Item 7 GCP(12)30 ICT Strategy 2012-13 summary For Board approval For Board discussion For Board information Prepared by: Alistair Quigley Programme director Support Services Date: 17 May 2012
Executive summary 1. This informational paper is intended to provide a high-level overview of the Gambling Commission s ICT strategy for 2012-13, the key s of work to be undertaken including how those s are to be funded and an overview of the Commission s Information Assurance (IA) architecture. Background 2. The Commission s overall ICT strategy for the 2012-13 financial year is broadly formulated from workstreams within the business plan that require significant ICT contribution to be delivered successfully. Other s of work drive the ICT strategy such that there are few dedicated ICT workstreams in themselves. The support services of work contains ICT workstreams that are either not attributable to specific workstreams or s or which contribute to the development of technical infrastructure across the entire organisation. 3. Monitoring of progress of ICT workstreams and ICT components of other workstreams is done through the standard business plan reporting structure. An ICT Operational Plan has been developed through to the end of 2013 that further details the mechanics of how the ICT components will be delivered, what resources are required and timelines for completion. 4. An overarching technical development plan tracks the milestones and deadlines that ICT must meet to ensure that the ICT components are delivered into the respective business plan workstreams on time and to specification. 5. A process of project initiation documentation (PID) followed by business case approval by the Executive Group is used for initiating all significant ICT projects. Page 2 of 6
6. ICT core workstream overview Workstream Project Description Funding Ensuring the provision of robust, secure electronic communications infrastructure and Information Technology (IT) services. Implement Police National Network (PNN) Implementation of PNN is a lower cost alternative to GSI that is easier to implement and more cost effective. It will give the ability to access certain information systems that are usually accessed via GSI. The quantity of protectively marked data that the Commission shares with other organisations is very low; hence GSI is not a cost effective solution. Secure emails are transmitted using the Criminal Justice Secure Mail (CJSM) system which is accredited to the same level for email as GSI and is effectively free. Migration to Windows 7/Thin Client The use of thin client terminals has proven very successful for home based employees. We will further roll out thin client terminals where appropriate. Where not appropriate PCs will be upgraded to Windows 7 (approx 60:40) mix. Hardware & software consolidation plan The exit of Fujitsu in 2008 left many bespoke applications and departmental dedicated servers. We plan to continue to rationalise the server base down from 50 servers in 2008 to 25 by end 2012. The software base will be consolidated into core applications only (for example Siebel CRM). Alternative hardware Investigate and trial the use of tablets for improving access to Commission data particularly in the field. Communications infrastructure Implement telephone system upgrade and investigate opportunity for video communications internally (particularly in the field) and externally. Improving efficiency through IT reconfiguration projects Reworking of compliance information system (CIS) The functionality of CIS is being reworked into Siebel CRM negating the requirement for an additional software application specifically for compliance processes. ICT Time and effort recording management Ensure that people management activities and effort is captured appropriately Implement systems and processes to capture time and effort spent at workstream level to assist with business planning and at operator, sector, fee category level to further inform fees workstream. ICT Business continuity and security Maintaining resilient business continuity plans Reworking of Commission and NLC backup solutions, reworking of hardware at Bristol site. Page 3 of 6
Maintaining information management and information security to a level consistent with all relevant standards including those laid down by the Cabinet Office and the ISO 27001 Information Security Management standards Monthly internal audit of security processes and procedures through Information Asset Group. Risk assessment of all ICT developments, privacy impact assessments of all ICT developments. Business support Delivering the Commission s contribution to e- Government initiatives and targets and e- accessibility of its services Implement ability to automate online, components of the licensing process Complete high level design for full application process online, including card payment for applications The first stage of online processing will be for the personal licence refresh mid 2012. The online architecture has been planned to allow upwards expansion to cover all aspects of a licence lifecycle. The online architecture is designed to cover all aspects of licence application and early in 2013 we will implement further online processing for licence application. Other online processing components (for example LCCP and Key Event reporting) will come on stream during 2012. Web-based fee variation calculator An online fee calculator was introduced in 2011. For 2012 we plan to extend the functionally to include licence variation fees. ICT Page 4 of 6
7. [Exempt information under section 43 of the Freedom of Information Act] Page 5 of 6
Information Assurance architecture (IA) Page 6 of 6