Governments must be more transparent about ICT project statuses
- 24 February, 2017 10:52
The Victorian government ICT dashboard
The 2013 Queensland Health Payroll System Commission of Inquiry Report described its payroll system failure as “in the front rank of failures in public administration in this country. It may be the worst.”
Any jurisdiction facing that type of criticism from an inquiry it commissioned must do something.
Queensland did do something – it became more open and transparent in its relationship with the public regarding ICT projects, believing that this was the best way to restore the public’s trust. Queensland is now leading the way in transparency by implementing a new state-wide project dashboard for major projects.
These dashboards provide a ‘warts-and-all view’ of how ICT projects in Queensland and Victoria are progressing against time and budget. These state governments deserve a lot of credit for implementing this type of public transparency, as very few governments have been brave enough to publicly identify projects that may fail to deliver on objectives or have delays and/or cost overruns.
Ironically, it is the very action of taking a risk and trusting the public to maturely interpret project status information that builds public trust in the government’s ability to manage projects. I suspect the Queensland bureaucracy learnt the hard way that the public’s trust is needed for the successful implementation of large scale ICT projects, and it always must be earned it cannot be taken for granted.
To the best of the author’s knowledge no other state in Australia or the Commonwealth appears to be willing to provide a similar level of transparency at this time. When you look at the websites for the responsible agencies in each state and the Commonwealth, you find no status data for ICT projects and limited information about the governance processes surrounding projects.
The 2017 IT Audit Benchmarking Survey report by ISACA and Protiviti identified on page 8 that only about 70 per cent of ICT projects were successful, based on information provided by organisation’s auditors. Interestingly, the Oceania region appeared to have about 5 per cent to 10 per cent worse performance than other regions. This level of failure would suggest that governments should be doing all in their power to deal with wayward projects as early as possible.
The only meaningful way of reducing system failure is for central government agencies to instigate rigorous independent assurance programs around agency projects. This is not a new concept but most governments have, over the last 20 years or so, reduced their project oversight role in preference to placing full responsibility for the project with the agency head.
The problem with this approach is very few agency heads have the requisite skills to identify when a project is failing and to some extent they are captive to their own line management who all have reasons for not delivering bad news to the boss and/or hopefully moving on before the project goes pear shaped.
In 2016, the NSW government increased its independent assurance program over major ICT projects by implementing a NSW ICT Assurance Framework. This has been a direct initiative of the Government Chief Information and Digital Office, which is now headed by Damon Rees.
A NSW spokesperson said the ICT Assurance team will determine which projects undertake assessments using a risk-based approach. This approach uses factors including the project's alignment with NSW government priorities, the level of technical and sourcing complexity and business change involved, and the sponsor agency's capability to deliver the project.
Since the NSW ICT Assurance team was established in late 2016, 27 project reviews have been initiated (a significant increase over previous periods). These reviews are at various project stages spanning initial engagement through to closing out actions.
The spokesperson further said “as the assurance function matures within DFSI, it will work to develop transparent and accessible ways for NSW citizens to track the progress of ICT projects.” Let’s hope this includes project dashboards like the ones used by the Queensland and Victorian governments.
A recent announcement by the Commonwealth’s Digital Transformation Agency (DTA) encouragingly said it has established the Digital Investment Management Office (DIMO) to provide oversight of all significant government ICT and technology investment projects.
A DTA spokesperson said the agency has not got a project status dashboard at present but it is “looking at the suitability of the ICT dashboard for reporting requirements of the newly established DIMO”. However, the DTA does currently have an interesting dashboard, which shows some of the new DTA-built system’s ability to deliver business performance outcomes. I will leave the reader to decide if this is an effective reporting tool, my view is it needs more work but is a step in the right direction – so pat on back but not really a high five moment.
Well, you heard it here first. The DTA said DIMO will provide an ICT projects dashboard and it will be made available and, where appropriate, used to publish results of the DTA’s review of the federal government’s ICT investments.
The combination of increased external assurance and improved transparency using a public dashboard will ultimately have the desired benefit of increasing the public’s trust of a given jurisdiction’s system development capability or at the very least, improve the public’s understanding that this stuff is hard and everyone must be committed to the outcome if it is going to work.
Hopefully when problems do occur (and they will) those jurisdictions with a transparent approach will find the issues earlier and the responsible officers will act quickly to fix problems rather than just hoping they go away (or they can move before the inevitable happens).
Ian is a consultant and experienced CIO. He helps clients better manage and utilise their technology investments. He specialises in program and portfolio management and technology governance with a particular focus on information security. In addition to postgraduate qualifications in information systems and management he is Certified by ISACA in the Governance of Enterprise IT (CGEIT).