Quarkside

18/04/2011

Pan Government Arrogance

Filed under: Governance,Policy,Politics — lenand @ 7:42 am
Tags: , , , , , , , , , , , , ,

The Local Government Delivery Council (LGDC) was established in 2007 to support the Chair, in the role as one of two local government representatives on the Cabinet Office Delivery Council. The Delivery Council was the pan government body chaired by Sir David Varney, to drive the transformation of public services so these became, ‘better for the citizen, better for staff and cheaper for the tax payer’.

We now learn that the Cabinet Office’s Delivery Council has ceased and there is no longer a pan government body which includes local government representation. Fortunately, an independent LGDC has become the recognised and established body for central government agencies to engage with when they are working with or plan to work with councils to redesign services. They provide one of the few (perhaps the only?) forum where central government departments get to see what other government departments might be planning in relation to local government. Examples from recent meetings have had representatives from:

  • DfT – Blue Badge programme
  • Cabinet Office – Digital Britain, Id Assurance
  • DfE – Employee Authentication Services
  • BIS – UK Broadband programme, Post Office programme
  • DCLG – Central Local Digital Collaboration
  • DWP – Tell Us Once, Universal Credit
  • Home Office – Single Non-Emergency Number (101)

It is good that Local Government has the opportunity to provide feedback from the front-line about the realities of providing face to face services. A neat example is the assumption that broadband is ubiquitous and that claims for benefits could be ‘driven on-line’. It was pointed out that broadband is one of the luxuries that go when a household needs to claim benefits. Another example is a department representative having to apologise to irate Chief Executives about by-passing them in a survey of redundancy costs in a specific service.

The governance of central government projects needs much wider involvement of local government experts. They need to appreciate the diversity of requirements around the country and not assume that a token consultation with a couple of representatives is sufficient. Too much of the initial strategy and architectural work is done by World Class Enterprise Management Consultants; their experience of deprivation is as limited as the policy makers from Whitehall.

08/03/2011

ICT Skills Shortage. Mulligatawny Message.

Jos Creese’s blog Public Service Reform and IT exposes the problem faced by non-central government:

… the opportunities are significant to use existing local IT investment, infrastructure and skills to help reduce the impact on the public of contraction across the wider public sector.

There are, in my view, huge opportunities for local public services to work together. Too often in the past, government policy has focussed on national join-up (for example the NHS, Police, etc), but this has not delivered sufficient pace at an acceptable cost. We do need national policy and vision, but we also need local implementation.

The problem lies in the skills deficit, particularly for small districts in our feudal two tier system of local government.  How can hard-pressed ICT managers (CIOs may not exist there) be expected to implement TOGAF, OpenID and EAS in a structured approach to enterprise architecture?  How will they cope with Open Source procurements for eID and Individual Voter Registration?

Just watch the space if you want to see evidence of massive duplication of effort.  ICT strategic planning and enterprise architecture skills are spread too thinly for optimum efficiency.  It’s close to a recipe for Mulligatawny Soup.

Jos is right though, the smaller agencies authorities need to work together locally, in partnerships, where they can share a bowl of scarce skills.

21/02/2011

Identity Icebergs to sink Universal Credits

Does the Cabinet Office talk to the Cabinet Office – or any other Department for that matter?  Last week’s Local Government Delivery Council also had two related presentations; “Identity Assurance for Public Services” by the Cabinet Office and  “Employee Authentication Services (EAS)” by DfE and DWP.

Put these into the context of “HMG CTO Council – Government Employees Strategy for management of Identities – Version 1.1 – 1 February 2011. ” This noble document has some excellent content as far as it goes – but look at the juicy bits it deems out of scope.

  • “Access control of data within a single system or organisation
  • Entitlements of a validated identity within a single system
  • Authorisation services and other capabilities enabled by identity management
  • Citizen and Individual authentication even for access to government services or visitors to government sites
  • Identity Management of systems, devices and other entities
  • Audit and accounting requirements other than by reference to their need.”

Most, if not all of these are required by real live systems, especially in Local Government.  They are probably the hard bit where most guidance is needed.  Federated identity management protocols do understand how to include these options.  For example the use of Shibboleth 2 in the education sector can easily differentiate between children and teachers in Web based application systems.

EAS has been around for years in DWP.  It has been recently used for the “Tell Us Once” (TUO) project, authenticating for multiple agencies handling common citizen data.  They have discovered the need for, and have implemented, some employee attributes that allow differential access to application systems. This is out of the scope of the strategy above, but they found they had to do it.  Every Local Authority (LA), and there are hundreds of them, needs guidance on this because most do not have the internal skills and knowledge to interoperate with external identity providers (like EAS, but there are lots more). A common standard for federating identity, supported with standard software, is the only sensible way to proceed.

Finally, there was a bomb shell from the Cabinet Office.  As part of the stakeholder engagement process, they presented  “a federated approach through which a person is able to assert a trustworthy identity“.  Here are some of the enlightening aspects of a working federated system:

  • delivered for DWP Universal Credits in April 2012
  • provided ‘by the market’, presumably meaning non-funded
  • dependent on external verification of identity by third parties (such as banks) selected by the citizen
  • LAs will provide an Identity Hub which collects personal data and matches with the external credentials (this is a minefield, not just icebergs)
  • links with biographic, health, wealth and education data by attributes
  • links with DVLA
  • links with an ‘official’ address file
  • not dependent on a centralised identity register
  • Oh, and by the way, it will run on the GCloud. Trebles all round.

The aspirations are wonderful, straight out of the junior management consultant’s handbook, but three simple questions illustrate the risks involved:

  1. Does the Identity Management industry, working with hundreds of LAs, have the capacity to deliver in such a time scale?
  2. Does the Cabinet Office (or anybody else?) have a Technical Architecture that is fit for purpose and compliant with the CTO Council strategy?
  3. Identity management ignorance crippled the development of ContactPoint – why is it so much easier and simpler for Universal Credits?

Blog at WordPress.com.