Pursuant to my last article on IT management duties for EO, I wish to share what actually are being done by an IT manager. ITSD is doing a good job in supporting IT management. Most of the information I append below can be found in the ITG Infostation at http://www.itginfo.gov.hk, or at CCGO.
[Purchase of hardware, software and services]
To implement an IT project, we need to purchase hardware and software. More importantly, we need services to study the feasibility of ideas, design systems and implement them. IT is progressing so fast that the usual government red tape cannot cope with the speed of change. Colleagues in accounts and supplies work will know all the standard government rules in acquisition of products and services and the long lead time required. For IT products, the rules just do not work effectively. In IT management, there are easier ways to deal with them.
[SOA – Standard Offer agreement]
For purchase of hardware and software of computer workstations, local area network, backbone network and server systems, ITSD and GLD have searched the market and set up SOA with a number of suppliers. These suppliers are pre-qualified and the list of products are constantly updated with state of the art products available in the market. Quotations can be obtained directly with the suppliers under the SOA and orders placed with the lowest quotation. The purchase procedure can be shortened to a few weeks.
[ITPSA – IT Professional Services Arrangement]
IT managers do not need to have any specialized technical knowledge. They just need to have a general idea of an IT project and the rest can be left to IT professionals. ITPSA is for such professional services. ITSD and GLD have again selected through open tender a group of pre-qualified IT services providers. Departments can just acquire the services through invitations of proposals. All terms and conditions of the services have been pre-determined by the ITPSA contracts signed by the providers and ITSD. This make the acquisition of services very easy. Services that can be acquired include almost every types of IT projects such as –
Departmental Information Technology Plan (DITP)
Feasibility or Technical Study (FS/TS)
System Analysis and Design (SA&D)
System Implementation and System Integration
System Maintenance and Support
Web Site Development
Web Site Maintenance and Content Management
Network Planning and Design
Office System Implementation
Network Support Service
Security Risk Assessment and Audit Services
Security Management Design and Implementation Services
IT Security Monitoring and Incident Response Support Services
Resources for IT projects come from ACPC – Administrative Computer Projects Committee. ACPC maintains a block vote for the funding of IT projects up to $10m. Above that, funding approval has to be obtained from FC, with the endorsement of ACPC. $10m are a lot of money and could accommodate most IT projects. Thus IT managers do not have to wrestle within the department for money. They just fill in a standard FAF – Funding Application Form and submit it online to ACPC through the e-ACPC website.
This is the bread and butter of IT management. Throughout the project life cycle, the IT manager has to oversee the progress of all stages of the project. Most of the work is actually done by the ITPSA contractor, normally following the favourite methodology used by ITSD: the PRINCE methodology, which means PRoject IN Controlled Environment.
In essence, under PRINCE, the institutional framework of an IT project comprises a PSC (Project Steering Committee) which is the highest decision making body, a PAT (Project Assurance Team) responsible for the running of the project, the Project Team and the User Team. The project team is responsible for the production of project plan, stage plan, technical plan & resources plan with deliverables including a Project Initiation Document, Current Environment Description and User Requirement, etc. There are frequent progress and quality control activities including PSC and PAT meetings, checkpoint meetings, highlight reports, and end-stage assessments reports. This involves a lot of management work on top of the technical system design and implementation.
A job for the IT manager is the overall planning of IT activities. They may be in the form of ISSS (Information Systems Strategy Study) or DITP (Departmental IT Plan). For a big department, such work can be contracted out under ITPSA. However, planning is a major managerial function and IT managers are heavily involved in the process. In fact, the input of the IT managers greatly affect the outcome of the planning process.
[Other IT initiatives]
There are other IT initiatives which I think are most suitable to be performed by EO as follows.
(a) IT Security – As in other forms of office security and information security, as well as the application of the Security Regulations, EO are involved in this respect as the resource and system managers. Technical aspect aside, EOs should be responsible for leading any initiatives involving the security of the office and all the systems in use.
(b) ESD (Electronic Service Delivery) and ETO (Electronic Transaction Ordinance) – These are how government conducts her business in future. The world has now turned to the use of electronic communication and the Internet for government services. Citizens are using electronic means to transact. Resource management and system management will have a new face pretty soon in this new areas. EO must ride the wave and be the forerunner.
(c) IF (Interoperability Framework) – This is an initiative led by ITSD. Basically it tries to establish a framework whereby related activities can operate and interface with each other as an integrated activity. It starts with IT systems and tries to establish a standard so that each system can be compatible with others. But the notion is far-reaching and the IF concept goes beyond IT into every aspect of government operation. Again, it seriously affects resource and system management for which we must be prepared.
So much for IT management work. I hope that colleagues will agree with me that it is not just EO duty, but essential EO duty.