The future of Western Australia’s Office of the Chief Information Officer will remain uncertain until the findings of an independent public sector review are handed to the government in October, according to the state’s first IT minister David Kelly.
The OGCIO was established by the former government in 2015 to lead efforts to reduce ICT spending – which it put at somewhere between $1 billion and $2 billion each year – by as much as $110 million over four years.
But the office was only funded for three years, and will run out of money at the end of this financial year if not given a lifeline, leading a parliamentary committee to question whether it can carry out work on multi-year reforms that extend beyond June 2018.
The Labor government introduced a dedicated technology portfolio soon after this year's state election.
However, Kelly told iTnews the government was still considering how it could deliver the OGCIO given the “mountain of debt” it had been given by the former government.
“The previous government came to this [IT management] belatedly after criticism of how they’ve handled this area, and then unfortunately they only funded it [the office] for three years,” he said.
“Now we have to figure that out.”
Kelly said he was awaiting the findings of the service priority review – slated to be handed down in October – but was “acutely aware” that a decision on the future of OGCIO will need to be made.
The review will look at the functions, operations and culture of the WA public sector, and has a specific term of reference around encouraging or identifying opportunities to better deliver government services through digital platforms.
The government yesterday released an interim report [pdf], which details initial directions for reform such as testing the one-stop shop model to improve service delivery, introducing better data sharing arrangements, and building public sector capability in ICT and contract negotiation.
Kelly has also decided to delay the review of the state’s first IT strategy, which he notes was “fairly complex” in nature, until after the service priority review is complete.
“I don’t think it’s useful to have those two processes going along at the same time,” he said.
Despite the uncertainty surrounding the OGCIO and the state's difficult fiscal environment, Kelly said cyber security would be one of the first issues the government would look to address.
He said the global WannaCry and NotPetya ransomware attacks had been a “wake up call” for the government.
They followed successive reports from the auditor-general revealing continued inaction by some agencies to meet cyber security controls.
The most recent report showed agencies continue to struggle with the same common information system weakness "year after year", including poor password management and unpatched systems.
The report also indicated that agency executives needed to take IT security more seriously, rather than regarding it as a matter for IT departments.
“While we got out of the WannaCry event relatively unscathed, it was a reminder that there is a whole bunch of things that we really need to do to make sure we deal with those things in a planned way rather than just dealing with them as they come,” Kelly said.
“We held a seminar with all the director generals and heads of agencies to bring cyber security to their attention.
“So, I suppose if you’d like, I’ve sat them all in the room, and they’ve heard from me, the auditor-general and the chief information officer on how important this is.”
Kelly said he had also written to all agencies saying he wanted to see them make sure the state's updated cyber security policy is implemented.
Whether to introduce a dedicated cyber security unit like in Queensland, or a whole-of-govermment chief information security officer like in NSW and South Australia, is being considered as part of the service priority review, he said.
Another area the minister is keen to push is big data and data sharing, following a review by the previous government.
He said while WA has good data linkages in public health, it has not extended further into the public service. Kelly wants to see better data sharing across the government more broadly.
“I think we're keen to see that broaden across the public sector because there’s lots of evidence now that you can get better service delivery outcomes if you look at the data government collects across a whole range of areas,” he said.