Radical reform required to introduce project management
accountability.
Radical recommendations aimed at improving the success rate of
central government IT projects were made by Computer Weekly last
week in written submissions to a Parliamentary committee, which is
investigating IT best practice.
This publication has advised the government to enforce compliance
with best practice by introducing legislation, and to strengthen
accountability by publishing Gateway reviews of major government
projects.
Computer Weekly has also drawn Parliament's attention to the
occasional abuse by government departments of the phrase
"commercially confidential". Although many documents need to be
confidential, Computer Weekly has provided evidence of documents
being unnecessarily categorised in this manner.
An investigation into IT best practice by the Commons Work and
Pensions subcommittee - to which Computer Weekly has made an
11-page submission - began last November and continues into March.
Our submission, which will be supported by oral evidence on 23
February, has been prompted by evidence that fundamental mistakes
were still being made by central government departments despite
volumes of guidance on best practice.
The submission to the committee contends that the overriding need
was not for more guidance on best practice but adherence to
existing best practice - even when during projects departments come
under considerable political pressure to go live with new
systems.
Only last week a report by the National Audit Office on the
Criminal Records Bureau highlighted a series of defects in the
planning of a system to provide checks on the background of job
applicants whose work could entail contact with children or
vulnerable adults.
To help prevent further similar disasters, Computer Weekly's
submission to the work and pensions subcommittee suggests three
things in particular:
- That the UK needs best practice to be enshrined in law, as in
the US Clinger-Cohen Act.
- That independent Gateway reviews by the Office of Government
Commerce into the progress of projects be published.
- That the committee review our evidence for contending that the
phrase "commercial confidentiality" can, on occasions, be used by
central government departments to categorise documents as
confidential when they do not need to be.
The case for enshrining best practice in
law
Central government departments have the benefit of volumes of
guidance on best practice. It is also the case that ministers and
accounting officers have some mandatory responsibilities in respect
of mission-critical projects, but, in Computer Weekly's view, this
is not always an effective mechanism for ensuring adherence to best
practice.
Legislation that imposes a statutory duty on departments to follow
best practice will be more effective. The US Clinger-Cohen Act,
otherwise known as the IT Management Reform Act, sets out the key
requirements for good project management, including cost benefit
analyses, investment reviews, performance measures, comprehensive
planning, and programme reviews.
More specifically, the Act, which became effective in the US on 8
August 1996, sets out to ensure that out-of-date, ineffective, or
inefficient procedures and work processes are not automated. The
Act is not perfect, but it has provided a solid statutory
foundation for adherence to best practice. The Bush administration
is said to have ramped up its use of the Clinger-Cohen Act.
Computer Weekly's submission states that UK ministerial
responsibilities on major projects are not always as clearly
defined as they could be, and there appears to be no clear
mechanisms for allowing independent scrutiny by Parliament of
whether the responsibilities have been met.
Gateway reviews by the Office of Government Commerce, part of the
Treasury, have succeeded in making departments more aware of the
risks of complex software-led projects, and there is evidence that
the reviews have, in some instances, helped departments prevent a
project failure. But the reviews are not a sure-fire way of
stopping inadequate systems going live. Gateway reviews of new
systems to support tax credits and the checking of criminal records
gave the schemes approval to go live, which they did with
calamitous results.
The case for publishing independent Gateway
reviews
Computer Weekly's evidence to the work and pensions committee says
that this publication understands why departments and Gateway
reviewers would not wish the results of their assessments of public
sector IT projects to be published. Computer Weekly believes,
however, that the advantages in publishing them outweigh the desire
in officialdom not to publish them.
As part of its submission, Computer Weekly cited a report into a
problematic IT project at National Air Traffic Services. The report
by consultancy Arthur D Little was written during the
pre-implementation stages of the project. It disclosed important
organisational, managerial and cultural weaknesses and recommended
some fundamental reforms.
The recommendations in the report were acted on, and it was
possible for outsiders, including the media and staff, to ask the
organisation what actions it had taken. Computer Weekly believes
that this is public sector accountability at its best.
Initially, however, National Air Traffic Services had strongly
opposed the independent audit, although it was commissioned anyway
at the request of the Transport Committee.
One reason that Gateway reviews are not published is that some
officials believe it would compromise the advice given if reviewers
thought their concerns would be made public. Computer Weekly
believes that this is shown to be nonsense by the Arthur D Little
report, which was full and frank in its disclosures.
This publication has every reason to believe that if Arthur D
Little was asked again to conduct a thorough analysis of the
management of a large IT project, knowing it would be made public,
it would act with the same professionalism and courage it displayed
when assessing the New En Route project at National Air Traffic
Services.
If Gateway reviewers believe the quality and rigour of their advice
and work would suffer if their reviews were published, Computer
Weekly would question whether they are too culturally close to
those they are reviewing and therefore perhaps not be sufficiently
independent and objective to reach the tough conclusions that
Gateway reviews sometimes demand.
If Gateway reviewers know their assessment would be made public, it
could act as a counter-balancing force to departmental or political
pressure to go live with an inadequately tested system.
With Gateway reviews operating in an environment of secrecy, and
without any Parliamentary scrutiny until the National Audit Office
publishes limited details of a review, sometimes months or years
later, we believe there may be insufficient incentive for reviewers
to always reach the necessary courageous recommendations, perhaps
to halt a failing project indefinitely.
Paul Goodman, an MP on the House of Commons work and pensions
select committee, is giving his support to the idea of a UK
adaptation of the US Clinger-Cohen Act if it was found that
adherence to best practice would prevent further IT
disasters.
He also supports Computer Weekly's recommendation for Gateway
reviews to be published. He says that if the Gateway review that
preceded the introduction of tax credits had been published, it
might have prevented the problems that followed.