Kurhan - Fotolia

The true cost of running technology

Ministry of Justice digital chief Arif Harbott discusses the importance of disclosing the costs of technology – and why it makes sense to invest to avoid expensive glitches

Many organisations don’t keep a proper track of all the long-term costs of running a complex IT system. They often cut corners and end up paying much more further down the line – for instance if the system falls over.

This is not just about keeping things ticking over. You have to invest in regular improvements to keep the system in good shape. This should save you money in the long run and provide a better service for your customers.

Sustaining should never be thought of as just “maintenance”. Instead, a healthy service requires constant attention, and continued, well directed investment.

But what categories of costs should you include to sustain and run a technology system?

Value demand

In this category, the demand is for work which brings value to the service. 

1. Iteration

Iteration is change that allows a service to adapt to new insights based on customer feedback, process, legislative or policy changes. It is continuous improvement of the experience. Failing to iterate will increase the occurrence of workarounds and frustrated users.

2. Patching

Reacting to emerging vulnerabilities by patching components and libraries is a necessary activity to ensure services remain secure. 

3. Modernisation

An activity to continuously modernise components.

If a database product is updated, modernisation would be to move to the new version. A network must upgrade its components to support ever-growing bandwidth. Critical code libraries should be updated to the latest versions.

The choice to upgrade is a subjective one, and modernisation will not always be essential immediately after upgrades are available. However, is it inevitable that upgrades will be necessary eventually.

Categories of IT costs chart

Operational costs

These relate to the essential costs of running of the service.

4. Running costs

The costs required to keep the service live and operational. A service will continuously use various products or services which incur a cost. This could include business continuity testing, helpdesk, hosting, infrastructure or platform as a service (IaaS or PaaS), software licences, paper, ink or other physical consumables which may form part of the service.

5. User management

The administrative users, and all their associated overheads, should be considered part of the cost of the whole service. Also user provisioning and deprovisioning, password management and role management are some of other activities in this area. 

Failure demand

Often failure demand arises due to lack of investment in value demand. Poor quality services will generate more failure demand.

Underinvestment in value demand can happen as a result of pressure to reduce costs. The mistake is that costs are then incurred later – often at a much higher price. Compounding this problem is that justifying spending on failure demand is easier, because it has an immediate impact on the operation of a service.

Arif Harbott
"The costs involved in running a technology system are multiple and diverse. Many of the costs involved are not tracked and reported on, which obscures the true costs"
Arif Harbott, Ministry of Justice

For example, consider a system that has consistently had funding cuts. At some point it will fail, and, when it does, it is much easier to get funding to replace/upgrade the system because there is an immediate, visible issue.

Failure demand cannot be avoided entirely, but the strategy should be to invest in value demand to keep failure demand to a minimum.

6. Incident response

When an incident occurs, it is necessary to identify the problems, find a remedy, and fix the issues to bring the service back online. In addition there will be other activities such as communicating status updates to the organisation, managing increased calls to the service desk, as well as retrospectives after the incident to find a solution to the root cause.

It is useful to include any loss of income/ reputational damage as a result of your service being offline – for example, if your e-commerce service goes down or banking platform is offline.

7. Security or compliance breaches

When a security or compliance breach occurs, costs are incurred to handle the breach. Additional internal and external communications, legal proceedings and investigations will all introduce costs.

8. Training

Providing training should be considered the failure of intuitive design. Services should contain sufficient information such that only the correct domain expertise is needed to use a service.

9. User workarounds

When a service does not meet the users' needs, then users find workarounds. These extra steps make tasks take longer which cause waste and inefficiencies. While this is hard to quantify, it should be reflected in the cost of your service.

10. Higher running costs

As services accumulate technical debt and risk, the running costs increase. For example, if the decision to replace licensed software with open source software is avoided due to the cost of making this change, higher running costs are incurred. Also running older versions of software often incur higher support costs from suppliers.

If the system is unmaintained for a long time, there could be increased wages due to the niche skillset required to support the system.

11. Higher change costs

For problematic services even the smallest changes can come at a high price. The need for extensive manual testing should be considered unnecessary as it can effectively be replaced through test automation.

Avoidable costs

These are process and organisational costs that can be avoidable, or kept to a minimum with the right leadership. However these costs are rarely tracked so often go unnoticed in business-as-usual budgets.  These extra steps cost often more, and increase cycle time of delivery which delays value to customers.

12. Governance and process

Excessive governance, reviews and sign-offs can add a significant cost to your system and there are many models that show this can be avoided entirely. Governance should be compressed and deployment should automated as much as possible.

Meetings are a secret killer of productivity and carry very high cost, especially when there are lots of senior people present. Recurring, long meetings to talk about deployment, governance or other system-related matters represent avoidable costs. 

Read more about IT governance

  • Governance is undoubtedly an important subject for any organisation, but what does it really involve?
  • The CW500 Club invited IT leaders to discuss the challenges of governance with the rise of 'shadow IT' outside the IT team.
  • Why do some government IT projects go well and others not? The reason - government doesn't get complexity.

13. Handoffs

If your development is organised around component teams instead of features teams, then the additional handoffs between teams will increase your time to delivery. Also the work of a component team is valuable only after it has been integrated into the product by a feature team. This again is extra effort and time.


The costs involved in running a technology system are multiple and diverse. Many of the costs involved are not tracked and reported on, which obscures the true costs.

Costs of running IT chart

The key takeaways from this approach are to:

  1. Invest in value demand to keep failure demand to a minimum;
  2. Use a continuous improvement approach to systematically cut avoidable costs;
  3. Build the entire lifetime costs of sustaining a service into more sustainable investment business cases;
  4. Create processes which prevent systematic under-spending in areas of value demand;
  5. Track failure demand and report this cost wastage as a key performance indicator;
  6. Make sure every technology system has a product owner responsible for the roadmap, investment and prioritisation of investment.

 Arif Harbott is chief digital and information officer at the UK Ministry of Justice. He writes about digital and technology on his blog.

Read more on IT governance

Data Center
Data Management