Treasury officials are ordering the immediate
destruction of
"Gateway" internal reports into risky government IT schemes to
prevent information on the projects being leaked.
Their action, a response to the
Freedom of Information Act,
comes even though the Treasury's Office of Government Commerce
(OGC)
has lost two appeals to keep Gateway reports secret. Managed by
the OGC, Gateway reviews are independent assessments of
high and medium-risk IT-based and other projects at various
stages in their lifecycle: projects such as the £5.3bn ID cards
scheme and the
NHS’s £12.4bn National Programme for IT.
Liberal Democrat Shadow Chancellor Vincent Cable described the
policy as “shockingly arrogant behaviour by those who should know
they are accountable for public money”. He said that those
involved in projects, as well as parliament and taxpayers, had
a right to see the Gateway review reports.
The OGC paper on the Gateway review, seen by Computer Weekly,
tells its teams, “You must securely dispose of the [final Gateway]
report and all supporting documents immediately after delivery of
the final report - which should be no later than seven days after
the review."
The OGC wants to cut the risk of leaks - only two people will
have copies, the OGC and a department’s “senior responsible
owner”.
Nobody else has any automatic right to see the reviews. So a
department or agency’s internal audit committee, MPs, the
department’s IT team, computer suppliers and potential end-users
may be denied access to the final report.
The OGC is also assuring departments that confidentiality over
Gateway reviews is “assured” – even though the High Court could
rule that the reviews are published.
And the presentation paper tells review teams that if asked
verbally for information on the Gateway reviews to include in their
reply the fact that they say they are not “actively published or
disclosed”.
Under the Freedom of Information Act, each request for
disclosure of Gateway reviews should be considered individually.
But the OGC has refused every application for disclosure of the
results of Gateway reviews.
Two Parliamentary committees have asked the government to look
favourably on publishing Gateway reviews after taking in evidence
from Computer Weekly. This magazine’s evidence was also cited in
the ruling of the Information Tribunal that early reviews on ID
cards be published.
An OGC spokesman refused to say why it has ordered the secure
disposal of Gateway reviews. The OGC confirmed that only two copies
are kept.
Civil servants who undertake Gateway reviews told Computer
Weekly they thought it
unnecessary to destroy the final reports. They said the
documents usually contained important recommendations which may not
be carried out properly if people in the department or agency do
not know what they are.
One Gateway reviewer said the order to destroy the final reports
was “odd and a little sinister”.
A legacy of secrecy
More than 2,000 Gateway reviews have been carried out – but the
OGC has published none of them.
The order for the destruction of final reports will fuel
suspicion that they identify fundamental flaws in some major
government IT-based projects.
The paper also tells civil servants they must securely dispose
immediately after delivery of the final Gateway report “all
supporting documents”.
The Information Commissioner ruled last year that early Gateway
reviews on ID cards should be published, arguing that it should be
public knowledge whether the programme was feasible and being well
managed. The OGC appealed – and lost. It is now to fund a third
appeal hearing,
this time to the High Court.
For more
on this story, see Tony Collins' IT projects
blog>>
Government told to publish Gateway reviews on ID
cards >>
ID cards: 'openness would damage project reviews' >>
The Office of Government
Commerce >>
The Information
Tribunal >>
Comment on this article:
computer.weekly@rbi.co.uk