123. Large-scale ICT projects are generally considered
to be high-risk and numerous reports have highlighted problems
with schemes similar to the identity cards programme. The Royal
Academy of Engineering and British Computer Society Report, The
Challenges of Complex IT Projects, said "it is alarming
that significant numbers of complex software and IT projects still
fail to deliver key benefits on time and to target cost and specification".
The Public Accounts Committee Report, Achieving Value for Money
in the Delivery of Public Services, said that "IT projects
have over the last ten years been prone to significant problems
which the Committee believe should have been avoided".
The Home Office has been associated with computer projects such
as the police national computer, the UKPS ICT project and the
asylum seeker processing system that have drawn criticism in the
124. In oral evidence however, several witnesses
emphasised that the risk of a major ICT system going wrong could
be mitigated and we note that several schemes such as the DVLA
online car tax system or the HM Revenue and Customs online tax
return system have been successful following some initial problems.
Professor Martyn Thomas said that "UKCRC is increasingly
frustrated by the fact that major IT procurements go wrong for
entirely avoidable reasons".
Dave Birch from Consult Hyperion also said that "We get a
lot of criticism about all of these projects continuously going
] It is not just because we are IT people; it is
because of the way these things are approached".
125. The Home Office's current approach is to allow
industry flexibility in producing a solution. In oral evidence
Katherine Courtney said that the identity cards programme team
is choosing "to focus on the outcomes we are trying to achieve
and not dictate to the industry what the technical architecture
The Minister, Joan Ryan, also explained that the technology that
is developed through procurement will be driven by the outcomes
required by the scheme. She denied that the Home Office would
be hostage to the market, saying that in the first phase when
prototypes or pilots are produced the market will bear the risk.
This approach presumes firstly that industry will be able to deliver
an appropriate solution and secondly that the Home Office and
its consultants have sufficient expertise to judge between the
solutions proposed by industry. We are concerned that the Home
Office may be leaving the design of the scheme up to the market,
because it lacks the scientific expertise to be an intelligent
customer. In oral evidence, Nigel Seed acknowledged "we are
not the experts in the technology; they are".
Furthermore, the Minister, Joan Ryan said to us that "The
private sector suppliers are the experts in developing the technology.
We want to use their expertise and continually stretch them throughout
the procurement process".
This issue has been raised in written evidence by Peter Tomlinson
from Iosis Associates who states that "procurement by the
public sector of ICT systems and services is today largely in
the hands of people without expertise in this technology area,
whereas until the early 1990s public sector purchasers of IT systems
generally had the expertise".
It was echoed in oral evidence by Dave Birch from Consult Hyperion
who said that "you have people who are, frankly, scientists
giving evidence to people who are, frankly, not".
126. Although the Home Office has said that it will
leave the solution to industry, industry representatives have
expressed uncertainty regarding the extent to which the scheme
will be prescriptive. Nick Kalisperas argued that "If you
just say, 'We are going to leave it to the market' that is just
too broad. There has to be the outlines of a specification there".
Dave Birch disagreed, saying that "It is not being left up
to the market; it is in fact very prescriptive. It is already
decided that there will be a smart card. It is already decided
that there will be a register".
Jerry Fishenden from Microsoft responded that "there is something
contradictory happening here" and noted that "the proof
will be when the procurement documents come out and we can see
how outcome-based it is and how prescriptive or not the actual
procurement intends to be".
Either a non-prescriptive or prescriptive approach is valid as
long as the Home Office makes its intentions clear. The apparent
contradiction between the Home Office's assertions and its actions
is causing confusion, which as already explained has been exacerbated
by a lack of clarity regarding the terminology surrounding procurement
(paragraph 46). We are disappointed that confusion regarding the
specification of the scheme has arisen and we are concerned that,
as mentioned earlier, the Home Office has not seemed to want to
engage with industry regarding the architecture of the scheme
before releasing the specifications (paragraph 30). Industry
is hoping that the commencement of procurement and the release
of specifications will clarify the Home Office's position. Once
the specifications have been released, we urge the Home Office
to take steps to ensure that the specifications, requirements
and risks have been clearly understood by all involved.
127. The evidence has highlighted that in complex
ICT schemes, it is best practice to develop a system architecture
for the scheme as soon as possible. Professor Martyn Thomas from
the UKCRC explained in oral evidence that:
"in the same way as an architect sits between
the client who wants a new major building, and works out with
the client what the requirements will be, how the business will
be affected by the new system that is being procured, in exactly
the same way, you could have a system architect come in for major
IT systems, to work in a very technical way with the potential
suppliers but in a very business-oriented way with the client
and do the translation, so that the architect would capture the
business requirements and turn them into a very rigorous specification
because they would be put out for competitive procurement."
128. The written evidence submitted by the UKCRC
said that "Systems Architects would be people with advanced
skills in adopting rigorous approaches to software development
and project evaluation".
Professor Thomas expanded upon this point in oral evidence, explaining
that "system architects would typically come from the innovative
smaller companies that are using the more advanced technology
by doing things like requirements' analysis".
The points raised by Professor Thomas have previously been outlined
by the British Computer Society and the Royal Academy of Engineering
report on The Challenges of Complex IT Projects.
This report emphasised that a systems architect should provide
an overview of the technical structure of a scheme without detailing
its implementation. It stressed that an effective IT architecture
should be flexible, scalable and evolvable. Thus, the notion of
setting an architecture for a scheme does not exclude a competitive
and innovative procurement process. Furthermore, this approach
overcomes the problems that can be faced by a department that
lacks the right level of skills. Intellect has said that "system
requirements that are inadequately explained and thought through
in the procurement specification or changed during the process
create an unacceptable burden, especially for smaller suppliers".
129. We have not received clear evidence that the
Home Office has considered this approach in ICT, although we note
that a similar approach is being used in relation to business
aspects of the scheme.
The Home Office has said that it is using a "modular IT architecture
design approach" but has provided little more information.
In response to written questions, the Home Office has said that
it is working with Qinetiq to explore "model technical architectures
which are tolerant of high data volumes and variations in data
However, it also notes that neither the scope of this project
nor its timescale are finalised. The
Home Office is reliant on external expertise in the area of ICT
and is unable to act as an intelligent customer of scientific
advice. We recommend that the Home Office uses a senior and experienced
systems architect to advise on the specifications and to provide
support during the procurement process.
130. The Government claims that the National Identity
Register will be highly secure. In oral evidence to us, Katherine
Courtney said that "I was intent on having the best security
advice possible, and so we brought in not only the government
security advisers but also other independent security advisers
to work with us on this".
She emphasised that the scheme was already part of the critical
national infrastructure and as such, it was being accredited by
the Government's security advisers.
131. Security is a key aspect of the identity cards
scheme. Having your credit card stolen is different from having
your identity stolen; one can be rescinded and replaced, the other
cannot. Professor Martyn Thomas explained to us that:
"If you start then tying authentication into
biometrics which cannot be changed if they are compromised, then
if you start getting those stolen electronically and using them
for remote authentication, customer-not-present type authentication,
you will create a security nightmare where somebody's biometrics
are no longer available to them to authenticate themselves for
the rest of their lives."
This difference raises the stakes, it changes the
security landscape and impacts upon the risk mitigation processes.
132. As already discussed, the Home Office has emphasised
that the system may not necessarily be one database (see paragraph
22). Katherine Courtney explained that it "is an assumption
that there is one database. We have not predetermined the architecture
of this system".
Nigel Seed clarified the point by saying that "If industry
comes back and says one single monolithic database is the best
way and it meets all the requirements then there may be one database.
Equally, they could come back and say the security is increased
by having partial data here and partial data elsewhere".
The solution proposed by industry will have to meet the requirements
of the security accreditors.
133. There have been numerous assertions that a single
database would increase vulnerability and risk. The UK Computing
Research Committee (UKCRC) said in evidence to the Home Affairs
Committee, "if you create either a single card that has multi
functions or a single database then you are adding to the nation's
critical infrastructure unnecessarily and by doing that you are
making a very large range of services, probably a growing range
of services, vulnerable to a single attack".
Jerry Fishenden, National Technology Officer at Microsoft has
also been reported as saying that "putting a comprehensive
set of personal data in one place produces a honeypot effecta
highly attractive and richly rewarding target for criminals".
134. Furthermore, we have received evidence that
in order to decrease risk and increase security the solution should
be based on systems already in use. Intellect has stated in written
evidence that "It is industry's belief that the Government's
proposed ID Cards Scheme should be built on technology and business
processes that have been proven in existing implementations around
135. We recommend
that the Home Office give the security properties of the solution
a very high priority, not only from the point of view of being
trustworthy but also to ensure that the security features do not
adversely impact upon the operation of the scheme. Furthermore,
we suggest that if possible, the solution should be based on security
architectures, technology and processes that are already in use.
233 Ev 76 Back
Ev 90 Back
Ev 86 Back
Ev 91 Back
Ev 82, 110 Back
Ev 118 Back
Ev 123 Back
Ev 123 Back
Q 1175 Back
Q 1161 Back
Ev 129 Back
Ev 127 Back
OGC Gateway Review 0: Strategic assessment, www.ogc.gov.uk Back
House of Commons Public Accounts Committee, Twenty-Seventh Report
of 2004-05, The impact of the Office of Government Commerce's
Initiative on the delivery of major IT-enabled projects, HC
555, p 1 Back
Ev 115 Back
"E-mails from Whitehall officials in charge of ID cards",
The Sunday Times, 9 July 2006 Back
Ev 94 Back
Q 1174 Back
Q 1159 Back
HC Deb, 11 July 2006, col 1324 Back
Ev 51 Back
Ev 60 Back
Q 553 Back
Royal Academy of Engineering & British Computer Society, The
Challenges of Complex IT Projects, April 2004, p 4 Back
Public Accounts Select Committee, Seventeenth Report of Session
2005-06, Achieving Value for Money in the Delivery of Public
Services, HC 742, p 11 Back
Q 488 (Thomas) Back
Q 488 (Birch) Back
Q 270 Back
Q 1151 Back
Q 276 Back
Q 1150 Back
Ev 98 Back
Q 486 Back
Q 489 (Kalisperas) Back
Q 489 (Birch) Back
Q 489 (Fishenden) Back
Q 487 Back
Ev 75 Back
Q 487 Back
Royal Academy of Engineering and British Computer Society, The
Challenges of Complex IT Projects, April 2004, p 22 Back
Ev 104 Back
Cabinet Office, Person Specification IPS Chief Business Architect,
May 2006 Back
Ev 118 Back
Ev 114 Back
Q 305 Back
As above Back
Q 489 (Thomas) Back
Q 345 Back
Q 349 Back
Q 351 (Bloomfield) Back
Home Affairs Select Committee, Identity Cards, p 22 Back
Gerri Peev, "ID Cards will lead to 'massive fraud'",
The Scotsman, 18 October 2005 Back
Ev 91 Back