It's not hard to imagine Casey Coleman on a horse rounding the barrels in a local rodeo where she grew up on a cotton farm near Lubbock, TX. But her soft Texas accent and twinkle in her eye belie the businesslike technologist at the core of GSA's CIO. Although there were no computers in the rural schools in the oil and farming community of Meadow, Texas, she knew early-on she liked solving problems and puzzles, and figured out that the IT industry could use those qualities.

An honors graduate in computer science from Texas A&M University and an MBA from the University of Texas at Arlington, she has spent more than 20 years in the technology world, at large companies and start-ups, on Capitol Hill and in a number of progressively more important jobs at GSA, the federal government's procurement and logistics agency. Appointed CIO in 2007, she became only the second woman to control the agency's $500 million IT program.

She has become a popular figure in the government IT community, chairing the American Council for Technology's 2009 Management of Change conference, serving on the AFFIRM and GITEC Boards, and winning a 2007 Fed 100 award. As moderator of a workshop on virtual worlds at last year's Executive Leadership Conference, she was introduced by her own dead-ringer avatar. And just like the human model, virtual Casey strode across the projection screen click-clacking in her trademark high heels to introduce her alter ego and the emerging force of Web 2.0 to a standing-room-only crowd.

Coleman began her career at Lockheed Martin Corporation in Dallas, where she spent several years as a software and systems engineer, developing onboard command and control systems for military systems deployed during the Gulf War. Later, an interest in current affairs that was nurtured in high school persuasive speaking competitions on the Cold War and current events, took her to Washington, D.C., where she worked for a year as a legislative fellow.

She went to work on the House Energy and Commerce Committee, for Representative Joe Barton (R-TX). Besides doing a lot of research she wrote speeches, attended hearings and dealt with constituents. "It was exciting to write opening remarks that Congressman Barton would read aloud that would later go into the Congressional Record," Coleman says. It gave her a sense of pride that she was contributing to something that was lasting, and impressed her with the intellectual underpinnings of the laws and policies made in D.C.

That impression stayed with her and brought her back to D.C. years later, after the terrorist attacks of September 11, 2001. Working for small Internet start-ups in Texas, she had ridden the dot-com boom and bust. But after 9/11, she wanted to return to D.C. and public service, she recalls.

Coleman was drawn to GSA because it's a "very business-oriented agency", she says. "Coming from industry, I liked GSA's mission to partner with industry to help fulfill the technology requirements of the federal government. It's also one of the few government-wide agencies, so you deal with a very broad spectrum of issues and organizations -- and it's always interesting."

She joined the agency as chief technology officer for the Office of Citizen Services in 2002. It was a heady time, when the Presidential E-Government Initiatives were launched with great fanfare and the Office of Citizen Services was created to house USA Services, the key presidential initiative geared to citizens, as well as the federal web portal, call center, and consumer publication center.

After two years, she moved to the GSA Federal Technology Service and moved up to become the CIO of the GSA Federal Acquisition Service when it was created through the merger of FTS and the GSA Federal Supply Service.

In August 2007, after CIO Mike Carleton moved to the Department of Health and Human Services, Casey Coleman was named GSA's CIO. In her previous positions at GSA, she had been a customer of the office so she had an appreciation of the work the agency CIO does. Her goal for the office is to make technology one of the mainstream functions at GSA. "Any initiative you can name has technology included - even a clean audit, for example, is supported by technology."

At the moment, her office is implementing the GSA Information Technology Global Operations program (GITGO). The project has been in the works for three years and is in its second year of operation. The GITGO program's mandate is to consolidate infrastructure across GSA - including the management of workstations, BlackBerrys, printers and the GSA e-mail help desk. So far GITGO has consolidated 39 support contracts into one services contract and 15 help desks into one. The program was created to save costs, and deliver secure, modern infrastructure to GSA employees. "We gained efficiencies and now we're trying to maintain efficiencies while providing support," Coleman says. The program has upgraded 2,500 workstations and laptops. It has also begun a technical refresh cycle that aims to refresh one-third of the agency's devices each year.

In June, Coleman was installed as the Vice President of the Association For Federal Information Resources Management (a non-profit, volunteer, educational organization whose goal is to improve the management of information in the federal government) has also set her sites on a public blog. She already uses an internal blog to communicate with the 235 CIO employees in GSA regional offices across the country, but sees the external blog as having a different purpose. With the external blog, she wants the focus to be on innovation and how IT can further innovation in government. She is looking to connect with a larger community, including other federal agencies, state and local governments, academia and non-profits.

She understands it is unusual for a government official to communicate extemporaneously, but has high hopes for her blog. "In government we spend a great deal of time on things we must do (such as compliance) so there's less time to be innovative and find creative ways to do things better."

All scorecard departments and agencies met the June 30 deadline to report successful demonstration of Internet Protocol version 6 (IPv6) capability, according to a July 1 notice from the Office of Management and Budget.

"IPv6 capabilities, along with all the IT-enabling initiatives such as Trusted Internet Connections, the implementation of the Federal Desktop Core Configuration (FDCC), and the IT Infrastructure Line of Business, should be addressed when establishing new business processes to deliver mission results," Karen Evans, administrator for E-Government and Information Technology, said in the memo.

The National Institute for Standards and Technology will issue the "US Government IPv6 Standards Profile" in the near future, according to the notice. "It has undergone extensive vetting by both industry and the federal IT community, and reflects a cogent and comprehensive articulation of the federal technical requirements for secure and inter-operable network products into the global IPV6 marketplace."

President Bush created a Suitability and Security Clearance Performance Accountability Council to oversee the consistent application of standards for investigating and determining the suitability of persons for government employment, in a June 30 Executive Order.

The Suitability and Security Clearance Performance Accountability Council will:

• ensure alignment of suitability, security, and contractor employee fitness investigative and adjudicative processes
• hold agencies accountable for the implementation of suitability, security, and contractor employee fitness processes and procedures
• establish requirements for enterprise IT
• establish annual goals and progress metrics and prepare annual reports on results
• ensure and oversee the development of tools and techniques for enhancing background investigations and eligibility determinations
• arbitrate disparities in procedures between the Suitability Executive Agent and the Security Executive Agent (two new positions held by the Director of Personnel Management and the Director of National Intelligence, respectively)
• ensure sharing of best practices
• advise the Suitability Executive Agent and the Security Executive Agent on policies affecting the alignment of investigations and adjudications.

President Bush signed the "Local Preparedness Acquisition Act" into law on June 26, authorizing state, local and tribal governments to use the federal supply schedules to acquire law enforcement and security-related items, including firefighting and rescue equipment.

The state, local and tribal governments now have access to GSA's Schedule 84 to buy homeland-security goods and services. The products and services offered on Schedule 84 include alarm systems, facility management systems, firefighting and rescue equipment, law enforcement and security equipment and marine craft.

OMB has increased its original target for federal government Internet connections, from 50 to "less than 100", according to its Trusted Internet Connections (TIC) Initiative Statement of Capability Evaluation Report. The TIC Initiative's purpose is to optimize and standardize external network connections to the Internet in order to improve the federal government's security posture and incident response capability. It will also provide centralized gateway monitoring through a select group of TIC access providers.

OMB revised the target number after reviewing agencies' statements of capability, which were submitted by April 2008. OMB will continue to monitor the government's needs and adjust the target based on business needs.

The Evaluation Report captured activity from December 2007 through June 2008. The report describes development of technical and business model capabilities required for all TIC access providers and evaluations of agency proposals for achieving the TIC requirements. From January to May, the existing connections were reduced to 2,758 from more than 4,300.

The report also states that there are:

• Two multi-agency service providers with seven potential TICs
• Sixteen single service providers with 72 potential TICs
• NETWORX providers with approximately 10 potential TICs.

Meeting last month in Seoul, Korea, the Organisation for Economic Co-Operation and Development (OECD), issued a roadmap to upgrade the communication policies that have helped the Internet become the economic driver it is today and to support its future development. In The Seoul Declaration for the Future of the Internet Economy, OECD declares

• our common desire to promote the Internet Economy and stimulate sustainable economic growth and prosperity by means of policy and regulatory environments that support innovation, investment, and competition in the information and communications technology (ICT) sector. We will work with the private sector, civil society and the Internet community to secure the ICT networks that underpin the Internet Economy as well as to take measures to protect the users of the Internet Economy, including the necessary cross-border co-operation.

Signers agreed on the need for government policies that promote competition, empower and protect consumers, and expand Internet access and use worldwide, as well as improved statistical indicators to measure access and use of the Internet and its networks. OECD also committed to take steps to increase confidence in the Internet, protect users online more effectively and fight cyber-threats through improved cross-border co-operation.

OECD's companion report, Shaping Policies for the Future of the Internet Economy, highlights ways to develop the Internet economy using a collaborative "multi-stakeholder approach to achieve an appropriate balance of laws, policies, self-regulation and consumer empowerment."

OECD is an international organization of 30 governments committed to the democracy and free market economy, including the United States. It provides a setting where governments can come together to share best practices and policy experiences on economic, environmental and social issues.

The European Community and ministers from Chile, Egypt, Estonia, India, Indonesia, Israel, Latvia, Senegal and Slovenia joined OECD members in signing the Seoul Declaration. David A. Gross, Ambassador, U.S. Coordinator for International Communications and Information Policy, State Department, and Kevin Martin, Chairman of the Federal Communications Commission, represented the United States.

USA.gov launched an affiliates program that makes its powerful search capability, USASearch.gov, available at no cost to any government web site in the United States. USA Search is currently being used by more than 200 federal agency affiliates. The new program expands this service to potentially thousands of state and local governments. Those interested in becoming affiliates can go to https://affiliates.usasearch.gov.

USASearch.gov, managed by the GSA Office of Citizen Services, searches more than 50 million federal, state, local and tribal government documents online.

The National Institute of Standards and Technology (NIST) released three IT security publications on June 30.

• Special Publication 800-79-1, Guidelines for the Accreditation of Personal Identity Verification Card Issuers provides appropriate and useful guidelines for accrediting the reliability of issuers of Personal Identity Verification (PIV) cards that are established to collect, store and disseminate personal identity credentials and issue smart cards, based on the standards published in response to HSPD-12. Managers can be assured that issuers who have been accredited, based on these guidelines, can be trusted as a provider of secure and reliable identification credentials as required by HSPD-12.
• Special Publication 800-53A, Guide for Assessing the Security Controls in Federal Information Systems provides procedures for building effective security assessment plans and a comprehensive set of procedures for assessing the effectiveness of security controls employed in information systems supporting the federal executive branch agencies. The guidelines apply to the security controls defined in NIST Special Publication 800-53 (as amended) and any additional security controls developed by the agency.
• Special Publication 800-67 Version 1.1 Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher has been updated.

A July 14 memo from Clay Johnson, OMB deputy director for management, gives agencies updated instructions for meeting 2008 reporting requirements under the Federal Information Security Management Act. FY 2008 Reporting Instructions for the Federal Information Security Management Act and Agency Privacy Management revises OMB's reporting requirements issued in January to reflect security and privacy policies issued during the year.

Agencies must submit the current documentation related to OMB's 2007 policy memo on safeguarding personally identifiable information in an appendix to the agencies' annual reports, and include:

• Breach notification policy
• Implementation plan and progress update on eliminating unnecessary use of Social Security Numbers
• Implementation plan and progress update on review and reduction of holdings of personally identifiable information
• Policy outlining rules of behavior and identifying consequences and corrective actions available for failure to follow these rules.

The Financial Systems Integration Office within the General Services Administration released the Federal Financial Management Standard Business Processes, which establishes the framework for standardizing, consolidating, and optimizing financial accounting practices across government to improve the cost, quality and performance of financial management operations.

The documentation for these processes includes:

• Sequenced activities for core financial business processes
• Business rules governing the process steps
• References to the financial regulations and the Core Financial Systems Requirements that affect those processes.

The Funds Management section details processes involved with funds control, and assists agencies in complying with applicable federal financial management statutes, regulations and requirements. The Payment Management chapter includes key steps in the processes from requisition to payment for commercial contracts and other acquisitions disbursed by the Department of the Treasury. Noted best practices in the document include: electronic processing, information routing, review and approval and separation of duties.

Agencies need to assign oversight of all key privacy functions to designated senior privacy officials, the Government Accountability Office stated in a report on privacy compliance. Without full oversight, designated senior officials may be unable to serve effectively as the agency's central focal point for information privacy, GAO concluded.

GAO looked at 12 agencies' policies and procedures related to key privacy functions and found that six agencies gave the designated senior officials full oversight, while the other six had other organizational units, not overseen by the designated senior official, performing certain key privacy functions.

OMB mandates that an agency's designated senior privacy official should have specific responsibilities that are grouped into six categories:

• conducting privacy impact assessments
• complying with the Privacy Act
• reviewing and evaluating the privacy implications of agency policies
• producing reports on the status of privacy protections
• ensuring that redress procedures to handle privacy inquiries and complaints are in place
• ensuring that employees and contractors receive appropriate training.

Pay for most IT workers in the private sector failed to keep up with the 5% increase in the cost of living in the past year, according to a mid-year 2008 salary survey of 20,000 IT executives, managers and employees in large and mid-sized companies. The survey was conducted by Janco Associates Inc., a management information systems consulting firm.

In many companies hiring is at the lowest level since 2004. Enterprises have slowed down, and in many cases, eliminated discretionary spending for IT, the survey found. This has resulted in fewer projects being initiated, a sharp reduction in consultants' hours and a slow-down of initiatives already approved.

IT Average Salaries June 2007 vs. June 2008

The Center for Digital Government and the National Association of Counties released this year's evaluation of America's top digital county governments. Counties that responded to the survey were measured on more than 100 data points about online service delivery, infrastructure, architecture and governance models.

The annual study names top 10 digital counties in four population categories. Here are the first-place winners:

• San Diego County, CA (500,000 or more population)
• Loudoun County, VA (250,000 - 499,999 population)
• Frederick County, MD (150,000 - 249,999 population)
• Charles County, MD (Less than 150,000 population)

Also available in pdf 340 kb

The National Electronic Commerce Coordinating Council (eC3) is accepting nominations for its 2008 eC3 Excellence Awards Program until September 10.

The Public Manager and ASPA's 2008 Inaugural Conference
Baltimore, MD
July 28-29

Web Manager University - Using Social Media to Communicate with Your Customers
August 6

GSA - FAS/ITS 2008 Network Services Conference
Dallas, TX
August 11-14

The 7th Enterprise Architecture Conference & Exhibition
Washington, DC
September 9-10

AFCEA Solutions Series - Information Assurance
Washington, DC
September 9-10

NASCIO 2008 Annual Conference
Milwaukee, WI
September 21-24

GTC East 08
Albany, NY
September 22-25

GOVERNING's Managing Performance 2008
Austin, TX
October 1-3

GEIA 2008 Vision Conference
Springfield, VA
October 22-23

2008 Federal IT and Privacy Summits
Washington, DC
October 22-23

ACT/IAC Executive Leadership Conference
Colonial Williamsburg, VA
October 26-28

The 6th Annual Program Management Summit
Washington, DC
November 18-19

The 9th Security Conference & Exhibition
Washington, DC
November 20-21

The Council of State Governments Annual Conference
Omaha, NE
December 4-7

National Electronic Commerce Coordinating Council Annual Conference
Seattle, WA
December 10-12

AFCEA Solutions Series - CyberSpace/CyberWarfare
Washington, DC
December 10-11

GSA's IRMCO
Cambridge, MD
April 19-22, 2009

Comments: We welcome your feedback.

Please send your comments, concerns, complaints and questions to dotgovbuzz@gsa.gov.

Check out our previous editions at www.usa.gov/dotgovbuzz.html.

The DotGov Buzz is produced by the following individuals in the GSA Office of Citizen Services and Communications:

Darlene Meskell
Andrea Noce
Bryant Jones.