Good Governance - Effective Use of IT

Written evidence submitted by Microsoft (IT 66)

Thank you for the opportunity to submit evidence to the Public Administration Committee’s inquiry into "Good Governance: the effective use of IT".

About Microsoft

The Reading based UK subsidiary of Microsoft Corporation was formed in 1982. It currently employs nearly 3,000 people, with nearly 400 UK employees focused on R&D activities. It also has offices in London, Manchester and Edinburgh. The Microsoft European Research Centre is based in Cambridge. Microsoft has made major investments in the UK computer gaming industry bringing computer game developers, Rare and Lionhead, into the Microsoft Game Studios (MGS). Microsoft also has a Search Technology Centre (STC) with a hub in London. The STC will join Microsoft’s other internet businesses which are based in London, including MSN, Microsoft Advertising, MultiMap and Massive.

Our business relies on our partners, who work with us using Microsoft technology to run their own businesses. We have 32,000 partners in the UK, the large majority of which are SMEs, which in total amounts to over half a million UK jobs.

Summary Response

Microsoft is proud of the partnerships it has to support public service delivery in the UK and is committed to helping the Government secure best value and most effective deployment of IT.

In 2009, the UK public sector spent a total of £17.9 billion [1] on Information Technology (IT). Only 8% of the UK public sector’s IT spend is on software (and just 1.6% spent with Microsoft) [2] .

In the UK, Microsoft has enjoyed strong relationships across the public sector and at all levels of government which has led to, amongst other things, the pan-Government pricing agreement PSA09. Microsoft is keen to help organisations to use IT as a means of actively creating value as well as reducing overall cost.

We welcome the opportunity to respond to this inquiry and there are several key themes which we would like to emphasise in our response:

1. Government use of IT has improved over recent years but continues to lag some way behind the private sector. This is caused by a number of factors which we explore in more detail below, from the prevalence of a silo-mentality within departments which fails to see best practice and expertise shared; to a simple lack of experience or appropriate seniority of IT experts within government.

2. The Government has an opportunity to achieve significant savings if it reduces its capital investment and moves to commodity IT. Part of these savings will be achieved by embracing ‘cloud computing’, which will require important decisions to be made in relation to risk, security and control of assets and for government to take action to ensure public procurement supports cloud technology. However, other savings can be made from using "on the shelf" software and customizing it appropriately, rather than building bespoke systems. Government must also support cross-departmental working as a way of making best use of the potential of new technologies to achieve both cost savings and a better way of working.

3. It is vital that government focuses on lifetime value when procuring contracts. There is a growing tendency towards bidding wars which see very low entry prices and the impression of savings that disappear when lifetime costs are taken into account (e.g. for ongoing training, maintenance and so forth).

4. Government must safeguard interoperability from its IT suppliers and require open standards from suppliers. This will limit the administration costs for the public sector and safeguard entry into connected IT needs from as wide a range of suppliers as possible. This will become more important as the public sector commissions services from both the private and third sector. Standards provide the ability for disparate organisations to work together, share information etc.

5. Government must do more to facilitate a wider market share for small and medium sized suppliers if it is to secure most effective IT services and provision. The current procurement approach deters smaller suppliers so that almost 70% of the market is dominated by just 20 leading firms. Microsoft is actively working to support our network of 30,000 SME partners to help them navigate public sector procurement processes.

6. It is essential that government departments focus their attention on the outcome they wish to achieve through IT, rather than the input. By ‘picking winners’, for example by determining the type or form of IT government wishes to procure, rather than the function it is intended to deliver, the Government risks reducing competition, innovation and value for money.

7. 80% of total public sector spend is on salaries and pensions. It is therefore critical that we enable public sector workers to be as productive as possible. Discussions often just focus on the cost of the IT and not how it can help in driving up productivity and therefore have a massive net benefit. Government needs to ensure it provides the right technology to make workers as productive as possible.

1. How well is technology policy coordinated across Government?

The creation of a Government CIO role and the CIO and CTO Councils has helped in providing some degree of co-ordination and a move towards a more common infrastructure, specifically within Central Government, technology policy.

However, there remains limited co-ordination of technology policy across Government and there is limited co-ordination across departmental boundaries. This can create three important consequences:

1. Best value is not achieved

2. Opportunities are missed to meet public sector goals

3. The high cost to Government (due to, for example, civil servants not being able to work in other departments and the loss of productivity associated with that)

Securing best value

Microsoft is a major partner to Government. However, it represents less than 2% of the UK Public Sector’s spend on ICT.

In 2009, the total ICT spend for UK Public Sector was £17.9 billion [3] . Of this though, only 8% (£1.4 billion) was spent on software [4] , a further 12% (£2.2 billion) of the total spend was on hardware whilst the largest single category in Kable’s analysis was for Services which consumed 49% (£8.7 billion) of total public sector ICT spend.

Microsoft has worked closely with Buying Solutions (the government’s national procurement partner for UK public services [5] ) to develop a new software purchasing model which treats the public sector as a single entity in terms of pricing equality and licensing. The result is PSA09 (Public Sector Agreement 09) [6] which replaces the previous Memorandum of Understanding (MOU8) and which offers better value for money, greater choice and flexibility in the licensing of software. PSA09 presents four critical benefits for public sector organisations:

· Maximise existing investments through the ability to transfer software licences between public sector organisations. Transferability, re-use and flexibility of licences are key features of PSA09.

· Value for money. PSA09 offers the potential for public sector organisations to save money whilst achieving best value in procurement and gaining new tools to improve service delivery to citizens, communities, public sector organisations and partnerships across the public sector.

· Matching Business Needs. Increasing choice with more flexible software access for different users. PSA09 addresses changing requirements of public sector organisations over time through two key principles:

o Pay for what is needed,  and

o Choose software for different needs rather than just by product alone

· Public Sector Reform and Innovation. Supporting delivery of the UK Government agenda by supporting more effective use of ICT for collaboration and information sharing.

This agreement is a good illustration of how effective cross-government working can be in securing best value and outcomes for the public sector.

It is essential that the Government secures equivalent commitments from other suppliers, including open source and license providers, through similarly well co-ordinated buying agreements.

The Government must also safeguard interoperability when procuring ICT supplies and services. Only through interoperability, is it possible to scale projects and re-use software beyond the original scope of its procurement. The Government must seek interoperable, open standards from software and hardware providers to reduce the impact of a continuing lack of coordination between departments and projects.

Achieving public sector goals through ICT

As technology becomes more ingrained throughout everyday life, the expectations of citizens are increasing in terms of what they expect from Government services. Therefore, technology is a key element of all Government policy not just those relating to technology infrastructure. From the outside it often appears that those creating government policy have limited understanding of the possibilities available through technology and that only once policy has been agreed is this then passed onto IT departments to actually deliver a solution.

This approach undervalues the potential benefits from technology as well as causing friction between the business and IT functions of the organisation. A more business-like and collaborative approach to policy development as well as education and training on technology for non-IT civil servants would undoubtedly help in delivering more value, reducing costs as well as limiting the potential for high profile failures. It would also secure better results in terms of meeting the needs of the end user or citizen.

A good example of where this can work well in terms of using IT to place the citizen at the centre is, HeyGov [7] , is a solution developed by two Miami city employees in less than eight days over their holidays. Built on Windows Azure cloud computing technology, the site allows citizens to review progress on an average of 4,500 reported and "in progress" issues such as pot-holes, missed refuse collection, illegal tipping etc. Represented on a map of the City of Miami, the citizen gains useful, usable information whilst the city saves money through "avoidable contacts" (much reduced call volumes).

Smart organisations will take the opportunity to do less, but to focus on creating a platform (in both an IT and a broader sense) for others to be successful.

Building for the Citizen at the Centre requires government to:

· build for transparency

· build for collaboration

· build for participation

In exploring these principles, organisations are realising that, whilst value can be generated by using IT to do the same things more efficiently, much greater value is generated by using IT to do things in a totally new way, transforming service delivery, engaging more directly with citizens and dramatically reducing costs.

By securing effective input from ICT expertise when policy is being formed and developed, there is an opportunity to achieve far more effective outputs for the public, as well as reduce the risk that a project will run into issues such as increases in cost, user experience issues or increased time to delivery.

2. How effective are its governance arrangements?

The current governance arrangements would appear to suffer from some of the same issues as in the response to question 1.

Governance is often siloed and those involved in the governance process may not have the ideal technological understanding when scoping, monitoring and reviewing projects. As levels of outsourcing increase as a result of the desire to achieve budget savings and increased efficiency of service provision, the Government must not erode expertise in project governance.

Changing governance needs

There is an opportunity through the move towards cloud technologies to change the dynamic of government procurement and the necessary governance arrangements that lie therein. It will see a reduction in public sector bodies purchasing a specific product or technology, to instead purchasing a service. This requires a different set of skills, focused more on correctly identifying business requirements, specifying needs and then effective monitoring.

Government should invest now in developing the skills necessary to meet this changing procurement environment so that it achieves best value in future.

Making better use of peer review

There is also an opportunity to make better use of the role of local officials and delivery experience. Large centralised public sector IT projects limit the options for supply to a few very large companies and increase the risk and likely cost of projects. Steps need to be taken to reduce the scale and risk of the typical project. A first step is to devolve procurement to local officials, but publish standards of data interchange between systems, based on industry-driven, international standards.

To secure effective sharing of skills, secure networks can help officials learn from the experience of others. The Shared Learning Group in local government [8] creates and shares IT solutions that have worked well for one local authority to prevent the same issue being solved separately by each local authority.

Centrally, there is also scope to bolster this review process to ensure lessons are learnt across public sector bodies. The Gateway Review process provided professional peer review but was stopped as it often came into conflict with projects which were politically sensitive. Such peer review is required to provide independent, expert analysis and recommendations to ensure that HM Government truly learns from project success and failure.

Government should commit senior level support for reviewing ICT procurement projects to ensure best practice is shared and lessons learnt in any future procurement.

A good example of reuse within Government is LoveCleanStreets [9] . This is a free online tool that enables people who work or live in London to upload photographs of the area around them. These can be of a neighbourhood’s "loved" qualities, or something "unloved" that the user would like to bring to the local authority’s attention. The photos are then displayed for any user to see, and the reports can be tracked to see how local authorities are responding to "unloved" areas. Originally developed for one borough (Lewisham) its now being used by all others, rather than spend money developing new solutions many times over.

3. Have past lessons from NAO and OGC reviews about unsuccessful IT programmes been learnt and applied?

Undoubtedly lessons from these reviews have been taken onboard and have delivered specific improvements in project development and delivery.

However, it does not seem that this has been done in a co-ordinated and consistent way across government and learnings are applied differently from department to department, for example regarding senior level leadership. The concern must be that without the co-ordination and consistent application of the learnings, programme failure is still likely to happen somewhere within government in the future.

The move to a Universal Credit will require significant change in IT systems in both DWP and HMRC. This would seem to be the ideal opportunity to take the learnings from the NAO and OGC reviews and provide a true practical case study for HM Government on large scale programmatic change with significant IT involvement.

To avoid the future unsuccessful implementation of IT programmes, government must ensure that there is a co-ordinated and consistent application of the learnings from programme failure.

4. How well is IT used in the design, delivery and improvement of public services?

As detailed in earlier responses, there have been improvements in the degree to which ICT is valued as a key delivery agent for public services, but too often it remains an after-thought.

From the outside it often appears that those creating government policy have limited understanding of the possibilities available through technology and that only once policy has been agreed is this then passed on to IT departments to actually deliver a solution.

Smart organisations will take the opportunity to do less, but to focus on creating a platform (in both an IT and a broader sense) for others to be successful. This requires government to:

· build for transparency

· build for collaboration

· build for participation

In exploring these principles, organisations are realising that, whilst value can be generated by using IT to do the same things more efficiently, much greater value is generated by using IT to do things in a totally new way, transforming service delivery, engaging more directly with citizens and dramatically reducing costs.

By securing effective input from ICT expertise when policy is being formed and developed, there is an opportunity to achieve far more effective outputs for the public.

5. What role should IT play in a ‘post-bureaucratic age’?

There are potentially big savings to be made in public sector spending by cutting red tape, improving project management skills and ensuring that the right IT project architecture is in place to allow for a level playing field for public sector IT procurement.

If the cost and bureaucracy of public sector IT procurement and delivery was reduced, it could deliver as much as 10% saving on all public sector IT spend, amounting to £1.76bn (Kable), while at the same time increasing innovation.

Making better use of current technologies to reduce travel and transportation, as well as the introduction of cloud services, will also do a great deal to reduce the cost burden to government.

Creating a level playing field

There needs to be a level playing field for all ICT businesses, irrespective of development model and size, if real savings are to be achieved. If there isn’t a true level playing field, it will mean that many UK ICT companies won’t even have the opportunity to pitch for government contracts. This would close off any possibility for many smaller businesses ever being able to win public sector business even if the current system is reformed to make it easier for them to do so. It is only a truly level playing field that will provide more opportunity to SMEs to bring their efficiency and innovation to public sector IT contracts.

In order to help achieve the Government’s aims to bring smaller suppliers into the procurement chain, Microsoft is working with its small and medium sized enterprise (SME) partners to provide free training in tendering for, winning and executing public sector contracts. It also has a strong history of collaborating with its SME partners on government contracts, where the SME and Microsoft have complementary skills and have both benefitted from the contract. Actions like these are important to help SMEs succeed in winning public sector business, but ultimately will only be successful if all companies can operate equally, rather than battling against a biased system.

The Microsoft ecosystem in UK includes those companies that sell PCs, servers, storage, and smart handheld devices running Microsoft software; software vendors that write applications that run on Microsoft platforms; resellers that sell and distribute these products; and service firms that install and manage Microsoft-based solutions, train consumers and businesses on Microsoft products, and service customers for their own applications. It also includes companies that do combinations of these functions. As a group, companies in the Microsoft ecosystem in UK generated more than 18 billion GBP in revenues for themselves in 2009. In other words, for every £1 made by Microsoft in the UK in 2009, its partner companies made £8.84.

Companies in the Microsoft ecosystem employ 241,000 people and IT-using organizations employ another 281,000 IT professionals who work with Microsoft software or the products and services based on it. Together, these employees will account for 38% of IT-related employment in 2009 and 42% of IT-related taxes in the country. [10]

Making better use of technology

Even more public sector savings could be found by using currently available technology innovatively, for example, reducing public sector travel costs by using web cams and instant messaging technology. If the savings made by some private sector businesses are mirrored in the public sector, the wide adoption of these readily available technologies could result in a 10% cut in travel costs per employee across government with millions of pounds saved along with a positive environmental impact resulting from reduced train, car and air travel. Utilising unified communications technology within Microsoft in the UK has helped us to reduce our carbon emissions from travel and commuting by 23% over the last 3 years as well as delivered a significant reduction in our travel budget.

Cloud computing

Cloud computing provides the most significant opportunity here. There are large savings to be made by a move to the cloud not least in reduced upfront capital investment, maintenance and service costs. Businesses and the public sector would no longer need to set up and maintain their own back office computing functions. Currently, Whitehall and the UK’s public bodies rely on approximately 130 data centres. Cloud computing makes a reduction down to less than 20 data centres conceivable.

Cloud Computing delivers IT as a Service.  It does this by delivering computing as a utility (much like the utility companies deliver electricity today) in that consumers can vary their usage over time and pay for what they use.  Utility IT Services delivered over the internet directly to customers (organisations both large and small, public and private) from large datacentres is termed Public Cloud. These services benefit from economies of scale and can therefore offer incredibly competitive price points.  Public Cloud services are evergreen, they are always up to date, therefore removing the need for Government organisations to plan, manage and pay for upgrades.  With Public Cloud upgrades are included as part of the service,

Whilst these Public Cloud services are suitable for a number of Government workloads today it is recognised that some services will need to remain inside of Government datacentres.   We believe that there are also efficiencies to be gained by Government adopting cloud computing principles in their own datacentres i.e. creating Private Clouds.   Microsoft believes that the best strategy for government is to exploit both Public and Private cloud technologies – taking the best of both worlds – to create a modern, rich & unified set of services to public sector employees at the best possible price point.

For example, the current proportion of public sector ICT spent on services is 42% [11] with a further 16% [12] on hardware from an estimated total spend of around £17bn [13] . Both could be substantially reduced by using cloud computing.

6. What skills does Government have and what are those it must develop in order to acquire IT capability?

In an article on ComputerWeekly.com [14] in July 2007, London School of Economics’ Professor Leslie Willcocks and Mark Thompson of Judge Business School, Cambridge University both identified lack of project management skills as being a fundamental issue for government IT projects. Mark Thompson is quoted as saying that, "There is usually really lousy management of the contract once it is in place." Meanwhile, Professor Willcocks said:

"The NHS IT programme is a prime example. These are very big contracts, but the internal capabilities to manage them are not there - in the public sector, or in the managers hired to manage the programme. Ultimately, even though the work is being fulfilled by a third party, the user remains accountable and must retain control."

There has been some improvement since this point, yet still the public sector lags behind its counterparts in the corporate world.

As has been stated previously, at senior levels in the private sector, the importance of IT has long been recognised. This is reflected in the senior positions held by Chief Information Officers (CIO) in most major private sector companies. This is generally not the case in the public sector. In the public sector each Departmental CIOs needs to be given real power and influence to ensure better decision making

The CIO should be given a place on the senior management team of each Department. More generally, the knowledge amongst senior civil servants, including permanent secretaries about the role of information technology needs to be improved.

The Government also needs to secure procurement teams with the ability to focus on the life time costs of individual IT projects rather than just initial costs. The current system is encouraging companies to bid low and then overcharge later. The principle of best value needs to be retained but the total cost of ownership over the lifetime of the project should be clearer at the start of each project.

Outsourcing skills through Cloud technology

Again there is potential benefit through cloud technology. Where, previously, departments would be required to service and staff data centres and IT services, cloud technology would allow that activity to be effectively outsourced to a secure and safe environment, whilst enjoying the benefits that economies of scale in capital and expertise can bring.

7. How well do current procurement policies and practices work?

The sheer scale and complexity of public sector IT contracts and the preference for large centralised contracts puts intolerable pressures on Government IT procurement and project management staff. Complex and opaque processes, high bidding costs and limited scope for innovation combine to limit procurement choice to a limited set of large system integrators and excludes smaller innovative companies from health, education, local and central government projects. Consequently, despite the Government’s stated intention to award 30% of contracts to SMEs, the top 20 IT suppliers account for over 70% of all spending [15] . The reasons for this are fourfold:

· Long, detailed and very prescriptive definitions of every aspect of the system to be delivered. This is not limited to the functions that the system must deliver, but also specifies many aspects of how the system must do it, often down to the specific technology. Not only does this make the bidding process more complex and expensive, but also eliminates any opportunity for innovative solutions.

· The complexity of the process by which contracts are notified and bids received favours larger companies at the expense of smaller, not on their ability to deliver excellent solutions, but because of their employment of contract specialists who can navigate the system (and whose costs are ultimately built into the final price)

· There is a tendency for the IT consultants specifying public sector IT systems to favour large centralised systems at the expense of more locally sourced, smaller systems with internationally recognised data standards enabling them to share information between themselves. Not only does this increase the costs by limiting the range of possible bidders, but also increases the risk and complexity of the resulting system. It also prevents the re-use of a demonstrably effective solution in one locality by purchasers in other areas.

· Small and Medium sized Enterprises (SMEs) often lack the skills and knowledge of the public sector procurement process to enable them to effectively address the market opportunity and they are generally unclear as to where they could go to access those skills.

Yet both public sector customers and smaller businesses themselves would benefit from a level playing field where SMEs could bring their efficiency, innovation and commitment to public sector contracts. 64% of commercial innovations come from small firms [16] and greater competition and the resulting efficiencies are urgently needed in order to address the 60% of IT project expenditure that goes on services [17] – services all too often limited to the same large system integrators. There is a great opportunity to improve the innovation and efficiency within public sector IT by enabling more small and medium businesses to participate in this market, regardless of development models. It is only by taking this approach that a true level playing field for smaller software businesses is possible. This will result in more innovative and cost effective public sector IT procurement.

We also recommend that the Government should reconsider a recently announced policy which we believe will hinder SMEs and others from bringing the benefits of their innovation to the UK public sector. Specifically, we are concerned that the Procurement Policy Note on "Use of Open Standards when specifying ICT requirements" which was published by the Cabinet Office on 31 January 2011 will have the unintended consequences of reducing innovation and choice in the public sector IT market.  We shall be responding to the Government’s consultation on this policy, and arguing that the Government should align itself instead with the best practices set out in the European Interoperability Framework v2, which were set following extensive consultation with European industry and SMEs.

We recommend that the Government takes steps to secure greater access to government contracts for SMEs. This should include actively encouraging more companies to bid for public-sector business by helping them acquire the skills and knowledge that enables them to bid competitively. Importantly, the Government should also require that all bidders declare the proportion of the project that is being sub-contracted to SMEs.

8. What infrastructure, data or other assets does government need to own, or to control directly, in order to make effective use of IT?

In short – as little as possible. The actual amount will be governed by two core factors: what is politically acceptable and what is acceptable from a security perspective. In reality why would HM Government wish to be an infrastructure provider unless for clear and accepted needs? Moving forward with the move to cloud computing and the provision of services the Government will find it harder and harder to justify the need to have its own infrastructure if it can be provided more efficiently, environmentally and securely in the cloud by another organisation.

For example, Microsoft has estimated that the operating and capital expenses savings attributable to email alone amount to approximately £700m over the next 5 years, based on 3m government email users and 100% cloud adoption over the next 5 years.

The role of Cloud technology

The more that government can utilise the public cloud moving forward the better. This should allow for a reduction in costs, greater flexibility for elastic services as well as considerable environmental benefits. There will always be infrastructure that the Government will need to keep in-house and the key here is to ensure that this is done in as joined up a way across Government as possible, to ensure effective use of resource.

In moving services and data to the public cloud, government will need to be clear about its requirements to ensure it does not become locked into services provided by specific suppliers and that both applications and data can be freely moved between suppliers and technology platforms.

As mentioned in the responses to earlier questions, this would potentially mean different skills and experience than is the current situation and hence a programme of re-skilling should be considered.

With regard to data this raises the perennial question of whether government actually owns citizen data or is just the custodian of the data. Currently government sees itself as the owner of the data which brings with it serious responsibilities (e.g. data security) and creates issues around combining data from multiple sources and also deriving maximum value from a complete citizen record. A move to Government taking more of a custodian role and the citizen being the ultimate owner of their data would negate many of these issues as well as creating potential opportunities. This would also create issues around privacy as well raising questions around the ability of all citizens to use such a service e.g. older people, the vulnerable and those who are digitally excluded.

Microsoft HealthVault is a good example of such a service for storing, managing and maximizing an individual’s health information by creating a single data repository taking data from multiple sources, putting the citizen in control of their data and providing added value services to the citizen based on all the data being in the same place. In the US the HealthVault service is funded through advertising and hence can be provided free of charge to the citizen. The move to citizen owned data would mean a complete change for the UK Government which would need to require citizens to provide certain data in exchange for the provision of specific government services.

A good example to demonstrate the concept of "Government-as-a-platform" is the Foreign and Commonwealth Office’s Travel Advisory service [18] . This takes a core government service, federates it through an open data api and matches that data with a social networking platform and useful information like currency exchange, weather and translation services.

The Government should take steps to increase the rate at which it reduces its capital ownership of data. If managed correctly, this will secure improved service levels, consistent or improved security standards, and major savings in cost.

Government should seek to move away from capital ownership of infrastructure and data, as doing so would enable cost savings, drive efficiency and improve security and services standards.

9. How will public sector ICT adapt to the new ‘age of austerity’?

As stated in previous responses, Microsoft has worked with the public sector to achieve best value during the current economic climate. The PSA09 is a good illustration in which Microsoft has developed a new software purchasing model which treats the public sector as a single entity in terms of pricing equality and licensing (see response to question 1 for further details).

Taking a holisitic approach

ICT has an important part to play in delivering value for public sector organisations. Decisions need to be made carefully in order to ensure that the value generated is both real and sustained. This requires a holistic view of value and an objective means of measuring value. In looking to reduce costs, organisations need to understand where the ICT related costs are actually incurred. Again, cloud computing will achieve major savings if strategically sourced by government.

It is equally important to recognize that cost is much more than simply the price of software licenses (which represents only 8% of total ICT spend) and a robust, objective assessment framework is essential to avoid unintended consequences such as an increase in often unseen costs such as training, productivity losses and document conversion. Tools such as Microsoft’s Business Value Framework or the WiBe 4.1 Framework look at changes across the organisation to ensure an accurate assessment of both cost and value.

Increasing value means more than simply reducing cost. Smart organisations are taking the opportunity to do less, but to focus on creating a platform for others to be successful by:

· Designing for Re-use; and

· Placing the Citizen at the Centre

As well as reducing cost and increasing value internally, this will enable and encourage the local software economy, nourishing an ecosystem of small, local IT firms to the benefit of the broader economy and to the aims of the Digital Britain strategy.

10. How well does Government take advantage of new technological developments and external expertise?

Not as well as it might. The existing procurement framework actually makes it hard for the public sector to make use of technological innovation in real time. High barriers to entry also ensure that new entrants – especially SMEs – are deterred from participation even where they have a different perspective or potentially valuable expertise. Whilst government is better networked with external and third party organisations than in the past, there are still improvements which can be made to ensure that government is encouraging suppliers to innovate to drive efficiency or value for money.

Another issue here is that the Government approach has been "you need to fit in with us" rather than being willing to adapt to benefit from new technological developments. This has caused issues with the current desktop (for example, onerous security) as well as with the adoption of cloud computing.

11. How appropriate is the Government’s existing approach to information security, information assurance and privacy?

The Government rightly places issues of security, assurance and privacy at the heart of its ICT procurement approach. The need to keep certain information secure and ensure a resilient service level across public services will remain critical no matter what technological advances are made.

It is sometimes suggested that open source software (OSS) is more secure by design. However, there is no evidence that the myth of the "million eye-balls" holds true or that - because the underlying source code of open source software is available for all to see - security issues are more quickly identified and resolved. In reality, only a small percentage of those million eyeballs actively contribute to any OSS projects [19] .

Security is, of course, a bigger issue than purely source code. It covers all aspects of system design and use including configuration, system management and user behaviour. Frequent press coverage illustrates how security is an issue for everyone [20] .

And whilst the need for a secure and resilient approach will not change, the means to achieve that may have to change if Government is to achieve good value and most effective implementation of public services. As stated in response to question 8, the Government must consider taking the role of custodian of data source, rather than direct controller of all data, in order to make best use of cloud technologies.

May 2011


[1] Source: “UK Public Sector ICT Overview and Forecast to 2014/15”, published by Kable in November 2009. ( http://www.kable.co.uk/ )

[2] Kable, 2009

[3] Source: “UK Public Sector ICT Overview and Forecast to 2014/15”, published by Kable in November 2009. ( http://www.kable.co.uk/ )

[4] This low percentage is also supported by an analysis undertaken by the leading IT industry analyst, IDC, who looked at Total Cost of Ownership (TCO) for a server over a typical three-year lifecycle. IDC found that software represented just 7% of the total TCO: http://www.microsoft.com/windowsserver/compare/linux/windows-server-tco.mspx

[5] http://www.buyingsolutions.gov.uk/

[6] http://www.microsoft.com/uk/publicsector/government/licensing/default.aspx

[7] http://www.heygov.com previously known as Miami 311. For more background detail, see the following report: http://port25.technet.com/archive/2010/03/03/miami-311.aspx

[8] http://www.publictechnology.net/modules.php?op=modload&name=News&file=article&sid=9174&mode=thread&order=0&thold=0

[9] http://lovecleanstreets.org/Reports

[10] IDC Economic Impact Study 2009

[11] “UK Public Sector ICT Overview and Forecast to 2014/15”, published by Kable in November 2009: http://www.kable.co.uk

[12] Ibid.

[13] Ibid.

[14] ComputerWeekly.com, “Outsourcing projects offer business lessons” (6 th July, 2007); available as a cached page at: http://cc.msnscache.com/cache.aspx?q=%22computerweekly+com%22+outsourcing+projects+offer+business+lessons&d=74749678791719&mkt=en-GB&setlang=en-GB&w=ee76f0d3,f5b8f2f6

[15] Kable research, The supplier landscape in the UK public sector marketplace 2007

[16] Federation of Small Businesses: May 2008

[17] Source: IDC, 2007. Three Year Server TCO. Based on more than 300 interviews conducted across numerous platforms .

[18] http://www.theenvisioners.com/index.php/2011/03/15/bringing-government-as-platform-to-life-introducing-travel-advisor/

[19] As an example, a report by the Linux Foundation found that Red Hat, Novell and IBM were responsible for 24% of all changes to the Linux kernel over 16 months and that although over 5,000 developers had contributed over five years, the top 30 individuals had contributed over 25%: http://www.networkworld.com/news/2009/081909-linux-kernel-report.html

[20] See as examples: http://www.f-secure.com/weblog/archives/00001997.html (a security firm blog concerning a security scam targeting the Firefox browser) and http://www.washingtonpost.com/wp-dyn/content/article/2010/08/24/AR2010082406154.html (covering a recent security breach within the Pentagon).