active defence: safeguarding crucial capability while boosting functionality and delivering on roi
DESCRIPTION
Active Defence: Safeguarding Crucial Capability while Boosting Functionality and Delivering on ROI Presentation by Ricardo Alberto, CTO & Acting CIO , The Treasury, Australian Government at the Australian CIO Summit 2014TRANSCRIPT
Treasury
Profile
• Staffing of around 800
• Central policy advising agency
• Some IT knowledge in the department
• CIO has a proactive support role• CIO has a proactive support role
• Many challenges working in government
Delivery• Services• Projects• Innovation
Compliance• Agency requirements• Privacy• Security• Intellectual Property• Governance• Accessibility• Evidence• Recordkeeping
Compliance Challenge
RegulationsPoliciesStandardsLaws
• Innovation• Recordkeeping• Reporting• Freedom of Information• Public Governance, Performance and
Accountability• Workplace Health and Safety• Chief Executive Instructions
LawsAuditsProcedures
Security Challenge
A Strong Foundation
• We know what we’re up against (sources of
regulation, etc.)
• Innovation is a departmental priority – our • Innovation is a departmental priority – our
department wants us to try new things, so we
make the effort and don’t get put off by some
extra hoops to jump through.
Practical Behaviours
• Awareness
• Engagement
• Expectation management
Treasury in Action – DR Project
• 1970s building
• 7 years ago gutted Datacentre and put in a
pod system.
• 22 racks in total with about 16 in use, plus
4 at Secondary Site.
pre 2007
2008
Disaster Recovery
2003 Canberra Bushfires
Regulatory Environment
• Australian National Audit Office (ANAO)
– Better Practice Guides
– Audits
• Audit Committee• Audit Committee
Starting the Thinking
• Business understanding of Business Continuity
Planning
• Myths and misconceptions
• Be part of the solution• Be part of the solution
DRIP – DR Implementation Project
• DR, Storage, Virtualisation
• Site Recovery Manager
• PLUS… Network/Comms Upgrade
• PLUS… Improved Secondary Site• PLUS… Improved Secondary Site
• Benefits are difficult to see
Return on Investment
• Accurately mapped current position.
• Acknowledged that this was not a cost
reduction project.
• Cost of staff being sent home.• Cost of staff being sent home.
• Other risks including reputation.
• Cost of risk realisation, probability.
Today
Project Benefits
• Meet or exceed the reduction in the IT
Recovery Time Objectives for Critical, Vital and
Essential Business Functions.
• Reduction in disruption to the business.• Reduction in disruption to the business.
• Reduced interruption for planned major site
outages.
Finalising now…
PRIMARY SITE SECONDARY SITE
Point in Time
Commvault
(IntelliSnap
Proxy Server)
SAN LUN 1
IntelliSnap Protected
VM
REPLICA SAN LUN 1
Point in Time Point in Time
Framework for Success
• Good Governance – PM and Reporting
• Good stakeholder management
• Know your business
– Business Strategy– Business Strategy
– IT Strategy
– SWOT
• Understand your audience
Framework for Success
• Know people and their biases
• Don’t assume they care like you care
• Keep it real
• Keep stakeholders informed as needed• Keep stakeholders informed as needed
• Understand the competition for funding
What’s Next?
Current Treasury Projects
• Future Desktop Initiative
– Mobility (VMware and AirWatch)
– Desktop Replacement
• SharePoint Records Management• SharePoint Records Management
– RecordPoint
Questions