Plans for reforming public services over the next few years depend on a large number of gigantic new information technology systems. Every four months, Tony Blair receives a progress report on current IT projects judged to be "mission critical." The mission critical list is secret, but is believed to contain more than 20 projects, covering everything from council tax reform to the 2012 Olympics.
The government already spends £14bn a year on computer systems and services, the highest figure in Europe and double the sum spent in 1999. The public sector accounts for 55 per cent of the whole UK market for IT.
One of the most politically sensitive IT-dependent reforms is in the NHS. The NHS is creating electronic health records for every individual in England, linked by a data "spine," that will also allow electronic appointment booking. Contracts worth about £6bn have already been signed; the total cost of creating the system will be at least double this amount.
Other schemes include Joined-up Justice, the criminal justice IT programme; the Gershon public sector efficiency review, which relies heavily on electronic government; defence information infrastructure for the armed forces; and homeland security and electronic border controls (contracts for a system called "e-Borders" are about to be placed).
Two high-profile longer term programmes—identity cards and road pricing—will also depend on large, complex and innovative IT systems. The ID card programme will be the most ambitious in the world in its use of biometrics—the electronic capture of personal characteristics—to identify individuals.
The government's confidence in IT to drive new policies is remarkable given the reputation for failure of public sector computer projects. Many early projects were dogged by disaster, but had little impact outside the bureaucracy. From 1990 onwards, however, as more "public-facing" government processes were computerised, failures became more visible. A rash of problems in the NHS—a flawed computer-aided despatch service for London ambulances and scandals in the Wessex regional health authority—established a perception of public sector incompetence. In the mid-1990s, a huge private finance initiative project to computerise national insurance data ran badly behind schedule. This was accompanied by problems at the ministry of defence, police and local government.
Typical of these projects was the benefits payment card project, started in May 1996 and cancelled three years later. It is of special interest because of parallels with the proposed ID card programme. The benefits card was seen as part of a wider plan to pay social security benefits electronically, cutting fraud and administrative costs. It was planned to cost £1bn, and a trial project was estimated at ten months. One year into the project, the contractor revealed that meeting the deadline would cost 30 per cent more than expected; the alternative would be to extend the deadline by five years, with costs rising by 5 per cent. In May 1999, the trial had not even begun and the government decided to abandon the project.
A review by the national audit office (NAO) found that the benefits payment card project was fundamentally flawed in management and that it was, "with hindsight, probably not fully deliverable within the timetable specified."
For government, the final straw was the passport agency's attempt in 1999 to introduce a new system for issuing passports at the same time as a change in the rules greatly increased demand. Not surprisingly, the system faltered. Alerted by the publicity, holidaymakers besieged passport offices up and down the country. Under withering parliamentary and media criticism, the passport agency resorted to buying a consignment of 1,200 umbrellas to lend to applicants forced to queue in the rain. (By the time the umbrellas were procured, they were no longer needed and were donated to Oxfam.)
In early 2000, the Labour government, having announced a modernising government programme heavily dependent on IT, admitted that the level of IT performance was unacceptable. The McCartney report, named after its sponsor, Ian McCartney, then cabinet office minister, began: "Government IT projects have too often missed delivery dates, run over budget or failed to fulfil requirements." McCartney recommended several reforms, including requiring every project to have a senior individual in charge. The government has subsequently recruited a corps of specialists from the private sector, including its first chief information officer, Ian Watmore, formerly managing director of Accenture UK. It has also introduced a battery of measures to ensure that projects do not run out of control.
But will these measure be sufficient? To answer that question, we need to know how our government's experience compares with both that of other governments and of the private sector. If British public sector IT projects are especially prone to failure, what remedial measures could be taken?
Understanding public sector failure
Complex IT projects have a poor record everywhere in the world, in both the public and private sectors. An annual survey by Standish, a US consultancy, estimates that 70 per cent fail to meet their timetable or budget, or to come up to specification. Britain is thus not alone in finding computerising government difficult. The US has experienced a spate of problems at both state and federal level. In March, the FBI abandoned, after five years of work, a $170m attempt to create a "virtual case file" for tracking suspected terrorists. But the record cost-overrun in a civil IT project was probably the US internal revenue service's $30bn tax modernisation in the mid-1990s.
Such spectacular failings have encouraged the British government to suggest that it is no worse than other countries, though perhaps more transparent. This attitude is complacent. A study of seven countries to be published next year finds sharp variations in the proportion of government IT projects that are eventually scrapped. The study, led by Patrick Dunleavy of the LSE and Helen Margetts of Oxford, scores the performance of IT projects in Australia, Canada, Japan, the Netherlands, New Zealand, Britain and the US between 1990 and 2003. Britain emerges as a world leader in cancelling or producing non-functioning government IT systems. Japan and the Netherlands had fewest failures.
In Japan, only one government IT project has been cancelled in the past two decades. This does not necessarily mean that the Japanese authorities are covering up a cluster of IT disasters. Rather, say the researchers, when failure is unthinkable, there is a strong incentive to make systems work. Contractors will put more resources into a project, even if they make a loss as a result. Civil servants draft in more staff and allow contractors to recoup losses in the future. All this means that Japan has an abnormally low scrap rate for projects, though it probably pays higher prices for equipment and software.
Assuming that British government projects are particularly prone to failure, why should this be so? Investigations and postmortems agree to a surprising extent on a number of common contributory factors which are peculiar to the British public sector. The most important are:
- Scale. Big IT projects everywhere are far more likely to fail than small ones. A high proportion of government IT projects are, by necessity, very large. A change in taxes or benefits will involve thousands of new procedures, interacting in unpredictable ways. Ian Watmore, chief information officer, says that services that other large countries might organise at a state or regional level, such as driving licences, are run as national systems in Britain. But big organisations in Britain, like the NHS, also seem to seek out large-scale suppliers to match large-scale projects, whereas in the Netherlands (see the argument in the last section of this article) public agencies split up contracts into very small packages of work.
The issue of scale also applies at another level. These vast IT systems are only as good as the quality of data entered into them. The public sector has particular problems coping with old data that was originally entered on paper files to less rigorous standards of accuracy than those demanded by modern IT. And in the public sector, large-scale data entry is often undertaken by large groups of poorly paid and unmotivated staff, who can introduce many mistakes.
- Lack of professional skills. This affects all large IT projects. According to the Royal Academy of Engineering: "The levels of professionalism observed in software engineering are generally lower than those in other branches of engineering." The academy points to a particular lack of expertise in project management, which is "not well understood." This has been especially true of government projects. The McCartney report echoed previous NAO reports in pinpointing inexperience among civil servants and the frequent lack of a senior figure capable of getting a grip on a project that is going awry. The civil service culture means that IT experts rarely have the clout to make changes happen. Where the scale of a project does require a senior civil servant to take charge, it is likely to be a once-in-a-career experience.
- Procurement process. Public procurement law requires lengthy formal tendering processes that can take more than a year and sometimes several years. The industry and some senior officials are critical of processes that can lock public bodies into technology that is obsolete by the time the system goes live. The IT trade association Intellect says that the confrontational nature of public procurement processes makes it hard to develop the spirit needed to make long-term, complex projects work. Intellect's argument is that the public sector picks the lowest bidder, or the one willing to accept the most onerous terms. So when something goes wrong, negotiations degenerate into arguments about extra payments or penalties rather than trying to solve the problem in partnership.
Attempts to create such partnerships through the private finance initiative (PFI) largely failed because of the difficulty of persuading private contractors to assume the risk for projects. Unlike a hospital or school, a failed government IT system has no residual value. If a construction-based PFI fails, or is no longer needed because of policy changes, the contractor is left with at least the value of the real estate—and usually a building that can be used for other purposes. A partly-built IT system is worth only the hardware, which after three years or so will be zero. This means that it is difficult to persuade PFI contractors to assume the risk of making IT systems work.
- Multiple stakeholders. Complex IT projects often cut across many different agencies, making leadership difficult. The failed benefits card project was led by two organisations, the DSS and the Post Office, with distinct aims. Even when a single organisation is involved, public sector projects have inherently more complex criteria of success than those in the commercial sector, which are judged purely by return on investment. Obligations to provide a universal service and political desires to maintain employment can conflict with a project's original business case.
- Vulnerability to policy swings and "mission creep." Several government IT programmes have run into trouble because of sudden new demands. A recent example was the introduction of tax credits—a new role for the inland revenue which was sprung on its IT contractor EDS with little notice. The contractor met the deadline only by cutting back on software tests. When the system went live, bugs caused delays and also contributed to the infamous £1.9bn in overpayments.
Most government projects start off with the intention of using as much off-the-shelf commercial software as possible. But to cope with mission creep, suppliers have to customise their software with extensive new data entry work that often introduces more bugs.
The general point is underlined in the Dunleavy and Margetts study. It points to a culture of "political hyperactivism" in which parliament regularly approves new tax, welfare and regulatory measures for which IT systems have been neither designed nor tested. A 2004 report by the work and pensions select committee found that: "Ministers seem to commit themselves to projects that are completely unworkable." Although civil servants are supposed to give warning of risks, they may find it "extremely difficult to say 'no' to ministers." Partly in response to this report, the department for work and pensions has begun briefing IT suppliers twice a year to give them advance notice of changes to the tax and benefit system.
Measures to improve the IT record
The fact that some governments seem to have a better record than Britain does suggest that our endemic problems are not insuperable. In the five years since the McCartney report, the government has taken several steps to improve the professionalism with which projects are managed. These include setting up a "senior forum" with the IT industry to discuss whether programmes are viable; ending the unhappy experiment of trying to fund IT through PFI; and introducing a system of independent reviews into crucial stages of each project's life cycle before it is allowed to proceed. (An idea borrowed from the oil industry, these "gateway" reviews are run by the office of government commerce.)
Finally, a new cadre of experienced chief information officers has been recruited from the private sector. The archetype is Richard Granger, a former management consultant appointed in autumn 2002 at the age of 37 to run the huge national programme for IT in the NHS—due to go live between now and 2010. Granger has a track record for successfully implementing complex systems for the oil industry and government, including the London congestion charge, which many commentators (including this one) predicted would be another disaster. Granger's £250,000 salary on appointment to the NHS made him the highest paid civil servant.
His job is to install the world's largest network of electronic health records, with the aim of meeting government modernisation goals, such as allowing patients to choose their hospital. From the beginning, the programme has had a distinctive feel. In just over a year, Granger placed contracts worth more than £6bn with private suppliers, led by BT and Accenture. He introduced several procurement innovations: speed (a hospital IT procurement normally takes more than two years), competition (there was no "preferred bidder" stage) and transfer of risk (suppliers would not get paid until the systems were working). According to Granger, these terms enabled the NHS to get a better deal.
Meanwhile, Ian Watmore, the chief information officer based in the cabinet office, has created a government-wide network of chief information officers, which meets quarterly. Along with the office of government commerce and a senior forum for the IT industry, this is intended to be the main early warning system for projects that may be going wrong. Insiders report that the atmosphere at meetings is very different to that of the predecessor body.
Watmore aims to create a new professionalism in government IT, with a career structure to attract the best people. One idea is to set up a government IT academy, to ensure that people in charge of projects share a common culture and standards. Graduates would have a career path to top management. "There's no reason why a chief information officer should not become a permanent secretary," he says.
Highly competent people will undoubtedly be needed to push through the next phase of government computerisation which, Watmore says, aims to transform public services in the same way that IT has transformed the banking and travel industries. Britain's plans are being watched with interest by other European governments, for which "e-government" has so far largely been limited to making official procedures available via the internet, with little or no "back-office" reform.
Are the current reforms enough?
There is no evidence yet that the new measures have turned the tide of government IT failure. Systems such as the disastrous criminal records bureau were procured under the new regime, while there have been embarrassing recent failures at the inland revenue and the department for work and pensions. Police IT is also in the public spotlight, thanks to delays in creating a planned national firearms database and intelligence-sharing system. There are ominous early signs that the ID card programme relies on unwarranted optimism about the reliability of biometric technology.
Moreover, five years after the McCartney report, the government faces allegations that it has yet to implement some of its reforms. John Higgins, director general of Intellect, thinks that government and industry are getting better at running projects, but that too often the project manager is not senior enough.
In July, the public accounts committee (PAC) reported that some departments were still not taking gateway reviews seriously. One third of projects bypass the crucial first two stages, entering the process only when they have already gathered momentum. When reviews do happen, the committee reported, they highlight the same shortcomings as before. Gateway reviews award a red, amber or green colour code to denote each project's status. Red means take remedial action at once. At the last count, the committee found that 28 per cent were in this category, 50 per cent were amber and only 22 per cent green. At one level this is good news: it suggests that the review process is working. However, the committee found that departments too often ignored red lights. It called on the treasury to find ways of stopping funding for IT projects where departments "choose consistently to ignore stages of the gateway process." The report also calls for gateway reviews, currently secret, to be published.
The biggest test case of the new professionalism in IT programme management is the ruthless new regime at the NHS. It is too early yet to tell whether it will succeed. The biggest current concern is the care records "spine" that will connect GPs and hospitals all over England. This is running about a year behind schedule. The programme has also replaced its main software supplier for the south of England, the US-based IDX, following alleged failures to meet deadlines. (London, however, continues to rely on IDX.)
While Granger can act resolutely at a technical level, the success of government IT projects depends on a culture change too: in the case of the NHS, this means persuading managers to invest in the new systems, and for doctors, nurses and pharmacists to change the way they work. This is far more difficult, and not helped by a succession of changes in clinical leadership of the programme. Granger says that in several cases his team has produced systems on time, only to find that the policy decisions needed to make them work were running late. There are also signs of mission creep—the NHS national programme has had to take on new work, ranging from a system to pay GPs according to improvements in their patients' health (implemented on time, the programme's first major success) to a new digital radio network for ambulances.
Small is beautiful?
Some experts, such as Brian Collins of the Royal Military College of Science, say that the current approach to government IT projects, based on assembling "systems of systems," is inherently flawed. Software developed in this way can never be tested rigorously enough. One solution is to redesign all software from the bottom up, using principles developed for flight control systems and the nuclear power industry. However, this would significantly increase project costs.
Another difficult question is the relationship between suppliers and government. The PAC report noted that the government depends on too few IT suppliers: 11 firms account for 80 per cent of the market. "This limited field potentially restricts competition and may discourage innovative new entrants." It urged departments to select procurement routes favouring "a more suitable, flexible or innovative solution."
Similarly, a main conclusion of the Dunleavy and Margetts study is that the power of the IT industry and the scale of IT project disasters are linked. "The more advantaged the situation of the IT industry… the poorer the performance of government IT is in at least one dimension or another." Britain is unique in the size of IT contracts it places with industry, and this restricts the number of companies able to bid. The defence information infrastructure contract, placed with EDS this year, is worth £4bn.
The NHS national programme for IT has been moving against the grain recommended by the PAC. One of its aims has been to entice large firms into the NHS, which had been previously dominated by small specialist local suppliers. The resulting contracts have heavily favoured US-based multinationals (to the consternation of the department of trade and industry, which is trying to promote Britain's healthcare IT industry overseas).
Dunleavy and Margetts contrast Britain's approach with that of the Netherlands, where public agencies split up contracts into very small packages, rarely exceeding $1m in value. To manage this process, government needs to keep IT skills in-house, rather than transfer them to contractors.
Government IT can work in Britain. Notable achievements this year include the launch of Land Registry Online and NHS software to support the new GP contract. The long-term programme of placing government on the internet is also generally working, although take-up by citizens is still low. The latest official EU benchmarking survey placed Britain third out of 28 countries in the sophistication of its e-government services.
Perhaps the remarkable thing about Britain's effort to re-engineer government with IT is that, given the technical, cultural and political barriers, plus the reliance on very large contracts, so many projects do succeed.