States have a long way to go in modernizing their applications, according to data the National Association of State Chief Information Officers shared at its midyear conference Tuesday.
NASCIO offered a preview of survey data to be published this summer, showing so far that 40% of states don’t keep detailed inventories of the software they’re using. In many states, those software catalogs exceed 1,000 applications, used for everything from processing tax payments to specialized functions used by a single office.
And while 50% of surveyed states reported that they need to modernize their application portfolios, 55% reported they either don’t have a strategy or are still considering one. When asked whether he was surprised by the great number of states that reported not having a strategy for application modernization, Pennsylvania CIO John MacMillan said: “No, and the rest are lying.”
‘You need a way’
Jon Fyffe, a business development manager with VMware, which is helping NASCIO publish the survey, said states’ application portfolios “represent the single largest opportunity for modernization that exists in all of government.”
“If you don’t have really detailed information about that application, where it resides, what it connects to, if it can be supported, how much risk it has, has it been inventoried, you don’t know whether to retire it, whether to rehost it or renew it,” Fyffe told StateScoop.
MacMillan, who addressed the conference with a stream-of-consciousness presentation, said there’s “there’s a fundamental problem with how business services are automated in the United States.”
“You need a way of sorting through how to guide the investment,” MacMillan said. “It will cost gazillions of dollars to modernize all the applications.” MacMillan also said people usually frame the problem wrongly: “It’s actually data modernization, not application modernization.”
He also urged the audience to consider how they’ll go about developing a cohesive statewide strategy. (Fyffe told StateScoop that while Pennsylvania isn’t “as mature as some states” in its application modernization efforts, it’s done especially well at “risk profiling” and “getting agencies to work together.”)
“How do you undo that with one enterprisewide strategy?” MacMillan said in reference to the challenge of meddling administrators who frequently find unmet requirements in state IT projects. “How do you get 47 agency boards and commissions to move in the same direction? Anybody have free will in their state?”
In surveying its members, NASCIO found that states’ top challenge in managing application portfolios is finding professionals who know how to work with the older codebases their applications rely on. MacMillan said Pennsylvania last year modernized a banking and securities oversight platform that only one state employee knew how to update.
“It was written in risky application code from a company that no longer exists,” MacMillan said. “That was super risky. It was a people risk because we had one person who knew how to write the code, upgrade the code, change the code.”
MacMillan called that particular scenario a “two-dollar problem,” because if that worker’s spouse buys a two-dollar lottery ticket and wins (state employees themselves are prohibited from playing the lottery in Pennsylvania), he or she won’t be coming into work on Monday. (Herb Thompson, a VMware executive and former Wisconsin deputy CIO, interjected that in his state, a lottery ticket only costs $1, potentially doubling such a risk.)
Much of MacMillan’s presentation consisted of questions posed to the audience. When asked for answers to his questions after the presentation, he told StateScoop, “there isn’t one right answer,” but gave some general advice anyway: “Understand your strengths, understand your inventory, embrace decision-making, understand that there’s going to be compromise and not everybody’s going to be happy about it.”
But when one audience member asked whether constituents ought not to be consulted more frequently when states are designing applications, MacMillan dispelled yet another misconception.
“The vast majority of applications aren’t meant for citizens,” he said. “They’re meant for programs. And I think you’re suggesting that we fundamentally rethink how business processes are automated across all levels of government in the United States. And it starts with a common identity, and everybody should have a chip in their neck.”