Customs IT cannot meet e-gov demands

Mike Simons

The IT infrastructure of the Customs & Excise department is "unsuitable for e-business" and its upgrade "is the area of...

Mike Simons

The IT infrastructure of the Customs & Excise department is "unsuitable for e-business" and its upgrade "is the area of greatest risk" in the department's plans to meet Tony Blair's e-government target.

That is the frank admission in a draft strategy document, entitled HM Customs & Excise E-business Strategy, seen by Computer Weekly.

Customs & Excise is responsible for the collection of VAT as well as excise duties and the investigation of fraud and smuggling. But, according to the strategy document, it needs "a significant infrastructure upgrade to one capable of handling the volume and type of transactions associated with e-business".

It added, "We are reliant on a third party for this upgrade."

The third party is an ICL-led consortium of Racal, Mitsubishi and Microsoft which, after prolonged delays, signed a £500m, 10-year private finance deal in September to deliver new IT and communications.

The document called for prudent countermeasures to be put into place to cope with potential failure. "Outsourced contingency arrangements will have to be made in the information systems e-strategy to cater for continued delays in the upgrade of the infrastructure," it said.

Also highlighted was the department's dependence on the infrastructure provided by central government.

"The Cabinet Office has arranged for a number of central facilities to be made available, eg public key infrastructure and the Government Gateway," said the document. "A major assumption is that these will be ready and fully functional in time for our e-business implementations."

The document warned that there were few countermeasures that could be implemented by Customs & Excise to safeguard against failure to deliver the Government Gateway, authentication, security and third-party service delivery channels.

"It would not be feasible to double up in these areas," the document said. "However, we can ensure that the existing 'manual' processes and other contingency processes are available in the new environment.

"While this does not eliminate the impact of risk, it will go a long way to reducing the impact of it, but at the expense of meeting our electronic service delivery targets."

Read more on IT risk management