NAO highlights perils facing key IT projects

National Audit Office finds defects in high-risk programmes

Auditors of central government ­departments have discovered systemic defects in the running of high-risk government IT projects, while they were researching a report on successful schemes.

The results of a year's research, published last week by the National Audit Office, vindicates Computer Weekly's campaign for more openness, honesty and accountability on major government IT projects.

The government has long aimed to improve the way high-risk IT projects are run, and civil servants have repeatedly assured MPs that progress is being made. But auditors from the National Audit Office, who investigated successful IT-based change projects, found wide-ranging evidence of systemic poor practices in central government.

Auditors found that government has approved 91 mission-critical and high-risk IT schemes, despite growing concerns within central government about a shortage of skills.

The researchers also found that more high-risk and mission-critical IT programmes are running into warning lights when assessed as part of Gateway reviews, which take an independent view of the progress of IT-based projects.

Other findings include evidence of confused responsibilities, ministers not being briefed by senior responsible owners of projects, and business cases being written solely as a means of securing funding, rather than setting out how benefits will be achieved.

Several of the findings relate to centres of excellence - separate teams of experts in 35 departments. The centres were set up as an initiative of the Cabinet to scrutinise projects after concerns that increased investment in the public sector was not being matched by improvements in the delivery of IT programmes.

In September 2004, John Oughton, chief executive of the Office of Government Commerce, reported to the prime minister Tony Blair that the centres of excellence were making good progress. But the National Audit Office report shows that 23% of the centres of excellence did not even receive the results of relevant Gateway reviews, despite their remit to cover all high-risk and mission-critical projects.

The National Audit Office also discovered that 45% of audit committees similarly did not receive the results of Gateway reviews. Audit committees advise a department's accounting officer - who reports to parliament on IT schemes - on emerging risks and whether they can be adequately mitigated.

The report did find evidence of exemplary practices. These were mostly outside central government, though it singled out two major IT-based programmes at the Department for Work and Pensions for praise.

It reported in detail on 24 case studies and listed nine key questions that departments should have considered and answered "at the earliest point" in any programme of IT-enabled business change.

Key questions on delivering IT-enabled change

The National Audit Office report "Delivering successful IT-enabled business change" says that nine key questions should be asked, considered and answered "at the earliest point" by executives who want to embark on a major programme or project. Some of the key questions are:

  • Beyond immediate technical success, how will wider benefits be secured?
  • How clear is the department about the business process that it is seeking to change or develop?
  • Does the technology exist to deliver the change? 
  • Is the board able to make informed judgements about the department's capacity to manage change?
  • How will the department establish and promote an open and constructive relationship with suppliers?

A yardstick for NHS IT?

MP Richard Bacon has written to the health secretary Patricia Hewitt, putting to her the National Audit Office's nine questions in relation to the NHS's National Programme for IT.

Bacon said the National Audit Office report "provides a yardstick against which public sector IT programmes can now be judged".

He added, "Unfortunately, many of these questions do not appear to have been asked of the NHS computer upgrade programme."

Read how openness aids success

Comment on this article: [email protected]

Read more on IT risk management