Commonwealth of Massachusetts Statewide Strategic IT Consolidation (ITC) Initiative Bi-weekly Statewide Working Group Discussion Document September 21, 2009 DRAFT – FOR DISCUSSION PURPOSES ONLY

IT Consolidation Working Group Meeting – Agenda 1 Change Impact Assessment Results/Staffing Inventory 2 Report Outs: Service Excellence Detailed Infrastructure Consolidation Plan 3 Next Steps: High-priority Program Items

Change Impact Assessment Results/Staffing Inventories Components of ITIL: Service Desk Change Impact Assessment Results/Staffing Inventories

Compilation of Job Function Data Thank you to everyone who helped with the data collection! Lots of hard work provided excellent results Data from Secretariats was compiled and the following graphs show Commonwealth level analysis Reflects preliminary data gathered and needs additional validation and refinement. Some data is still missing: IT Managers Contractors Upcoming validation steps will help drive to higher data accuracy For 9/30 deliverables, data received to date will be used for infrastructure and Secretariat staffing plans As data is validated, the new data will need to be incorporated in the staffing plans 4

Next Steps - Validations Initial data validation by Subcommittee Data validation with Secretariat CIO’s Provide SCIO’s Secretariat level graphs and original data files Request a second review of data based on analysis Timing: Starting next week Data Validation with NAGE and NAGE membership Provide NAGE with compiled data NAGE has said they may request job function validation with the employee Timing: Begin after Secretariat review 5

Service Excellence Report Out 2a Components of ITIL: Service Desk Service Excellence Report Out

1 2 3 Agenda Chargeback Maturity Assessment and Recommendations Vision Short-term Roadmap for Improvement 2 Mitigation Suggestions for IT Consolidation Start-up Costs 3 ITD ITIL Process Assessment and Recommendations General Recommendations for Process Management Roadmap for Improvement of ITD ITIL Processes

Vision for Chargeback – per the ISB Chargeback Subcommittee Services that are standard, formally defined in a Service Catalog that customers can use for planning and ordering, segmented to accommodate different cost and service level expectations Usage measurements and reporting that are fair, accurate and readily available; usage units that are effective in managing demand and encouraging cost-conscious consumption Chargeback Administration that is streamlined, automated, and documented; customers can easily access their usage data and receive error-free invoices Product Managers that take responsibility for the management of costs and the quality and evolution of their Services, able to adjust to changing demand while maintaining or reducing rates Costs that provide the customer the best value for the services provided, comparable to other states Customers feel valued, and understand their services and costs, with the assistance of Service Account Managers

Summary of Key Findings – Chargeback Maturity Dimension Assessment Findings (Gap) Recommendations Service Maturity Services are broadly defined /not segmented by cost drivers or service levels Catalog is newly published Provide standard offerings with varying service levels and costs Service Usage Management Usage collection is manual Inaccuracies are common Customers only see their usage on the invoice Establish Product Managers responsibility for the accuracy of usage for their services Maintain monthly usage history for customers Service Cost Management Cost allocations are often not well-documented Single-customer costs are sometimes included in cost pools Update the Chargeback Process Manual for allocation rules and assumptions Invoice customer-specific costs directly to that customer Chargeback Administration Largely manual back-office operations Customers expectations regarding quality of information and service are low Automate manual activity or standardize to make repeatable Identify customer data needs and provide appropriate information monthly Service/Cost Management Product Managers do not take responsibility for managing pool costs and developing their services Rate modeling and assumptions are not well documented Customers do not feel valued Provide role-specific training on Chargeback to Product Managers; Establish protocols for Project Managers to manage costs and service evolution Establish protocols for SAMs to proactively discuss services and costs with their customers

Short Term Roadmap for Chargeback Improvement Legend: Oct 2009 Apr 2010 Dec 2010 Dimension 2 3 4 5 2.7 3.5 4.0 Service Maturity Service Usage Management Service Cost Management Chargeback Administration Service/Cost Management Develop standard products for different cost & service expectations Customer-friendly catalogue pages 2.0 2.5 3.7 Automate/streamline usage collection Product Managers are responsible for reported usage Usage history online for easy customer access 2.3 3.0 3.7 Align costs to standard cost framework Remove single-customer costs are from pools Document all cost allocation assumptions 2.0 2.5 3.0 Identify information needs of customers Automate/streamline manual activity Provide for information needs of customers 2.0 2.7 4.0 Train Product Managers for Role Monthly cost pool reviews Models created for all service rates Product Managers have plans for the evolution of their services

Potential Mitigation Actions for IT Consolidation Start-up Costs # Description Pros Cons Comments 1 Lease, rather than Buy Review investment requirements for opportunities to lease rather than buy, to reduce FY2010 costs Aligns some of the startup cost to match, in timing, the revenue coming in from consolidation Will not help with all start up costs, if the items cannot be acquired on a lease basis, nor for additional labor costs Executives are familiar with Tax Exempt Lease Program, and like the idea of not having to take the risk of the residual value of an asset. 2 Defer expenses wherever possible In effect, moving expenses into FY2011 Current year savings fund current year investments, and the additional FY2011 revenue can fund the additional FY2011 costs. Deferring expenses can result in a net higher cost, paid in FY2011 or later This is done today for some telecom bills. 3 Secretariats Fund Startup Costs Reach agreement with new Secretariats for them to absorb the initial startup cost. Avoids first year startup cost bump for ITD Continues in the same fashion as the existing practice with BARs The Commonwealth still has an increase in cost for FY2010 Would exclude some Secretariats from participating in IT Consolidation that cannot or will not provide that funding. Counter-productive, as it would discourage Secretariats from IT Consolidation 4 Replace Contractors with employees. Many contractors have been engaged for years. They should either be converted to an employee, or replaced with an employee Reduces Salary expense Can accelerate the incorporation of Secretariat staff into ITD, per Consolidation Risk of specific knowledge that will be lost with long-term contractors Potential skill issue, due to Commonwealth salary scale Of little value for ITD Chargeback, since most contractors in ITD are working on Capital projects.

Potential Mitigation Actions for IT Consolidation Start-up Costs # Description Pros Cons Comments 5 All investments should be to ITD Standards Set or use the standard solutions in expanding the infrastructure, rather than buying to Secretariat preferred specifications Lower operating cost when working with one or a few types of equipment and software Potential procurement savings from aggregating volumes for standard components Some Secretariat applications may not be supportable by the standards 6 Take savings from major procurement leveraging, such as Oracle ULA Redirects savings that are windfalls for agencies and Secretariats Savings will need to be identified and the value transferred, which is likely to be resisted. 7 Secretariats are now consolidating IT expenditures at the Secretariat level. The CCIO is supposed to be informed of expenditures over $200,000. Those expenditures should be reviewed for appropriateness given IT Consolidation, and as another source of funds. Connect to consolidation at the Secretariat level. Uses authority that already belongs to the CCIO. Would prevent potential waste of resources. A process to collect the information and perform the review does not exist yet. Could make this an agenda item, or a report to be reviewed, at regular IT Consolidation governance meetings 8 Green Energy Credits Could provide some funds from rebates Not sure how valuable for a governmental entity, as tax benefits aren’t relevant

Potential Mitigation Actions for IT Consolidation Start-up Costs # Description Pros Cons Comments 9 Secretariats could replace contractors with employees This has been a proven way of reducing costs May help Secretariats lower labor costs, but no guarantee that these savings will go to assist IT Consolidation

ITD ITIL Process Maturity Assessment Findings Incident and Change Management are the strongest processes, however The largest weakness for Incident Management is the fact that there is no central management of dispatched incidents. Change Management suffers from an absence of a focus on Change success Problem Management is limited to Major Incidents, and the focus is Reactive, on identifying the root causes of past major incidents, not on preventing future incidents. Request Fulfillment suffers from not having separate procedures from Incident Management or Change, and no overall management coordination. Asset & Configuration Management is fragmented, solely focused on Assets, with no overall management or coordination of the process. Spreadsheets are what the technical staff regard as authoritative. Capacity Management is rudimentary, though there are activities, such as the reporting of resource utilization, that are a foundation to build upon. Process Name Current Score Incident Management 1.8 Change Management 2.1 Problem Management 0.8 Process Name Current Score Request Fulfillment 1 Service Asset and Configuration Management 0.6 Capacity Management

Executive Summary: General Recommendations … Desired Attributes and Outcomes Establish Service Management Key Performance Indicators (KPIs) Regular management review meetings Process ownership Management by outcomes that are measurable Support customer service focus and culture change Change the Culture Education Frequent communications Performance reviews and rewards tied to KPIs Establish customer service focus Change attitudes and behavior Tie rewards to Service Management results Integration with Secretariats Combine process improvement with integration Support transformations in operations in support of IT Consolidation Increase Standardization of Services Improve success of process and culture change Improve IT Consolidation success Revisit Technology Approach Reassess E2E requirements Ensure support of ITIL processes is part of requirements for platform tools Avoid carrying over bad practices and workarounds for prior issues and design flaws Support integration with secretariats

Roadmap for ITD Process Improvement Legend: Sep 2009 Jan2010 Jul 2010 Dec 2010 Process 1 2 3 4 Incident Management Change Management Problem Management 1.5 2.5 3.0 3 + Revise Process and republish Train staff on revised process Institute central management of dispatched incidents Institute regular review meetings of performance with improvement actions assigned as needed OLAs support SLAs and are managed Continuous Improvement Procedures based on KPIs 1.8 2.5 3.0 Revise process to focus on Change Results Initiate Post-Implementation Reviews Documented Change Planning & Testing Procedures for each technical team Audit compliance with Procedures Expand use of Configuration Mgt data now available 3 + 0.8 1.5 2.5 3.0 Initial trend analysis of Incidents Formal Recognition of Problems Major Incident RCAs done under Problem Management Create Process Document Train Staff on Process KPI in place and performance is reviewed Known Error database created and used Known Error Database utilized for Incident Mgt Process roles established, including lead on each technical team Downward trend in number of Incidents

Service Asset & Configuration Management Roadmap for ITD Process Improvement Legend: Sep 2009 Jan2010 Jul 2010 Dec 2010 Process 1 2 3 4 Request Fulfillment Service Asset & Configuration Management Capacity Management 1.0 1.5 2.2 3.0 Ensure E2E reflects promised completion time Service Desk support role Document the Process Establish performance reporting by Service & Customer Train on the Process Defined workflows for each Service/Type of Request built into E2E Automate request approvals to minimize manual nature of BAR process 0.6 1.5 2.5 3.0 Train on the Process Institute cycle-counting to validate data accuracy Formalize procedures for sub-sections of the process Configuration documentation maintained for all platforms Create overall process document Mandate authoritative data repository All technical platforms have configuration template documentation Asset information is complete, process for updating is under control Configuration relationships are documented Software is also included in managed data 0.6 1.2 2.2 3.0 Train on the Process Establish proactive review of capacity requirements Establish KPIs for managing the process IT Consolidation plans forecasts fully incorporated into Capacity Plan Complete existing capacity reporting Publish some standard units of capacity for services Create Process Document Complete standard units of capacity for services Create Capacity Plan Forecasting of capacity trends in place

Detailed Infrastructure Consolidation Plan 2b Components of ITIL: Service Desk Detailed Infrastructure Consolidation Plan Report Out

1 2 3 Agenda Playbook approach to infrastructure consolidation Building the infrastructure consolidation plan for data center services 3 Case Study

Building the Infrastructure Consolidation Plan The Detailed Infrastructure Consolidation Plan consists of two main components. The “playbook” which contains: The process to build the detailed plan. The repeatable “plays” to be executed with each application or family of applications that is consolidated. 1 The detailed plans by Secretariat which contain: Timeline sequencing individual applications or families of applications. The recommended consolidation approach and net change in hardware for ITD. 2

Approach to Infrastructure Consolidation – the “Playbook” To achieve efficiencies in planning and execution, a “Playbook” approach incorporating the operational and technology consolidations is employed. Phase 2 July 6 – Sept 30 Step 1: Assess current environment and existing requirements Step 2: Develop infrastructure consolidation approaches Primary responsibility Secretariat ITD Joint Step 3: Define detailed infrastructure plan Prioritize Step 7: Execute consolidations and stabilize environment Step 9: Refine capabilities Step 8: Transition to operations Step 4: Build ITD base capabilities Step 5: Develop detailed Secretariat consolidation plan Step 6: Provision resources according to plan This repeatable consolidation process is tailored to meet the needs of each of the technology threads for Data Center Services, Shared Enterprise (e-mail) Services as well as Network & Telecom Services.

Building the Consolidation Plan for Data Center Services In steps 1 to 3 of the consolidation process, detailed infrastructure consolidation plan will be created from the repeatable playbook-based approach Step 1: Assess current environment and existing requirements Step 2: Develop infrastructure consolidation approaches Step 3: Define detailed infrastructure plan Collected data allows ITD to understand each agency’s application profiles Applications are mapped to migration models for servers/storage/BC/DR based on their individual characteristics. ITD standard service offerings dictate the order of preference for each approach area 1 2 Agency Application Profile Server Consolidation Models Storage Consolidation Models Disaster Recovery Model Virtual to Virtual Shared to Shared Springfield <-> MITC Supporting Servers and Storage Physical to Virtual Dedicated to Shared MITC <-> Agency Platform and Backend Physical to Physical Dedicated to Dedicated Springfield Only Operations and Support Profile Lift and Shift Lift and Shift MITC Only Configure Options Supporting ITD Solutions The migration approach for each application is supported by a standard set of ITD solutions 3 Service Level / Service Delivery Model Security Requirements Network Requirements Facilities Requirements

P2V Server Consolidation Approach Process Flow The following outlines the rules of engagement for the consolidating an agency application that is migrating from a physical to a virtualized environment. Secretariat/ Agency ITD Service Account Mgmt Infrastructure Planning Group ITD Hosting Operations ITD Storage Operations ITD Security & Network ITD Facility Engineering Key Documents* ACS Application Consolidation Schedule SABP System Architecture Build Plan Agency Team ITD SAM IPG Members Hosting Members Storage & Backup Members Network & Security Facility Members Review the Service Catalog choosing an existing ITD service offering utilizing standard policies Work with Secretariat / Agency to complete BAR with service targets. Service Catalog must be continually updated with new standard service offerings when economies of scale can be found. In an optimum position, the majority of offerings should meet the agency needs and unique agency configurations should be minimized. Legend Process Activity Governance Activity Create a detailed migration schedule for the agency’s application Wiki Page ACS Key Documents Off-page Connector Create technical and process requirements for application instance Load and execute performance discovery tool Key Decision Point SABP Metrics and Estimates Iterative Process Validate sizing for server containers and storage Update capacity plans as appropriate SABP Configure server containers Allocate storage Configure network routes Identify firewall/security requirements Validate security zoning for application Build / transfer application Set network restrictions per security model Post Build

P2V Server Consolidation Approach Process Flow (cont.) The following outlines the rules of engagement for the consolidating an agency application that is migrating from a physical to a virtualized environment. Secretariat/ Agency ITD Service Account Mgmt Service Desk / NOC ITD Hosting Operations ITD Storage Operations ITD Security & Network ITD Facility Engineering Key Documents* ACS Application Consolidation Schedule SABP System Architecture Build Plan Agency Team ITD SAM SD Members Hosting Members Storage & Backup Members Network & Security Facility Members Plan & Build Legend Integrate ITD and Secretariat operational processes Process Activity Governance Activity Wiki Page Conduct load and User Acceptance Testing Schedule backups Key Documents Off-page Connector Configure Disaster Recovery replication (As required) Key Decision Point Metrics and Estimates Go Live Conduct Operational Readiness Testing Update Asset & Config Mgmt DB Iterative Process Stabilize and transfer to operations Decommission old instance

Data Center Services Consolidation Overview Applications and underlying infrastructure will be aligned to the consolidation waves as they were defined in Phase 1 of the IT Consolidation initiative and based on prescribed playbook approaches.

Immediate Action Items 4 Immediate Action Items Action Item Owner Priority Due Date Create distribution lists in the GAL SCIOs High 9/1 (Overdue) Gather any outstanding IT Infrastructure Data 9/4 (Overdue) Review and evaluate Change Impact Assessment Results for completeness and accuracy SCIOs (or designate) 9/30