Citizen Portal
Sign In

State CIO outlines Oregon IT workforce, cybersecurity priorities and project oversight

2252892 · January 31, 2025

Loading...

AI-Generated Content: All content on this page was generated by AI to highlight key points from the meeting. For complete details and context, we recommend watching the full video. so we can fix them.

Summary

State Chief Information Officer Terrence Woods and Enterprise Information Services staff briefed the Joint Committee on Information Management and Technology on workforce numbers, a decentralized agency IT structure, cybersecurity work, data center resiliency and the state's joint stage-gate oversight of large IT projects.

State Chief Information Officer Terrence Woods told the Joint Committee on Information Management and Technology on Jan. 31 that Oregon’s executive-branch IT environment is large, dispersed and undergoing modernization, with cybersecurity and legacy-system replacement among the agency’s top priorities.

"I am Terrence Woods, and I am your state chief information officer," Woods said at the start of his presentation as he outlined EIS’s strategic framework and program areas.

Woods said there are about 2,344 IT classified positions in the executive branch that support roughly 47,680 executive-branch employees, producing an overall ratio of about one IT classified position for every 20 to 24 employees. He and committee staff noted that roughly 30 agencies, boards and commissions have no IT classified positions and instead buy services through contractors, the Department of Administrative Services (DAS) shared services or larger parent agencies.

The CIO described the state’s organizational model as largely decentralized with a mix of enterprise services: "There are some enterprise services that the state CIO’s organization is responsible for," Woods said, and he described the wide-area network and primary computing facility as core centralized responsibilities. Woods and staff said cybersecurity is a centralized function as a result of legislative action that consolidated information-security professionals into the state CIO’s office.

Woods and Enterprise Information Services (EIS) staff summarized recent and planned investments: a data-center infrastructure budget line they described as about $91,000,000; an enterprise email service assessed across the enterprise at roughly $60,000,000; a move of resilient backup capacity from a long-standing arrangement with Montana to a site near Bend to increase backup bandwidth and resiliency; and ongoing work to modernize legacy mainframe systems.

The committee also heard how the state oversees large IT investments through a joint stage-gate model developed with the Legislative Fiscal Office. P3 (project portfolio performance) staff said the joint stage-gate model assigns projects to oversight levels from low (maintenance or small enhancements) to high (multi-year, transformational projects typically exceeding $1 million). The oversight model includes readiness assessments, risk reviews, independent quality-assurance and an agile-adapted pathway. Staff said the agile-adapted stage-gate approach will begin being used Feb. 1.

"We use an oversight level assessment tool and that takes the project's complexity along with the agency's maturity," a P3 senior manager said, describing how the joint model assigns Level 1–3 oversight and when independent QA is required.

Other EIS staff described work on enterprise architecture (TOGAF-based reference models), a chief data officer-led effort to improve data-sharing agreements, and the cybersecurity center of excellence that provides assistance to state and local partners. Agency-level questions raised by committee members included the Oregon Employment Department’s recent unemployment insurance modernization, which committee staff said is in a stabilization phase and which the Employment Department reports on to the committee as part of an ongoing modernization effort.

Dr. Jimmy Goddard, the state chief technology officer, summarized EIS’s CTO Outlook and said the office is prioritizing enterprise architecture and network and security modernization planning. Jolene Swint, the EIS chief administrative officer, described steps to centralize EIS administrative functions, improve project risk management and refine billing and customer experience for shared services.

Committee members pressed on centralization versus decentralization, data sharing and whether the state can avoid repeated or duplicative data collection across agencies. Woods said EIS uses assistant state CIOs aligned by policy area and the chief data officer to seek cross-agency synergies and data-sharing opportunities.

The presentation closed with a reminder that the committee will continue to receive briefings from CIOs across branches — executive, judicial and legislative — and from constitutional offices with independent IT operations, to give members a fuller view of technology across state government.