The Queensland Government has detailed how it intends to respond to two damning audits of its IT systems, today outlining three key objectives and 12 areas of focus in its IT Action Plan to 2017.
An internal IT Audit, an externally-led Commission of Audit and the Queensland Health Payroll System Commission of Inquiry Report has each served to shine a light on the difficult situation the state government faces in getting its IT systems back to acceptable levels.
Ninety percent of Queensland's internal IT will need to be replaced over the next five years, which consecutive reports found to present the state a “systemic business risk”.
The government’s response to both audits, which form part of its new five-year ICT Strategy for 2013-17, reveals a new model of governance as well as an intent to no longer operate as an internal provider of technology services — moving instead to an as-a-service model.
The focus for the state is on moving to a model where ICT-as-a-service is the default option.
The ICT Action plan outlines almost 80 measures in 12 key strategic focus areas:
- Improving customer experience of government services
- Digital economy
- Information management
- Open data
- Information security and privacy of individuals
- Digital archiving
- Contestability and ICT strategic sourcing
- ICT as-a-service
- ICT innovation
- Significant and at-risk ICT asset stabilisation
- A capable and competent workforce
- Portfolio, program and project management
The action plan will be led by the Director-General of DSITIA Andrew Garner, newly-appointed ICT renewal executive director Glenn Walker (formerly the Community Safety CIO), with the buck ultimately stopping with IT Minister Ian Walker.
One of the most significant messages the government had taken away from the three audits and inquiries is the need to raise management standards for IT programs and projects.
"There is a need to focus our risk management approach on resolving the root causes of inadequate program and project governance, poor investment decision making and flawed planning processes,” the action plan states.
“Efficient and accountable governance is therefore at the core of the ICT renewal process and the key to achieving this is to remove system complexity, to simplify business process where possible and to take a one government approach to investment in ICT.”
The government has indicated it will “substantially change” the way it manages significant IT investments to restore public confidence.
A large issue the government faces is making sure agencies follow the rules. Policies and procedures are no good unless you’ve got people following them, Minister Walker told iTnews this morning.
Walker attempted to absolve the current Queensland Government from any blame by arguing that part of the problem was the culture of the government driving the policy. He expects the Queensland Coalition will be able to "sweep a broom" through departments with new approaches and new people.
“You can set the rules but we’ve got to make sure people follow them. There will be reporting procedures back to the Directors-General council to make sure people are doing that, as well as the ICT Dashboard.
"That will mean something like the Health payroll project won’t be able to bounce along for years and years until somebody realises there’s a problem,” Walker told iTnews.
“There will still be hiccups with IT programs, but it allows us to be as transparent as possible, and everybody will know people are watching underperforming programs.”
Finding the funds
The actions outlined in the plan do not all currently have funding approval.
Funding will be subject to “due consideration” by the Queensland Government and will be approved on a case by case basis, state ICT minister Ian Walker told iTnews this morning.
He could not give a figure for how much the implementation of the action plan was expected to cost, as there were “so many options” to consider, he said, giving the example of the relative cost of an interim replacement for an at-risk system over a project to replace it in the longer term.
Ministerial endorsement will be required before funds for any IT programs and projects are allocated. In the event of funding approval, the progress of projects will be monitored publicly through a just-released IT dashboard, first announced by the state in its IT Strategy.
The dashboard displays the cost and status of all “significant” government projects valued at over $1 million. It offers a breakdown of initiatives by business unit and includes information on implementation partners, current status, priority listing and a list of upcoming initiatives.
All of the state's departments will be asked to publish their data on the dashboard by 30 November this year.
Significant and at-risk IT investments will have their status reported by departments up to the IT Minister and through to Cabinet. A “consistent set of criteria” will be developed to evaluate the business value of IT assets as well as the asset's technical condition, ease of use, anticipated life and maintenance.
Departmental Directors-General have been given the task of reporting on assets that have been assessed as significant or at-risk.
Minimum criteria for new projects has been established, with metrics around cost, alignment with government policy, impact on service delivery, organisational and cultural impact, benefits, complexity, security and stakeholder engagement.
Critical programs and projects are likely to have experienced project managers sourced from the market, and will also undergo short independent reviews at key points during their lifecycle. Lower-risk programs will also be subject to review but may be undertaken by either internal or external resources.
Read on for new IT sourcing and procurement, and digital engagement strategies.
The earlier IT Audit found nearly all of the state’s 10,000 IT systems would need to be replaced within five years at a cost of $7.4 billion. Many are critical IT assets that have already reached end-of-life and are long overdue for replacement.
Under the action plan, all government agencies must now review and report to the QGCIO on their system risks. These reviews and mitigation plans are to be completed and put in place by October 2013.
Mitigation strategies for high-risk systems will be developed by the Queensland Government Directors-General Council by December 2013.
Agencies will also be required to establish business continuity and disaster recovery plans for all significant IT systems within the same timeframe.
ICT-as-a-service and the cloud
The Queensland Government spends around $1.6 billion every year on IT. The ICT audit had found that the government was too locked in to vendor roadmaps and upgrade cycles.
The Action Plan endorsed a plan to move to an as-a-service model and ditch the owner-and-manager model of IT.
The Government’s ICT Strategy also discussed the divestment of shared services agency CITEC within two years. The Action Plan offered little more on how this might be achieved, promising only to develop a timeframe for doing so by December 2014.
All of what the action plan deemed to be "commodity IT", including desktops, servers and storage will be accessed from the market as-a-service starting from December 2013, in an attempt to remove the requirement for agencies to manage commodity IT in-house.
From March 2014, the state plans to have developed departmental as-a-service roadmaps which chart the divestment of IT systems and assets. Agencies will need to develop their own plans and timeframes to move from owning such assets to the new as-a-service model.
Fixed data networks, which currently represent a “significant cost”, will also be moved to as-a-service arrangements by March next year, as part of a “one government, one network” approach.
The state government will also:
- Release a tender for the consolidation of email and collaboration systems across agencies by October 2013;
- Launch a cloud strategy and develop policy for an as-a-service approach by November 2013, and;
- Launch an ICT-as-a-service advisory toolkit for agencies by December 2013.
The Government is also looking to fast-track investments valued at less than $1 million that can effectively be argued as being "innovative".
It plans to introduce new provisions into the Queensland Government Portfolio Management Methodology that will require agencies to consider "IT innovation" during sourcing.
The action plan outlines steps to remove “time consuming and costly” approaches to IT sourcing to introduce contestability and speed-to-market for technology innovation.
In practice, this will result in increases to the minimum number of quotes required before an investment can be made, a simplified contractual framework for IT procurements up to $1 million and the removal of red tape and “onerous processes” around service provision. A new sourcing framework was promised by February 2014.
The government will also initiate a review of the existing Government Information Technology Conditions (GITC) framework and associated policy.
Wins for small business suppliers?
Small-to-medium enterprises currently struggle to compete for Queensland Government business against larger competitors, the report noted.
The state intends to make it easier for SMEs to win government business by developing a set of guidelines that will ensure at least one capable SME responding to a tender will automatically be short-listed in the evaluation phase.
Major consortiums will also not be able to change SME sub-contracting arrangements without the government’s approval.
Where appropriate, significant contracts will be split up to allow SMEs to bid for a particular stage of a project.
The government will also simplify Government Information Technology Conditions (GITC) for SMEs and directly engage SMEs in the provision of innovative solutions up to $500,000.
The plan promised an SME ICT policy by July 2014 to cement such initiatives.
Read on for Queensland's digital strategy approach.
No more silos
The Action Plan noted that service delivery has been impeded by the management of an exploding volume of data.
At present, the Queensland Government does not have an adequate system to share this information effectively across agencies, jurisdictions or the public.
As such, the Department of Science, Information Technology, Innovation and the Arts (DSITIA) will develop a blueprint for information management to be considered by the government, which will outline how to manage data, rather than the technology it is stored on, by December 2013.
DSITIA will also review whether there are policies in place that currently create barriers to information exchange.
An information quality framework that deals with how to collect, process and store large volumes of data will be developed by February 2014.
A pilot of an information exchange process will be established before March 2014, as will a pilot whole-of-government data search capability before October 2014.
In addition, a Queensland Government enterprise social network will be launched before March 2014, allowing members of the public service to interact with each other over a private social media network.
A digital approach for government services
The state wants to develop a “one stop shop” for government services for consumers.
It will do so by taking a two-pronged approach — implementing direct digital access to services for the community and giving front-line staff access to digital tools.
To combat the current limited state of information-sharing between the government and community, the government will:
- build a single website and phone number (13QGOV) by June 2014, in collaboration with agencies;
- require each agency to develop a digital channel strategy and roadmap for the move into the one stop shop environment by September 2014 with transactional services to be online by June 2015;
- develop services such as ‘tell us once’ and ‘click to chat’ to reduce duplication and frustration by June 2014; and
- develop single user authentication and whole-of-government people and service directory and enquiry tracking capability by June 2014.