GTA Adopts 10 New IT Standards

GTA has adopted 10 new IT standards whose purpose is to ensure the appropriate management of IT-related expenses, risks and benefits.  The most prominent are the Enterprise Operating Environment (EOE) standard and the Enterprise Performance Lifecycle (EPLC) standard.

The EOE standard requires all new IT systems or existing systems undergoing significant modification to be designed to take advantage of the cost-effective, world-class IT services offered by GTA through its infrastructure and managed network service providers.  The goal is to ensure state government obtains the maximum value and benefit possible from these services.

The EPLC standard combines GTA’s existing standards for IT operations, strategic planning, project management and information security into a single, 10-stage framework.  The framework is designed to control risk and to ensure IT investments deliver on their projected value.  Each stage includes requirements to be met before a system moves on to the next stage.  During a system’s operational stage, the business owner must conduct annual reviews to determine if the system is continuing to deliver on its original commitments, or if remediation, including possible disposal, is appropriate.

All 10 new standards can be downloaded below.

Applications with Standard Desktop Clients – Requires the use of industry-standard Web browsers to support the state's business applications.  Web browsers should not be customized.

Deployed Software Currency – Ensures software is kept under support if possible.

Design Criteria for Data Network Protocols – Ensures all new systems use network protocols supported by GTA’s vendors.

Enterprise Operating Environment – Establishes GAIT infrastructure and managed network services as the enterprise services for the executive branch.

Placing Applications into Production – Specifies minimum deployment controls and coordination tasks between development staff and operational personnel throughout development and deployment to ensure stable operations.  A deployment certification is also required from an appropriate agency official to authorize a system’s deployment.  The Deployment Certification standard specifies the content and format of the certification.

Performance Lifecycle Management – Establishes minimum common practices, including oversight for managing the entire life of an IT investment, to ensure IT investments provide the desired return.  The scope is from concept through retirement.  Two standards support the Performance Lifecycle Management standard:

• Performance Lifecycle Framework discusses details of 10 lifecycle stages that may be selected by an investment governing body for oversight, and
• Performance Lifecycle Stage Gate elaborates on the requirements for reviews that follow each stage before promotion to the next stage.

System Development Lifecycle – Requires agencies to specify one or more industry-standard SDLCs for use when developing, customizing or maintaining IT application solutions.  The scope of an SDLC covers project development tasks typically incorporated in EPLC stages 3 through 7.

Agencies may submit statements about the cost impact and effectiveness of the new standards prior to their becoming permanently effective in March 2010.  Comments must be submitted by February 15, 2010, to Mark Reardon, Chief Information Security and Senior Technology Planning Officer, at Mark.Reardon@gta.ga.gov.