TBS - Aging It Systems

DEPARTMENTAL ACTION PLAN
ON
AGING IT SYSTEMS

IN RESPONSE TO AUDIT FINDINGS AND RECOMMENDATIONS CONTAINED IN
CHAPTER 1, “AGING IT SYSTEMS” OF THE
APRIL 2010 REPORT OF THE AUDITOR GENERAL OF CANADA

PRESENTED BY
THE TREASURY BOARD OF CANADA SECRETARIAT

June 1, 2010

INTRODUCTION

In her report, the Auditor General makes reference to departments applying a “portfolio management approach” to assessing their systems and responding to the findings. This is an IT management practice that, where it is done, it is not applied consistently across departments.

Among the requirements for portfolio management is the classification of the various systems. Consistency in classification allows for the analysis and insights necessary to understand the entire collection of systems. Another requirement of portfolio management is consistent criteria against which the systems are assessed. The report lists some examples of factors to consider (exhibit 1.2).

In addition to identifying and assessing their mission critical systems, departments will require time to integrate this information into their corporate risk and investment plans and make the appropriate risk-based funding decisions.

For the Treasury Board Secretariat-Chief Information Officer Branch (TBS-CIOB) to be able to understand the state of critical IT systems from a Government of Canada (GC) perspective, it will be necessary to work with departments and agencies and agree on a consistent approach to identifying the “classification” of systems and a consistent set of criteria against which to assess mission-critical systems. This will provide a common viewpoint and understanding of the systems considered to be mission-critical.

Also, each department and agency will have to conduct significant internal consultations to establish internal agreement on the assessment of their mission-critical systems and the proposed strategies to address those risks.

As noted in the report, the five departments examined are at various stages of maturity with portfolio management. We expect this to be also true when we start involving the rest of the departments in this process. TBS-CIOB will have to consult and work closely with all departments, including those that have already established their categories and criteria to come to a common understanding and agreement on these and other key aspects of portfolio management so that we can have a consistent view of the mission-critical systems across the GC.

Office of the Auditor General Recommendation

Response

Actions and Timelines

OAG Recommendation 1.86:

The Chief Information Officer Branch (CIOB) of the Treasury Board of Canada Secretariat should exercise its central leadership role by collecting and analyzing relevant information to assess the state of aging IT systems across government. The CIOB should prepare a report on its assessment and the related cost estimates for the government as a whole. In consultation with deputy heads, it should also develop a plan that will set the IT strategic directions for the government to mitigate risks associated with aging IT systems on a sustainable basis.
(1.72–1.85)

Response from the Treasury Board of Canada Secretariat on the OAG recommendation:

Agreed.

The Secretariat agrees but notes that it does not formulate funding or investment needs either for departments or for the government; current and future investment needs, and decisions related thereto, are developed and made by ministers and Cabinet, as well as by deputy heads under their authorities.

In consultation with deputy heads and the chief information officer community, the Chief Information Officer Branch (CIOB) of the Secretariat will prepare a report on the state of the aging IT systems that present material risk to the government. CIOB will also develop a strategic direction for IT systems for the government of Canada, and supporting guidance
for use by departments, that will help them address
ever-greening for mission critical IT systems. The strategic direction developed in concert with the CIO community will assist departments in setting their IT investment priorities, including for aging IT systems that are material to the government.

The assessment of aging IT systems will be completed by April 2011. The strategic direction and supporting guidance for ever-greening mission critical IT systems will be completed by March 2012, and departments will be encouraged to implement the guidance, starting in fiscal 2012–13.

Related actions to be taken by TBS further to the response to the OAG:

As part of Policy Suite Renewal, CIOB continues to issue new or revised policy instruments related to the management of information and information technology. The next three standards to be issued that are relevant to the aging IT issue are:

Electronic Documents and Records Management Solutions – June 2010. This standard will Increase the use of common or shared information and technology solutions, assets, and services in support of EDRM solutions, in order to avoid duplication, reduce costs and leverage partnership opportunities.
Metadata – June 2010. This standard will improve the ability of programs and services to share information efficiently and effectively between systems and across departments.
Enterprise Resource Planning Solutions - July 2010. This standard will leverage Government of Canada investments in common ERP business processes and systems.

Assess Current State of Aging IT – Key Milestones:

June 2010: TBS confirms instructions to departments and agencies.
December 2010: Departments and agencies conclude analysis and decision-making on rust-out, risk, and proposed strategies and submit their findings to TBS.
April 2011: TBS aggregates and analyses findings to establish GC perspective relative to mission-critical systems (baseline report).

Develop Strategies Relative to Aging IT – Key Milestones:

September 2011: Complete analysis of the baseline information and formulate preliminary strategy.
December 2011: Complete consultation with departments and agencies.
April 2012: Issue strategic directions and accompanying guidance to departments.