A report published today by the Australian National Audit Office has said that failing to implement IT reform puts a significant amount of the overall Defence Strategic Reform Program at risk.
The Department of Defence's IT has historically been categorised by scattered initiatives started to meet an individual need. This had meant that the Department of Defence's IT systems grew in a very fragmented way, impacting their reliability.
This was part of the reason that the Department of Defence began on the path of reform, with the department creating an ICT strategy, a Defence White Paper and a strategic reform project to tackle its issues through to 2030. Over 10 years, the department's strategic reform project is expected to provide $20 billion in savings to be reinvested in the Department of Defence. ICT reforms contribute $1.9 billion to this goal, with the auditor also pointing out that the success of other goals rely on ICT services provision, too.
The audit office had been tasked with looking at how this reform is tracking, doing a deep dive into the Department of Defence's project management, governance and decision-making processes for the coordination of its IT reform programs, as well as investigating the Department of Defence's ability to identify risks and measure the benefits of its reforms.
The IT stream of the reform project had saved $224 million by the time of the audit, offsetting costs of $249 million of the total $940 million that was budgeted for the IT infrastructure.
Yet savings was but one aspect of the reform, as pointed out by the audit report, which is concerned at how complex the undertaking is, and how heavily the success eight of the reforms in the project — which encompasses all of the Department of Defence — depend on ICT.
The audit report said that the reform project is "as complex an organisational reform agenda as had ever been undertaken in either the private or public sectors in Australia", requiring the "simultaneous remediation of existing systems, the development of ICT systems critical to the SRP reform streams and the achievement of savings at the upper bounds of feasibility".
"More than two years into the reform process, ICT continues to represent a material risk to the timely achievement of the SRP investment and savings target set in support of the longer-term objectives of the white paper."
Schedule slippage is already happening, the audit office said, and "the failure or even the significant delay of one of these projects is likely to have a domino effect on other SRP activities that could delay or deny the anticipated flow of SRP savings into improved Defence capability".
The Department of Defence has taken governance steps to try to minimise this, but there have been hiccoughs. For example, although the Department of Defence has established a governance committee to provide strategic direction for initiatives, the audit report said it isn't well integrated into the governance of the reform project, since decisions on ICT projects can be made by other defence committees without the elected committee or the office of the CIO knowing. This makes it hard for the CIO office to gain any idea of investments being made, and what costs arise for what systems.
The Department of Defence has taken steps to clarify approval processes, working towards a single ICT two-pass approval process for investment, which will have defined steps. It has also been working on getting an overall view of its IT investments. Some $300 million of the Department of Defence's estimated $1.2 billion ICT budget was not directly visible by the CIO group, with the group relying on other Department of Defence groups, and, in some cases, contractors, for figures. This means that the savings and the savings target from the project are unverifiable. The Department of Defence has worked on KPIs to measure benefits of the program, although these still need work, according to the audit office.
Although the audit office noted that the Department of Defence has the same management maturity ranking of ICT bodies in other government agencies, the audit office pointed out that none of those agencies are doing such an enormous transformation.
The audit office also said that the department is 350 staff short of how many people it needs to complete required tasks. It noted that the department has moved to ease the risks, for example by appointing five approved industry partners — Accenture, BAE Systems, CSC, IBM and HP — to alleviate the skills shortfalls.
The audit office recommended that ANAO address emerging risks by clarifying the CIO group's role in delivering IT services to the Department of Defence, and getting it to partner with the group on initiatives. The audit office also recommended that to improve the visibility of the Department of Defence's needs, and manage it as a single entity, the Department of Defence should create an enterprise-wide benefits-realisation framework, and make sure that there are financial systems in place to monitor IT investments.