Communication Technology and Information Management by PastGallo

VIEWS: 115 PAGES: 12

									Accountability and Accountancy
Services Division
Room G2.1
Rathgael House                                Tel: 028 9185 8203/Network: 68203
Balloo Road                                   Fax: 028 9127 7690/Network: 69090
BANGOR                                        Mobile: 07887677493
Co Down                                       E-mail:
BT19 7NA                                              and

                                                                DAO(DFP) 33/03

                                                               4 December 2003

Dear Accounting Officer


Purpose of this DAO

1.    This DAO sets out the parameters within which ICT supported business
      change projects and programmes must be conducted. It introduces new
      procedures with the objective of improving the delivery of ICT-enabled
      projects and programmes and provides detailed guidance on
      management, justification, evaluation and responsibilities. This DAO
      replaces DAOs (DFP) 14/92, 8/94 and 01/01, which are now cancelled.
      It also introduces a new delegated limited of £500k for ICT related

Background and Context

2.    DAO 01/01 drew the attention of Departments and the bodies for which
      they are responsible to the Whitehall report „Successful IT: Modernising
      Government in Action‟, otherwise known as the „McCartney Report‟.
3.    The McCartney Report is of particular importance to those involved in the
      planning, design, procurement or implementation of major ICT systems. It

     was commissioned following a number of well publicised unsuccessful
     public sector ICT projects in GB, and sets out recommendations to ensure
     that the future management of major ICT projects in the Civil Service will
     be “as good as the best”.

4.   In brief, the report reaffirmed the Government‟s commitment to
     modernising public services using ICT as „a vital tool in this process‟. It
     introduced a new approach to ICT projects, whereby such projects would
     no longer be thought of as self contained pieces of IT work, but as ICT-
     enabled business change. The emphasis has moved to thinking in terms
     of improvements to the way of doing business, of which ICT will be a
     major element.

5. However, until now the status of the McCartney Report has remained one of
   best practice. Under the control of the Director of Procurement Service, a
   Northern Ireland response to McCartney has been formulated addressing
   three key areas - the Gateway Review Process, ICT Policy and Guidance
   and Skills. An important parallel development in relation to skills
   enhancement is the NICS ICT Human Resources Strategy.

6. By introducing a number of basic principles and mandatory requirements,
   this DAO now aligns the NICS approach with the McCartney
   recommendations, together with the newly introduced Gateway Review
   Process and recent best practice developments in GB.

7.   This DAO replaces Guidance Notes (GN1 – GN7) previously associated
     with DAO 8/94 and amends the approval process in line with the new DFP
     guide „The Northern Ireland Practical Guide to the Green Book‟, thereby
     placing the process within the context of overall business change.

8.   The DAO summarises the key elements to be employed in the
     management of projects throughout their lifecycle. It is supplemented by
     more detailed guidance in the Annexes listed below:

     Annex A: Project Management
     Annex B: The Business Case
     Annex C: Benefits Management
     Annex D: Post Implementation Review
     Annex E: Gateway Review Process
     Annex F: Annual Reports
     Annex G: Glossary

9.   The revised guidance included in the Annexes is the outcome of a cross-
     departmental project, which incorporated wide-ranging consultation.

10.   Another relevant source of guidance is DPS(DFP) 02/95 which addresses
      conditions applying to the Use of Consultants.

Agencies, NDPBs and other bodies

11.   Departmental Accounting Officers should ensure that equally rigorous
      standards are applied to ICT-enabled projects and associated expenditure
      in their Agencies, NDPBs and other bodies for which they are responsible.
      It is important that delegated thresholds are laid down over which such
      projects require approval by the parent Department. The specific financial
      thresholds may vary from one Agency or NDPB to another, but in no
      instance may they exceed the maximum ceilings delegated by DFP to the
      parent Department itself. Departments should inform DFP Supply of the
      thresholds which apply to each of the Agencies, NDPBs and other bodies
      for which they are responsible.

12. Departmental Accounting Officers will also wish to be satisfied that
   effective systems exist in their Department for the consideration of projects in
   other bodies for which they are responsible. Departments may approve ICT-
   enabled projects in these bodies within the maximum ceilings delegated by
   DFP without reference to DFP, providing sufficient resources have already
   been allocated to cover the full cost of the project.

13. It is a matter for Departments in conjunction with other bodies for which
   they are responsible to determine precisely how the terms of this DAO
   should apply in practice. Subsequent references in this letter, to
   “Departments” should be taken to include Agencies, NDPBs and other
   similar bodies.

Corporate Initiatives

14.   The roll out of eGovernment services increasingly involves corporate
      projects and programmes across all Departments. This sets an important
      strategic context for projects brought forward. In consultation with the N.I.
      eGovernment Unit, Departments should take account of this framework
      and exceptions must be justified. Guidance on a range of issues linked to
      corporate initiatives is included throughout this DAO and its Annexes. A
      list of current corporate projects is available on the N.I. eGovernment Unit
      website at

15.   In particular, Departments must ensure that projects and programmes are
      consistent with the OnlineNI strategy document, and the NICS IS Strategy
      and the NICS ICT Strategy and must be approved by the appropriate

      Departmental or NICS authority. In addition, DFP Supply may refer any
      ICT enabled business change programme or project to the N.I.
      eGovernment Unit for an assessment of the impact (if any) on the
      corporate eGovernment programme.

Mission Critical Investments

16.   Programmes or projects which have been defined as 'mission critical' in
      the terms set out by PSG(E) should be undertaken with careful reference
      to all aspects of this DAO. Additionally, certain procedures over and
      above those outlined in this DAO may be applied to reflect the importance
      to the NICS of particular 'mission critical' investments.

General Conditions Applying to all Projects and Programmes

17.   It is important that the distinction between ICT related expenditure and an
      ICT project is understood. All expenditure on ICT whether it is a single PC
      or a substantial business change investment incorporating a suite of
      servers and applications, requires a business case. Commensurate effort
      regarding the detail of the business case should be applied, relative to the
      scale of expenditure expected. ICT enabled business change investments
      are normally considered to be programmes or projects and the full rigor of
      this DAO should be applied, including the use of PRINCE2 and the
      Gateway Review Process. However, while the purchase of a single PC,
      for example, will require a business case along the lines of the template
      included in Annex B: Appendix 5, it is obviously not a project. For
      investments well below delegated limits, Departments must make
      judgements about what constitutes a project, taking into account factors
      such as the scale of the expenditure, number of stakeholders, degree of
      risk [Ref: para 42], nature of expected benefit etc. The application of
      PRINCE2 methods and the Gateway Review Process should then be
      relative to these judgements.

18.   It is also important to note that the purchase of PCs or other hardware
      should normally be undertaken as part of a larger scale project or rolling
      programme of infrastructure investment, looking several years ahead. The
      nature of this type of strategic investment dictates that a substantial
      business case (regularly updated in line with the replacement programme)
      is in place. In these circumstances other best practice methods must be
      applied. In practice therefore, it should be the exception to the rule to
      undertake isolated purchases of small numbers of PCs or other ICT

19.   The principle of commensurate effort, in relation to the scale of the project
      or programme, must be applied when adhering to the requirements of this
      DAO. For projects with expenditure which falls below delegated limits, a
      full blown appraisal is not required. For these cases, a set of templates is
      provided in Annex B: Appendix 5 to cover the appraisal requirements. As
      a general rule, the closer the additional total project costs [Ref: para 32]
      are to the delegated limit, the more sophisticated the approach should be.
      Project documentation (i.e. Project Initiation Document, Business Case,
      Project Management Evaluation, Project Benefit Evaluation) for
      investments approaching the range £350k to £500k, should be produced
      in accordance with the detail and standards expected by DFP Supply for
      formal approval.

Project Management (Annex A)

      Leadership and Responsibility

20.   Effective ICT-enabled business change programmes and projects require
      clear, active and visible leadership from the top. Overall responsibility for
      delivering the business objectives and benefits of any programme or
      project must be vested in a single, responsible and visible individual, the
      Senior Responsible Owner (SRO). The SRO should be the owner of the
      overall Business Change that is being supported by the programme or
      project. For corporate or cross-cutting programmes and projects, a single
      SRO, must be appointed to take responsibility for the initiative and must
      be recognised as the owner across all organisations involved.

21.   The role of the SRO can be summarised as follows:

       Has ultimate responsibility for the outcome of the programme or
       Is the Key Decision Maker – Executive on the Project Board;
       Has „ownership‟ of the Business Case; and
       Is responsible for the Realisation of Benefits to the business, arising
        out of the project or programme of work.

22.   Individuals assuming the SRO role must undertake to complete relevant
      training and should be proactive in providing leadership and direction
      throughout the life of the project or programme. For these reasons it is
      important that, as far as possible, the SRO role should not change hands
      for the duration of the project or programme. Further details on the SRO
      role and recommended training is given in Project Management Annex A:
      Appendix 1.

      Management Methodologies

23.   The PRINCE 2 methodology must be used for all ICT-enabled business
      change projects. Use of such an established approach helps to provide
      the infrastructure, controls and documentation that are needed to keep
      projects on track and promote a successful outcome.

24.   Projects must be managed by skilled and experienced project managers
      who have completed training to the level recommended in Annex A:
      Appendix 1. In addition, all members of Project Boards must have
      received training in PRINCE 2 to ensure their awareness of the
      responsibilities attached to their role and to enable them to fulfil their
      function on the project management team. Annex A gives more specific
      guidance on the Roles and Responsibilities of the project management
      team, together with recommendations for appropriate training.

25.   For Programme Management it is recommended that the approach
      outlined in the Office of Government Commerce (OGC) Managing
      Successful Programmes (MSP) framework is used. Training for this
      should be undertaken using OGC recommended certified training
      organisations. Links to MSP documentation and further guidance on
      Programme Management can be found on the OGC website at:

      Risk Management

26.   Risk management is the process by which a project‟s exposure to risk is
      managed by focusing on keeping unwanted outcomes to an acceptable
      minimum. Two main types of risk facing a project are:

       Business Risk – threats to a project not achieving its benefits; and
       Project Risk – threats to the management of a project and hence the
        achievement of the project‟s objectives within cost and time.

27.   To contain the risks within a project they must be managed in a structured
      way through a defined risk management strategy. The first stage in this is
      to identify and record all possible risks on a Risk Log. The following
      issues need to be addressed for each identified risk:

         the likelihood of occurrence;
         the probable impact on the project;
         the inter-dependencies on other risks; and
         an owner for the risk.

28.   Although the Project Board has ultimate „ownership‟ of the risks identified,
      they should identify an appropriate owner for each risk – this being the
      person best placed to mitigate the risk throughout the life of the project.
      The Project Manager has responsibility for monitoring, updating and
      reporting on all risks to the Project Board – this should happen regularly
      throughout the project, but at least at every end stage.
29.   The Topic of Risk Management is covered in more detail in Annex A: 2.4
      & 3.3. Extensive guidance is also provided on the OGC website at:

      Modular Approach
30.   Large ambitious programmes and projects have a high risk of failing to
      meet some or all of their objectives. Such risk can be better managed by
      dividing complex projects into smaller modules that can be delivered
      independently. Using the PRINCE2 methodology encourages the
      breakdown of a project into distinct „stages‟ with resources being
      committed, by the Project Board, for one stage at a time. A modular and
      incremental approach to implementing ICT enabled business change, with
      clear intermediate goals and break points, must therefore be adopted.

31.   The Gateway Review Process also supports a staged approach with
      reviews scheduled at key decision points throughout the duration of the
      project facilitating decisions on the continued viability of the project.

The Business Case (Annex B)

      Projects Over Delegated Limit

32.   The additional total project cost is the sum of the costs of new expenditure
      on ICT-enabled business change (including development, testing,
      implementation, accommodation etc) plus any other additional costs, over
      and above the base case, to maintain and operate the systems for the
      lifetime of the project for the preferred option. The delegated limit for total
      project costs (with optimism bias applied), is £500k excluding VAT. In
      such instances, the Outline Business Case (OBC) and, where applicable,
      the Full Business Case (FBC) must be submitted to DFP Supply for
      approval before the commencement of any procurement.

33.   Submissions of business cases to DFP Supply should be via the senior
      official (probably the Departmental Finance Director) who is the single
      point of contact in each Department. Supply should be forewarned of the
      submission of Business Cases as early as possible e.g. when a date for
      completion or submission becomes clear. Supply has undertaken to

      respond to Departments within 15 working days. If there is considered to
      be particular urgency regarding the need to obtain DFP approval, relevant
      details should be provided to Supply on submission of the Business Case,
      or earlier if possible, including reasons for the urgency.

34.   Tolerances on costs are normally 10% (and 24 months on implementation
      timescales) against the values indicated in the approved business case. In
      exceptional circumstances, Supply may agree to a different level. If
      tolerance levels are subsequently exceeded, Supply must be notified as
      soon as it becomes apparent that tolerance levels are likely to be
      exceeded so that appropriate further actions can be agreed between the
      Department and Supply. The responsibility for this notification lies with the
      SRO in liaison with Finance Branch. Investments initially within delegated
      limits, but which subsequently exceed limits, must be referred to Supply
      for approval before further expenditure is incurred.

      Strategic Outline Case

35.   The introduction of the Strategic Outline Case (SOC), an additional
      business case iteration ahead of the OBC, is a significant development.
      One of the main purposes of an SOC is to establish the business need for
      the proposed intervention and any resultant investment. It must set the
      strategic context and explain the key service drivers. The SOC provides
      direction to the programme or project sponsors on how best to develop
      and implement a potential solution. The SOC also describes the nature of
      the proposed programme or project. It serves to provide a general outline
      of the case for investment, which will inform decisions about the viability of
      the proposal before committing any further effort or resource. Where an
      SOC has been prepared it should be copied to DFP Supply for information
      purposes, mainly to prepare the way for subsequent submissions.

      Business Case Content

36.   Rather than reproduce much of the comprehensive material in the NI
      Practical Guide to be found at: , as a set of separate
      ICT specific parameters, practitioners are directed to the „Step by step
      general appraisal guidance‟ in that Guide. These core steps are
      supplemented as necessary by this DAO and its supporting annexes. A
      summary of the steps is set out in Annex B: Section 2.

      Corporate Projects and Programmes

37.   Departments are expected to utilise corporate ICT infrastructure (existing
      or planned) unless there are exceptional circumstances. The N.I.
      eGovernment Unit must be formally consulted at an early stage if any
      independent action is being considered. Where a Department opts out of
      a corporate initiative to pursue their own independent investment for an
      ICT-enabled business change, the business case for that work must
      reflect the loss to the corporate initiative. The corporate initiative must be
      included in the business case as a fully costed option.

Benefits Management (Annex C) and Post Implementation Review
(Annex D)

38. Benefits management is the process by which identified benefits are
    described, measured and monitored in order to ensure their realisation to
    the degree projected in the business case. Benefits which do not have
    demonstrable measurements should not be claimed as part of the
    justification for an investment. Detailed conditions relating to benefit
    realisation are contained in Annex C: Benefits Management. Extensive
    related guidance can also be found on the OGC website at:
39.   All projects need to be evaluated on completion to measure the extent to
      which objectives have been met and benefits realised. Known collectively
      as the Post Implementation Review (PIR), the evaluation must be
      completed in two stages, referred to in PRINCE2 as:

       The Project Evaluation Review (PER) - this will assess how effectively
        the project has been managed and identify lessons learned. This
        Review is sometimes referred to as a Project Management Evaluation
        (PME), including a Lessons Learned Report; and

       The Post Project Review (PPR) – After a project has been
        implemented, Departments must carry out a formal review to determine
        the degree to which claimed benefits have been realised. These
        benefits will have been initially identified, along with measurement
        mechanisms, in the Business Case (see Annex B, Appendix 4). This
        Review is sometimes referred to as a Post Benefit Evaluation (PBE).

40.   The SRO is responsible for the completion of both the PER and the PPR,
      and should make the results available to the approving authority for the
      project. Detailed requirements for PERs and PPRs are set out in Annex D:
      Post Implementation Review.

Gateway Review Process (Annex E)
41.   All ICT-enabled business change projects involving procurement must be
      assessed for the Gateway Review Process, using the appropriate Project
      Profile Model (PPM)1. All ICT-enabled business change Programmes
      must undergo a Gate 0 Review. The Review Process examines a project
      at critical stages in its lifecycle to provide assurance that the risks have
      been adequately managed and that the project can progress safely to the
      next stage. Completion of a PPM must be initiated by the SRO [Ref: Para
      21] and is the first step and trigger for the Gateway Review Process. The
      Gateway Review Process is administered by DFP Central Procurement
      Directorate (CPD) and relevant guidance is attached at Annex E. Further
      guidance, including a PPM template, is available from CPD.

42.   The PPM will assist Departments in determining the risk level of their
      projects and to understand the nature of the risks associated with projects
      in a structured and systematic way. The PPM score is used to determine
      the level of Gateway Review required. Assistance on the interpretation of
      PPM scores can be obtained from CPD. Detailed guidance on Risk
      Management is set out in Annex A, Section 2.4

Annual Reports (Annex F)

43.   It should be noted that, although under review, the requirement to produce
      Departmental Annual Reports on ICT expenditure remains in place. Each
      Department must compile an Annual Report detailing their expenditure
      (both PE and DRC) on ICT enabled programmes and projects during the
      current year and planned expenditure during the survey period. These
      details must include expenditure by Agencies and NDPBs. The required
      format and content of the reports are set out in Annex F: Annual Reports.


44.   Departments are asked to ensure that this letter is drawn to the attention

       all those responsible either directly or indirectly for ICT supported
        business change projects and programmes; and

       those bodies for which Departments are responsible.

Effective Date

      OGC intend to replace the term Project Profile Model (PPM) with Project Risk Assessment (PRA)

45.This guidance takes effect immediately. Transitional arrangements for
   existing programmes and projects will mirror those in place for the Northern
   Ireland Practical Guide to the Green Book (issued under DAO(DFP) 32/03).


46.This DAO and its Annexes will be subject to review by Central Finance
   Group (DFP) at least annually and as necessary to reflect the impact of
   relevant government initiatives and developments.


  47.     Queries in relation to this letter should be addressed to:

         Annexes & ICT policy: Stephen McDowell - Project Services (BDS),

         Gateway Review Process: Francis Hamilton – Gateway Co-ordinator

       Economic Appraisal and Green Book: Departmental Economists

       Financial queries: relevant Supply Officer

       General queries on this letter: Mark McNaughten Financial Reporting
        and Accountability Branch on (028) 9185 8112 (GTN 68112) or e-mail: , or Karen Beattie on (028) 9185 8133 (GTN
        68133) or e-mail:

Access to guidance

48.   Copies of this letter and attached guidance can be accessed on or via a dedicated web resource on which
      will be up and running shortly.

Yours sincerely

  Derek Lynn
  Deputy Treasury Officer of Accounts

    Annexes to
DAO(DFP)33/03 can
  be found under
 DAO (DFP) 33-03


To top