric utilities. The future network will provide sufficient redundancy and fault-tolerance to ensure that it is always available.
  
  
• Everywhere-the future Global Network Infrastructure will provide secure access points to enable the mobile worker to access enterprise data, via "personal band­width," to supplement enterprise bandwidth.
  
  
• Security-IT security solutions and updated Department policies will allow users to exploit the full capabilities of mobile computing devices.
  
  
• Bandwidth-substantial network capacity will be needed to meet the goals of mo­bile diplomacy, and the Department will establish plans for delivering bandwidth on demand from multiple sources and paths.
  
  
• Global directory-a highly reliable directory is essential to enable people to access their data from anywhere, to identify experts, and to connect to other people. A government-wide international affairs directory, with entries for key NGO and foreign government staff, is necessary for the comprehensive connectivity requirements of modern diplomacy. The global directory will be extended beyond white, yellow, and blue pages to include green pages (information) and real-time information about users' whereabouts, preferred delivery devices, and facility characteristics.

The networks and end-user devices of the future will have embedded intelligence to recognize and react to varying conditions, tailoring their configurations and security features appropriately.

As the political officer of the future leaves the embassy to call on the foreign ministry, his PDA is automatically reconfigured to continue to receive unclassified messages. In the car, he checks his unclassified e-mail via his PDA and sees that the Department wishes him to immediately deliver a new demarche to the host government.

The IT environment will function much as today's electric and telephone utilities. End-users will be able to "plug in" to the network with any device regardless of location. The following strategies will contribute to the establishment of this ubiquitous computing environment:

• Centralization and consolidation of servers, server operations, desktop support, and user support functions, building on successes such as the Enterprise Server Operations Center (ESOC), enhancing service to users and ensuring a consistent approach to service delivery, critical infrastructure protection, and business continuity planning.
  
  
• Expanding the centrally managed enterprise-wide Global IT modernization program (GITM) and further consolidating additional deployment and site visit activities.
  
  
• Labeling and "wrapping" all information-structured and unstructured-permitting complete and appropriate access to information from anywhere. Wrappers will be extended beyond security and retention and will include information necessary for rendering information on various device types and content adjustment or filtering based on the users' current location. Labeling or tagging will be done for small units of information, enabling content to be assembled and reassembled in multiple ways for different purposes.
  
  
• Leveraging and promoting government-wide networks-for example, Secret Internet Protocol Routed Network (SIPRNET) and the Open Source Information System (OSIS), to maximize information sharing and minimize costs.
  
  
• Rapid and regular technology innovation-through an innovation laboratory, effective change management, and aggressive IT leadership supported enthusiastically by the Secretary of State and senior management. The innovation laboratory will include an integrated security engineering operation and will be explicitly charged with identifying and adopting leading-edge and secure COTS solutions that meet all mission requirements while clearly specifying any residual risk for management consideration.
  
  
• Rapid extension of technology innovations throughout the Department-we will improve our ability to move from proof of concept to pilot and to full rollout more quickly. We will keep pace with the evolving open standards.
  
  
• Outsourcing the bulk of telecommunications and data services to take advantage of the global information infrastructure's high availability and competitive price benefits. By leveraging highly secure, private network communications over commercial and satellite carriers, the Department will provide the necessary bandwidth to support new initiatives and expanded mobile diplomacy. 
  
  
• Teaming with other agencies to leverage disaster recovery and business continuity capabilities by using consolidated IT and communication facilities around the world.
  
  
• Exploration of open source options to reduce dependence on a single vendor for critical operating system, browser, and application software, promoting enhanced functionality through competition as well as reduced security risks.

The entire service delivery operation will be overseen by a governing body made up of user representatives and IT staff, and will report directly to the CIO. Key metrics will be tracked on a real-time basis and presented to this body.

IT consolidation is a key enabler of rightsizing of overseas posts. By delivering services from central or regional service centers, we can dramatically reduce the numbers of IT support staff needed at posts. This is especially important, not only in reducing costs and improving service, but also in minimizing the numbers of American personnel in high threat locations.

Table 3-2: Goal 2 Strategies

3. External Partnership:  Diplomacy Through Collaboration

Under Goal 3 the Department will establish an IT environment that promotes external connectivity and information sharing. This goal draws on the concepts of the e-Government initiative, applying it to diplomatic and administrative operations. Through this goal the Department will provide IT support to collaboration and coordination activities directly related to its diplomatic mission. It will also rely increasingly on and promote interagency processes and systems for administrative work. Implementation of this goal will reduce costs and improve productivity.

The Department works in concert with other U.S. Government agencies, Non-governmental Organizations (NGOs), and foreign governments in promoting the U.S. foreign policy agenda. The Department also offers services to U.S. citizens and businesses, such as travel assistance and support for international trade and exports.

By 2010, a global electronic community will be in place connecting all participants in U.S. diplomacy and foreign assistance programs. Layers of access will be supported to balance information security and access requirements, based on logical and physical controls.

IT has supported some level of intergovernmental information sharing through SIPRNET, OSIS, and Intelink. The Department's Strategic Plan calls for greater levels of collaboration over the next five years, for example with:

• DoD and CIA in common efforts to ensure regional stability in various parts of the world; 
  
  
• Homeland Security in screening foreigners who wish to visit or immigrate to the United States; 
  
  
• USAID, which is responsible for economic and social development, humanitarian relief, strengthening fragile states, mitigating transnational ills, and supporting U.S. strategic interests;
  
  
• Domestic and foreign press, domestic and foreign publics;
  
  
• Governments of friends and allies with whom we have common interests in global or regional affairs; and
  
  
• International organizations such as the United Nations, NATO, international development banks, and NGOs who are our partners in pursuing strategic objectives such as sustainable development and promotion of human rights.

The Department will expand services to U.S. citizens domestically and overseas by leveraging IT. Examples include adoption tracking, passport issuance, and access to travel information and advice.

In addition, the Department is committed to the President's Management Agenda and to OMB's efforts to consolidate the administrative systems that support government agencies. The Department will be an eager customer of government-wide services when available for Human Resources, Payroll, Finance and Accounting, Logistics, and Inventory and Asset Management. Given the need to support administrative operations at more than 200 locations around the world, the Department would benefit greatly from government-wide administrative services and systems that enabled streamlining of our overseas presence.

Four broad strategies will be pursued to achieve this goal:

• Coordinate IT activities with USAID, instituting shared networks and systems to the maximum extent possible. The Department and USAID have established a Joint Management Council (JMC) to promote this.
  
  
• Work with OMB and GSA to seek to establish a government-wide IT infrastructure for all agencies involved in foreign affairs. Such an infrastructure will include a network and government-wide directory that connects all government employees working overseas, and will provide access by all authorized employees of any U.S. Government agency to foreign affairs knowledge bases and analytical tools including collaborative software.
  
  
• Establish a secure extranet to promote information sharing between the U.S. foreign affairs community and external organizations, including foreign governments, NGOs, regional and global organizations, the public, and business.
  • The Department will streamline and reorganize its administrative operations to deliver only those services that cannot be delivered by government-wide systems and processes. In all cases, we will emphasize self-service and centralization of back-office functions and systems, reducing the numbers of administrative staff in the Department and especially overseas-increasing the "tooth-to-tail" ratio, and placing more emphasis on competence in the provision of administrative services.

  To accomplish this goal, the Department will participate actively in and leverage government-wide initiatives, such as today's Quicksilver e-Government efforts, with the aim of freeing up resources that can be devoted to foreign affairs activities. By 2010, the Department expects to be using government-wide systems and services for all administrative activities, except those unique to overseas operations (e.g., local hiring, housing, and purchasing).

  This goal explicitly supports OMB's goal of a U.S. government-wide IT Enterprise Architecture. It is also a logical extension of Goal 1, The Right Information, and Goal 2, Anytime/Anywhere Computing, throughout the U.S. Government in support of the President's Management Agenda (PMA).

  Our e-Government Vision The Department will further the goals of e-Government to improve services and transactions for citizens and businesses through the organization, dissemination, and sharing of more and better information. The Department advocates greater integration and sharing (collaboration) of mission critical information through the development of a single government network, a single government-wide directory, and shared virtual knowledge bases. The Department is committed to moving its administrative support systems (e.g., Human Resources, Logistics, Financial, Budget, Payroll, Acquisitions, Travel) to centrally managed, government-wide solutions as soon as practicable.

  Table 3-3: Goal 3 Strategies

  Strategy	Key Components	Performance Indicators
  Foreign Affairs Extranet Program	• Foreign affairs agency portals accessible via the Internet and/or USG networks  • User authorization and authentication policies  • Network architecture and security model	• Volume of use and numbers of users of extranets
  Business Process and Application Streamlining	• Reengineer processes to support rightsizing of overseas locations and cost-efficiency of domestic operations	• Specific performance targets for process efficiencies (e.g., increases in number of transactions per day, reduced lag times)  • Meeting rightsizing targets -- fewer people, servers, data, and applications at posts  • Meeting targets for domestic bureau streamlining -- fewer IT staff and distributed servers, applications, and data.
  e-Gov Solutions	• Develop and carry out transition plans for moving to Government-wide, LoB-based solutions	• Adoption of transition plan by e-Gov Program Board  • Resources shifted to e-Gov solutions
  Government-Wide Overseas Network	• Work with OMB to develop a concept, network architecture, and funding approach  • Assess existing initiatives and environments and develop and carry out transition plan	• Plan and budget adopted by at least 70% of overseas agencies; plan funded  • Elimination of agency networks at posts
  Application Architecture -- Web-Enablement (Self-Service)	• Middleware (SOA, EAI) for promoting interchange of information with other agencies and partners	• Measurable shift to web-based processing  • Functions available for self service and extent of use  • Volume of use of multiple, integrated databases

  4. Risk Management:  Mission Effectiveness and Security

  Under this goal, the Department will establish a strengthened IT security program based on risk management, critical infrastructure protection (CIP), the Federal Information Security Management Act (FISMA), and deployment of pre-approved security solutions. The intent is to enable rapid and secure introduction of new technologies. The risk management process will be engineered to support rapid management decision-making, normally yielding a decision within 90 days.

  Good risk management practices lead to effective security controls commensurate with risks. They strengthen security by eliminating the need for vulnerable workarounds, permitting appropriate access to mission-critical data, and ensuring consistent security solutions.

  In the past, the Department has been slow to adopt new technologies, in large part due to security processes that rely too heavily on security experts and not enough on managers, IT professionals, and end-users-that is, the employees carrying out the Department's mission. Managers have been unwilling to make timely decisions, and security assessments have focused largely on the risks of security breaches, and not enough on the dangers of overly restricting access to required information. The introduction of new technologies must be business driven, not security restricted. It must also be timely to ensure that solutions are not obsolete before they have been accepted.

  Comprehensive security engineering has not received enough attention or resources, and it has not been conducted as a collaborative effort involving security, IT, and end-user experts. Security debates have been an "us and them" affair, with security expertise concentrated in the security organizations of the Bureaus of Diplomatic Security and IRM, and no one with authority representing the end-users and diplomats. Under this goal, the Department will change the process to establish effective risk management. The following list exemplifies the types of decisions that must be made now and in the future:

  • Wireless laptops and networks, providing access from home and on travel
  • Integration of voice mail and e-mail 
  • Cell phone access to e-mail 
  • Re-examination of data classification policies and practices to ensure that information is as accessible as possible
  • Classified Instant Messaging 
  • PDA access to unclassified networks for e-mail and document browsing
  • Laptop access to classified and unclassified networks
  • PDA access to classified networks 
  • Inclusion of Sensitive But Unclassified (SBU)/NOFORN on OpenNet 
  • Inclusion of EXDIS on ClassNet 
  • Protection of Personal Identifiable Information; particularly on laptops and other remote devices

  The Department must explore with its national security partners the concept of integrating Confidential into the OpenNet environment, not unlike the architecture employed by the British Foreign Office. The Department must also position itself for the rapid implementation of full multi-level security when available.

  State will take advantage of the rapid advances in security technologies and best practices likely to occur over the rest of this decade, including:

  • Advanced guard technology and multi-level security solutions for linking classification layers 
  • Remote access to increasingly sensitive and classified data 
  • Business continuity planning 
  • Data encryption and centralization 
  • Thin client 
  • Advanced identity management

  Five key elements of IT security will demand attention under this goal. First, is the establishment of true risk management. Characteristics of an effective risk management process include:

  • Thorough, yet rapid, exploration and analysis of the risks and costs of implementing or not implementing a given technology-one lesson of September 11, 2001, is that restricting access to information poses serious risks, often outweighing the impact of potential unauthorized disclosure.
    
    
  • Management accountability for security decisions-whether to implement a new technology is a policy and management decision and cannot be left to technologists or security experts alone.
    
    
  • Consideration of a diversity of views and opinions-security decisions must be based on rigorous debate of pros and cons by all stakeholders: end-users, security specialists and IT experts.

  In order to accomplish effective risk management, the Department will establish a user-led, business driven, risk management process staffed by end-users, IT and security experts. This process will be designed to support rapid evaluation and adoption of new solutions. It will be based on a thorough exploration of the risks of deploying or not deploying proposed technologies. If the Department is going to fulfill its responsibility of foreign affairs leadership, it must innovate to provide its employees with the knowledge they need. The Office of e-Diplomacy will continue to provide a strong foundation to lead this process.

  The enterprise must manage and accept risks- not place the burden on the individual user.

  Second, the IT security program will deliver improved technology and management solutions for increasing the reliability and availability of the IT infrastructure, and to ensure information integrity and proper authentication of information creators and users. To accomplish the goals of ubiquitous computing and make information available whenever and wherever needed, systems and networks will need high levels of fault-tolerance, redundancy, regular back-ups, and highly professional management. The Department will position itself to take advantage of the rapid advances in security technologies and best practices, such as advanced guard technology and multi-level security solutions for linking classification layers, business continuity planning, data encryption and centralization, thin client, and other approaches. The Department takes seriously the mandate from OMB to strengthen infrastructure and system security, and will use its IT Capital Planning process to promote security enhancements.

  Third, we will clearly differentiate and set different policies and barriers for classified vs. unclassified systems. For unclassified systems, including SBU, we are committed to rapid adoption of new technologies that are commonplace in the commercial world. Other organizations, such as financial institutions, protect sensitive data, comparable to State's SBU, using the full capabilities of modern networks and systems, including remote access, wireless devices, and synchronization of systems. We must do the same if the Department is to remain competitive and effective. If necessary, we will improve the labeling of SBU information to prevent unauthorized access; however, the existence of SBU information will not be allowed to stymie the use of new technologies on unclassified systems that are vital for our diplomats to do their jobs.

  Fourth, we will establish a process to pre-approve security solutions and modules that can be re-used throughout the Department without further review or approval. The process will be folded into today's Configuration Control Board (CCB) activities. We will apply the emerging Certification and Accreditation processes to these solutions, ensuring that they provide the strong security required. Examples of security solutions to be deployed are:

  • Digital signature
  • Smart IDs and biometrics for authorization and authentication 
  • Guard technology for transferring data across security levels 
  • Firewalls, encryption, Secure Sockets Layer (SSL), and other technologies to provide intranet/extranet access to internal systems
  • PDA and laptop configurations for remote and wireless connectivity 
  • Password management for sensitive applications

  Fifth, we will ensure that all of State's business processes and systems protect personally identifiable information to the maximum extent possible. Process and system owners will be tasked with reviewing their operations to identify those that collect and/or record PII, seeking to minimize the need for such information, and ensuring that security measures are in place and fully tested to restrict access to personal information and to respond rapidly and effectively in the event of a breach.

  When the U.S. established its new diplomatic presence in Kabul in 2002, State was unable to establish secure telecommunications and provide remote access to needed IT systems and data under the battlefield conditions faced by our diplomats. In the same environment, the Department of Defense was able to provide troops with laptop access to classified data and systems. DoD was able to set up this effective, secure, and mobile IT environment in a matter of days. State must be able to do so as well.

  Renewed emphasis on these security solutions, along with a sensible risk management policy, promises to increase IT security while also improving the ability of our diplomats to do their jobs without unnecessary security impediments.

  MISSION IS JOB ONE!

  

  
  Table 3-4: Goal 4 Strategies

  Strategy	Key Components	Performance Indicators
  Consolidated IT Security Architecture	• Establish security standards, metrics, and monitoring  • Consolidate infrastructure security models	• Single network for each security enclave  • Demonstrated ability to meet all business requirements
  New Technology Assessment	• Rapid and responsive process for assessing and approving new technologies  • Clarify organizational roles and responsibilities  • Establish system owner as accrediting official	• 90-day decisions
  Identity Management	• Government standards -- HSPD 12, PKI, e-Authentication, FIPS 201	• Common access controls for other agencies and external partners
  Business Continuity	• Oversight by a single entity  • Objectives and metrics  • Comprehensive plan, schedule, and resource needs  • Enterprise business continuity services, e.g., shared COOP facilities, backup and recovery  • Execution of advance activities  • Comprehensive training  • Comprehensive annual testing	• Test results indicate full readiness, approved by executive management

  
  5. Work Practices and Workforce:  Leading Change

  State will organize its workforce and IT organization to support the achievement of the other four goals in this Plan, and to enable continuous adaptation to the increasingly rapid changes likely to occur, both in requirements and technology. Technical support operations will be regionalized or centralized, whichever is most cost-effective, to promote rightsizing at posts and missions, and to create centers of excellence at consolidated locations. Such consolidation will ensure that IT staff are positioned to deliver exceptional customer service to end-users to help them maximize the value of information and systems.

  The focus of Washington-based and regional organizations will be to support the direct diplomatic and foreign assistance work carried out in the field. The central IRM organization will focus on delivering solutions to the embassies and consulates. Innovations in technology will be configured, pilot-tested, and deployed first to field locations.

  This goal will focus first on the work practices and personnel engaged in diplomacy and foreign assistance, and then on aligning IT processes and staff to support the mission related work and personnel. The intent is to provide an integrated IT organization supporting all State operations and extended eventually to the entire foreign affairs community. This new organization will be customer-oriented and driven by service standards and performance metrics.

  IT governance processes will be streamlined to ensure that IT resources are allocated in accordance with the strategic plan and evolving priorities.

  As technology becomes more pervasive, the Department's foreign affairs officers will become increasingly reliant on the use of sophisticated technology in their daily activities. Under this goal, the Department will ensure that foreign affairs officers have the necessary skills to exploit new and evolving IT solutions. Building on the success of programs such as the Foreign Service Institute's "Training Continuum," innovative training programs and technologies will be used, much as was done under the FY 2001-2005 IT Strategic Plan.

  Training for Diplomacy Incorporate new technologies into FSI courses such as Political and Economic Tradecraft Create targeted user training for specific job categories/cones (e.g., B&F, OMS, Econ Officer) Use multiple training vehicles such as formal training, Computer-Based Training, one-on-one at people's desks Incorporate change management into training -use illustrations and focus training to inspire people to adopt new technologies and use them effectively

  OMSs will be trained to develop into an organizational resource for embassies in IT areas, such as publishing content developed by policy officers on classified web sites, and formulating effective Internet and database searches.

  The IRM Bureau and the IT workforce will change to mirror the new, broader focus on information resources: to help our personnel do their day-to-day work, which itself is changing. IT staff, especially those overseas, will spend more time helping end-users get the most value from IT systems and knowledge resources and less time maintaining hardware and networks. The IRM Bureau will focus on core information and user support activities, and will outsource non-core operations to the private sector or government-wide services. The end result will be an IRM Bureau organization re-tooled to provide knowledge leadership services, high-end consultative support to end-users, and technical support for the few unique Department applications.

  Service level management will drive the re-tooled IT support environment. Service levels will be established for all services, and service metrics will be collected and published on a monthly basis. Examples include:

  • Network availability and performance for each location 
  • Help desk responsiveness -- problem resolution within parameters 
  • Process execution -- e.g., ITCCB and Risk Management decisions within established performance parameters (e.g., time), Federal Reporting Requirements accomplished effectively - e.g., CPIC, EVMS. 
  • IT Infrastructure refresh performance 
  • Effective program management -- meeting milestones, quality standards, and budgets

  The Department will revamp its IT workforce, building on its recent successes in recruitment, retention, and training. The new IT worker will be skilled as an information consultant, able to help Department personnel make the most of the available knowledge bases and analytical tools and suggesting new technology solutions to meet business needs. IT staff at overseas posts will no longer worry about technical support for cranky hardware and applying software patches, tasks which consume far too much of their time today. Instead, they will become a valuable part of the Country Team, providing direct support for the post's strategic priorities.

  A new professional discipline will be identified: The "knowledge worker" will understand both mission imperatives and the intricacies of IT. Some technical staff will continue to support the IT infrastructure and technology, but there will be a shift in emphasis toward information consulting and end-user support.

  The success of this Goal and the entire strategic plan depends heavily on the Department's ability to promote innovation, absorb new technology, and make changes far more rapidly than it has done in the past. This will require effective change management and commitment at the highest levels of the organization. It will also require a systematic examination and clarification of the Department's work processes for mission and management related activities. This will enable a more effective IT program focused on 21st century diplomacy. It will also allow officers to make better use of the collaborative, decision support, and information sharing tools and transfer their expertise from post to post.

  Beyond the $3,000 Typewriter People use only a small fraction of the capabilities available to them through modern IT. To expand the value of technology, this Plan takes a holistic approach focusing on process reengineering, training, change management, as well as technology innovation. The Department must embrace the value of information and create a knowledge sharing culture.

  
  Table 3-5: Goal 5 Strategies

  Strategy	Key Components	Performance Indicators
  Innovative End-User Training	• Expand IT component of substantive training  • Explore ways to make courses more accessible to other agency personnel to improve the effectiveness of the federal overseas workforce  • Offer multiple training delivery mechanisms  • Require IT training for all personnel  • Change management	• Greater volume of IT-enhanced work products (e.g., multi-media, visualization tools)  • Measured skill levels of end-users and IT staff  • Attendance of end-users, include other agency personnel  • Greater use of IT tools in substantive business activities
  Performance Management for IT Service Delivery	• Reorganize the IT support organization for service delivery and customer orientation  • Establish steering committee of customers, including field/overseas users, and IT  • Develop service level standards and performance metrics  • Institute measurement and reporting	• Achievement of service metrics  • Corrective actions taken
  Revamp IT Organization	• Develop concept and structure for revamped IT organization	• Elimination of duplications  • Efficiencies due to economies of scale  • Adoption of new organization
  Technology Innovation	• IT laboratory for innovation  • Promote idea generation from multiple sources  • Open Standards  • Open Source	• User satisfaction with introduction of new technologies to meet business needs  • Elapsed time between identified requirement and adoption  • Reduced dependence on single vendors for critical technology such as operating system software
  Centralization/Regionalization	• Assess IT needs at posts, regions, and HQ  • Develop rightsizing plan for regionalizing and centralizing  • Adopt and manage service levels for centrally delivered service  • Explore alternative sourcing and pricing options  • Expand regional training and use local external training suppliers	• Achievement of rightsizing targets for IT and other personnel  • Customer satisfaction  • Availability of alternative sources and prices

  
  

  
  

  Appendix A: Mapping of IT Goals to State/USAID Strategic Plan Goals and Priorities

  Joint Strategic Plan		IT GOALS - Examples of IT Support for Strategic Goals and Priorities
  Strategic Goal	Strategic Priorities	1. The Right Information	2. Anytime/ Anywhere Access	3. External Partnerships	4. Risk Management	5. Work Practices and Workforce
  Strategic Goal 1: Achieving Peace and Security	• Counterterrorism  • Weapons of mass destruction and destabilization  • Conventional weapons  • Security cooperation and security sector reform  • Confli