Good Governance - Effective use of IT

Written evidence submitted by OpenForum Europe (IT 27)

SUMMARY

A lack of adequate IT knowledge and experience in the business of government means that it cannot:

Create and police a coherent IT strategy

Successfully manage IT projects

The top 12 suppliers share around 60% of the annual government IT spend of £21 billion resulting in:

potentially more expensive and traditional technology solutions being implemented

little or no innovation

The failure to recognize the need to own the intellectual property contained in government IT systems results in an inability to re-use that intellectual property on a cost effective basis

Adoption of Open Data Format standards and Open Source licensing models would significantly reduce costs as:

Software could be re-used at minimal extra cost

Proprietary 'lock in' would be avoided

The barriers to entry for new suppliers would be reduced

1. How well is technology policy coordinated across Government?

As we are limited to 3000 words we have limited our comments to our main themes.

2. How effective are its governance arrangements?

Given the scale of the cost overruns in the Independent article referenced in the briefing note for this submission the answer has to be that the governance arrangements are ineffective. This is despite the many reviews and audits that have been performed over the years (see next point). The underlying reasons for this include:

Lack of the appropriate IT skills in government (most of these appear to have been outsourced) to understand and ensure the importance of conforming to industry standard governance of IT projects.

The disconnect between policy design and implementation and the complexity this too often introduces into the delivery of the supporting technology

The inherently short term view that politics will always force upon large scale IT projects which inevitably take some time to journey from concept to operation and force potentially fruitful projects to be cut because results are not judged on Total Cost of Ownership (TCO)

1. Have past lessons from NAO and OGC reviews about unsuccessful IT programmes been learnt and applied?

Past NAO and OGC reviews of troubled projects have repeatedly cited common failings. From these reports, and through the application of common sense, it would seem obvious that for IT projects to be successful they need:

To have a defined scope and specific objectives

To be owned by the organisation which will be using them with clear sponsorship

To be of a scale and complexity that is within the grasp of the owning organisation to deliver

Constant management and review

However, judging from recent publicity, where these has been a distinct lack of these factors, it seems safe to form a view that the past lessons from NAO and OGC reviews have not yet been learnt and applied.

1. How well is IT used in the design, delivery and improvement of public services?

There is no doubt that over recent years a number of central and local government services have been made more accessible to the individual citizen through the use of IT.

However, there is also a catalogue of high profile failures which have limited the extent to which IT has been able to improve public services. New ways, with greater innovation not more cash, must be sought to deliver the efficiencies promised by IT and to release the vast untapped resource of public data.

The bundling together of "build and run" into single large, multi-year contracts also suppresses competition and hence innovation. Closed procurement processes have prevented SME organisations from offering simple, light weight, modern solutions and have favoured established suppliers with expensive, and often legacy, solutions. "Build and run" style contracts also leave the customer at the mercy of the supplier when it comes to the cost of variations to the contract. The lack of competition and innovation combined with the high cost of many long term contracts have undoubtedly limited the extent to which IT has been able to improve public services

2. What role should IT play in a ‘post-bureaucratic age’?

Government is not good at running projects so should release the entrepreneurial spirit of the SMEs by giving them access to government data (via open Application Program Interfaces (APIs) conforming to open standards) so that they can develop the applications the citizen wants. The key role for IT in a ‘post bureaucratic age’ should therefore be to facilitate this process so that citizens can become intelligent consumers of government data and hence engage with ‘big government’ as outlined by David Cameron in his speech of 22nd February 2010. This will allow people to use the information ...

‘as they wish, to make government more accountable, to make sure we spend money more efficiently and to drive up the quality and responsiveness of public services like schools, the NHS and the police ‘

The amount of information that the Government has available for publication clearly makes the achievement of this a significant challenge, particularly in the way the information is presented. Whilst there are no technical issues to storing and retrieving the amount of data being contemplated, there will be significant work required to ensure that it can be retrieved in an intuitive (i.e. easy to find) manner. It is the development of the Information Systems or software required to achieve this which will be the most significant role that IT will play.

3. What skills does Government have and what are those it must develop in order to acquire IT capability?

The life-cycle of any IT system is :

Definition of the business need

Design of the appropriate system

Build of the system

Implementation

Ongoing operation and maintenance

The skills needed tend to be different for each stage although there is also an underlying set of skills needed by the project owner (i.e. the government) throughout:

An ability to engage with, and understand, the policy being implemented and where necessary to champion policy change to simplify implementation

Strategic understanding of technology available to solve the business problem and a view on how it can best be utilised

Sufficient understanding of the technology specific to the system being implemented to be able to challenge whichever supplier (internal or external) has development responsibility

Budget management

Change management

Stakeholder management

Supplier management

All of these skills are critical and where the project owner (the government in this situation) does not possess these skills then projects will fail. Unfortunately the level of failure in government IT projects would indicate that government does not have a sufficient level of these skills.

However, these skills only help maximise the chances of success of the delivery of a single project. To really make a step change in the value that IT can deliver projects need to build upon each other and to become more than the sum of their parts. These skills needed to achieve this are distinct from project delivery skills and include:

An ability to comprehend the enterprise architecture of government data and how data flows are required to interface internally and externally

An understanding of the relevant Open Standards that should be met by the system being delivered so as to increase interoperability and to ease the consumption of the system outputs by citizens

An ability to componentise solutions so that the commercial restrictions on reuse are limited to the components that were pre-existing vendor IP and all components developed for government, at governments expense, can be licensed under an Open Source model

There is little evidence that these capabilities currently exist in government and little evidence that there is a desire to developed them. Yet without these skills the true promise of IT cannot be realised.

7. How well do current procurement policies and practices work?

Estimates published in September 2010 by 'the network for the post bureaucratic age' (pba) in their report 'Better for Less' show current government spending on IT is circa £21 billion p.a. including £2 billion p.a. on new procurements. The report also identifies 9 suppliers who are the major suppliers of IT solutions to the government.

Procurement policy and practice should ensure:

· Accountable and transparent use of public funds

· Maximum competition

· Encouragement of innovation

· Best value for money

· Minimisation of regulatory compliance liabilities

· Avoidance of discriminatory terms and conditions

· No barrier to entry for SMEs

For a variety of reasons we are a long way from achieving these objectives in the UK:

Culture - each Government Department works independently, believing their requirements are unique, looking for bespoke services and failing to achieve economies of scale by sharing development costs between departments.

Legacy contracts - framework agreements make status quo the easy option.

Commercial Confidentiality – acceptance of this by the government reduces competition as the current size of the single tenders effectively prevents any competitive analysis being performed.

Financial targets - existing suppliers will make cuts and meet spending review target but will reduce their financial exposure by resisting the changes needed to deliver transformation of public services.

Perceived risks and myths – the significant financial benefits of adopting an Open Source approach are not understood.

Inertia – preparation of a single tender as opposed to a number of smaller interoperable projects with the same overall functionality is the easy option for an existing supplier, this discourages the creation of consortia including innovatory smaller suppliers.

Audit – Internal/Government audits challenge costs but seem ill equipped to challenge compliance with open policies or judge the potential of over-specification.

Current procurement polices encourage the creation of a small pool of large suppliers through the use of a highly expensive tendering process. It is not uncommon for suppliers to incur costs running into millions of pounds during a tendering process. Inevitably at least one suppler will lose that bid and will have to swallow the aborted cost of the exercise. Not only does this situation prevents new, smaller (and potentially more innovative) suppliers from entering the competitive process but there are two other very significant impacts:

The government (and, therefore, the taxpayer) will eventually pay for the abortive tender costs through higher prices on contracts that are won.

It is in the suppliers’ interests to build proprietary solutions so that no other supplier can easily replace them from a contract that has been won. This approach creates long term costs for the government.

There are simple solutions:

Insisting on ‘open source’ licenses for software being developed for government to encourage reuse

Insisting that all new IT systems (be they bespoke or a vendor package) used across government adhere to 'open standards'

Disaggregating large, monolithic procurements to encourage competition or where this is not possible requiring that all bids are made by a consortium where each member of the consortium demonstrates best value for a particular aspect of the requirement (consideration will need to be given for who carries the integration risk).

Only agreeing contracts by project phase, not only will this open up competition, hence driving down costs, but it will also allow better project management and control reducing the risk of costly overspends.

Refusing commercial confidentiality and enforcing publication of all tenders received

Requiring, by law, that the preparation costs of any one tender cannot exceed a certain amount.

A (not exhaustive) summary of the benefits that would be achieved:

A wider range of suppliers will compete for tenders, increasing competition (and benefiting SMEs), this, in turn, will drive down costs achieving more innovation at a lower cost

Project success will be less dependent on a single supplier

The increased granularity (clearer breakpoints in projects/contracts) and the use of open standards will increase flexibility during both the implementation and operational phases of the project

The wide spread use of Open Standards will dramatically increase interoperability and along side an increase in the use of Open Source will drive a step change in reuse

Lower barriers to exit and early termination of under performing projects

Enhanced capability to scale up successful projects

These will achieve more project success at lower cost.

8. What infrastructure, data or other assets does government need to own, or to control directly, in order to make effective use of IT?

IT is a shorthand mnemonic which needs to be unbundled in order to answer this question. With a few exceptions, notably Software as a Service which is discussed separately, IT can be split into three independent components:

The Information Systems (IS) (software) that process the relevant data in order to provide the required services.

The Information and Communications Technology (ICT) (hardware and telecommunications equipment) that is required for the operation of the Information Systems.

The data which relates to the service being provided.

The ICT component of the IT system does NOT need to be owned by the government, in fact, the pace of technology change in this area means that the optimum model would be to lease the hardware and telecommunication links on mutually agreeable terms from reputable suppliers. The move towards Cloud computing (specifically Infrastructure as a Service and Platform as a Service) presents both an opportunity (in terms of cost reduction) and a threat (in terms of lock-in to a single supplier) in the area of IT. To address the threat government should insist on Open Standards (for example the use of Open APIs to provision and control virtual machines in a suppliers cloud) across all Cloud platforms procured as this will encourage competition and prevent lock-in to a single supplier.

Currently tenders will often bundle the ICT and IS components together in an attempt to find a single supply source. This is not essential, in fact it is often counter-productive as ICT suppliers are not necessarily experienced and competent IS suppliers, and vice-versa. This approach compounds the non competitiveness of the current situation. Clearly separating these two components in tenders would re-introduce some basic competitiveness and encourage fresh thinking and innovation.

While the data being processed by the IT system will be owned by the government consideration also needs to be given for who "owns" the format. Data should be held, or at the very least be extractable, in a Open Standard / format. If this is the case then lock-in (through the data format) to a single suppliers IT system is avoided. Preventing lock-in ensures that incumbent suppliers can be challenged as that new and better systems can replace legacy systems without having to undergo an expensive and potentially complex data conversion process.

In most (if not all) IT systems it is the IS component, or software, which (over the whole life of the IT system) is the most expensive. While it has long been recognised that if development is funded by taxpayers’ money then the intellectual property created should ideally be owned by the crown (as specified in the majority of the Buying Solutions, and previously OGC, framework contracts) the reality is that this has not been widely enforced and even where the IP has vested with government, reuse has been minimal.

Therefore looking forward wherever possible, and certainly whenever bespoke development is carried out, the ownership of the Intellectual Property should vest with the crown and the software should be licensed under an appropriate Open Source licence. This will encourage the low cost re-use of a taxpayer funded asset for the benefit of all taxpayers. This approach would also prevent any single supplier creating a non competitive proprietary lock in. The current example of Moodle in the education sector is a classic case study of the success of this approach.

9. How will public sector IT adapt to the new ‘age of austerity’?

There are positive signs within local government with Councils now looking at sharing resource IT included and sharing development. This will be made easier and ultimately more successful if the councils develop Open Source solutions (they will be able to share and jointly develop them) that conform to Open Standards (the systems will be interoperable).

In contrast, central government has shown limited signs of changing that established way of working. Here there is a poor track record with the root cause being the way the government tenders for monolithic solutions which attracts only the big players. A move to better architected solutions utilising open standards and modularised design would enable more companies to respond to tenders.

10. How well does Government take advantage of new technological developments and external expertise?

The risk averse nature of the vast majority of government IT procurements does not encourage innovation. This means that government does not generally fare well in taking advantage of new technological developments unless a supplier is willing to market the development and to take the risk on the first implementations.

11. How appropriate is the Government’s existing approach to information security, information assurance and privacy?

As we are limited to 3000 words we have limited our comments to our main themes.

12. How well does the UK compare to other countries with regard to government procurement and application of IT systems?

The pba report mentioned previously makes an interesting observation:

'This reliance on a handful of suppliers is peculiar to the UK. One study (See P Dunleavy and H Magretts, Government IT Performance and the Power of the IT Industry: A Cross-National Analysis, American Political Science Association, 2004.) found that in the Netherlands, the top five IT suppliers have 20% of the government market. In the US this figure is 48%. In the UK it is 80%.'

This lack of competition in the UK government market forces one to conclude that the UK does not compare favourably to other countries.

Several, if not most European governments have had trouble streamlining both their IT costs and their software requirements. It is very often the case that national IT systems are in fact completely split between several layers matching political and administrative entities (such as with federal states and decentralized administrations) while being poorly interconnected. At the level of IT procurement there tends to be a more observable variety in the quality of the requirements stated by the government agencies, although tenders sometimes fall in the perverse trap of systematically choosing the cheapest solutions without considering the hidden costs induced by the miscalculation of deployment fees, exit costs and maintenance burdens.

Free and Open Source Software as well as Open Standards have become the centre of the attention of the IT branch of many countries in Europe and abroad. Yet the way this has translated both in public procurement and the application of IT systems has so far resulted in very different outcomes. There seems to be three different trends when it comes to IT public procurement. The first one, which is often seen in the northern part of Europe, tends to mandate the use of Free and Open Source Software and executes that strategy in a rational way; the span of this strategy may vary, with countries such as Norway embarking into an in-depth reform of their IT systems while Finland seems to have a more limited span, although the execution itself reaches the most local branches of several ministry acting together. The second level is one in which the government mandates Free and Open Source Software on a political level although the actual execution of this requirement is either non-existent or lags behind a series of practical and management issues. The third trend, observed at the level of the central government (the reality being quite different and quite diverse at the regional level) is one where the mandate for Free and Open Source Software tends to be discrete or hesitant, usually as the result of lobbying actions on governments, but where the reality on the field is one where Free & Open Source Software is often massively deployed. This contrasted state of things unfortunately reinforces the poor coordination of the governmental IT systems.

January 2011