You are here: Parliament home page > Parliamentary business > Publications and Records > Committee Publications > All Select Committee Publications > Commons Select Committees > Public Administration > Public Administration

Memorandum submitted by Tony Collins, Executive Editor, Computer Weekly (ID 03)

 

Summary:

 

There are undeniable benefits for some government departments, agencies and the wider public sector of ID cards, if the scheme is implemented successfully.

 

For example the time taken for the Criminal Records Bureau to clear an individual to work with children may be reduced from weeks to days. It may also be possible to clear applicants for sensitive jobs in government more quickly.

 

But it is easy to claim an abundance of benefits for new IT-related schemes; and ministers, government departments and agencies readily publish information on how complex IT-related schemes will transform public services, but they are not so inclined to publish the audited results of implementations.

 

We are therefore unwilling at this stage to join those who speak with enthusiasm about the advantages to the administration of government of ID cards. We may be more confident if the government undertook to publish, in unexpurgated form, the business cases for projects, "gateway reviews" by the Treasury's Office of Government Commerce, and audit reports on the progress or otherwise of schemes to exploit the opportunities created by ID cards.

 

We doubt this will happen.

 

We would not wish to travel on an aircraft knowing that responsibility for its maintenance lay with committees within the airline that had no fear of repercussions should the plane crash. We would be even more concerned if there were no regulatory scheme, enshrined in statute, to ensure compliance with international standards.

 

In the private sector one of the incentives to exercise extreme caution is the loss of custom should an IT-related failure affect the company's service to the public. In the most serious cases chief executives can lose their jobs.

 

In the public sector there is no competition for business and it is rare for the individuals, ministers or civil servants, who were in place when the scheme began to be still in the same jobs when a scheme fails.

 

With IT-enabled projects and programmes, there is no regulatory scheme, enshrined in statute, to ensure adherence to good practice. There is arguably no overwhelming reason to fear failure; and there is a paucity of independent information on the progress or otherwise of major IT-related projects.

 

On major IT schemes there has also been a cultural resistance to accepting objective criticism and a

"can-do" approach which has admitted no possibility of failure. This has led in our view to an acceptance within government of high levels of risk, perhaps beyond that which is sensible in some cases.

 

Without fully understanding the risks or knowing the progress or otherwise of projects to take advantage of ID cards we cannot give our unqualified support for large new investments by government departments and agencies to exploit the advent of the cards.

 

**

 

 

Regular reports to Parliament on high-risk IT-enabled projects would at least enable stakeholders, taxpayers and the media to understand how schemes were progressing or not, to question assumptions and provide a scrutiny that would make it less likely that potential showstoppers were dismissed internally as teething problems.

 

Critical factors to success are a reliance on the public service ethos and strong project management principles. But these are not always enough, in our view.

 

An excellent book on technology-related project failures, "Inviting Disaster, lessons from the edge of technology," reveals what went wrong in dozens of major cases. One of its findings is that failures are caused by the organisational "habit of hiding embarrassing news" - a culture of "concealing all problems that might bring on trouble for the organisation."

 

Computer Weekly sees this happening with worrying regularity on major government IT projects; the playing down of potentially show-stopping risks is de rigeur on schemes that are deemed a political necessity.

So far the ID card scheme has been characterised, in our view, by a lack of openness, honesty and transparency. Information about progress so far has been published selectively or not at all; and unfortunately it is not unusual for potentially serious problems to be played down in PQs, statements made to select committees, and in answers to questions from the media.

 

Computer Weekly was being told by the Passport Service and its supplier of the success of a new system to improve the security of passports when in fact the scheme was going seriously awry. The tax credits scheme, and systems to support the Criminal Records Bureau went ahead amid an underestimation of the risks of failure.

 

Some important parts of a £6.2bn project to modernise NHS IT are failing to meet expectations. We have evidence that certain risks were played down when the scheme was conceived in early 2002.

 

Recently the Home Office became the latest department to decline Computer Weekly's application under the Freedom of Information for the publication of "gateway reviews". It decided not to publish even edited versions of its three gateway reviews on the ID cards project. It also declined our request to publish risk registers for the project, or even edited versions of the registers.

 

It put forward arguments in general against the publication in general of gateway reviews and risk registers. Computer Weekly has seen the results of some gateway reviews and received documents on risk registers from other public authorities under the Freedom of Information Act, so we find it difficult to accept all of the Home Office's arguments.

 

The criticality of openness to the success of large IT-related projects was highlighted in an independent report into the financial management of a scheme to develop air traffic control systems at a purpose-built centre at Swanwick in Hampshire. When the IT system was running more than three years behind schedule the Transport Committee requested an independent report which was commissioned by the government in an open tender. The winning bidder, Arthur D Little, found, among other things, that the mishandling and suppression of bad news internally had contributed to the project's problems delays and cost over-runs.

 

Since then - 1999 - NATS has improved its reporting procedures, but in our experience little has changed within the government in general. In 1983 the House of Commons' Public Accounts Committee warned that departments need to pay closer attention to learning lessons from IT-related disasters.

 

Twenty-one years later, in 2004, a report issued by the National Audit Office said the same thing.

The report, Improving IT Procurement, published on 5 November 2004 said: "The history of such

procurements has not been good, with repeated incidences of overspends, delays, performance shortfalls and abandonment at major cost."

 

In the US, after a succession of large IT-related failures, the Clinton administration introduced legislation specific to the federal government that requires Congress to be kept informed about large IT-related projects that deviate significantly from their original plans. The UK Parliament is not kept so well informed of projects that deviate from the initial objectives and milestones.

 

The National Audit Office investigates only a few mission-critical IT-related projects and programmes each year; and its value-for-money investigations, although thorough, are usually carried out on a

one-off basis.

 

So there is no defined means of Parliament's knowing whether the vast majority of mission-critical projects are progressing well or not.

 

Transparency, honesty and accountability are not panaceas: they will not bring success, but in our view they make it more likely. In part they would lead to a more realistic approach to serious risks. Projects that should not go ahead may be stopped earlier, before they become overt failures.

 

Without more transparency, honesty and accountability - and the full support of a system's

end-users - we think it unlikely that governments will significantly improve their chances of success on complex and large IT projects.

 

The paucity of objective information on IT-related projects was highlighted by the Work and Pensions Committee in a report on the Child Support Agency in January.

 

The committee concluded: "It is not possible for the Committee to make judgements on why the IT contract with the contractor EDS went so badly wrong. We have not had access to any of the policy or strategic planning leading to the agreement being signed."

 

Much of the evidence it did receive was, it said, "conflicting."

 

If the ID cards scheme is successful, and if government and departments decide to take advantage of the scheme, Computer Weekly recommends that there is regular, open and honest reporting to Parliament on the progress or otherwise of projects.

 

We are not project managers, nor experts on the implementation of IT schemes. We study projects and report on the common factors that contributed to their success or failure.

 

The most successful projects tend to be smaller-scale ones with clearly defined benefits and the strong support of its end-users (such as the implementation of a case management system by the Crown Prosecution Service).

 

The ID cards scheme is a large and complex project, and support for it among end-users in government is not yet known. Imposing new technology on end-users rarely succeeds.

 

A further consideration for government is whether departments and agencies have the capacity to manage major change. Several would like to simplify systems around a citizen ID card identifying number and we agree that it is a good idea in principle: chief information officers in government have found that complexity is the enemy of reform, modernisation, simplification of processes, saving money, fighting fraud and improving the quality of service to people who have to be in contact regularly with government departments, agencies, local authorities and the wider public sector such as the NHS and the police. Complexity also makes things harder for staff.

 

ID cards offer a theoretically desirable, secure and reliable means to identify citizens, and are a possible aid to simplification of government IT systems.

 

They could allow government systems to be built around a single identifier instead of the various numbers used the moment: passport numbers, driving licence numbers, national insurance numbers and NHS numbers.

 

Managers in departments and agencies want to be able to gain a single view of the people they deal with, and would like to be able to search for citizen details under a single identifier, and see all the relevant information in one place.

 

A secure and reliable means of identifying claimants would also reduce fraud.

 

But government computer systems are, in general, too complex to allow any radical simplification or modification without significant costs and risks to the service they give the public.

 

Inland Revenue, for example, has more than 100 major computer systems, some dating back decades. The Department for Work and Pensions has 35 major systems many lacking compatibility, some of which date back decades. Built into the systems are volumes of rules that fill shelves. Further statutory amendments, rule changes and legislation add to the complexity. One result is that staff in major departments struggle, even with the plethora of systems they have, to gain an overview of their customers.

 

Replacing these systems requires decisions about the risks to the smooth-running of the services, and at a time when some large departments, HM Revenue and Customs, for example, are already close to their capacity in managing major change.

 

An excellent NAO report, "Dealing with the Complexity of the Benefits System", which was published on 18 November 2005, provides good arguments for a simplification of systems, but it warns that the cost of making changes can outweigh the potential benefits.

 

Computer Weekly is not in a position to give advice on whether government IT systems should be adapted and/or simplified to make use of ID cards, assuming the ID cards scheme itself is successful.

 

We would, however, recommend that the committee request an independent report, commissioned after competitive tender, on the implications for government departments and the wider public sector of ID cards. Otherwise there is a danger of decisions being made on the basis of speculation, or selected information issued by, for example, the Home Office.

 

We would also urge the government and the committee to publish all information on the progress made with the ID card scheme and any work done by public sector bodies to make use of them. We accept the need for some commercial confidentiality but the Work and Pensions Committee last year, after a thorough investigation of IT projects undertaken by government, found that some departments and agencies were using the cloak of commercial confidentiality to hide problems.

There is even some evidence of secrecy for secrecy's sake. In May, at the Government IT summit, attended by the Deputy Information Commissioner Francis Aldhouse and other notables, a civil servant went unchallenged when he told the invited audience that he and his colleagues derived pleasure from withholding information from MPs.

The disclosure came during a panel discussion on ID cards and identity management. The civil servant made it clear that MPs and others will not find it easy to discover how government IT projects are progressing or otherwise.

 

"You may think that posing the question is the easy part. It is not," he said. "Before the Freedom of Information Act most information was got out of government departments through parliamentary questions. As a civil servant of many years our greatest joy in a day was getting a PQ [Parliamentary Question] and answering exactly as it was asked which is a way of answering the question without giving any information."

 

This brought a ripple of knowing murmurs in the audience. He continued: "Collectively we have centuries of experience of doing this ... I actually do know this has gone on in my organisation: when we are looking at Freedom of Information inquiries we are looking at the way the inquirer is asking a question and we are seeking a way to answer that question exactly as asked and thereby withhold information."

 

Computer Weekly would like to believe that the ID cards scheme will be a success and that it will benefit departments and agencies and ultimately the public. But taking into account the history of large and complex schemes, and the poor quality of information provided to Parliament on the progress or otherwise of schemes, we are not yet in a position to enthuse on its advantages and opportunities.

 

November 2005