Getting shared services right

With whole-of-government whoppers and shared services shockers fresh in our collective memory, the number of government IT projects that kicked big goals for multiple agencies in 2015 suggests Australia’s private sector has matured a great deal in the past few years.

(LtoR)Paris Cowan, Gary Sterrenberg, Pedro Harris

At this year’s Benchmark Awards, the NSW government’s GovDC infrastructure project, the federal Human Services MyGov authentication solution and the NeCTAR cloud project were each celebrated on stage.

To some degree, all three involved the sharing of technology assets between peers in the name of efficiency - something akin to a shared services model.

It was a rare showing of bravado for a time when most technology leaders have understandably kept ambition carefully in check.

History hasn’t been kind to those in public policy that see shared IT services as the most efficient means of producing better technology outcomes in government.

Between 2005 and 2008 alone, attempts to centralise government technology functions were set in place that we’d all sooner forget:

• The West Australian government embarked on a plan in 2005 to migrate 58 departments onto a single Oracle ERP platform, two-thirds of which refused. In July 2011 the government rolled back the idea in a move that cost $370 million.
• The Northern Territory government set about building a whole-of-government asset management system in 2006, which eight years and $70m later was dumped.
• The Queensland government is also attempting to sell off the assets of its shared service provider CITEC. A 2013 audit found that 90 percent of the government’s systems would need replacing or remediation.
• The Victorian government  progressively dismantling CenITex, an internal shared services function which supplied managed desktop, network, helpdesk and hosting service to over a dozen agencies and tens of thousands of staff since 2008. CenITex had been shown to be negligent in its approach to critical processes such as DR, and its staff found to have engaged in corrupt practices. The offloading of CenITex has now been put on hold since Labor's win in the recent state election.

Even in New South Wales, which has scored far higher in iTnews’ assessment of IT strategy maturity, the prevailing trend was to dissolve shared services function - as evidenced by the recent decision to outsource the IT functions of ServiceFirst and to absorb Businesslink into the Department of Family and Community Services.

So what went right with this year’s finalists? There are a number of reasons why they bucked the trend, each pointing to more mature approaches to architecture and procurement. 

Combining agility with regulatory framework

We’re most certainly in a very different IT landscape today than the mid-2000s.

The price of storage has plummeted, the use of x86 compute virtualisation has exploded, and cloud computing offers both unprecedented scale, a lower price and easier-to-consume delivery model.

On the client front, the desktop SOE has all but made way for smartphones and other mobile devices, and a workforce that demands device choice.

Procurement functions across Australian governments have been slow to adapt to these changes.

The leaders of the NeCTAR, MyGov and GovDC projets won out because they managed to strike compromises between the cloud-like agility their users sought and the regulatory framework they had no choice but to work with.

Pedro Harris, executive director of NSW Finance, had to be pragmatic when pitching to reduce the government’s bloated footprint of 130 data centres.

On the one hand, his plan to spend $200 million as anchor tenant of two state-of-the-art data centres might have appeared extravagant at a time when most CIOs were looking to reduce spend on internal systems and move to cloud services.

On the other, there was very little appetite for a wholesale shift of a sovereign government to a cloud provider owned by a foreign entity.

Harris nonetheless recognised that government could achieve something approaching the same scale as cloud providers themselves.

And they wouldn’t necessarily have to build their own facilities. He would instead use the aggregation of the government’s IT buying power to reduce the cost of services offered to agencies from within their own trusted zones using a ‘community cloud’ model.

“We saw a lot of business cases coming from government agencies for building new data centres,” Harris told his peers at the CIO Strategy Summit in the lead up to the Awards.

“Our alternative was to consolidate and bank savings against a future spend. If we all pooled together, we estimated we could save both on building costs and on operating costs and drive a much lower PUE [power usage effectiveness].”

GovDC attempts to resolve a tension that besets every IT shop: between the level of control and assurance gained from building and maintaining your own systems, versus the faster and more immediately cheaper route to value of consuming IT services offered by the broader market.

Harris views IT strategy very much through an economist’s lens. He designed the data centre network around the concept of the suburban shopping mall - where the variety of services available attracts a larger share of buyers, and vice versa.

Critically, he obtained senior ministerial support for the project - which in turn set in place deadlines for which agencies had to move into the two facilities. The first major failing of many shared services projects - giving agencies a choice whether to opt out - was resolved from the outset.

Harris reports that the facilities are now 80 percent full. But his work isn’t yet done. There are “intangible benefits”, he said, to pushing the project farther than the point at which a shared services project would long ago have rolled out the ‘mission accomplished’ banners.

Read on for details of DHS' approach...

Harris has invited “as-a-service” technology providers to co-locate within the same facilities as NSW Government agencies using the lure of an all-but-assured market of buyers.

It promotes competition for government services, but keeps public data within a clearly defined network perimeter. And in time, he expects to strike more deals that allow both agencies from other jurisdictions and even non-government buyers to access the same services.

One of the first private sector service providers to set up in the marketplace offers identity-as-a-service for all NSW Government employees. That in turn is an enabler for easier agency consumption of the next generation of services to serve this closed market.

Harris recognised that in a world where a choice of frictionless services is a mouse click away, identity management is the critical enabler. It provides a level of control for CIOs, and ease of consumption for users.

It’s for this reason that - while they serve radically different goals - Pedro Harris’ GovDC project shares a good deal of common ground with the Department of Human Services’ MyGov.

MyGov is a portal where Australians can use a single digital identity to access both their taxation (ATO), healthcare (Medicare, PCEHR) and welfare (Centrelink, Child Support, NDIS) services.

It has achieved what many Australian Government shared services projects have struggled with in the past - the ability for citizens to access a multitude of services from different agencies in one place.

Government-to-citizen digital channel

The project was, somewhat unfairly, initially labelled a revisit of the ill-fated “Australia Card” vision of the 1980s, which had attempted to achieve much the same outcome.

Gary Sterrenberg, CIO of the Department of Human Services and the newly-crowned Government CIO of the Year, is careful never to make reference to that 1980s experiment, or to ‘shared services’, for that matter.

“Our challenge was to build a government-to-citizen digital channel to streamline and simplify interactions with government,” he told his peers at the event.

“Even the most simple things can be difficult with government - a change of address can require 20 forms and months of effort for you to get those processes through.”

There is a critical difference in scope between what would have been proposed to achieve this outcome a decade ago to today.

Human Services saw that it wasn’t necessary to build a new system or co-locate the many data sets contained by participating agencies to offer a single digital shopfront, nor was the project about collapsing their IT functions into one central provider of services.

MyGov would simply create a single digital identity for every Australian that uses the service, and draw the necessary data from existing systems that remain under the stewardship of the agencies that collect it.

By focusing on a common digital identity, rather than common systems, Sterrenberg could answer concerns about privacy and civil liberties, but also about security.

He recognised that if he had chosen one system to hold all of a citizen’s identifying data, financial records, healthcare records and dealings with government, it would have created an irresistible honeypot for hackers seeking to pursue identity fraud.

Sterrenberg sold in MyGov not only on these practical and political conveniences, but also on anticipated savings.

Human Services had to bid for funding from government bean counters in much the same way a startup might to a venture capitalist, the key criteria being “where we could save the most.”

“The Government will then choose projects based on savings versus the project risk of delivering those savings,” Sterrenberg told his peers at the Benchmark Awards.

MyGov was successful because rather than attempting to book anticipated savings against a consolidation of infrastructure and operational teams, it anticipated “the significant savings and reduction in red tape of moving to a digital world.”

While the Government couldn’t make use of the system mandatory, it managed to do so by proxy by ensuring MyGov was the only channel through which Australians could enjoy the convenience of online tax returns. This would prove crucial when it was later discovered that MyGov hadn’t initially secured the service effectively.

Thankfully for Sterrenberg, concerns over Human Services’ security credentials hasn’t slowed adoption of the system. Today, over 6.2 million citizens have used the channel, accessing over nine million ‘linked’ services and making in excess of 48 million transactions.

The Government is now mulling over proposals to extend the service further, assuming security and sovereignty issues are resolved.

Read on for the key ingredients to shared services success...

NeCTAR, a finalist in the education category of the Benchmark Awards, arguably mimics the much-maligned shared services model the most.

NeCTAR is essentially a network of multi-tenant compute and storage infrastructure spread across eight Australian universities that scientists and researchers can access for free.

The project’s success - reflected in University of Melbourne’s Sendur Kathir enjoying a worthy send-off by being crowned Education CIO of the Year - was encouraging in what was otherwise a dire year for technology R&D.

What differentiated NeCTAR from shared services projects was the use of an open source framework to build scale at dramatically lower costs. There would be no vendors to negotiate complex licensing arrangements with, and no implicit trade-off attached in terms of future support for the software.

NeCTAR can take confidence that OpenStack - backed by many of the world’s largest buyers and sellers of technology - is likely to be supported for some years to come.

Further, NeCTAR didn’t replace any existing systems, but rather provided free access to a service researchers previously weren’t provided. As a result adoption was assured.

“It was remarkable that there wasn’t a lot of infrastructure to help our researchers do this very important work, and what there was had been funded piecemeal,” Kathir told his fellow finalists and CIO peers at the CIO Strategy Summit.

Managing change was as simple as convincing researchers passionate about the plan to join the IT organisation for the duration of the project, which “gave us a much better understanding of what their needs were,” he said.

A winning formula for shared services

The success of these three projects won’t guarantee, of course, that shared services disasters won’t happen again. But a clear distinction has been made between why some projects succeed and others fail.

Shared services projects have failed in the past because they had little to compete with or benchmark against, and therefore no incentive to innovate and fewer drivers for technologists to challenge red tape.

Projects often failed because their backers couldn’t make a good enough use case, and too often that was because they pursued the shared services model right up to the application level - that level at which most agencies wished to differentiate rather than conform.

But with the right incentive structures, change management plans and agency autonomy, this years’ Benchmark Awards proved that governments can achieve shared services goals, even if they don’t dare to use those words.