The Queensland audit office will take a long hard look at the performance of the state’s IT project management and shared services model next year as part of its line-up of upcoming audits.
The state auditor recently put forward its three-year agenda [pdf], zeroing in on central technology policy and e-health for a third of its most immediate audits.
The office will also set its sights on future reviews of the state’s cyber security and open data efforts.
The state’s ICT projects dashboard – a central accountability mechanism for monitoring and managing Queenslands $800 million worth of concurrent ICT projects – will be one of the first to receive the scrutiny of the audit office.
It will evaluate whether the ICT project dashboard is a reliable source for tracking progress, and if department are “using effective program and project management approaches".
The public-facing dashboard was introduced in 2013 to track the performance of ICT projects using a traffic light system, after the state’s extensive IT audit in 2012 found transparency to be the "single biggest cause of the poor state of government ICT".
But it has previously come under fire for reporting projects as ‘green’ or on track despite being over budget.
A quick inspection of some of the larger projects on the dashboard reveals this approach is still in use, with the planned expenditure of several on-track projects well over their original planned expenditure.
Also on the list for next year is the effectiveness of the state’s shared services model, which bundles back office finance, HR and payroll functions for much of the public sector.
“Shared service models can generate efficiencies, reduce costs, and minimise duplication,"" the audit office wrote.
“However, the model can also have its limitations due to incompatible systems across different agencies, ineffective change management strategies, and poor communication and leadership.”
Queensland Shared Services has spent much of the last year updating out-of-date SAP finance software from its back office operations. It received $2.2 million in the latest budget to continue the consolidation and upgrade of its finance and HR software.
Queensland Health’s efforts to digitise hospitals will also be looked at next year to see if the agency has achieved value for money and better information sharing.
The state’s 2015 e-health investment strategy earmarked $1.2 billion for ICT infrastructure, clinical systems, and business system over five years.
Further ahead the audit office is planning to scrutinise how effectively departments are protecting information against the risk of cyber attack.
In 2015 the Queensland Department of Education and the state’s TAFE fell victim to an attack thatsaw hackers infiltrate their websites to access sensitive data submitted via online feedback and enquiry forms.
In the aftermath, the Queensland government committed $12.5 million towards establishing a dedicated cyber unit inside the government chief information office to respond to major incidents, as well as improve liaison with agencies to help them better secure their own IT environments.
The audit office also recently revealed that weaknesses in Queensland’s critical water infrastructure made them susceptible to breaches.