The Federal Energy Regulatory Commission is asking for a total increase of $8 million for its $29 million IT budget in 2017 and 2018 to expedite its technology modernization effort.
But with or without the extra funding, FERC is on a path toward modernizing its services, starting with its network backbone.
‘We just completed upgrading part of our legacy infrastructure, some servers, and that eliminated some of our security vulnerabilities,” said Christina Handley, FERC’s chief information officer, on Ask the CIO. “We also are looking at our as-is and to-be architecture to really further identify and sequence the rationalization of our applications. I expect we will accrue benefits through consolidation and closure of some applications to reduce costs. But at the same time, we want to make some capital investments in areas that support our enforcement analytics, our legal proceedings and our administrative systems modernization.”
One example of this software rationalization effort is for SharePoint 2013. Currently, FERC runs the software internally, but will see how it can move SharePoint to the cloud.
Handley, who joined FERC in November, replacing Sanjay Sardar, said the agency already uses Office 365 for email so moving some of the internal collaboration sites through SharePoint to the cloud is a good option.
“We are looking at better opportunities to collaborate on our intranet. What that does is just empower our end users and gives them an opportunity boom. That is one application that we’d like to further develop and that might help us streamline some one-off applications,” she said. “Secure File Transfer is a big item for us, as it is for most agencies. So we if want to securely file documents with an inspector general or an external constituent with whom we have a relationship so this is a great example of why not [use the] capability and leverage it to do secure file transfer and set it up in the cloud because we already are paying for it, rather than buy some standoff solution or introduce some new technology. We really are just trying to optimize some of the tools we have currently.”
Along with making better use of Office 365 in the cloud, she also wants to upgrade FERC’s e-Library portal, which is its system of record for all issuances, opinions and other agency documents.
“We expect to deploy the improved e-Library this fall. In addition to moving the document and records storage to the cloud on the backend, which will accrue savings for us, we are going to improve the user interface, like for example the search, and that’s for our constituents,” Handley said. “Instead of the special symbols to search, it will be a different type of drop-box experience so they are not dropping in as much text. It also will return results more quickly.”
E-Library is one of several modernization efforts FERC is focusing on for external customers.
Handley said she is gathering feedback from its users on how best to modernize FERC.gov.
“We are evaluating bids to the solicitation,” she said. “We’re refreshing the forms that are posted on our public site and these are what our constituents use for their filings. We are making enhancements to other mission critical systems, one of which is our internal tracking management and business plan system. We have a lot of small and development enhancements to make it very easy for our users to plan their work and track their work, especially because some of these filings have statutory requirements that they be met within certain deadlines.”
Within all of these modernization efforts, FERC is ensuring cybersecurity is front-and-center.
Handley said FERC is performing an ongoing and continuous “introspection” about its cyber program, looking at its governance, policies, standard operating procedures, tools and workforce to identify strengths and weaknesses, and then address those gaps.
She said the results of the 2015 cyber sprint has been playing out this year where FERC’s management found additional money to invest into cyber protections.
“We have very clear organizational goals for 2017 and 2018, update our policies and procedures, look at better security storage and information governance,” she said. “The introspection is very much an executable plan of how we will improve in each of those areas.”