Appendix 3: Comments by Dr Mark Thompson,
University of Cambridge |
Introduction and overall comments
The government is to be commended on its constructive
and proactive Response to the PASC Report. The Response itself
is illustrative of how far the government has moved from a situation
of rounded criticism of its stovepipe, proprietary approach to
technology and suppliers, of which many examples were cited in
the Report, to a discernible 'open by default' position based
on very different conceptual underpinnings. Positive observations
in relation to the many positive initiatives set out within the
Response are set out in Part 1.
And yet, whilst welcoming these initiatives, it is
possible to make two key criticisms of the document. First, as
might be expected there are several instances where the Government
does not go far enough in explaining the detail around its proposals.
In many instances this would be a relatively trivial issue, but
in the case of the current ICT-related reforms within government,
the detail is serious because of the extremely significant cultural
barriers to be overcome in embedding the transparent behaviours
throughout the public sector on which its 'open by default' ICT
reforms depend. An overview of those areas where further detail
would be helpful to ensure that real progress is made, together
with related suggestions, is set out in Part 2.
The second key criticism lies in the relatively light
engagement throughout the Response with the underlying conceptual
approach that will be required to make the Government IT Strategy,
the Strategic Implementation Plan, and its responses to the Report
a reality. At present the Response is a well thought-out, but
only loosely related, set of relatively top-down initiatives that
does not explain how these initiatives will work together to
embed utility economics of open standards within government.
For example, whilst 'transparency' and 'cost savings' may both
be desirable outcomes in themselves, each will ultimately only
be successful at scale if their relationship is understood.
Whilst the Government may have 'point' success with many
of the initiatives outlined in the Response, it will need to pay
greater attention to its leadership on the 'why', as well as the
'how', if these are truly to stick. This observation is explained
in more detail in Part 3.
For each point PASC should expect the response should
be more specific about a requirement for individual departments
to have specific implementation plans, otherwise the traction
achieved will be patchy and inconsistent, a common theme in government
IT. Early indications show that the Cabinet Office level commitment
appears to gaining traction in embedding a manifestly different
approach to IT delivery, but at a departmental level, there is
limited senior sponsorship for change to happen, or understanding
about how to make it happen. PASC should ask for a commitment
to seeing these initiatives to be measured and reported against
at departmental level with much greater level of transparency
and evidence of supporting sanctions against non-compliant departments.
There is a major gap in the plan to cascade these
intentions down through into the main departments, particularly
DWP, MoD and HMRC who represent the greatest challenge in changing
their oligopolistic behaviour, but have the largest spend on IT
in government. PASC should ask for specific detail for these
departments as they represent the most intransigent groups, with
the largest vested interests.
The government response includes SMEs in the debate
which is a step forward, but the steps proposed are, at best,
cursory. For example the appointment of just one Crown Representative
for all SMEs demonstrates good intent but poor execution. Also
SMEs are strongly encouraged NOT to contact their Crown Representative
and he refuses to publish his contact details, conveniently reinforcing
Government's traditional argument that there are just too many
SMEs to deal with!
Part One: Positive Observations
The response from Government suggests a positive
first step in the right direction, and the intentions at Cabinet
Office level would seem to be genuine held. The response has
a number of sensible first step suggestions to initiate the process,.
Part Two: Constructive suggestions
It is my view that the following areas do not yet
provide sufficient detail to constitute a convincing, robust response:
- Information, Benchmarking,
and Transparency (paragraphs 15 & 20):
The Government's response is principally to reference the SIP
and associated metrics. However, this is not the same as an (external)
NAO involvement as recommended by PASC. Although NAO is mentioned,
there are no commitments, governance mechanisms, or timetable
for this and will be hard to enforce. There is also little explanation
of how the "contract library" will be analysed. Specifically,
will contracts be separated out so as to allow aggregation of
commodities across contracts and associated cost savings? A big
opportunity for meaningful comparison has been missed - the Asset
Register and Contracts Library should have been one and the same.
Currently having separate systems means that the real understanding
and insight that would have been possible with comparative analysis
of asset and service provision across contracts has been lost.
(The Asset Register was conceived and procured in haste without
real insight, with the Cabinet Office initially asking the large
Systems Integrators if they wished to bid for it!). The Government
should ensure that proper benchmarking is conducted throughout
the life of contracts, and in particular in respect of change
controls to major contracts. The benchmarking should be independent,
and not a false comparison between one expensive service and another
(which has been past behaviour).
- Available data (paragraph 25): This
is a very weak and evasive response by Government. Government
is making use of a tried and trusted 'get-out': "commercial
confidentiality". Traditionally, CC has been invoked in
order to withhold the very information that is likely to result
in external questioning of its commercial judgment and competence
- i.e. just the information it is usually most important to publish.
This should not be allowed to stand as-is. There is anecdotal
evidence reinforced by comments at the recent major supplier conference
hosted by the Cabinet Office "New Ways of Working"
that, particularly in the large departments, there will continue
to be significant resistance to transparency through evasion and
obfuscation. Additionally there is also no mention of any plans
to initiate a process to disaggregate or re-compete contracts.
- Suppliers (paragraph 30): Whilst
there are a number of initiatives listed here, none of these addresses
the request to "urgently commission an independent, external
investigation". This has been ignored entirely and
is possibly one of the most important points to come out of the
PASC report. In addition, further details are required on how
the Government proposes to address the oligopoly of large suppliers
especially at departmental level. In respect of SMEs, the scope
of the Mystery Shopper should be extended to cover the lifetime
of contracts rather than just the procurement phase and the relationships
between large prime contractors and their SME sub-contractors.
- Replace legacy systems (paragraph 34): Paragraph
13 here should be challenged beyond a vague commitment to assess
legacy systems near end-of-life against Government ICT Strategy
principles. How would this be measured? Shouldn't there be a
'Major Legacy' list as per Major Contracts, with a more detailed
migration plan for each department for replacement or disaggregation?.
If these are 'assets to be sweated', then surely they are commodities
with sunk costs, and should be paid for as such? Additionally,
the caveat of "budgetary constraints" should not be
a reason to continue with locked-in closed systems which may be
cost effective initially but provide poor value for money over
- Open engagement with SMEs (paragraph 42):
The target of 25% of business with SMEs
by the end of the Parliament seems a long way away. There should
be an interim measure and tracking to ensure that this target
is not missed and more pro-activity from particularly the major
departments to make this a reality. In addition, the Government
needs to address the Committee's concerns around Department's
requiring SMEs to contract through large SIs. This is still the
default position in a number of Departmental Action Plans for
engagement with SMEs and is a poor substitute for direct SME engagement.
- Breaking up large contracts (paragraph 46):
The Committee noted in its report that the £100m cap was
excessive, but this appears to be the main thrust of the Government
response. Even contracts of £5m are beyond the reach of
some SMEs. There are also indications that DWP is ignoring this
cap, with possibly large contracts being awarded without proper
competition on the Universal Credit programme.
- Agile methodologies (paragraph 87): This
commitment is welcome, but Agile has been mooted as being used
on various current projects when it bears only a passing resemblance
(some parts of Universal Credit are using a small number of Agile
techniques). Also the main contractor has (anecdotally) very
limited Agile experience, hence the reason for bringing in SME
experts. The government's reasoning is perverse - attempting
to use Agile but having to bring in experts from SMEs because
their main contractor has limited competence. Surely the obvious
approach would have been to have selected a competent Agile company
in the first place? There also seems to be confusion within Government
about when to use Agile and when to use Lean. Agile is about
rapid iterative and incremental delivery offering innovation and
flexibility; Lean is about standardisation. Whilst Government
needs to focus on using Agile processes for technology development,
it also needs to become a mature user of Lean for business processes
in order to standardise (and commoditise) its IT systems. The
two approaches are different halves of the same coin.
- Security and Privacy (paragraph 99): Paragraph
44 of the Government's Response is insufficient here. 'Gold plating'
security is a major, recognised problem that is primarily cultural,
and there is little comfort here that this is recognised or likely
to be addressed properly. Long term, the only way to drive improved
behaviours here will be the introduction of transparency that
reveals the true comparative cost of 'gold plating' vs utility
alternatives. As such, this paragraph is very unsatisfactory.
- Developing intelligent customer function (paragraphs
108 and 112): The Government has not taken
on board the recommendation that it needs to recruit appropriate
IT professionals now to act as an intelligent customer, and instead
focuses on coordination and processes with the existing staff
who have failed to date achieve this important role. It is difficult
to see how this will achieve the same results.
- Spread of skills (paragraph 115): It
appears far from clear at this moment that the Government will
succeed in commissioning such a course on technology policy, and
this should be monitored closely by PASC. Educating senior public
servants in ICT-enabled public service design is a critical way
to move away from the practices described in the Report.
- Accountability of SROs (paragraph 118): The
Government's Response ignores the core recommendation in paragraph
118 that SROs should be held and remain accountable for decisions
taken on their watch, and instead says that there is an expectation
that delivery leads will be held to account. This significantly
waters down the requirement for SROs to be held properly to account.
This should be challenged.
- Leadership (paragraph 124): It
is difficult to stress sufficiently the importance of building
greater ICT literacy and representation at senior policy and implementation
levels, and the Government response seems to be non-committal
on this point. Leadership in the delivery of public sector IT
has been traditionally poor and it is surprising that there is
such an ambivalent response. Technology-enabled, utility-based
services will increasingly call into question traditional notions
of government service delivery and demonstrate the progressive
redundancy and waste of post-WWII public service designs. It
is difficult to understand how Departmental boards will be able
to take effectively informed strategic decisions on behalf of
the taxpayer in ignorance of these fundamental game-changing developments.
The prospect of Departmental boards without senior ICT representation
is deeply concerning and PASC should push back hard.
Part Three: Need for greater conceptual leadership
Whilst each of the initiatives set out in the Response
is welcomed, the document reads as a relatively disconnected list
rather than an integrated strategy that shows understanding of
how the various parts support the whole. The relationship between
the initiatives discussed in the Response is as follows. Recent
developments in technology allow previously integrated systems
and technology to be separated into modular 'building blocks'.
In turn, this allows some 'building blocks' to be standardised
(using Lean) benchmarked, and aggregated across government as
a commodity, driving down costs. This requires transparency of
information and data, both to benchmark/standardise - as well
as to 'shame' commercial decisions that continue to ignore these
opportunities, which are comparatively much more expensive (hence
the need to push back on 'commercial in confidence' practices).
There is a further, vital part of the picture. By
drawing together demand for standard commodities around open standards
(to which SMEs need access via a direct route), government is
able to use its buying power to create a 'platform' (guaranteed
demand) around which suppliers (including SMEs) will invest and
innovate (using Agile). In time, legacy systems will become comparatively
much more expensive, and government will not specify IT, but will
instead specify outcomes; it will not matter what the technology
(or the supplier) is, since it is standard and works together,
The important insight in all this is that this is
a self-sustaining dynamic that needs to be 'fired up' by government
through defining open standards, supported with transparency of
information and data; to a large degree, the rest will take care
of itself. Thus some of the 'top down', relatively disconnected
initiatives listed in the Response lack punch, since they do not
build understanding of how this works, and therefore the
purpose of the whole exercise. Examples include paragraph 22,
where a top-down requirement will "encourage a trend towards
smaller projects and contracts" (because of a top-down fiat
rather than organic dynamic).
Similarly, paragraph 29 seeks to clarity Government's
plan to act as a "single buyer", to harmonise costs
across departments so that they can pay the same price for similar
goods and services. However, the important insight is missed
here; namely, that standardising commoditises good and
services, as well as creating a platform for innovation
around these, as well as flexibility, new ways of working, etc.
This, ultimately more important point is missed altogether.
The issue is that there is as yet little indication of the Government's
understanding of the need to deliver on these commitments as a
co-ordinated, interactive whole, without which success will be
difficult to achieve.