Government pledges new look at laws to stop public IT failures

Minister considers Computer Weekly's proposal following a debate in the Commons

The government is to consider a new statutory framework for IT in the public sector, building on the US government's experience of dealing with project disasters.

New laws could check what was described in the House of Commons last week as the "eternal reiteration of mistakes", which contribute to a high failure rate of national IT schemes run by successive UK governments.

The announcement by secretary to the Treasury Ruth Kelly in a Commons debate last week is a response to a campaign by Computer Weekly for legislation to improve the accountability of ministers and departmental heads on risky IT schemes.

Computer Weekly has also called on the government to publish Gateway reviews by the Office of Government Commerce on the progress of government IT schemes.

This was rejected by Kelly during the Commons debate, but in response, Edward Leigh, chairman of the powerful Public Accounts Committee (PAC), said, "We will have to return to the issue."

Fellow PAC member Richard Bacon proposed a statutory IT framework during a speech which included research and extracts from Computer Weekly.

Bacon said when the US government was faced with IT disasters, Congress passed the 1996 Clinger-Cohen Act. "The US government recognised that the lack of accountability and a culture of secrecy and cover-up had contributed to failures," he said.

The Act requires departments to report in real time to Congress on the progress or otherwise of projects, and to disclose any deviations from standing orders.

Bacon cited a report published last month by the PAC on Customs and Excise. It showed that despite decades of experience of IT projects, the department had not always followed good practice.

In its outline business case, Customs made calculations of huge financial benefits which auditors found were more "aspirational", based on private sector industry standard estimates sourced from Accenture, rather than founded on "detailed analysis".

Auditors also found insufficient documentary evidence to support the need for IT consultancy, cases where consultants had their contracts extended without documentary authorisation, limited evidence of agreed objectives and no agreed timescales.

"It is extraordinary that, even now, we must tell departments they should have proper management of consultants and senior responsible owners," said Bacon

He added, "[Legislation] would be an important step in forcing the searchlight into some of the darker corners of IT projects, where the natural tendency is to cover up mistakes."

Kelly, a former inflation expert at the Bank of England, said she shared Bacon's concern. "We are determined to improveÉ on the particular issue of a new statutory framework. I can tell [Bacon] I am committed to taking away this interesting proposal and looking into it further.

"He will understand I cannot give an instant answer, but I commit myself to writing to him about his interesting suggestion. I hope that illustrates we are committed to learning from experience. We are open to new ideas about how to take this forward."

After the debate, Bacon said the minister's announcement was "very welcome" as in all governments there is "institutional pressure towards non-disclosure of information".

The Commons' work and pensions subcommittee is due to report on an investigation into government IT projects shortly. It has studied Computer Weekly's call for legislation.

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

  • How do I size a UPS unit?

    Your data center UPS sizing needs are dependent on a variety of factors. Develop configurations and determine the estimated UPS ...

  • How to enhance FTP server security

    If you still use FTP servers in your organization, use IP address whitelists, login restrictions and data encryption -- and just ...

  • 3 ways to approach cloud bursting

    With different cloud bursting techniques and tools from Amazon, Zerto, VMware and Oracle, admins can bolster cloud connections ...

SearchDataManagement

Close