Anatomy of an IT disaster

| 4 Comments
| More

Below are key parts of  today's Public Accounts Committee report on the C-Nomis report. Much the same could be said of other big IT-based change programmes such as the NPfIT.

Some will say plus ça change but some IT disasters are exposing near anarchy, and potentially worse, in some corners of government administration.


How not to develop a project

"We have taken evidence on cases of poor decision taking and weak project management on many occasions. The same lessons have still not been learnt, making the management by the National Offender Management Service (NOMS) of C-Nomis a prime example of how not to develop a project."

Beware US software which needs much rework for the UK

"From the outset those responsible failed to identify the modifications required to the
software to meet NOMS' needs. The Home Office assessed it as broadly meeting the needs of the prison service, but as a North American product the software needed to be adapted for UK legislation.

"In respect of probation, there was a serious failure to understand the magnitude and cost of the changes which would be needed, even though the Home Office recognised at the start that the software met only 29% of the needs of the Probation Service.  The estimated cost of developing the C-NOMIS application rose from £99m in 2005 to £254m by July 2007 due to customisation."

Did senior civil service managers bend the truth?

"The programme team running C-NOMIS reported that the programme was delivering on time and to budget, when it was not."

"In May 2005, as part of the C-NOMIS project approval process, the Home Office's
Programme and Project Management Support Unit certified the C-NOMIS project as not suffering from the eight common causes of project failure. Subsequent analysis of the underlying causes of the costs increases and delay by the National Audit Office indicated that C-NOMIS suffered from four of the eight common causes of project failure in full and three in part."
Over-optimism and the culture of good news

"Planning for the C-NOMIS project was unrealistic, in part because of an over
optimistic 'good news' culture which was not challenged with sufficient rigour by
senior management with in-depth knowledge of the business."

"The first Senior Responsible Owner and other senior people involved with C-NOMIS demonstrated a remarkable lack of insight and rigour, coupled with naivety and over-optimism."

Contracts without competitive tenders - an open door to potential corruption?

"Contracts were agreed with suppliers without testing the market through a competitive tendering process, and the contracts themselves were weak." [changes went undocumented and tens of millions of pounds cannot be accounted for]

Advice on managing projects exists - but was ignored

"To avoid repeating the mistakes of the past, Departments must use existing guidance."
Soaring costs

"The original cost estimate rose from £234 million in 2005 to £690 million in July 2007. NOMS [National Offender Management Service] agreed that, with hindsight, there had been a gross underestimate of costs and that the original cost estimates were badly prepared... The NOMIS programme was revised and scaled back to three offender databases for £513m, for delivery by 2011."
Without financial management where did this leave EDS, one of the main suppliers?

"Financial management was almost non-existent. The project did not have a dedicated
financial team until 2007 and no-one was actively monitoring the budget.

"As a result, NOMS cannot provide the detail to say what the £161m used to October 2007 was spent on, although can say in broad terms that EDS was paid £87m and the remainder went on a combination of payments to other suppliers and NOMS costs."
5 years after launch systems are still not in place

"In 2003, Lord Carter's Correctional Services Review recommended bringing together prisons and probation services and introducing 'end-to-end offender management'. This change was designed to improve the supervision of individual offenders throughout their sentence by a single offender manager ...The National Offender Management Service, initially part of the Home Office and since May 2007, part of the Ministry of Justice, was created in June 2004 to bring this about.

"Some five years later, the information systems required to support offender management are still not in place."
Nobody accountable

"The individuals who took the key decisions on C-NOMIS and were responsible for its monitoring and oversight have all retired or moved on, and no-one has been held to account for the estimated £41 million wasted due to delays and cost overruns."
Complexity underestimated

"The original concept was ambitious but still technically feasible. Problems at every level, however, led to an out of control programme which eventually NOMS could no longer afford. NOMS significantly underestimated the technical complexity of the project."

Standardize and simplify business processes - not mirror existing inefficiencies with new IT

"Rather than invest time and resources to develop and standardise the new ways of operating across its business areas, NOMS sought an IT system to unify the business and achieve end-to-end offender management.

"There was no sustained effort by NOMS to simplify and standardise its business processes reflecting management's misplaced confidence in C-NOMIS, their unrealistic expectations of what could be achieved by an IT solution and their underestimation of the time and costs to deliver it."

"NOMS should have thought through its business processes and introduced new,
standardised ways of working in conjunction with new IT support systems to
deliver end to end offender management."

"[There is a need to] standardise ways of working to avoid excessive customisation."

Bad news didn't reach top management

"Costs and progress were not monitored or reported for the first 3 years after the inception of C-NOMIS ... The Project Board, the NOMS Board, the Home Office senior management and Ministers were all unaware of the true cost and progress before May 2007."
Senior Responsible Owner didn't have time or experience

"[The] Home Office's senior management at the time was wrong to appoint somebody
as Senior Responsible Owner who did not have the skills or relevant experience, without also providing support and allowing the post holder time to carry out their responsibilities."
Two teams thought each other was watching spending

"The vacuum of leadership within NOMS contributed to confusion and created challenges for suppliers and the project team. The roles and responsibilities of the project team, the Offender Information Services (OIS) and NOMS business areas were unclear.

"For example, the part of NOMS responsible for administering the funding, the OIS, and the project team each thought the other was monitoring expenditure. The Project Board, chaired by the Senior Responsible Owner, was too large to be effective and had little contact with the project team.

"It did not actively manage delivery and it did not discuss programme finance until April 2007, almost 3 years after the start of the C-NOMIS pilot phase."
Senior managers remain positive - and talks with EDS and other suppliers over costs of the revised C-Nomis continue

"NOMS has assured us that it has implemented the changes needed to deliver the revised NOMIS programme by 2011. However, there are significant challenges yet to address including further contract negotiations with suppliers ..." 

Deeply depressing repetition of mistakes

"It is deeply depressing that after numerous highly critical PAC reports on IT projects in recent years, the same mistakes have occurred once again."
Do departments have a minimum standard of competence?

"We question the purpose of our hard work if Whitehall accepts all our recommendations but still cannot ensure a minimum standard of competence."
Too much power in too few hands

"Too much rested on the performance of a few key individuals to deliver success."

Gateway review warning all but ignored

"NOMS did not respond with sufficient vigour to the Gateway review in 2006 that
raised serious concerns about the delivery of the project."
The main original objective won't be met

"Despite the intentions, there will not be an integrated information system
providing a single offender record that will be accessible by all service providers
who come into contact with an offender."
Is Ministry of Justice still being over-optimistic?

"NOMS has promised substantial progress with the NOMIS programme ..."
Out of control and unaffordable

"The original concept was ambitious but still technically feasible. Problems at every level, however, led to an out of control programme which eventually NOMS could no longer afford."
Planning done on the back of an envelope?

"Prison and probation information requirements were quite different and each of the 42 probation areas had different ways of working. End-to-end offender management was little more than a concept, and what it meant in practice and the IT needed to support it had not been worked through."
Ministers kept in the dark until 2007

"Although the NOMS Board failed to appreciate the full seriousness of the situation, it did instigate an investigation of the project's finances, which eventually led to the facts surfacing in 2007.

"Only then did the NOMS Board report the situation to ministers, recommending that a halt should be put on the whole of the programme and that the programme should be re-scoped."

"NOMS should not have been running a programme that had so little reporting to ministers or internally within the Department."

Treasury hadn't a clue until this year

"Problems with the NOMIS project were not brought to the attention of the Treasury
until February 2009."

Links:

A good news culture blighted C-Nomis say MPs - ComputerWeekly.com

Public Accounts Committee report on C-Nomis - Parliament's website

National Audit Office report on C-Nomis - March 2009

Failed £234m C-Nomis project - ministers kept in the dark - IT Projects Blog

Report: C-Nomis Prison IT system guilty of 'basic' project management failures - ComputerWeekly.com

What went wrong with C-Nomis - IT Projects blog

MPs condemn C-Nomis shambles - The Taxpayers' Alliance

Why is nobody accountable? - Kristan Smith

C-Nomis debacle - criminology, probation and stuff 







4 Comments

  • Its not as if the project methods aren't there - when I first started to work for the MOD 20 years ago, they had a brilliant set of methods and techniques for managing projects. I am talking about SSADM and PERT (later PRINCE). I notice over the years a distinct lack of application of any of that (except for the application of the extremely ungainly PRINCE). From what I am reading, (and have worryingly read over 20 years) is had they bothered to apply any structured methods and put the controls in place, then they might stand a half a chance of getting it right.

    The damaging thing is that all of that seems to be left out - I imagine due to inexperience and the expense. Other than PRINCE I have seen little evidence of any methodology being applied to the national care records service. If it were, it could have at least put everything in the right order, I mean, fancy buying in to a system that has to be heavily modified in four stages, before it can be used. Whats wrong with designing and developing the product iteratively and then introducing it when complete, followed by a post implementation review and change management?

    A little time spent studying options at the beginning, and less time shopping for quick wins might be appropriate.

    Grrr!

  • Having just read Stuart's comments above it's interesting to note a decline in standards with regards to project management competency within the MoD.

    I wonder what has changed to create that situation?

    In terms of Prince/Prince2 I have heard from a few practitioners that the the methodology can be considered to be a little too stringent/inflexible for everyday use.

    Other than PMBOK (or Agile) I'm not sure what the real alternatives are but it's certainly my own experience that some businesses appear to try to develop their own project methodologies in-house, quite possibly with their own cultural biases playing a big part in how that operates.

    How successful they are is of course another matter entirely but my suspicions are that many areas of Government might actually be applying that same logic to their own work.

    I believe a revised Prince 2 publication came out this year which should take the issues above into consideration but one article i'd read on Prince 2 (I think it was in Computer Weekly) suggested that the value of Prince qualifications can be over-egged as essentially the qualification requires that you undertake a short course and pass an exam at the end of it.

    The article suggested that the qualification doesn't necessarily determine practical competence, which was a valid point. I would expect that the really big challenge with bringing any methodology into play (when Government is involved) is managing increasing levels of complexity.

    Far too many contractors appear to underestimate the scale of what is required and applying any controlling mechanism into managing something of the scale of NPfIT or DII needs to be done extremely carefully.

  • Having just read Stuarts comments above it's interesting to note a decline in standards with regards to project management competency within the MoD. I wonder what has changed to create that situation? In terms of Prince/Prince2 I have heard from a few practioners that the the methodology can be considered to be a little too stringent/inflexible for everyday use. Other than PMBOK (or Agile) I'm not sure what the real alternatives are but it's certainly my own experience that some businesses appear to try to develop their own project methodologies in-house, quite possibly with their own cultural biase playing a big part in how that operates. How sucessful they are is of course another matter entirely but my suspicions are that many areas of Government might actually be applying that same logic to their own work. I believe a revised Prince 2 publication came out this year which should take the issues above into consideration but one article i'd read on Prince 2(I think it was in Computer Weekly) suggested that the value of Prince qualifications can be over-egged as essentially the qualification requires that you undertake a short course and pass an exam at the end of it. The article suggested that the qualification doesn't necessarily determine practical competence, which was a valid point. I would expect that the really big challenge with bringing any methodology into play (when Government is involved)is managing inceasing levels of complexity. Far too many contractors appear to underestimate the scale of what is required and applying any controlling mechanism into managing something of the scale of NPfIT or DII needs to be done extremely carefully.

  • The question "what the real alternatives are" is a valid one. Apparently there are hundreds if not thousands of "methodologies" out there but they fall short of any real use because 1) they are mostly for show (the "Prince In Name Only" - PINO symptom is relevant here); 2) they are mostly stuck in the iterative and incremental thinking - namely agile! Well agile is great for the developer but it does not help the client since the agile process is practically uncontrollable from the client's perspective, whether on the time, cost, quality and any other dimension. Uncertainty in IS development is simply, well too uncertain.

    This is why I have been advocating for a selectionist approach in contrast to the agile. I'd be happy to talk to anyone who is heading into a large risky IS/IT development project/programme.

  • Leave a comment

    Subscribe to blog feed

    Archives

    -- Advertisement --