Cabinet Office publishes playbook with rules for government digital projects

The Cabinet Office has launched a guide for Digital, Data and Technology (DDaT), with advice on sourcing and contracting for digital, data and technology projects and programmes.

The playbook is intended to be used by commercial, finance, project delivery, policy and professionals in public sector contracting authorities that are responsible for the planning and delivery of public sector DDaT contracts.

Created as a means to reduce costs and support job creation, the playbook sets out 11 policy reforms for how the government should assess, procure and deliver digital projects and programmes. According to government chief commercial officer Gareth Rhys-Williams and head of the digital profession Joanna Davinson, the playbook is focused on “getting things right at the start”.

“Setting projects and programmes up for success can take more time upfront, but we know from past experience that this early investment can be repaid many times over by enabling us to avoid costly mistakes later on,” they said. “Changing our approach to procurement in this sector will allow us to learn from successes and failures across government and industry.”

This includes online public services, as well as business systems ranging from small database applications through to major transactional systems supporting tax collection or benefits payments. It also relates to back-office systems such as finance, human resources and facilities management systems, as well as infrastructure such as computers and email.

All central government departments and their arms-length bodies are expected to follow the rules outlined in the DDaT playbook on a “comply or explain” basis.

“We need to be better at setting up commercial relationships that enable us to take full advantage of the products and services that exist in the market,” said Alex Chisholm, chief operating officer for the Civil Service and permanent secretary for the Cabinet Office, in the playbook’s foreword. “Equally, we also need to develop our in-house DDaT capabilities by ensuring that knowledge transfer is built in at all levels.”

Applicable to all DDaT projects and programmes including software and hardware, the playbook describes what should be done from policy inception through to transition and operation, and sets out a best practice framework to achieve improved delivery and outcomes.

Policies set out in the guidance include commercial pipelines, whereby contracting authorities should publish their plans in detail and with certainty to help suppliers understand their needs and prepare accordingly. This should be done at least 18 months before contracting.

Another area included in the key policies includes the requirement to apply a cyber security assessment. This will see contracting authorities assessing their own and suppliers’ cyber security in addition to understanding how any procurement impacts their ability to continue to meet minimum cyber security standards.

“The cyber security assessment should inform contract design and a requirement that suppliers meet minimum standards should be embedded into contracts to maintain the security of government data throughout the commercial lifecycle,” the playbook said, adding that the Cyber Essentials Scheme is mandatory for all new government contracts that handle personal data.

Also among the policies of the playbook is the need to exchange and share information and data between contracting authorities and suppliers across government. According to this policy, “software should be open-source and designed to allow access in a platform-agnostic way”, the playbook said.

“Data should be shared using consistent methods, primarily with APIs which conform to Central Digital and Data Office API technical and data standards, satisfy the requirements of the Technology Code of Practice and are well documented,” it added.

In relation to legacy, the guidance noted that the government’s DDaT products and services “should be modern and fit for purpose, and preventing future legacy IT is essential to achieving this”. The guidance requires contracting authorities to ensure all software is kept up-to-date and supported for the duration of the contract. Suppliers and contracting authorities should also plan early for when contracts end, including any extensions, according to the playbook.

The playbook also outlined six “cross-cutting priorities” that policy reforms are intended to support: taking an outcome-based approach, avoiding and remediation legacy IT, being cyber secure by design, enabling innovation, driving sustainability and levelling the playing field for small and medium-sized enterprises.

According to minister for government efficiency Jacob Rees-Mogg, the playbook “will draw on the wealth of digital expertise at our disposal to produce better services at lower cost”.

“This will go hand-in-hand with a new procurement regime that takes advantage of our position outside the European Union, offering more opportunities for small businesses to bid for government contracts, encouraging greater innovation in public services and ultimately delivering better value for taxpayers,” he said in a statement.