The Policy Development Process

1
The Policy Development Process

• Leroy Hurt
• Plans and Policy Group
• Management and Oversight of Strategic
  Technologies Division (MOSTD)
• Washington Department of Information Services
• (360) 902-3574 leroyh_at_dis.wa.gov
• October 25, 2004

2
How to Talk Like a WonkKey terms

• Policy. Brief statements of ISB direction with
  respect to the planning and management of
  information technology requiring compliance.
• Standards. The degree or level of requirements
  that agencies shall follow. Like policies,
  standards are mandatory unless specific
  permission for a variation is given by the ISB.
• Guidelines. Optional but recommended course of
  actions. They are how to documents that
  describe ways for agencies to comply with
  policies and standards. Unlike policies and
  standards, guidelines are not mandatory. They
  may be followed to the extent that agency
  management finds them useful.
• Tools. Practices and deliverables available for
  agency use to enhance services and operations.
  Like guidelines, use of tools is not mandatory
  but is encouraged because of their standing as
  best practices.

3
How Policy is DevelopedEnterprise collaboration
and consensus building

• ISB Policy
• Defines an enterprise wide approach to
  Information Technology
• Promotes cultural change when needed
• Aligns with national initiatives and standards
  where appropriate
• Seeks to achieve a balanced approach where
  controls are commensurate with severity and risk

• ISB Policy Process
• An inclusive process built on early stakeholder
  involvement and effective, consistent stakeholder
  communications
• Documented and well understood
• Consistent, expeditious and adaptable
• Initiative Annual review via MOSTD Policy,
  Standards, and Guidelines team
• Update to reflect current technology
• Cross reference to other policies for consistency

4
How Policy is DevelopedThe process
Policy Review and Compliance Phase
Comment and Revision Phase
Endorsement Phase
Drafting Phase

• Develop plan
• Solicit executive support
• Recruit workgroup
• Create initial draft

• Publish initial draft
• Solicit comments
• IT community (CAB, WACIRC, etc.)
• State businesses (CIO, deputies, etc.)
• Communities of interest (SIEC, SACS, WAGIC, etc.)
• Revise
• Publish final draft

• Present for stakeholder and community of interest
  endorsement
• Present to ISB for approval
• Publish
• Train
• Agencies implement

• Manage compliance
• Periodic policy review

5
How Policy is DevelopedWhere stakeholders impact
the process
Comment and Revision Phase
Endorsement Phase
Policy Review and Compliance Phase
Drafting Phase
Policy recommendations can originate with
stakeholders as well as with policy staff
Compliance is a collaborative effort
Stakeholder input is valued
6
How Policy is ManagedAnnual compliance letter
7
How Policy is ManagedAnnual policy refresh
initiative
8
How Policy is ManagedAnnual policy refresh status
9
Where To Find Policy Information

• IT PORTFOLIO MANAGEMENT Policy, Standards, and
  Guidelines http//dis.wa.gov/portfolio/index.htm
• Chapter 43.105 RCW http//www.leg.wa.gov/RCW/index
  .cfm?fuseactionchapterdigestchapter43.105

10
SIEC Update

• Leroy Hurt
• Plans and Policy Group
• Management and Oversight of Strategic
  Technologies Division (MOSTD)
• Washington Department of Information Services
• (360) 902-3574 leroyh_at_dis.wa.gov
• October 25, 2004

11
What It Is SIEC background

• Created by RCW 43.105.330
• Effective July 1, 2003
• Major responsibilities
• Develop policies, manage frequencies, foster
  cooperation
• Membership
• Currently 13 members 7 state, 6 local

12
What it is SIEC background - continued

• Governance
• SIEC meets quarterly
• SIEC Advisory Workgroup (SAW) meets bi-weekly
• Technical/Frequency Management Workgroup meets
  bi-weekly
• SIEC Funding Workgroup currently being activated

13
Where its beenMajor initiatives

• Inventory of State Government-Operated Public
  Safety Communications Systems (Dec. 19, 2003)
• Interim Statewide Public Safety Communications
  Systems Plan (Mar. 30, 2004)
• Inventory of Statewide Public Safety
  Communications Systems, Phase 1 Report (Jul.
  30, 2004)

14
Where its going Statewide public safety
communications plan

• Due by December 31, 2004
• High-level summary of public safety
  communications systems usage and management
• Assess steps already taken
• Set goals for enhancing interoperability
• Provide recommendations for new approaches to
  governance, funding and policy
• Assess budget implications for enhancing
  interoperability

15
Where its going Statewide public safety
communications plan

• Due by May 30, 2005
• Identify best practices
• Determine governance requirements
• Identify and analyze alternative interoperability
  approaches
• Make detailed technical recommendations for
  achieving goals of final plan
• Provide detailed equipment cost projections

16
Local government has a stakeInformation
gathering forums

• Completed forums
• Spokane
• Wenatchee
• Pasco
• Battle Ground
• Port Angeles
• Everett

17
Local government has a stakeInformation
gathering forums

• Upcoming forums
• Tuesday, October 26
• Homeland Security Region 5, hosted by Thomas
  Symonds, Homeland Security Regional Coordinator
• City-County Building, 930 Tacoma Avenue South,
  Room 1150, Tacoma
• 100 p.m.
• Wednesday, October 27
• Homeland Security Region 3, hosted by John
  Taylor, Homeland Security Regional Coordinator
• Thurston County Roads Transportation Office,
  2404 Heritage Court SW, Olympia
• 100 p.m.

18

• More information
• about the SIEC Forums can be found
• on the SIEC Website
• http//siec.wa.gov
• then click on Press Releases.