Getting 'IT' Right
A Thematic Inspection

2. Force Planning Processes

Force Business Plans

2.1 The history of IT systems, in both public and private sector, shows that only if systems are introduced in a planned and properly managed way will the organisation get full benefit from them. In extreme cases, IT systems have failed to achieve their objectives because of a lack of proper planning.

2.2 The inspection identified no computer system in the Scottish police service which had failed in that way. Forces had successfully developed systems, either in-house or through IT suppliers to meet a series of separate business needs and these systems normally performed well for their original purpose. But, having often been introduced some years ago, they were seldom capable of:-

• integration with other systems within a force;
• exchanging data with other forces and agencies;
• easy adaptation to meet changing business needs.

2.3 Technological change makes it easier nowadays to develop systems which overcome these shortcomings. But that depends on a close link between the business needs of each police force (or the forces collectively) and the planning of new IS/IT systems. HM Inspector was disappointed to discover that, in most of the police forces and other policing organisations inspected, there was no strategic planning process within which IS/IT developments were planned. Hence, there was no guarantee that IS/IT systems would meet forces’ business needs effectively. Most forces had some form of policing plan but few mentioned the deployment of IS/IT to support the plans or how IT was expected to assist in achieving annual objectives. None had considered the need for a separate IS strategy to ensure a business focussed approach to the management of IT issues.

2.4 The Inspector saw some examples of good IT strategies - often well thought out and aligned to operational needs as perceived by their, largely technical, authors. In view of the shortcomings in strategic planning, however, it was not surprising that these IT strategies were rarely linked to business needs, and the identification and prioritisation of technical solutions to these needs.

IS/IT Strategy

2.5 HM Inspector observed that IT strategies ranged from highly detailed, descriptive documents with specific references to performance measures and finance, to minimalistic documents containing little more than a list of projects. A good IS/IT strategy should:-

• show how individual computer systems, networks, telephones and radio meet the business needs of the force;
• clarify responsibilities within the force for commissioning the development of new systems, carrying out the development, approving the system and managing its implementation;
• specify the project management methodology used by the force;
• set out what appraisal of candidate projects is carried out, and on what basis approval is given;
• say what standards of business design analysis is to be used - for example, Structured Systems Analysis and Design Methodology (SSADM).

That list is not exhaustive - but it highlights the principal omissions in the IS/IT strategies which were examined during the inspection.

Annual Business Plan for IT Departments

2.6 HM Inspector found that few force IT Departments were required to produce an annual business plan, translating the priorities in the IS/IT strategy documents into a specific programme of work for the year. It was therefore often difficult to identify what IT resources - both human and financial - were required to implement the strategy within a set timescale. The introduction of IT systems necessarily involves complex planning and, if the resources needed to implement IT projects are not specified and put in place, there can be no guarantee that systems will be introduced on time. Nor is there a way of monitoring progress, and checking that implementation is running to time and on budget. The best departmental business plans seen by HM Inspector represented good practice in linking tasks in hand to force objectives and is evidence of technical staff seeing their role as supporting the business objectives of the force.

2.7 The lack of a business plan also left IT Departments vulnerable to requests to do work at short notice and without extra resources, which displaced work which was already in hand. Quite apart from the disturbance to the work programme of the IT Departments, lack of an agreed annual business plan makes it difficult for senior management to rank new demands against existing work and to see the resource and timing consequences of inserting new tasks.

2.8 The annual business plan needs to take account of the staffing available to the organisation - because, regardless of whether IT systems are procured externally or developed internally, the organisation will need staff with the right skills. HM Inspector welcomed the declared intention of at least one force to have a skills audit carried out by independent consultants. HM Inspector considers that such a skills audit, conducted by a competent independent authority, should be considered by police organisations to ensure that the IS/IT strategy is not hindered by a lack of availability of technical staff.

User Input

2.9 HM Inspector found too little evidence of user involvement in the planning process. Some organisations did not arrange for the ultimate users to be consulted at critical stages in the project planning cycle and to have a means of expressing their views and requirements. Arrangements in forces were often perfunctory: for example, where user groups existed, their members (who were usually junior staff) expressed concern that their communication with IT Departments was inadequate. There was evidence of users being supplied with systems which they had not been consulted about.

2.10 Conversely there were examples where users had been given a free hand to specify requirements and this had resulted in unquantified and unjustified requests being made. A fine balance has to be struck between consultation on the one hand and user dictate on the other. In particular IT staff showed a willingness to take on tasks springing from senior managers, with insufficient resources to meet demand.

2.11 HM Inspector cannot emphasise too strongly the importance of maintaining a positive and structured relationship between users and their IT Departments, because only thus can IT Departments be effective in providing a service which meets the business requirements of users. That relationship needs to exist at various levels. Senior management must take an informed interest in the planning process (including agreeing the IS/IT strategy and the annual business plan) and in monitoring implementation of the strategy and plan. Each individual system, during its development and during its subsequent operation, must have an active user group, empowered to make sure that the user knows what IT can offer, and that the developed systems meet users’ legitimate business needs.

Conclusion

2.12 The recommendations in this section are not hard to implement. They require a close co-operation between users (especially senior management) and IT Departments, to ensure that every business objective of the force is supported wherever appropriate by IS/IT systems - and that effort is not wasted in developing and running systems which are not crucial to force objectives. There is a clear and substantial benefit from the time spent on proper planning.