The Victorian government Department of Justice and Community Safety (DJCS) has learnt some harsh and costly IT lessons in its failed attempts to install a new infringements system.
In its second attempt to roll out its new Victorian Infringements Enforcement Warrant (VIEW) system, the Department has been slammed as an ‘uninformed buyer’ and significantly failed in planning the project, which ran over time and cost, while also not meeting quality and functionality targets, according to the Victorian Auditor General Office’s (VAGO) report into the system failures.
VAGO pointed out that the failures were “mainly due to DJCS’ misguided and poorly implemented risk strategy to procure a commercial off-the-shelf (COTS) system,” which didn’t exist and therefore couldn’t meet the complex requirements.
Initial plans to replace its legacy fines IT system were terminated after it overran by six years and cost $59.9 million -- twice the initial planned cost of $24.9 million -- to build a customised IT solution from the ground up. But it lacked the right expertise, so in the second attempt, staff decided to avoid another customised build, and rather opt for a COTS system to avoid complexity and fit into the timeline.
“This was unrealistic because COTS solutions are designed and intended for delivering mass, simple transactions. Fines management in Victoria involves a myriad of complex and bespoke processes,” the report said. “Using a COTS solution could have met only some elements of the fines management system. Alternately, fines processes would have required significant simplification and streamlining to fit the COTS solution, which DJCS did not contemplate.”
The second attempt kicked off in 2016 after DJCS began procuring a new vendor, giving it 15 months from signing the contract to go-live at the end of 2017.
After more than a year into the project, both DJCS and the vendor realised they couldn’t meet all the timelines and delivery requirements, but still went live with the system regardless of the functionality it could actually deliver.
The report found DJCS was hoping to have at least 90 per cent of VIEW's functionality by the time it was pushed live, but later estimated it was only five per cent. A consultant was engaged in 2019 to explore VIEW's delivery issues and develop a remediation plan, and despite improvements in the system and functionality, VIEW is still incomplete, the report said.
“As VIEW's launch date approached, DJCS's reporting to the Attorney General was overly optimistic. This was partly due to the inaccurate reporting it received from the vendor, the IT advisor that DJCS hired from an external advisory firm and its project team,” VAGO report said. “DJCS also failed to accurately report known risks. It recommended to the Attorney-General that the launch go ahead, despite not having fully tested the system, adequately training its staff or having contingency arrangements in place if the launch failed.
“DJCS's failure to identify, procure and implement an effective IT solution immediately followed its previous failed attempt. DJCS did not engage enough people with skills commensurate to the nature and complexity of the VIEW project. This core issue was exacerbated by DJCS's ineffective oversight and review processes.”
VAGO’s report also found the department’s lack of relevant software expertise and complex IT project skills, meant that it over-relied on a contracted IT advisor from an external advisory firm, and that their background and expertise were not appropriate for the scale and project complexity.
“DJCS tasked the advisor with multiple and conflicting roles across vendor procurement, project delivery and reviewing and assuring the project's progress. This significantly compromised the independence and quality of advice provided to the project steering committee,” VAGO said. “DJCS's lack of appropriate knowledge and experience meant that its staff were unable to properly consider IT options that could realistically deliver on its policy intent, evaluate the claims of potential vendors and critically interrogate performance reports from the IT advisor and vendor.”
VAGO said DJCS didn’t adequately understand its needs before approaching the market in 2015 and lacked a fully invested project owner that could properly specify its system requirements to potential vendors.
The report also found the department didn’t set up its vendor evaluation criteria to support it to select a solution that would meet its needs, overemphasised lesser requirements, didn’t undertake simple vendor enquiries and did not appropriately regard fundamental technical elements.
“Based on DJCS’s difficulties with the vendor for its past failed project, DJCS allocated almost 37 per cent of the evaluation criteria to support in-project capability and customer service. Vital technical requirements, such as interfaces, reporting and generating fines correspondence, each accounted for less than 5 per cent,” VAGO said.
“There is also no evidence that DJCS tested the preferred vendor's ability to customise its offerings to close the functionality gap. Further, once DJCS selected a product with a low technical fit, it did not adjust its timelines to factor in the extensive customisation necessary.”
As a result, VAGO said the Victorian public service must rethink its approach to sourcing, managing and governing its complex IT projects to avoid these issues recurring.
It must also re-examine its approach to providing robust advice to the government, especially when it may not be receptive to the advice.
VAGO made seven recommendations to the Department of Premier and Cabinet, Department of Treasury and Finance (DTF) and Victorian Public Sector Commission, relating to leadership training for public servants, building information technology project delivery capability, risk management and project governance, which were all accepted.