Many IT managers will be familiar with the term
"Gateway review", which refers to a review of a specific
central government IT project that involves acquiring or
procuring technology. But do you know who actually runs them, how
they work, or how useful they are?
A Gateway review is essentially a way to ensure that a high-risk
government IT project is on track and being run in an efficient and
cost-effective way.
Computer Weekly has campaigned for the
results of Gateway reviews to be published, and last week
reported that
the Information Tribunal has ruled that Gateway reviews into
public sector IT projects should not be automatically exempt from
disclosure under the Freedom of Information Act, despite strong
objections from ministers and civil servants.
The decision could lead to the disclosure of previously
confidential reports into the progress and problems associated with
a wide range of government IT programmes, including troubled
projects at the NHS and
Child Support Agency.
The review process is managed by the Treasury's Office of
Government Commerce (OGC), which is responsible for improving the
efficiency and effectiveness of government procurement projects.
But the review itself is carried out by a team of experienced
people selected by the OGC, who are independent of the project
team.
"The OGC Gateway process examines a programme or project at
critical stages in its lifecycle, to provide assurance that it can
progress successfully to the next stage," the OGC said in a
statement.
"The process is based on well proven techniques that lead to
more effective delivery of benefits, together with more predictable
costs and outcomes. It is designed to be applied to delivery
programmes and procurement projects, including those that procure
services, property and construction, IT-enabled business change and
procurements using framework contracts."
The Gateway review uses a traffic light system of green, amber
and red. A green light is awarded if things are on track, although
the project could benefit if certain recommendations are adopted.
If an amber light is given the IT project should go forward, but
recommended actions should be carried out before the next Gateway
review. A red light means that problems need to be fixed before
moving on. "It means fix the key problems fast, not stop the
project," said the OGC.
On a more granular level,
the Gateway review process has five stages during the lifecycle
of a project. Stages one to three are conducted before the contract
is awarded, and the remaining two stages look at service
implementation and operational benefits. Retrospective or combined
Gateway reviews are not supported.
As well as these five stages, there is also Gateway review zero.
This is a review of the IT programme itself, and can be repeated
throughout the programme's life if key factors have changed.
According to the OGC, among the benefits of Gateway reviews is
that they can help ensure that the best available skills and
experience are deployed on the programme or project. Gateway
reviews can also help to establish more realistic time and cost
targets, said the OGC.
Reviews of government IT programmes and procurement are nothing
new, and Gateway reviews are just one, albeit important, way to
monitor IT projects.
Gateway reviews were derived from the
1999 Gershon Report on Civil Procurement in Central Government,
which led to the formation of the OGC. However, a year later,
another process, the Peer review concept, was developed from the
Successful IT report.
As Gateway reviews examine an IT acquisition project through its
lifecycle, a Peer review can provide an additional review at any
point, where added assurance is needed or there are specific areas
of concern. These Peer reviews are independent of the Gateway
process.
In addition to these, the
National Audit Office (NAO)
and the
Public Accounts
Committee examine many government project failures. They help
to identify what has gone wrong, and make recommendations on how to
avoid similar mistakes in the future.
The NAO and John Bourn, who is the head of the NAO, are both
independent of the government and are responsible for scrutinising
public spending on behalf of parliament. Bourn himself certifies
the accounts of all government departments and a wide range of
other public sector bodies, and has statutory authority to report
to parliament on the economy, efficiency and effectiveness with
which government bodies have used their resources.
Bourn endorsed the use of Gateway reviews as an effective way to
keep the government accountable. "Many of our recommendations focus
on the need for greater stewardship and accountability within
individual government departments, and across Whitehall more
generally.
"Beyond this, the Public Accounts Committee has emphasised
frequently the need for greater public transparency and
accountability in departments' performance in managing their
programmes and projects and, in particular, that the results of
Gateway reviews should be published," said Bourn in an NAO report
on Gateway reviews.
However, Bourn said there is a problem with Gateway review
results not being made available to the right people, namely the
Audit Committee and the relevant government department's Centre of
Excellence.
"Forty-two per cent of Audit Committees were never briefed on
the results of Gateway reviews, only 26% received quarterly
briefings, and only 42% of internal audit and assurance departments
received copies of all Gateway reviews," said Bourn.
In his opinion, Gateway reviews are key tools to help show
government departments how well they are using their assets.
"Historically, for IT-enabled change, this information has often
been lacking, with few Gateway reviews at Gateway 5 (operations
review and benefits realisation) having been carried out to assess
for each programme and project whether the benefits hoped for have
actually been secured," Bourn said.
The percentage of projects that reach Gateway 4 (readiness for
service) and go on to Gateway 5 has improved, but more needs to be
done, added Bourn. As a result, the OGC Supervisory Board has
agreed that from 2006-2007 all programmes and projects must
undertake a Gateway 5 review within 12 months of completing a
Gateway 4 review.
There are numerous successful Gateway reviews that have eased IT
projects through to completion. One of these was carried out for
the Department for Work and
Pensions, which recently implemented a payment modernisation
programme.
The programme aimed to increase efficiency, cut costs and
improve quality of service to customers by paying benefits and
pensions directly into recipients' bank accounts.
The programme had Gateway 2 and 3 reviews, which identified
risks to the programme from the pressure on front line staff to
absorb the changes involved. But in January 2005 the programme
received a green light under a Gateway zero review, which described
the programme's approach to benefits realisation as
"exemplary".
Another instance of a successful Gateway review process was the
OGCbuying.solutions eSourcing service, which was a runner-up in the
2006 BT Government Computing Awards for Innovation. An executive
agency of the OGC, OGCbuying.solutions delivers cost savings for
central civil government and the wider public sector through a
dedicated procurement service.
The IT project was subject to all five stages of the Gateway
review process, and OGCbuying.solutions delayed awarding the IT
contract to ensure the project addressed the findings of the
Gateway team.
However, not all Gateway reviews give IT projects the thumbs up.
According to the NAO, in July 2006, four out of five
mission-critical projects were at the stage of red or amber warning
lights in the Gateway reviews.
However, a red light does not always stop a project. For
example, the failed Single Payment Scheme for farmers, run by the
Rural Payments Agency, carried on despite three successive red
lights at Gateway reviews.
Gateway reviews can shine the spotlight on government IT
failures, and are supposed to be mandatory. However, some
departmental executives pick and choose whether to carry them
out.
In reality, only a small number of projects are subjected to
Gateway 5 reviews, which establish whether the project has made any
real difference to public services. Of all the projects that pass
through Gateway reviews, only 5% are subjected to level five
checks.
Gateway reviews have been proven to help high-risk projects that
hit trouble and are willing to take advice. But for government
project managers that choose to stick their heads in the sand and
avoid the scrutiny, IT project failures can remain hidden from view
until it is too late.
IT failures help speed demise of Child Support
Agency >>
Government told
to publish ID card reviews >>
More on
Gateway reviews >>
Office of Government Commerce
>>
Have your say
Do you agree with Arif Mohamed's views? If you have an opinion
about this or any article in Computer Weekly, e-mail
computer.weekly@rbi.c.uk