To ensure that IT projects have the oversight needed to better position them for success, CalTech should require state departments to follow its IT policies, including developing all necessary plans and receiving all required training.
Statewide Information Management Manual (SIMM) 45 updated for departments to follow CDT policies.
California Project Management Framework (CA-PMF) was published in May 2016. See TL 16-04. The CA-PMF offers guidance and insight on project management methods and approach (through the use of resources, tools, and templates), as well as narratives detailing the justifications for why specific activities should be performed. The CA-PMF is designed to be scalable to accommodate the various needs of projects.
Prior to completion of the CA-PMF, California Department of Technology (CDT) decided to separate policy mandates from project management guidance. In particular, CDT determined that the priority for policy mandates should be on reportable IT projects. As a result, CDT modified the IT Project Oversight Framework - SIMM 45 in July 2016 to include the oversight related components previously published in the CA-PMM.
- Project Management Risk Assessment
- Project Complexity Assessment
- Project Status Reports
- Independent Project Oversight Reports
Information Technology Project Oversight Division (ITPOD) has drafted an escalation process to raise awareness and foster appropriate actions concerning significant risks and issues to increasingly higher levels of CDT leadership. ITPOD has also drafted a Corrective Action Plan framework to notify departments that remediation is required. ITPOD intends to incorporate both of these processes to the IT Project Oversight Framework after state entities are provided with the opportunity to ask questions or provide comments - anticipated to be completed by December 2016.
Work on revisions to the (CA-PMM) is underway with implementation anticipated in July 2016. The new version will be re-named to: California Project Management Framework (CA-PMF). Release of the new CA-PMF will include the a policy clarification that departments must follow the CA-PMF or another documented methodology based on PMBOK (Project Management Institute Project Management Body of Knowledge). CA-PMM was written as a set of guidelines - not requirements.
ITPOD will document deficiencies concerning compliance with IT policies and when these are not remediated within a reasonable period of time, ITPOD will use an escalation process to bring greater attention to the resulting risks and issues to increasingly higher levels of leadership. Updates to the ITPOD Project Oversight Escalation process are under review, and implementation is expected March 2016.
Work on CA-PMM is underway with implementation anticipated in July 2016. Updates to the Project Oversight Escalation process are in development and implementation is planned for September 2015.
CalTech is undertaking a project to update and enhance the CA-PMM. This will provide the opportunity to strengthen the direction given to state entities concerning the Department's IT policies. At the same time, ITPOC is enhancing and updating the Project Oversight Escalation process to ensure that ITPOC management is apprised of project compliance deficiencies and so that the recommendation for remediation action are developed.
†Response Type refers to the interval in which the auditee is providing the State Auditor with their status in implementing recommendations made in an audit report. Auditees must submit a response regarding their progress in implementing recommendations from our reports at three intervals from the release of the report: 60 days, six months, and one year or subsequent to one year.
*Agency responses received after June 2013 are posted verbatim.