Albert Einstein famously said, “we cannot solve our problems with the same thinking we used when we created them.” And if ever there was a need for new thinking to attack intractable problems, the government’s “urgent” ICT capability audit is a candidate hiding in plain sight.
Over the past two decades, the issue of ICT capability has been a long-admired problem across all levels of government. And at the Commonwealth level – the search for findings involves traversing many agencies, core governance structures of government and even the Parliament itself.
The Australian National Audit Office (ANAO) has extensive holdings of many damning cyber, audit and performance reports, and in my opinion the ANAO does excellent work.
In addition to this and over a number of years, the Australian Public Service Commission has undertaken Agency Capability Reviews” “…because the public service had experienced significant failures in delivery resulting from problems in risk management at multiple points across organisational systems.”
The Agency Capability Review made findings in relation to poor risk management, immature governance, limited analytical capabilities and organisational silos, and lack of visibility of current capability gaps in ICT.
And then there are the “Gateway Reviews” undertaken by Department of Finance. These are described as “…a series of short, intensive reviews … conducted at critical points across a proposal’s implementation lifecycle (normally over several years).”
“The purpose is to provide the Senior Responsible Officer … with independent assurance and advice to improve the delivery and implementation … as well as providing an early identification of areas requiring corrective action.” The Gateway Review Reports are only provided to the SRO.
Public scrutiny through the Senate Estimates process extracts evidence from agencies regarding performance, risk and expenditure.
The Senate Committees are challenged to navigate and stitch together the labyrinth of technology / digital / cyber / systems responses provided at hearings and in Questions on Notice. The media plays an important role here in surfacing a better picture of the canvas of connected issues.
The Parliament also establishes inquiries into systems with national impact. A number in recent years being Cyber Resilience, the implementation of My Health Record System and the NDIS ICT Systems.
Of course, Royal Commissions and various inquiries into systemic failures (such as the Inquiry into the circumstances of the immigration detention of Cornelia Rau and Vivian Alvarez) have uncovered common themes of technology capability gaps, governance failures and culture.
How is David Thodey’s call for an urgent “ICT capability review” of the APS to be understood against these hundreds of review activities? And how is the 20-year shadow of Gershon factored in?
Notwithstanding the advances in technology over this 20 year period, there are seriously deep and persistent capability deficits impacting both the operations of government the trust of citizens in government.
What new insights will this ICT urgent capability audit reveal? In my opinion, I doubt that a traditional approach will reveal anything new.
The one new factor that should be applied to this exercise, is artificial intelligence.
We should talk about applying AI back onto the administration of government – and not just seeing AI as a mechanism of control of citizens.
Applying AI back on government, would involve an approach that ingests all these previous reports and frames the search for insights previously not identified or not possible to identify.
These are the insights that will shape the posture of technology capability in government for the decades ahead.
It is that serious. And this is not something to be run by consultants. In fact, the use of consultants needs to be one of the areas of investigation.
Bring together academia, researchers and individuals with specialist skills, knowledge and experience. And in this exercise, include people early in their careers to gain this invaluable experience.
Insights such as decisions made 20 years ago – including for example, the cessation in some agencies of graduate programs as part of APS staffing caps. Insights from an examination of the growth in contractor numbers and the use, performance and influence of consultants.
Insights such as understanding connections between decisions, critical in an inter-connected service environment, and a mapping of the sum of all the risks identified in previous reviews.
This process must include significant futures scenario modelling stream – how can a review activity reach a finding, if there is not an understanding of the future into which we face?
The most interesting aspect of this approach is that if the Australian Government doesn’t do it, a third-party could readily do this on the available public documents. What if this third-party was another country?
This would be a world first and we should not be hesitant to apply AI back onto the administration of government. By contrast, we should be very worried to continue with past tried and failed approaches.
The real test will be, are we ready for what will be found?
Marie Johnson was the Chief Technology Architect of the Health and Human Services Access Card program; at Immigration headed up the Visa Pricing Transformation and Digital Client Services; formerly Microsoft WorldWide Executive Director Public Services and eGovernment; and former Head of the NDIS Technology Authority. For many years, Marie was an independent member of the Australian Federal Police Spectrum Program Board. She is an inaugural member of the ANU Cyber Institute Advisory Board.