Scotland's Digital Future: High Level Operating Framework Version 2
Updated guidance for the public sector on the design, development and delivery of future digital public services.
2 Principles
2.1 Strategic
DPS Strategy sets out a number of strategic principles and their implications for service design and associated ICT services. These principles have been endorsed by the public sector and incorporated into respective strategies in response to the DPS Strategy. The principles are summarised below:
2.2 Architecture
Architecture principles support the four strategic principles as set out in Scotland's Digital Future - Delivery of Public Services. For simplicity, each architecture principle has been aligned to a primary strategic principle but in reality may support more than one.
The architecture principles define the rules and guidelines that inform and support the way the services and systems in scope of this Framework are designed and delivered. They reflect a level of consensus across National, Sector and Local (individual agency) levels and should be used by all levels of ICT Governance to assess the compliance of any new ICT initiative.
Architecture principles are intended to be enduring and stable and are therefore defined at a high level although it is expected that the principles will be updated/extended over time as necessary. The principles are interrelated and should be applied as a set. In some cases, principles will compete; a resolution process to manage these conflicts should therefore be established within each sector's ICT governance arrangements.
Each architecture principle is described based on the industry standard TOGAF Enterprise Architecture Framework 2 as follows:
| Reference |
A unique reference identifier for the architecture principle |
|---|---|
| Name |
An easy to remember name that represents the principle's objectives. |
| Statement |
An unambiguous statement that describes the principle. |
| Rationale |
A statement or list of statements that describe the benefits of following the principle. |
| Implications |
A statement or list of statements that describe the consequences of adhering to the principle. |
In order to capture additional detail associated with each principle, a 5 th dimension 'Resources' has been included.
| Resources |
Additional information to support the application of and compliance with the principle. Where standards apply, these will be referred to here. |
|---|
2.2.1 Citizen/Customer Focus
| Ref. No. |
OFP- CC1 |
|---|---|
| Name |
Digital Standards |
| Statement |
The design of applications and services (information and transactions) will be user focused and with a presumption of alignment with the technical standards and design principles of mygov.scot |
| Rationale |
A common approach will facilitate effective user journeys across public sector organisational boundaries and reduce the need for citizens to use higher cost channels for all sectors. More fully meeting user needs through citizen-centric design which successfully transcends organisational boundaries will reduce levels of 'failure demand' and associated rework for all sectors |
| Implications |
Service providers will design digital services from a 'citizen needs' perspective which may require services from multiple public sector organisations to be presented to the citizen in as seamless and integrated way as is possible. During the end to end service provision (from the citizen's perspective), disruptive movement between different service providers should be minimised and organisational branding should not overly distract from the perceived seamless flow of the transaction from the citizen's perspective |
| Resources |
Service Standards for mygov.scot (DRAFT - work in progress) Government Digital Service Design Principles See also mygov.scot for the beta version of the mygov.scot external website. |
| Ref. No. |
OFP- CC2 |
|---|---|
| Name |
Multi-Channel |
| Statement |
The design of new applications and services shall not restrict service consumers from accessing the new functionality from currently known or defined access devices. |
| Rationale |
Applications and services have a potentially large and diverse client-base that may choose or need to employ a variety of access channels e.g. PC/Mac/Linux devices, secure kiosk, thin client, smartphone or other mobile device. The way in which citizens consume services will change over the life of a solution/service and should not be constrained by the current technology available. |
| Implications |
The solution architecture for any new application or service must be adaptable and provide the capability to support the changes in citizen choice of channel at the appropriate points and in a cost-effective manner. |
| Resources |
The mygov.scot programme maintains and operates a device lab for testing web sites and mobile applications. The lab contains over 40 physical devices including smartphones, tablets, consoles and e-readers and is available for use by other Scottish public sector organisations and programmes. Please contact feedback.mygov@scotland.gsi.gov.uk to enquire further. |
| Ref. No. |
OFP- CC3 |
|---|---|
| Name |
Verification and easy sign-in for citizen access |
| Statement |
Public Sector organisations will use the national myaccount service to verify the identity of citizen access to digital public services as a default. Where this is not currently possible, organisations will ensure that any procured or developed authentication system complies with standards-based federation. Access will be granted once the requester (human or computer) has been authenticated and authorised. The requester shall only be given enough privileges to execute those tasks needed to perform a specified job activity or function; no more and no less. |
| Rationale |
Access to digital public services should be designed for the convenience of the citizen and should take into account modern Internet technology authentication approaches. Having verified their identity in one part of the public sector, citizens should not have to re-present proof of who they are to access services in another. Using the myaccount service as the verification system of choice or as a minimum, implementing an open standards-based solution capable of federating with the myaccount service, will enable service providers to provide citizens and other similar Identity Providers with secure access to their digital services without the need for re-verification. |
| Implications |
Common standards for verifying identity across the public sector are required to ensure that one public sector area trusts the identity created in another. Authentication/verification services rely on service providers being able to match attributes supplied by Identity Providers to locally held data. Service providers verifying identity in the public sector should ensure that, as a minimum, the key attributes of Forename, Surname, Date of Birth and Gender are available for verification purposes. This will provide high levels of confidence when these attributes are supplied by the Identity Provider and matched locally There may be a cost associated with new systems aligning with this principle, particularly where those systems have user provisioning and control embedded within the application code. |
| Resources |
2.2.2 Privacy & Openness
| Ref. No. |
OFP- PO1 |
|---|---|
| Name |
Data Management - Open Data |
| Statement |
The Scottish public sector produces huge amounts of data. However, there is relatively little open publishing of that data. By making non-personal information more accessible and encouraging its publication and reuse, opportunities exist to maximise its economic and social value. |
| Rationale |
Publishing of open data for public use supports opportunities to improve efficiency in public services and promotes economic activity and innovative use. |
| Implications |
A cohesive overview of data is required to ensure a consistent approach is taken. Common standards for data will need to be considered. In publishing our data we need to ensure that we do so in such a way as to make it easy for others to find the data and to understand what is contained within the data. Providing accurate metadata with our data is essential. Metadata provides an opportunity to enhance the value of the data and provide clarity on what the data is and what it is not, any limitations to the data and/or its use can also be included within the metadata. Providing good metadata can support those using the data in not only finding it but also bringing together other data sets which relate to it, for instance data consumers can search for data by theme. |
| Resources |
| Ref. No. |
OFP- PO2 |
|---|---|
| Name |
Data Management - Data Sharing |
| Statement |
The Scottish public sector produces huge amounts of data. However, there is relatively little sharing of that data. Opportunities exist to benefit from and/or improve services via better use of the data, whilst complying with privacy requirements. |
| Rationale |
Better use of data provides the opportunity for organisations to target delivery of services, provide better integrated services and to become more efficient in their working, separately and together. |
| Implications |
A cohesive overview of data is required to ensure a consistent approach is taken and common standards for data will need to be considered. All work in this area must comply with the legal framework for data sharing, respect for individuals' rights to privacy and confidentiality and consider public confidence about when and how personal information is shared. |
| Resources |
2.2.3 Skilled & Empowered Workforce
| Ref. No. |
OFP- SW1 |
|---|---|
| Name |
ICT work force Capability |
| Statement |
To increase the capability of ICT professionals at all levels in the public sector to support digital public service delivery. |
| Rationale |
In order to deliver and support digital public services, a professional and appropriately skilled ICT workforce is essential. |
| Implications |
A common approach to skills identification and development of the ICT workforce, such as SFIA, and collaboration in their deployment in order to maximise the impact of their skills. |
| Resources |
| Ref. No. |
OFP- SW1.2 |
|---|---|
| Name |
ICT Work force Capability - Enterprise Architecture Skills |
| Statement |
To increase the capability of the public sector in the discipline of Enterprise Architecture to support principle OFP- CV4 |
| Rationale |
Adoption of an enterprise architecture approach to planning ICT services by public sector organisations will require increased awareness of and skills in the discipline of Enterprise Architecture. Increased awareness and skills in this discipline will make it easier to identify opportunities for re-use and convergence at individual agency, sector and national levels and therefore accelerate the realisation of the benefits to be achieved through these initiatives (cost avoidance, cost reduction). Increased awareness and skill in this discipline will also provide a common base of understanding and language to make it easier for agencies to collaborate in cross-sector service planning and design and accelerate the realisation of the benefits to be achieved (improved inter-agency working, improved service delivery for citizens). |
| Implications |
Increasing capacity in this discipline will incur costs in terms of formal training and initial loss of productivity although formal certification is not essential to provide an acceptable level of capacity. The current public sector skills gap analysis (Scotland's Digital Future: Delivery of Public Services: Skills Gap Survey and Analysis November 2014) does not identify Enterprise Architecture as a skills gap or shortage although other skills gaps identified suggest a requirement for these skills by inference - Business Intelligence and Information Security as examples which require an enterprise level view of an organisation's business, data, applications and IT infrastructure to be effective. |
| Resources |
TOGAF Architecture Skills Framework SFIA Professional Profiles Chart Zachman Enterprise Architecture Certification Recommendation in Enabling Actions Plan - propose a pilot project as part of the National Workstream Skills Action Plan to support skills development and training collaboration among all public sector organisations in the area of Enterprise Architecture. |
2.2.4 Collaboration & Value for Money
| Ref. No. |
OFP- CV1 |
|---|---|
| Name |
Reuse, Before Buy, Before Build |
| Statement |
The design of ICT solutions/services must seek to maximise reuse of existing services across the Scottish Public Sector. Adoption and use of services and capabilities developed at a national or sector level will be the default position when considering any new or upgraded ICT Services. If existing services do not meet the business requirements and cannot be extended cost-effectively, then a supplier will be sought to provide that product or service and make it available for re-use across the sector. If there are no existing services to reuse or suitable COTS packages that can be obtained cost-effectively, then bespoke solutions that strictly conform to the architecture principles will be considered. |
| Rationale |
Will increase the ability to deliver ICT services in the most flexible and cost-effective manner across a range of (internal and external) customers with differing technology domains. For long term stability and maintainability of the ICT Services required across the public sector, the focus should be on maximising reuse of existing services. However, depending on the business requirements and timeframe, buy/build options cannot be precluded. |
| Implications |
The requirements analysis and change management disciplines that underpin this principle must be embedded in the individual sector governance processes. The use of COTS products reduces the amount of bespoke coding required whilst also leveraging 3 rd party investment and future development. With the existence of architecture principles, the requirements governing a COTS procurement must be considered from a more holistic strategic perspective. Providing a means by which individual organisations can search for appropriate re-usable services (using a standard service definition along service catalogue lines) is essential to support this principle |
| Resources |
Our National Collaborative Agreements The Public Contracts Scotland Forward Plan for a full list of national and sectoral procurement agreements. Whilst the Catalogue of Re-usable Components is being created, a full list of current re-usable components is contained at paragraph 7.1 Current Standards, Guidelines and Recommendations of this document. |
| Ref. No. |
OFP- CV2 |
|---|---|
| Name |
Collaboration |
| Statement |
Collaboration is now the default choice in the design and delivery of services and in the procurement and deployment of ICT services to support this. |
| Rationale |
The public services delivery sector should collaborate across organisational boundaries to ensure that the services delivered - whether at national, sectoral or local level - can be truly joined up to meet the needs of the users of public services, the citizens and businesses of Scotland. |
| Implications |
The requirements analysis and change management disciplines that underpin this principle must be embedded in the architecture governance processes. The requirements governing any collaborative development or procurement must be considered from a holistic and strategic perspective. |
| Resources |
National Procurement Portfolio Plan ICT Technical Assurance Process for Investment Board (SG Agencies only) |
| Ref. No. |
OFP- CV4 |
|---|---|
| Name |
Use of Open Standards in Software |
| Statement |
Wherever possible organisations should seek to procure new or upgraded ICT services based on Open Standards which are defined as standards that are made available and developed through a collaborative, consensus-based approach. Open Standards are non-proprietary ( i.e. not restrictive) and facilitate interoperability and data exchange among different products and services. |
| Rationale |
Benefits of using open standards include: Interoperability & integration - use of open standards increases the likelihood that solutions provided by different vendors will be capable of inter-operating. Avoiding vendor lock-in - successful open standards are readily implemented by a broad variety of software vendors in either open source or proprietary solutions. This reduces the effort and complexity associated with use cases such as transitioning away from a system that is no longer supported or moving from one solution to a competitor that is more cost effective. Sustainability - open standards allow large contracts to be broken down into several smaller components. This enables incremental delivery of complex solutions thus reducing risk, as well as providing a more level playing field for SMEs during procurement. |
| Implications |
A set of open standards endorsed by the Scottish Government will be identified using the standards approval process described in the Framework (which would be part of the Catalogue of Re-usable Components) |
| Resources |
Open Standards and Open Source Software Policy - Work in Progress |
| Ref. No. |
OFP- CV5 |
|---|---|
| Name |
Use of Open Source software |
| Statement |
Wherever possible, and subject to compliance with the principles of fair and open procurement, organisations should seek to procure new or upgraded ICT services based on Open Source software, where Open Source Software is defined as computer software where the underlying source code is made available under a license which gives organisations freedom to access and modify the source code and to redistribute and reuse the software. With the licence granting them these rights, an organisation is able to improve the software or adapt it to better meet their needs. Improvements can be shared with the wider community. Proprietary software, by contrast, is closed source; with a restrictive copyright licence, the source code cannot typically be distributed or modified. |
| Rationale |
Benefits of using Open Source software include: Simpler collaboration - For several Scottish public sector organisations to work collaboratively on a shared service or solution, there must be clear agreement on and understanding of, how intellectual property rights will be managed. Open source licensing resolves this issue ensuring that an acceptable, well understood set of rights are conferred to all parties. Flexibility of use - licenses for open source solutions typically confer a more comprehensive set of rights compared to proprietary software. This freedom allows the user to run, change, improve and distribute the software, as required, to meet their needs. Value for money - a charge is not typically applied to license open source software; solutions, applications or libraries created by a Scottish public sector body may be easily re-used by other bodies under an open source license. |
| Implications |
Scottish Government Guidance is required around:
|
| Resources |
Open Standards and Open Source Software Policy - Work in Progress |
| Ref. No. |
OFP- CV6 |
|---|---|
| Name |
Single Approach to Identity & Access management for public sector employees |
| Statement |
Access to ICT systems for public sector employees should follow the same principles as access for citizens to digital public services and should take into account modern Internet technology authentication approaches as well as nationally developed services/capabilities which may be available in the near future via SWAN. Where possible, organisations should adopt a standards-based federated identity management solution/single user authentication process to allow employee single sign-on to permitted ICT systems across the organisation. |
| Rationale |
Having a standards based authentication system will allow simpler and faster access to ICT systems for public sector employees both within their own organisations and with ICT systems of other public sector organisations where suitable protocols have been agreed. |
| Implications |
Achievement of this principle will require a single (potentially federated) information source against which public sector employees can be authenticated when accessing ICT systems which will confirm their identity as well as the permissions they have for such access. |
| Resources |
SWAN Value Added Services Strategy, initial Value Added Services List - Work in Progress |
| Ref. No. |
OFP- CV7 |
|---|---|
| Name |
Enterprise Architecture Approach to ICT Planning |
| Statement |
An Enterprise Architecture approach to ICT planning will be adopted by all Scottish Public Sector organisations. |
| Rationale |
In order to identify opportunities for re-use and convergence of existing business or ICT services at an early stage and to support the planning and design of new services which cross organisational boundaries, it is essential that an approach to planning exists which provides a logical, organisation-agnostic view of how the organisation delivers its core business. Some public sector organisations have used an Enterprise Architecture approach to do this for some years and it is therefore recommended as an approach for all public sector organisations. Having a common approach based on Enterprise Architecture concepts and principles in all sectors will create a common framework and language which will assist organisations to communicate more easily when opportunities for re-use, convergence or cross-sector service delivery is required. The advantages that result from a good Enterprise Architecture bring important benefits, which are clearly visible in the operating costs of an organization:
|
| Implications |
Organisations and sectors will be able to identify target opportunities for cost avoidance and cost savings in a disciplined and objective way at an earlier stage than may have been possible without such an approach. |
| Resources |
Approach to Architecture in Health |
| Ref. No. |
OFP- CV8 |
|---|---|
| Name |
Service Oriented Approach ( SOA) to Design of ICT Solutions |
| Statement |
Wherever possible, design of any new or upgraded ICT solutions should use the principles of Service Orientation |
| Rationale |
The principles of Service Orientated design will drive the creation of more modular software applications which will increase the potential for re-use within the software application itself as well as by other applications that require the same type of functionality. Additionally, as one of the key tenets of an SOA approach is that the components must be designed to be interoperable at the outset, the requirement for complex and costly integration efforts to create new or enhanced digital public services, will decrease. Coupled with the Architectural Principles of Open Standards and Open Source, this principle will create a rich source of software components which can be written once but used by many different software applications and organisations. |
| Implications |
Cross-sector agreement to the Generic Services Model element of this Framework will be critical to maximise the benefits to be gained from an SOA approach. |
| Resources |
Current SOA work in E-Health Architecture - Work In Progress |
Contact
There is a problem
Thanks for your feedback