Tuesday, November 10, 2009

The Politics of University IT Decision Making

Process and Politics: IT Governance in Higher Education – Key Findings by Yanosky (Educause, 2008) provides insight into how universities make decisions about IT purchasing and projects. The work draws heavily on Peter Weill and Jeanne Ross' "IT Governance: How Top Performers Manage IT Decision Rights for Superior Results" (2004). The report also mentions the standard ISO/IEC 38500:2008, "Corporate governance of information technology" as well as ITIL. Curiously there appears to be no mention of green ICT or corporate social responsibility.

Labels: , ,

Thursday, August 30, 2007

FireLink Project Audit report

The ACT Auditor-General, released a report on problems with "FireLink" system, which was intended to provide emergency communication in Canberra. The report makes interesting reading for anyone interested in how IT projects go wrong.
The audit concluded that there were deficiencies in the scoping, planning, procurement and management of the FireLink Project. As a result the overall management of the FireLink Project was neither efficient nor effective in the delivery of the intended outcomes to meet Authority and Agency operational needs.

Key findings of the audit were:
  • In May 2003, following the January bushfires in the ACT, the Governmentapproved overall funding of $26.7m to upgrade the communication systems of the then Emergency Services Bureau (the New Radio Project). The Authority subsequently allocated $3.255m of the funding to the FireLink Project for the three-year period up to 2005-06, with funding for later years to be subject to Government approval.
  • There was no business case prepared to support the FireLink Project. There was no cost-benefit analysis of FireLink against alternative solutions.
  • In procuring FireLink, the Authority identified an available product and then developed an accelerated procurement process around the identified product, with the knowledge that further customisation was required to satisfy the Statement of User Requirements.
  • The procurement process failed to demonstrate clearly that the project would achieve a value-for-money outcome for the Territory. The consideration to support a local and innovative company and the urgency of the proposal appeared to outweigh other considerations including ‘value-for-money’.
  • The Authority’s consideration of risk for the FireLink Project was inadequate. In particular, the Authority generally underestimated the level of risk associated with delivering a complex ICT project, especially given the developmental nature ofthe proposed system.
  • There was insufficient consultation with end users in the development of the Statement of User Requirements.
  • Performance requirements for the system and the supplier were not adequately specified prior to execution of the contract, and continuous changes to the scope of the Project were not managed well.
  • The FireLink technology required the Authority to adopt new business practices and processes. However, attention given to change management to facilitate implementation of the new system was insufficient to ensure the support of various operational services, particularly the Rural Fire Service.
  • The FireLink system had several significant unresolved problems related to operational performance, reliability of coverage and delays in communication. These problems led users to express a lack of confidence in the system. Further,there was a lack of action to follow-up on these unresolved issues since December 2006, while JACS and the Agency commissioned two consultants’ reports on the Agency’s ICT projects.
  • Following these two consultants’ external reports, Commissioner Manson of the Emergency Services Agency announced on 13 July 2007 the withdrawal of the FireLink system from the Agency operations.
  • At the time of the Commissioner’s announcement to withdraw FireLink from operations, the FireLink Project did not achieve a number of the objectives stated in the procurement plan, additional development work were still needed to fully satisfy the user requirements, and the Project cost the Agency over $4.5m. ...
From: The FireLink Project, Performance Audit Report, Media Release, PA 07/11 28 August 2007

Labels: , ,

Saturday, August 25, 2007

Wikipedia editing by the Australian Department of Prime Minister and Cabinet

Channel 10 TV news interviewed me yesterday about the use of Wikipedia by the Australian government. The head of the Prime Minister's department is reported to have denied that his staff were involved. However, the online records indicate the changes were made using a IP address allocated to PM&C.
THE Commonwealth's top public servant has denied that any of his staff, or those of Prime Minister John Howard, have used their internet service to make changes to Wikipedia entries. ...

But PM&C secretary Dr Peter Shergold denied his staff were involved, after checking with the department's service provider.

"I have been informed by our internet service provider that the changes to Wikipedia entries made after 2004 and being attributed to the Department of the Prime Minister and Cabinet were, in fact, not made by anyone in this department or the prime minister's office," he has said.

"The network address that appears against the charges being reported by the media is that of another customer of our internet service provider - not my department. ...

From: Wiki edit story wrong: department head, AAP in Herald and Weekly Times, August 24, 2007 06:39pm
The Wikipedia records show that a change was made to the entry for
Peter Costello on 28 June 2007 to remove "(AKA "Captain Smirk")" using the IP address . The Australia Pacific Network Information Centre indicates this address is allocated to "Department of Prime Minister and Cabinet":
% [whois.apnic.net node-1]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
inetnum: -
netname: MCT-pmc-04
country: AU
descr: Department of Prime Minister and Cabinet
descr: Intellicentre Gateway Internet Service
admin-c: MCT2-AP
tech-c: MCT2-AP
changed: cgacis@macquarie.net.au 20050107
mnt-by: MAINT-AU-MCT
source: APNIC
role:         Macquarie Corporate Telecommunications
address: L16 477 Pitt Street Sydney Central Building, Sydney 2000 ...

Labels: ,

Friday, August 24, 2007

Wikipedia editing by the Australian government

Tom Worthington on Ten News 24 August 2007Channel 10 TV news interviewed me at 2pm as a representative of the Australian Computer Society (ACS) about the use of Wikipedia by the Australian government (broadcast on Ten News at 24 August 2007 at 23:03:30 EST).
Staff in the Australian prime minister's department have been accused of editing potentially damaging entries in online encyclopaedia Wikipedia.

Workers made 126 edits on subjects such as immigration policy and Treasurer Peter Costello, a local daily said. ...

Changes were also made to the online profile of Peter Costello, Mr Howard's deputy and treasurer. ...

The new website, Wikipedia Scanner, also identified computers at Australia's Defence Department as being behind more than 5,000 changes to the site, the daily said. ...

From: Howard row over Wikipedia edits, BBC 24 August 2007, 09:39 GMT
Wikipedia is a collaboratively edited encyclopedia to which anyone can contribute. The Wikipedia does not require the use of real names by contributors, but records IP addresses. As the Wikipedia says:
"An unregistered user is identified by his or her machine's IP address, which is used as their public identifier when making contributions (and signing comments on talk pages). Your computer's IP address can sometimes be used to find information about you, so registering increases your privacy by hiding it. " <http://en.wikipedia.org/wiki/Wikipedia:Tutorial_%28Registration%29>.
The WikiScanner by Virgil Griffith allows IP addresses to be looked up to easily see who edits what on the Wikipedia. As an example a quick search found 3819 edits of the Wikipedia by the Australian Department Of Defence IP range

Most of these edits seem relatively uncontroversial. Many are to correct spelling errors and details of military units and equipment. Some are to remove some details which should not be widely known for reasons of privacy and security. Others appear to be unrelated to the Defence Department and of general community interest. About the only issue would be if this was a good use of a government agency's computer and staff time.

ps: I drafted the Defence Department's web guidelines in 1995 and Internet policy in 1996, as cited in "Demonstration of the Australian Defence Web Home Page", SEARCC'98, 8 July 1998. It was a tricky business, not just a matter of banning web sites on how to play golf or make bombs, as both these activities are part of official defence jobs. I don't know if the rules were revised since them to specifically cover the Wikipedia.

Labels: ,

Monday, July 23, 2007

Aspect-Oriented Thinking

Shayne Flint will give a seminar on Aspect-Oriented Thinking 23 July 2007 in Canberra:
Large systems engineering projects are dynamically complex socio-technical environments of co-evolving technologies, processes, people, organisations, laws, politics and other concerns. Aspect-Oriented Thinking (AOT) is a multidisciplinary process of learning and change which involves the modeling and assembly of reusable knowledge to specify, develop, operate and retire systems within such environments. In the first instance, these systems include the models and simulations required to learn about a given environment and to make decisions regarding necessary improvements. ...
There is a brief description in an overview of "Aspect-Oriented Thinking" from Dr. Flint's thesis:
Aspect-Oriented Thinking ... is an advanced model-driven interdisciplinary approach to system development, operation and maintenance within dynamically complex socio-technical environments. ... Key characteristics of the approach include ...
  • Interdisciplinary. Because they are autonomous, Domain Models can be developedand verified by engineers, scientists, sociologists, psychologists, lawyers, philosophers, economists and others, using languages and techniques with which they are familiar. These languages and techniques include System Dynamics [Forrester, 1961], Soft Systems Methodology [Checkland, 1981], Capability Dynamics [Flint, 2001] and eXecutable and Translatable UML [Mellor and Balcer, 2002]. ...
  • Improved knowledge management. Knowledge captured in Domain Models is autonomous and thus highly reusable. ...
  • Simplified system specification. Knowledge contained in verified Domain Models is assembled to form Aspect-Oriented Specifications which describe changes required to improve a problem situation. ...
  • Improved productivity, reduced defects. Each Aspect-Oriented Specification is implemented by systematically executing a set of rules defined in an Implementation Model. ...
  • Emergence of desirable properties within complex systems-of-systems. By encouraging the use of Aspect-Oriented Thinking on all projects involved in an evolving system-of-systems, the emergence of desirable properties can be achieved.This includes improved interoperability, alignment with stakeholder needs and an ability to rapidly reconfigure and form new systems-of-systems from existing components. ...
From: Aspect-Oriented Thinking, An interdisciplinary approach to complex system engineering, Shayne R. Flint, Australian National University, September 2006
Luke Worth presented on "Aspect Oriented Thinking: Tool Support" at ANU, 15 February 2007:
Aspect-Oriented Thinking is a new approach to engineering which "systematically develops, manages and integrates the knowledge and expertise of many disciplines to conceive, develop, modify, operate and retire systems". I will give a brief overview of Aspect-Oriented Thinking and present the system we've designed to help automate the process. I will also introduce the group project for this year, as an extension of the work already done.
Aspect Oriented Thinking addresses some of the problems with aspect-oriented programming:
In software engineering, the programming paradigms of aspect-oriented programming (AOP), and aspect-oriented software development (AOSD) attempt to aid programmers in the separation of concerns, specifically cross-cutting concerns, as an advance in modularization. AOP does so using primarily language changes, while AOSD uses a combination of language, environment, and method.

Wikipedia, Aspect-oriented programming, Wikipedia, 2007 http://en.wikipedia.org/wiki/Aspect-oriented_programming
This approach may provide a solution to the "Systems of Systems" problem of large interconnected computer systems, in areas such as defence. But until details of the techniques are published and tool sets are competed and applied to real world problems, the value of the approach cannot be verified. But at least, unlike some of the other approaches to systems of system, there is the prospect of useful tools to deal with complexity, rather than just some vague methodology and wishful thinking.

The developers of aspect orientated thinking risk the hubris which befell one of the cited authors: Jay Forrester, developer of System Dynamics. After having successfully applied the technique to industrial systems, Forrester set back the environmental debate in the 1970's by lending his authority to the first report to the Club of Rome:
Limits to Growth is a 1972 book modeling the consequences of a rapidly growing world population and finite resource supplies, commissioned by the Club of Rome. Its authors were Donella H. Meadows, Dennis L. Meadows, Jørgen Randers, and William W. Behrens III. The book used the World3 model to simulate[1] the consequence of interactions between the Earth's and human systems. The book echoes some of the concerns and predictions of Reverend Thomas Robert Malthus in An Essay on the Principle of Population (1798).

From: Limits to Growth, Wikipedia, 2007
Forrester's systems dynamics gave a spurious authority to the Limits to Growth report, by providing computer generated graphs apparently based on a sound scientific theory. Critics of the report have spent 30 years pointing out that simplistic assumptions the theory was based on and that the computer generated data could as well have been hand drawn with a pencil and paper.

Hopefully the developers of Aspect Oriented Thinking will stick to using it for the design of computer systems and not stray into trying to solve the world's environmental, political and social problems.

Books available:
See also:

Labels: , , ,

Thursday, March 15, 2007

Government Principles for ICT-enabled Citizen Engagement

Greetings from the ACS Canberra Branch Conference 2007. In his presentation, Gary Nairn, Special Minister of State announced eight "Principles for ICT Enabled Citizen Engagement".

The idea is the principles will be used to guide agencies services. This doesn't appear to have made it to the Miniser's web site, so I hunted down a draft on the AGIMO web site:

"... The Australian Government's 2006 e-Government Strategy, Responsive Government: A New Service Agenda, commits the government to "establish Principles for online engagement to support a consistent experience for everyone engaging with the government electronically."

The Principles have been developed in collaboration with the cross-jurisdictional public sector community of practice group (the e-Democracy Community of Practice). They are intended to guide agencies considering engaging with citizens using information and communication technology (ICT). ...


What are the Principles?

The Principles are a best practice guide for agencies wishing to engage with citizens using Information Communication Technology (ICT) as part of their policy making processes. 'Citizens', in this context, refers to individuals, business, community and other organisations and sectors. These principles are the result of research of existing national and international principles and with input from agency representatives from all levels of Australian government. The principles may need to be updated from time to time with the advent of emerging technologies, citizen demand and from lessons learnt.

What do we mean by engagement?

The OECD1 has developed a three stage maturity model for government engagement with citizens using ICT:

Stage 1: Information stage
A simple one-way relationship in which government delivers information to citizens

Government » Citizen

Stage 2: Consultation stage
A two-way relationship in which citizens provide feedback on issues defined by government.

Government »« Citizen

Stage 3: Active participation stage
A collaboration in which citizens actively shape policy options, but where government retains the responsibility for final decisions.

Government « » Citizen

It is anticipated that agencies' engagement approaches will vary depending on specific project requirements, their individual progress on the maturity model, resource availability, priorities and constituency expectations.

Why do we need the Principles?

ICT has the potential to increase levels of citizen participation in public discussions on the development of government policy. Citizen engagement using ICT also has the potential to further promote a culture of democratic decision-making in Australia.

One example of citizen engagement using ICT is online engagement. Online engagement can include online forums, Web Logs (BLOGS) on nominated discussion topics or e-mail discussion groups. For an existing example of online engagement, visit Queensland's Get Involved website (www.getinvolved.qld.gov.au)
Who are the Principles for?

The Principles have been developed for agencies across the different spheres of government who are considering engagement using ICT as a means of interacting with citizens.

How will agencies use the Principles?

The Principles are to operate as a guide to matters agencies should consider before undertaking engagement with citizens using ICT.

It is recognised that some agencies have limited resources to engage online. The Principles are aimed at supporting the development of engagement initiatives, rather than mandating specific outcomes.
Other resources

Agencies planning to undertake a process of online engagement will find additional, practical guidance by consulting the Australian Government's Better Practice Checklist for Online Policy Consultation.


1. Commitment

Agencies committing to engagement using ICT need to ensure citizens have appropriate mechanisms to communicate and participate effectively. Commitment to engagement using ICT is strengthened through the development of partnerships between governments and citizens.

2. Community Focus

When adopting ICT for engaging with citizens, agencies should facilitate information access, knowledge-sharing and discussion amongst participants and, through this, strengthen community consultation, participation and input into government policy-making.

3. Community Capability and Inclusiveness

Agencies need to seek broad and diverse involvement across all sections of the community, and not exclude citizens without access to ICT or those who face other barriers. Employing methods that are accessible and/or complement traditional means of engagement will assist individuals to participate and will build their capability for contributing to policy development.

4. Mutual Respect, Confidence and Trust

To demonstrate respect and build confidence and trust in online engagements, agencies and citizens should agree on consistent standards for communication when engaging with citizens. Agencies need to facilitate clarity of understanding and transparency of engagement processes by disseminating information, guiding participants' input and explaining how the input will be used in government decision-making. Confidence and trust between the citizens and government will be built by ensuring that engagement using ICT is a two-way and responsive process.

5. Interactivity and Flexibility

Agencies need to promote active engagement and discussion while employing flexible and innovative ICT-enabled mechanisms to take account of participants' diversity of capability, location, and socio-economic circumstances. The 24/7 capabilities of ICT can be used to help participants inform themselves and enable them to provide considered views in their own time and space.

6. Responsibility and Accountability

Agencies need to inform participants at the outset about how their input will be received and used in policy-making. Once a decision has been taken, agencies should indicate how citizen input through online engagement has been used. Agencies also need to be clear about who is responsible and accountable for the online engagement process and any decisions resulting from such engagement.

7. Security and Privacy

Agencies need to implement privacy protection, information security and, where appropriate, identity authentication measures. Agencies should comply with relevant security and privacy legislation.

8. Evaluation and Efficiency

Agencies can maximise the efficiency of online engagement through planning and effective collection, facilitation and processing of participants' input. Agencies need to evaluate the benefits of online engagement by identifying and measuring the impact of online engagement to policy-making.

1 Promise and Problems of E-Democracy: Challenges of Online Citizen Engagement, 2003, OECD. ... "

From: AGIMO web site, 2007

Labels: ,

Friday, November 03, 2006

IT Knowledge on Company Boards

Professor Michael Parent, talked about "Building Better Boards: The IT Governance Value Chain" in Canberra last week. But we will hear about the real thing from Ralph Norris, Managing Director and CEO of the The Commonwealth Bank in December. Ralph was a CIO before becoming a CEO and so knows more about board's reaction to ICT issues than anyone else in Australia:
The Technologist's Journey from Backroom to Boardroom

Date: Wednesday 6 December 2006
Time: 7.30-9.00am
Venue: ... Sydney 2000

Mr Ralph Norris will reveal his journey from technologist to CIO to CEO. He will share his views on the roles and skills required of today’s CIOs and how they can move up the corporate ladder. He will also discuss the critical role of technology in delivering strategic advantage and a competitive edge. ...


Previously, he has been CEO of Air New Zealand and ASB Bank, a subsidiary of the Commonwealth Bank. Mr Norris has more than 30 years experience in banking. Prior to being CEO at the ASB Bank he was Chief Information Officer.

From: The Technologist's Journey from Backroom to Boardroom, ACS NSW, 2006
To attend event: http://acs.org.au/nsw/index.cfm?action=event&temID=eventdetails&eveID=1813

Some relevant books:

Labels: ,

Monday, October 09, 2006

ICT Governance Seminar, Canberra, 27 October 2006

The ANU's National Centre For Information Systems Research runs several good free seminars each year. The next one is on how to get board members to worry about ICT investment and is recommended:
Seminar Title: Building Better Boards: The IT Governance Value Chain
Speaker: Professor Michael Parent, Simon Fraser University, British Columbia, Canada
Time/Date: 3 – 4.30 pm, Friday, 27 October, 2006
Location: Theatre 1, Ground Floor, HW Arndt Bldg #25 (off Kingsley St) followed by refreshments in Faculty Suite, First Floor of Bldg #25.
Cost: No charge
RSVP: Margaret Craig, by 24 October, 2006 (02) 6125 0532 Margaret.Craig@anu.edu.au

The U.S. Sarbanes-Oxley Act (SOX) inexorably changed the composition, role, and responsibilities of Boards, ‘C’-level officers, and senior public-sector officials in organizations worldwide. While sound knowledge of these roles as they pertain to fiduciary responsibilities has emerged in the Finance and Accounting literatures, considerably less attention has been devoted to understanding the nature of, and concomitant duty-of-care towards information assets in the organization, or IT Governance (ITG).

Technology accounts for more than one-third of all capital spending – far and away the largest single such expenditure by organizations. Professor Parent argues that Board members and Officials in public-sector organizations are neglecting these critical investments. To address this gap, he presents a model developed using recent cases of Canadian and Australian organizations, the IT Governance Value Chain, that outlines specific areas of ITG risk, and the actions directors and senior functionaries can take to mitigate this risk.

Speaker details:
Michael Parent is currently a Visiting Professor at The University of Queensland Business School, where he is conducting research on the governance of information assets in organizations. He holds MBA and PhD degrees from Queen’s University (Kingston), Canada. An experienced executive educator, he has designed and delivered programs for a variety of organizations, including McCain Foods International, SASOL, Bosch Industries, Provident Healthcare, the Haisla Business Development Corporation, and government agencies in Canada and China. He is a faculty member with the Institute of Corporate Directors (Canada), an affiliated researcher with the CIBC Centre for Corporate Governance & Risk Management, and Associate Professor of Management Information Systems at Simon Fraser University (Vancouver), Canada.

Electronic Commerce Seminar Series
From the: Anu-ecommerce mailing list

Some relevant books:

Labels: , ,