Performance Measures in the Cyberspace Domain

The views expressed are those of the author and do not necessarily reflect the views of ASPA as an organization.

By John O’Brien
April 4, 2017

Efficiency, effectiveness, accountability — Words that are not unfamiliar to public administrators, especially those involved with performance management, yet now seem to be getting renewed emphasis these days. On March 13, 2017 President Donald Trump signed a Presidential Executive Order calling for the heads of Federal agencies to submit a “proposed plan to reorganize the agency if appropriate, in order to improve the efficiency, effectiveness and accountability of that agency.” This way of thinking is, of course, not new; Federal agencies are required to demonstrate results through outcome-based performance measures since passage of the Government Performance and Results Act of 1993 (GPRA) and the GPRA Modernization Act of 2010.

Nowhere is the idea of results-based performance more critical than in cyberspace. The notion of cyberspace is a topic of research not commonly found in public administration literature; one example of research into PA and cyberspace is Lori Brainard’s body of work. In a 2002 Administration and Society article, she examined cyberspace challenges to nonprofit health organizations.  Despite the growth of cyberspace within the public sector, the concept of cyberspace performance management is still undefined. Many articles that address cyberspace tend to focus on e-government

What is Cyberspace?

Cyberspace could be defined as a domain focused on information and characterized by electronic media to store, modify and exchange information. Cyberspace is a term that has numerous definitions within the literature, but cyberspace is more than traditional back-office information technology (IT) service, often including cybersecurity, cybercrime and cyber-warfare. Numerous Federal sector organizations have developed with a cyberspace-oriented mission, including the Office of the Coordinator for Cyber Issues, US Department of State and the United States Coast Guard Cyber Command. The Department of Homeland Security has several cyberspace organizations including the Office of Cyber, Infrastructure & Resilience Policy, the Office of Cybersecurity and Communications and the Cyber Security Division. Military cyberspace organizations include U.S. Cyber Command, U. S. Fleet Cyber Command and the Office of the Army Chief Information Officer/G-6.

What is Cyberspace Performance Management?

Many cyberspace organizations share a common practice of having performance measures based on traditional information technology (IT) services, such as performance metrics commonly found under the domain of federal Chief Information Officers. These performance measures include metrics on network availability, available space in storage devices and total number of trouble tickets resolved. Performance measures heavily weighed to the operational level of IT do not really address strategic-level organizational issues of cyberspace.

The language of GPRA specifies public-sector organizations must link mission/vision statements, strategic goals, strategic objectives, performance measure and strategic initiatives in a logical flow that clearly demonstrates public value. Government agency-level managers and executives must be able to demonstrate results, “to tell a story, to connect with an audience in a way that helps frame the data and allows viewers to create meaning” per Genie Stowers in a 2013 IBM Center for The Business of Government publication titled “The Use of Data visualization in Government.” The following graphic illustrates this linkage, this ability to “tell the story,”:

 

What is Needed

A cyberspace performance management approach will help change culture and shift responsibility for cyber to the entire organization and not just the CIO or IT department. Such an approach to performance management must take a broad, strategic-level focus on the entire organization while existing performance programs should be adjusted to include more cyber measures. Metrics should be collected on a reoccurring basis to allow for comparison and trend analysis and collection should be routine and follow normal operational procedures. Government agency-level leaders or executive of cyber organizations must recognize their organization’s strategic objectives (and corresponding performance measures) should focus on customers, key business processes and internal organizational.

I have often felt the key to improving the use of performance information lies in improving the usefulness of performance information. Nowhere is this more evident than in the cyberspace domain. Many cyberspace agency-level managers and executives lack a simple and effective tool that provides them an organizational-level perspective of cyberspace performance across a range of data and helps them determine which areas might need further attention. The cyber world must embrace cyberspace performance measures that link organizational strategic goals and objectives with strategic initiatives to assist government agency-level leaders or executives with organizational decision making. Current and future cyber leaders must recognize how they fit into the organization’s overall vision for the future.

---

Author: John O’Brien is an Associate Professor in the Information Strategies Department of the College of Information and Cyberspace (CIS). His areas of interest are strategic planning, performance management and public sector ethics. John is a Ph. D candidate in Public Administration through the Center for Public Administration and Policy of Virginia Tech. E-mail: [email protected]  

 

(No Ratings Yet)
Loading...