visit our website   |   PDF Version OC CIO
OC Technology Quarterly
OC Technology Quarterly OCTechnologyQuarterly
March 2013 Issue 3 - Volume 01
From the CIO
IT Project Governance Starts with a Solid Business Case
During the past several months, Agencies and Departments were busy preparing their annual budgets. As part of this process, the Information Technology sections of each department developed their annual IT project requests and justifications. This was done by completing a detailed project business case (Information System Request) that includes identification of the problem or opportunity the project will address, alignment with County business goals, any known project risks and dependencies, the project timeline, expected outcomes, performance measures
spacer holder
and how the project would be funded. The business case also includes a detailed cost plan that identifies project costs, benefits, and the expected Return-on-Investment (ROI) and payback period for the initiative.

All IT project requests (for initiatives ≥ $150,000) are submitted to CEO Budget as part of the annual budget process. CEO Budget ensures completion of the forms and then provides all requests to the CIO’s Project Management Office (PMO). As part of the Countywide IT governance process, the PMO then leads the IT Investment Review Board, consisting of County business and technical leaders, in evaluating and rating the business cases in order to prioritize the requests and make funding recommendations to the CEO and the IT Executive Council.

Some projects request budget from the General Fund 038 Data Development fund, while other projects are Agency-funded. In either case, the goal of the IT Investment Review Board is to ensure that the projects Agencies/Departments are requesting have a solid business case and make sense for the County to invest in.

As part of the FY 13-14 IT Project review process, the IT Investment Review Board evaluated business cases for 14 IT projects. Of those, 3 were recommended for funding by the 038 Data Development fund. These included the Auditor/Controller CAPS+ 3.1 Upgrade, which includes an eProcurement module; the Public Administrator/Public Guardian’s Conservatorship System, which will replace their outdated ePages system; and the CEO/IT Countywide Collaboration Portal which will replace the County’s antiquated Intranet site with a more current, self-service platform that will allow Agencies/Departments to share information and collaborate more effectively. Each of these initiatives had a solid business case and will benefit multiple county users and constituents. In addition, four Agency-funded projects also had solid business cases and were recommended for funding.

If you would like additional information on the County IT Governance processes, please contact Martha Campbell, CEO/IT PMO Director.
green arrow Featured in this month's newsletter
01 Initiatives 02 Program Brief 03 In Recognition 04 IT Service Spotlight 05 Did You Know?
IT Sourcing Update
sourcing spacer On February 2, 2010, the Board authorized the development of a Request for Proposal (RFP) for a managed services contract for Information Technology services that are provided through CEO/IT via the current staff augmentation contract with Xerox State and Local Solutions. The Board also authorized the inclusion of requirements for a Countywide converged voice and data network in the same RFP.

The established sourcing strategy goals included:
  • Improved service delivery
  • Guaranteed service levels
  • Timely technology refresh and legacy system renewal
  • Maximum resource flexibility
  • Innovation and continuous improvement
  • Increased cost efficiencies
The RFP included two separate scopes of work. Scope 1 includes Data Center Operations, Service Desk, Desktop Support and Applications Services. Scope 2 includes Countywide Voice and Data Network. This scope proposes to transform the County from its current end-of-life voice system with separate data network lines to a converged voice and data network infrastructure with Voice over Internet Protocol (VoIP) capabilities.

Given the complexity and criticality of the RFP, the proposal evaluation process was extensive. The evaluation teams were comprised of over 40 County stakeholders from Agencies/Departments and CEO/IT, and non-County entities. These teams were staffed with individuals possessing technical expertise in specific service areas. Additionally, a Source Selection Committee was established, consisting of County and non-County participants, to view the consolidated scoring and recommendations from each technical evaluation team. Furthermore, an IT Sourcing Executive Committee, comprised of County executive management and led by the County Executive Officer, provides oversight.

The evaluation process resulted in the following recommendations that were approved by the Board in November 2012.
  • Select SAIC as the primary and Xerox as the secondary vendor to enter into negotiations for Scope 1 services
  • Select Xerox as the primary and Verizon as the secondary vendor to enter into negotiations for Scope 2 services
Since that time, Vendor negotiations have been in progress. It is expected that the contracts will be ready to go the Board for approval in early May 2013. The contract with the current provider will be extended to accommodate sufficient time to transition services to the new IT Sourcing vendor(s).

If you would like additional information on this initiative, please contact Christina Koslosky, Assistant CIO.
Sheriff Implements a Personnel History Index System
crm spacer The Sheriff’s Department began rolling out their new Personnel History Index (PHI) system in April 2012 using Microsoft’s Customer Relationship Management (CRM) framework with customized features that fit the Sheriff’s Department workflows. When complete, the system will bring together disparate databases, providing the ability to view all personnel data retained by the department in one system. This comprehensive database creates a complete personnel history for all employees, supplying accurate data and information for department executives to conduct comparative analysis and
look at trends within the department as a whole.

The first module implemented within the department was the Commendation/Complaint module. “This module provides the ability to capture information about incidents that occur, ensuring that positive incidents are acknowledged and areas for improvement are identified,” said Capt. Mark Long, then commander of the Strategy, Accountability, Focus and Evaluation (S.A.F.E.) Division. The system also helps to identify risk factors that could improve overall employee performance.

Following the successful implementation of the Commendation/Complaint module, the Sheriff implemented three additional modules, including Workers’ Compensation, which provides the ability to create, track and monitor work-related injuries and claims; Traffic Collisions, which tracks injuries, damage and collision information for department employees; and Risk Management, which allows accurate trend analysis to reduce the department’s liability and exposure to lawsuits.

Two additional modules will be implemented in April 2013, including Internal Affairs, for the Sheriff Internal Affairs Bureau to more accurately enter, track and report personnel investigations; and the Use of Force module, which records use of force incident information, providing data for department management to monitor and identify potential risk factors.

The new CRM platform also enables the ability to interconnect the databases of all six modules. For example, if an employee is involved in a traffic collision that results in a risk management claim, the system would indicate the connection between the two. If the employee was also injured and filed a worker’s compensation claim, that also would be displayed. “This new interconnection will provide a global snapshot of a specific incident. It is far superior to the limited database we used previously,” said Sergeant Chris Corn.

Microsoft’s CRM has provided an excellent platform for the Sheriff to collect and manage employee data and will be expanded for other uses within in the department. If you are interested in learning more about the Orange County PHI project, contact Sergeant Chris Corn at the Orange County’s Sheriff’s Department, S.A.F.E Division,
Program Brief
Collaborating with Other Counties on IT Initiatives and Issues
The California County Information Services Directors Association (CCISDA) is the official organization of County Information Technology Directors and Chief Information Officers in the State of California. The association was spacer CCSIDA
formed in 1953 to provide a platform for the exchange of information and the comparison of experiences between counties as a way to promote the efficient and effective operation of Information Technology within County government. Interest in the association quickly expanded the original nine county membership and nearly all California Counties participate today.

Orange County is an active member and has fulfilled the role of association president three times: Jim Fallon (1963), Bob Farmer (1973), and Satish Ajmani (2007). Each year, a County Chief Information Officer is selected to be President of the Association for a one-year term. Individual membership is authorized by a County’s Chief Information Officer and usually includes participants that have a role in Countywide IT operations and initiatives.

One thing that CCISDA brings to the forefront is that many counties are dealing with the same information technology challenges as we are: outsourcing, centralization, charge-back models, aging systems, mandates and innovative solutions, e-discovery, and the list goes on… CCISDA members work together to provide sharing of information, computer applications and products, consulting services to member counties and support organizations, and systems integration work between counties and State and federal applications.

CCISDA primarily collaborates through two semi-annual conferences, a SharePoint collaboration portal, and small focus group engagements. General topics include discussion forums for critical IT matters such as security, law and justice, property tax systems, IT governance and operations, and more. It is common for CCISDA members to receive group e-mail inquiries from counties in search of information and artifacts about IT procurement, policies and procedures, strategic initiatives and information about particular solutions and vendors.

The spring 2013 CCISDA conference, “Rethinking Boundaries” was just held in March in San Francisco. In addition to roundtable sessions, the agenda included the following workshops:
  • Microsoft - EA Approaches / Futures
  • CGEN / CalNet 3
  • IT & Telecom Funding Strategies
  • Mobility & Cloud Considerations
  • Attracting & Retaining IT Staff As Things Heat Up
  • The Future of IT
An unusual event at this particular conference was an invitation to county property tax department business staff to attend a four-hour information sharing session on property assessment and tax system replacement projects. Orange County Auditor-Controller and Clerk of the Board business staff were among 50+ other attendees.

Orange County’s Chief Information Office sees great value in the CCISDA member network and actively participates. County Agencies that would like to leverage the knowledge base and material of this collaborative forum may do so by contacting CEO/IT at 714-834-2525.
In Recognition
ocgov web site spacer
The Chief Information Officer Recognizes the eGov Team
In January 2013, the County of Orange officially launched its re-designed Web site,, which includes a fresh new look, enhanced features, and streamlined navigation.

“I want to express my gratitude to County staff for their hard work and perseverance in preparing our new site to go live,” said Mahesh Patel, Chief Information Officer. “This
achievement has been a model for successful teamwork, and we have all been rewarded with a site that the County and our constituents can truly be proud of.” The County Web site is visited more than 10 million times yearly, with nearly 30 million Web pages viewed.

Public Information and Information Technology staff from participating Agencies and Departments partnered with Civica Software in the design process to consider important elements that would impact external users – the community members we serve. Committees discussed branding and information categorization, site “look and feel” and navigation, as well business processing needs such as filing, registration, inquiry, search, payment, and subscription.

The resulting changes are already making the online experience more intuitive and visually pleasing for our visitors. These include:
  • Interactive maps for County libraries, facilities and parks
  • Ability for Rangers to update park status in real-time using their smartphones
  • Library catalog search
  • Foreign language translation
  • Google search
  • Simplified content organized into new top tabs: About the County, Agencies & Departments, Business, How Do I, Residents, Services and Visitors
  • Popular and Resource tabs that provide quick links to our most sought after information
  • Countywide and department-specific event calendars
  • MyOC application that enables visitors to register and customize a personalized version of the website
  • Disaster recovery to keep the website online during emergencies
From an internal user standpoint, the Civica solution provides an application interface that is easier to navigate – making it simpler for staff to edit and update their Web sites without having to request assistance from Information Technology staff. The contract, which is expected to produce significant cost savings, also represents the County’s first IT managed services model that establishes quality control metrics for Civica’s performance in supporting our web sites.Agency and Department teams were essential to this process, and their vision and hard work are worthy of recognition by the CIO’s office:

Amy Abeling
Audra Adams
Marguerite Adams
Christopher Aguilera
Al Alamo
Elizabeth Alianell
Renee Aragon
Tangela Ashe
Nina Badalamenti
Diana Banzet
Bill Bauer
Kristi Bergstrom
William Bogdan
Louis Bronstein
Abe Buelna
Martha Campbell
Kara Carroll
Kelsey Cena
Raymond Cheung
Grace Chou
Emily Christianson
Linda Cota
Steve Cote
Molly Craig
Phillip Daigneau
Camelia Danciu
Ericka Danczak
Jennifer Davis
Jane Dawson
Susan DeBaun
Kristine DeLeon
Taline Demirjian
Mike Desai
Cristina Diaz
John Doan
Ryan Drabek
Mirna Elvir
Anne Fialcowitz
Loretta Fonseca
Bonnie Foster
Craig Fowler
Clyde Gamboa
Maribel Garcia
Joseph Giese
Melva Gipson
Jessica Good
Marianne Goodrich
Jesse Guillen
Matthew Harper
Ed Harrison
Lily He
Jason Hensley
Yvonne Herrell
Ken Hong
Michelle Huang
Katie Ingram
Merilyn Inigo
Lou Jones
Wesley Kanamori
Deborah Kroner
Nancy Latimer
Mark Lopez
Tony Lucich
Yasie Malek
Miguel Martinez
Pat Martinez
James Mata
Gary Mills
Julie Nguyen
Sabrina Noah
Maria Nofal
Shawn Noss
Cecilia Novella
Marisa O'Neil
Lauren Ortega
Jean Pasco
Hiren Patel
Jayesh Patel
Leon Phung
Ed Plate
Sergio Prince
Brian Rayburn
Anne Riseling
Elsa Rivera
KC Roestenberg
Nadine Romero
Ian Rudge
Stephen Salcido
Sumit Sapra
Jenna Sergio
Marjon Shabanpour
Zainab Shah
Lisa Smith
Angeline Soto
Ken Sprague
Nicole Stanfield
Vicki Stewart
Robin Stieler
Howard Sutter
Alma Sweeney
Mar Taloma
Mitch Tevlin
Deanne Thompson
Pete Ting
Sherry Toth
Erin Ulibarri
Kerry Underwood
Milton Vasquez
Renee Welling
Cindy Wolfe
IT Service Spotlight
CEO/IT To Offer New Virtualized Server Environment
The virtual server environment, also known as Virtual Machine (VM), is a critical component of CEO/IT’s Enterprise Shared Services and its reliability and stability are paramount to ensure optimum access to County agencies who utilize this critical resource. In FY 2012-2013, two-thirds of the servers in the existing HP virtual server infrastructure were six years old, exceeding the industry standard end-of-life timeframe for most hardware, especially hardware that is in use 24/7. In addition, the version of VM Ware in use is no longer supported by the spacer virtual

To address this risk, CEO/IT completed a competitive bidding process to replace the existing HP Virtual server environment and awarded a contract to EPlus Technologies. EPlus Technologies is partnering with CISCO to implement the CISCO Unified Computing System (UCS) virtual server infrastructure. The CISCO UCS solution is a recognized world class technology providing significant enhancements in our capabilities including:
  • Additional capacity for virtual machines
  • Improved performance and reliability
  • Enhanced management tools to improve operational efficiencies
  • Additional security features provided by Nexus 1000v
This new virtual server infrastructure is currently being configured and tested in preparation for the migration of the existing HP VM infrastructure to the new CISCO platform which will begin in April 2013. This major milestone will be completed over several months in order to mitigate any operational impacts to County agencies and critical services.

The new platform provides the County with a wide variety of options and will allow CEO/IT to convert a greater number of standalone physical severs to virtual machine (VM) technologies, double the current capacity from the ability to host 250 to 500 virtual servers, as well as reduce power consumption by a minimum of 40 percent. By utilizing the new capabilities of this system, CEO/IT will enhance current services with the eventual goal of empowering the agencies to self-provision VM servers.

CEO/IT is considering other uses for this system in the future, including a private Cloud offering and leveraging this new platform for Virtual desktops within CEO/IT.

CEO/IT managers Mark Khanlar and Gary Mills have been instrumental in this project and can be contacted for additional information.
Did You Know?
Precautions You Can Take to Be “Cyber” Secure
In today’s environment where everyone is connected to the Internet, accessing data and performing online transactions, it is important to keep your information protected. Below are recommended steps you can take to be safe online. Following these will help reduce your risk of being hacked and help keep your private information safe.
  1. Passwords: Use strong passwords to secure your information. Passwords should have at least eight characters and include uppercase and lowercase letters, numerals and special characters. It is important to keep different passwords for different accounts. This will reduce the chances that if one password fails your other accounts will be vulnerable as well. Do not use the same passwords for accessing work systems on any other accounts.

  2. Use of External Devices: Many organizations have policies that limit the use of external devices (computers or devices such as thumb drives, smartphones and mobile devices that are not the property of the organization). These policies are intended to protect the overall system, and we urge you to follow your organization's policies. As a home user it is important to be cautious about connecting devices that don't belong to you to your computer equipment, as you cannot be sure that they are properly protected.

  3. Watch out for Phishing: Phishing is a tactic used by scammers to obtain your personal data, such as credit card numbers, passwords, account data, or other information. The scam typically attempts to entice email recipients into clicking on a link or opening an attachment that results in malware being downloaded onto your computer. While it may be difficult to spot some phishing attempts, it's important to be cautious about all email communications you receive, including those purported to be from "trusted entities". Be careful when clicking on links or attachments contained within those messages. Additionally, do not respond to any unsolicited emails and do not open attachments contained in those messages.

  4. Limit online transactions: Only shop at sites from companies you are familiar with and trust. When shopping online, look for the lock symbol or “https” in the website URL to indicate the transactions are secure. Be wary of potential scams -- if it sounds too good to be true, it probably is. Do not use a public computer or public wireless when performing an online transaction. Additionally you should make payments by using a credit card rather than a debit card, as credit cards are protected by the Fair Credit Billing Act and may reduce your liability if your information was used improperly.

  5. Update your systems and software: It is important to keep your systems and software up-to-date. System and software vendors often find vulnerabilities that they fix in the latest update. If your computer is not updated then you may be leaving it open to attack via these vulnerabilities. Set programs and systems to auto-update to avoid missing a critical update. This includes your operating system, office suite, Adobe, media players, browsers, and other programs that can access the Internet.

  6. Protect and secure mobile devices: It is important to make sure you secure your portable devices to protect both the device and the information contained on the device. Establish a password and enable screen lock or auto lock on all devices. If your device has Bluetooth functionality and it's not used, check to be sure this setting is disabled. Some devices are Bluetooth-enabled by default. If the Bluetooth functionality is used, be sure to change the default password for connecting to a Bluetooth enabled device.

  7. Use anti-virus and anti-spyware programs: Anti-virus programs can stop viruses, worms, and other malware. Anti-spyware programs can stop malware that perform certain behaviors such as pop-up advertising, collecting personal information, or changing the configuration of your computer. It is important have these programs installed on your computer. Keep these up-to-date by keeping the license active and the program set to auto-update to ensure you have the latest protection available.

  8. Securing wireless networks: Wireless networks are not as secure as the traditional "wired" networks, but you can minimize the risk on your wireless network by enabling encryption, changing the default password, changing the Service Set Identifier (SSID) name (which is the name of your network) as well as turning off SSID broadcasting and using the MAC filtering feature, which allows you to designate and restrict which computers can connect to your wireless network.
visit our website   |   PDF Version Copyright © 2012 County of Orange, California
Contact Us: Email: