Secrecy culture must be stopped

Machiavelli once wrote that misjudgements and wrong turns are like tuberculosis: hard to detect and easy to cure in the...

Machiavelli once wrote that misjudgements and wrong turns are like tuberculosis: hard to detect and easy to cure in the beginning, and easy to diagnose and very hard to cure at the end.

For this reason alone it is necessary to do everything reasonably possible to spot the early warning signs of an IT disaster. In the private sector directors do not any motivation to spot the early signs of impending failure. If a company loses tens of millions on an IT-related scheme, or its service to customers suffers significantly after introducing a new system, directors and IT managers may lose their jobs.

In the public sector it is very different. No minister or head of department has lost their job as a result of an IT disaster; and life for public service IT staff and directors in public service who see things going wrong can be frustrating.

They do not have the power to stop a disaster. They can warn internally of the early warning signs of one, but are unlikely to do so because the culture permits constructive criticism only at a level of detail: nobody can question the project as a whole without being seen as off-message or worse, a Luddite. And it is just as well the culture does not allow anyone to be fired after an IT disaster, because it is the senior and middle ranking IT executives who would be most at risk, for being the quietly-spoken critics whose prophesies nobody at the highest level believed but who were proved right.

This discouragement of whistle-blowing is compounded by secrecy. A project’s potential users and most other stakeholders and MPs cannot scrutinise a project in its early stages to help identify the early warning signs of failure or to analyse how well it is progressing, which could help ensure their buy-in or support.

These are some of the huge holes in the processes of accountability over IT projects which cost millions of pounds - and billions in the case of the NHS’s National Programme for IT.

The first MPs learn of an IT disaster is from the media or when their constituents write to them about the poor service from a particular department. The public spending watchdog the National Audit Office writes some penetrating analyses on failed projects. But this is years after the scheme began, and its reports encompass selected projects only. It is true that MPs can ask Parliamentary questions but these are not replied to directly. Instead ministers and heads of departments usually simply restate official policy.

In short there is an almost total absence of contemporaneous accountability or transparency on IT projects. This can be mitigated by two things: new legislation for the public sector which would provide a statutory framework for accountability and the publication of independent gateway reviews on the progress of projects.

Treasury minister Ruth Kelly has agreed to look at a statutory framework but she has rejected our call to publish gateway reviews. In this week’s issue we deconstruct the detailed arguments put forward by Kelly and the OGC for not publishing the reviews.

But we suspect her rejection has much to do with the culture of the civil service. By tradition heads of department do not change their minds over a decision that has been taken: it implies they are fallible, capable of making a mistake. The OGC has taken the decision to keep gateway reviews secret, and so it defends the decision even though IT suppliers, stakeholders and MPs want them published.

We encountered this attitude over our campaign to clear the names of the pilots who were accused of flying a Chinook helicopter into the Mull of Kintyre in 1994. A decision had been taken to blame the dead pilots and the fact that it may have been caused by a computer problem was not the issue. A decision had been taken and it could not be reversed.

This pretence of infallibility has ludicrous consequences. It is manifested in the way some senior officials coming across to MPs as invincible. Labour MP and member of the Commons’ Public Accounts Committee Ian Davidson said during a debate in Parliament last month there should be smugness score for officials who come before MPs to explain why projects have failed.

"Some officials are so pleased with themselves that if they were made of chocolate they would eat themselves. I am tempted to name and shame them, but they are so conceited that I suspect that they would take it as a compliment."

We urge the OGC to distance itself from this anachronistic and artificial world populated by officials who pretend to be infallible, who cannot be sacked for failure, and who influence decisions on how billions of pounds is spent without allowing scrutiny of their decisions and deliberations by stakeholders, MPs and others.

By publishing gateway reviews, the government can show that it is prepared to reverse a decision already taken, that it is not hidebound by civil service tradition.

Publishing the reviews will not stop disasters. But it will show that the government is no longer prepared to exploit Whitehall’s culture of secrecy to hide poor thinking.

Read more on IT risk management