Scotland's Digital Future: High Level Operating Framework

4 ICT Operating Framework

4.1 Overview

This section discusses and outlines a framework to support and develop the ICT Architecture of public sector bodies in Scotland. A number of architectural layers are defined to allow the ICT architectural landscape to be simplified and synthesised into common, industry recognised components.

The application of those layers allows for the modelling of current and planned architectures against a target ICT Architecture. The architectures under review may be aggregated at local, sector and national levels in support of moving towards the target (or blueprint) architecture and also influencing the use of ICT to improve the quality and effectiveness of services delivered. ^[6]

This Operating Framework is aimed at assisting organisations in:

• The assessment and modelling of their current architectures in a consistent manner
• Comparing architectures across organisations
• mapping commonality and understand uniqueness
• Identifying a Target ICT Architecture at National, Sector and Local levels
• Establishing a roadmap to support organisations as they move towards that target architecture

Technology evolves at a rapid pace and future opportunities, which offer further improvements on the current model, may be presented. The Target Architecture will therefore need to be revised on a regular (at least annual) basis, with the layers and maturity model (presented later) developing over time.

4.2 Architecture Levels

The aggregation of those different architectures is captured in the following diagram ^[7] , which provides some context in support of how the governance around their formulation, modelling and collection may be organised.

4.2.1 National

This level of detail supports the sectors and brings them together into a national framework, where common or shared assets may be identified and a common strategy created and maintained in line with changing business and ICT landscapes. It sets the context against which sector architectures and resources should align.

4.2.2 Sector

Supports the creation of a simple roadmap for each sector, used to shape the ICT Architecture to align with the national strategy and deliver products that improve the delivery of services to citizens.

4.2.3 Local

Represents a level where Agency/ NDPB, etc. ICT assets are brought together and support those individual functions within the local organisation. Definitions and constraints set out at higher levels of the architecture direct architecture design and resource decisions e.g. on use of common hosting facilities.

4.3 Architectural Framework

A modern ICT Architecture has a number of complex components. Technological evolution has introduced a number of innovations and the ICT landscape in most businesses or public sector bodies now contains a range of technology of differing age.

Yet, in order to address the recommendations from McClelland we must define some standard services or tiers within the architecture. These are proposed based on accepted industry practice today (in order to maximise the ability to procure these on the marketplace) and with an eye on the challenges faced within the Public Sector in Scotland (for example the need to share citizen data).

A proposed model of Architectural tiers or services is depicted in the following diagram. This model identifies accepted industry services, which are outlined further below. Services higher up this model are more specialised and depend upon services supported by lower tiers in the model. In addition, higher tier services will, by definition, be less re-usable which is depicted by the width of the service in the model.

Each of the components is explained in the following text and later expanded to describe and support their measurement against a baseline 'Ideal Organisation'.

4.3.1 Infrastructure - Communications

All public sector locations and establishments require some form of ICT (data) and/or telephony (voice) service. There is already a national level procurement in progress ( SWAN) to support rationalisation and convergence of multiple network services into a single, unified service portfolio.

4.3.2 Infrastructure - Servers, Storage, Data Centres and Cloud

The deployment of physical ICT assets has evolved dramatically in recent years. Critical business applications, for example ones which impact the safety of the public or employees, require high availability, which can best be delivered through modern data centres.

4.3.3 Security and Identity Management

Security needs to be central to how modern business operates. Within the public sector specifically, there is a need to:

• support the concept of "The Citizen" nationally, across sectors and locally
• share information more readily (e.g. within the health, social services and criminal justice domains)
• enable public or citizen access to an increasingly diverse service base in a uniform and consistent manner

Common security and ID management processes, services and tools are essential elements of the architecture to enable all of these aspirations.

4.3.4 Standard Office Productivity Applications

Standard applications like Word, Excel and email are widely prevalent in the user community today. Their interoperability and the incorporation of new 'standard applications', such as emerging social media platforms, are vastly common across the Scottish Public Sector. Where there is a perceived unique requirement in this tier, this should be considered the exception rather than the rule.

4.3.5 Common Business Services

Currently most public sector bodies operate as largely independent businesses with their own employment processes, payroll, etc. Therefore there are a number of business services, payroll, HR, etc. which are similar in their application. As noted in the national and draft sectoral strategies it is expected that there are significant opportunities to standardise and re-use across these services.

4.3.6 LOB Applications

Line Of Business Applications are by definition, specific to the agency/public body that requires them. In a number of cases they may be bespoke applications. However, even at this level, there will be opportunities to share data, or perhaps compromise on process to allow for standardisation of applications.

4.3.7 Delivery Channels

Applications and services have a potentially large and diverse client-base that may choose or need to employ a variety of access channels e.g. PC/Mac/Linux devices, secure kiosk, thin client, smartphone or other mobile device. Common standards and approaches will support the delivery of services over these channels in as efficient means as possible.

4.4 An Ideal Organisation

It is recognised that public sector bodies will have different capabilities for each of the components described above. In addition, they will not all be able to advance at the same rate. A model is therefore outlined below to support each organisation to evaluate their current capability and maturity and map out their short term plans and longer term strategies.

The ICT of an ideal organisation is described below, restating the architecture components in terms of Tiers, which model the possible adoption profile for each component i.e. the lower the tier in the diagram, the earlier it is likely that an organisation will be able to incorporate and align their own approach to that of the National Strategy.

Note that Channels are not included in the above model, as their development and uptake will be drivers for the above service delivery routes evolution, rather than being part of the organisations delivery capability.

4.5 Model to Assess Maturity and Support Planning

Agencies and other public bodies will not be at the same stage of ICT maturity. Many will have complex ICT landscapes across a mixture of technologies. In addition, with current constraints on public spending, no single body will be able to evolve to the optimum architecture overnight.

A model to assess the current maturity or adoption of the architectural principles, assessed against each tier above is therefore presented. Qualitative criteria will be developed against which each organisation may be assessed. It is recommended that this assessment should be carried out on 3 planning horizons:

Current	As-is assessment of the architecture
Planned	Funded and in-flight projects. It is recommended that these are re-evaluated at least annually.
Strategic	Assessment of where that organisation wants to be, taking into account that each organisation will by its own uniqueness be limited to where on the maturity model its optimum level of adoption will reside.

Applying this approach will result in a model similar to Figure 1. Using this model, organisations will be able to track their progress against their plan and strategy. Also, an aggregate level of governance can be applied at sector and national levels.

Figure 1 - Example Architectural Maturity Model

In arriving at the above model, a form of numeric scoring is proposed (for further development) to give a comparable measure for local, sector and national levels.

4.5.1 Illustrative Organisational assessment criteria

Illustrative Organisational assessment criteria is included at Annex B