Add Event To Calendar
600 E. Boulevard Ave., Bismarck, ND
The State Information Technology Advisory Committee of North Dakota will be holding a special meeting. In the event that any or all of the members of the governing body participate in the meeting by telephone or video, a speakerphone or monitor will be available at the location noted above.
At the time this notice is being prepared, the governing body expects the agenda of its meeting to include the following topics:
Large Project Reporting
Veteran's Home - Electronic Medical System
Adjutant General - State Records Mgmt System
Enterprise Architecture has transitioned to a new model; referred to as “EA 2.0.” The new framework is made up of four architecture teams (Application, Data, Security, and Technology) and the Information Technology Coordinators Council (ITCC). Governance is no longer structured hierarchically. Instead, all participants at all levels have an opportunity to participate in surveys at every decision point. The results are used as input to the CIO for establishing standards.
Cyber Insurance is typically used to offset costs incurred from a catastrophic data breach. The first step is to determine what protection is needed. The existing Risk Management Fund already covers third-party damages to citizens resulting from negligence within state government. Beyond that, agencies are exploring coverage to assist in meeting first party obligations and expenses including costs to send notices, provide credit monitoring and/or credit repair services, perform system forensic work, establish a help desk, or recoup costs associated with the loss of proprietary data.
Options include procuring a policy externally or self-funding some type of coverage internally within state government, possibly through Risk Management. Historically, self-funding insurance has been cost effective for the state. However, it would require legislative authority to establish a self-retention fund and any centralized purchase of insurance by Risk Management would require spending authority within the OMB budget bill.
Mobile Application Development:
Applications on mobile devices are typically delivered in two ways. (1) Mobile web; a web browser as a client. (2) Mobile app; a stand-alone client downloaded from the application store. Google Android (46%) and Apple iOS (51%) dominate the U.S. market. In recent years, ITD has been developing websites using Responsive Design, which allows websites to resize and reorganize based on the user’s screen size. Today, more mobile users are consuming services from applications (85%) than from websites (15%). In designing mobile application, two approaches are used; (1) Hybrid Mobile: A single codebase for multiple platforms (2) Native Mobile: A codebase targeted specifically for a particular operating system.
ITD is supporting both Responsive Design and Hybrid Mobile. We are also evaluating existing websites/applications for mobile candidates and identifying business cases that leverage device features such as camera, geolocation, push notifications, and local storage.
Vendor Application Hosting:
ITD has not historically rushed into cloud services because of the state’s investment in secure and cost-effective on-site hosting services. Today, more and more vendors are only offering “software-as-a-service” options. Therefore, ITD is accelerating preparations to leverage strategic cloud solutions.
Identity is one of the first areas to address when moving to the cloud. ND utilizes a single Active Directory to manage authentication and authorization. To maintain a strong security posture, ITD is committed to integrating the state’s Active Directory with cloud services.
Understanding risk is another area that requires due diligence. A structured risk assessment will be conducted prior to moving an application to the cloud in order to evaluate the implications on architecture, security, data, and strategy.
ITD plans to broker cloud services. This will help to maintain an inventory of cloud services, manage risk, ensure consistent contract terms, identify key integration points, and promote common standards. Rates for brokering will likely be assessed using a percentage of the cloud service cost; with minimum and maximum caps defined.
Enterprise Architecture (EA) interweaves business and IT together. It consists of the vision, principles, and standards that guide the purchases and deployment of technology within the enterprise.
The State Information Technology Advisory Committee (SITAC) has three primary responsibilities, as described in ND Century Code (Chapter 54-59):