Introduction

1. Information and communication technology (ICT) supports the war fighting and intelligence capabilities of the Australian Defence Force (ADF), and Defence’s corporate functions.¹ The Defence Information Environment (DIE) is one of the largest ICT networks in Australia. At an estimated annual cost of $1.2 billion in 2010–11, the DIE connects over 500 Defence sites within Australia and overseas.² The network provides services ranging from highly diverse and complex weapons support systems and electronic counter-insurgency, to more straightforward day-to-day services such as word processing. The effective and efficient management of this extensive ICT network is a major challenge for Defence and is critical to the achievement of its strategic objectives.

2. Historically, Defence’s ICT infrastructure and application services have been defined and acquired in support of individual initiatives and capability needs. Accordingly, Defence’s ICT has tended to grow and operate in a fragmented way, resulting in gaps in service delivery, duplication, redundancy, and impaired inter-operability. Consequently, the performance and reliability of Defence’s ICT has been adversely affected, and support and maintenance has been difficult and costly. Defence recognised these issues and, in 2009, the then Minister for Defence articulated the need for ICT reform, noting that it would take time to achieve the desired level of ICT service capacity:

Defence faces real problems with its own infrastructure. Some of Defence’s ICT systems are antiquated and inadequate for Defence’s complex operational requirements as a result of being grossly under-funded for years. Some of the department’s ICT systems are now too cumbersome, fragile, and costly to operate effectively.³

3. The Minister’s concerns, especially the pressing need for Defence to improve its ICT management, were also expressed in the findings of management reviews of Defence over the period 2007 to 2009.⁴ In particular, the 2007 Defence Management Review set out an ICT reform agenda, recommending that Defence appoint a Chief Information Officer (CIO, appointed in 2007) and develop an enterprise-wide ICT strategy. In November 2009, Defence released an Information and Communication Technology Strategy (the DICT Strategy), which articulated Defence’s plan to address the shortcomings in its ICT governance, planning and control frameworks.

4. The DICT Strategy was developed during the same period as the Government’s May 2009 Defence White Paper (the White Paper) and the 2009 Strategic Reform Program (SRP). The White Paper and the SRP propose ICT reform in support of war fighting and business reform objectives for Defence through to 2030.⁵ Over the decade to 2019, the SRP is intended to provide $20 billion in savings for re-investment in the Defence capabilities set out in the White Paper.⁶ ICT reforms alone are required to contribute $1.9 billion towards the overall SRP savings target, and the success of over half of the SRP reform streams⁷ is critically dependent on the provision of effective ICT services, including infrastructure, applications development and sourcing. Significant aspects of the SRP require ICT-enabled business transformation, with the attendant potential benefits and risks:

A fundamental principle [behind increased investment in ICT] is that it will deliver better cost effectiveness through the streamlining and amalgamation of corporate support activities…The financial risks associated with IT-enabled business change are due therefore not only to the scale of the programmes and projects themselves, but to the benefits they need to achieve and the pressure to produce return on investment.⁸

5. Defence’s ICT reform program and the SRP foreshadow significant change in the administration of Defence, during a time of substantial ongoing involvement in operations. In addition, Defence is currently moving to implement the recommendations of the Review of the Defence Accountability Framework (the Black Review⁹), including presenting quarterly reporting against performance benchmarks set out in an Annual Defence Plan.

6. Defence informed Parliament in October 2011 that it anticipated adjusting the SRP and the implementation of the White Paper in the light of the outcomes of current internal reviews of the Defence budget, the capability development process, and the major projects in the 10-year Defence Capability Plan. The outcomes of these internal reviews will inform the formulation of the Defence budget in 2012–13.¹⁰

Audit objective and scope

7. The objective of the audit was to assess the development of Defence’s oversight and management of its portfolio of ICT investments and projects. In particular, the audit examined Defence’s:

• governance, strategic processes and decision-making structures that set out, prioritise and coordinate the integrated ICT reform portfolio and programs;
• ICT risk management and capacity to identify and plan to achieve the benefits of its SRP ICT stream reforms (including methodologies to measure the realisation of savings and non-savings benefits);
• level of portfolio and program management maturity; and
• the impact of improvement efforts on Defence’s ability to deliver the ICT services capacity required to support the SRP.

8. The ANAO’s focus was on remediated or new Defence ICT capability resulting from the ICT reform program. Project management of individual ICT projects was not included in the audit scope.

Overall conclusion

9. Defence has commenced the vital work of remediating the publicly acknowledged deficiencies in its information and communication technology (ICT) systems. ICT reform is currently a major organisational agenda that is also expected to contribute substantially to the Strategic Reform Program (SRP). The SRP seeks to comprehensively reform Defence’s business to support the policy, capability and funding expectations of the Government’s May 2009 White Paper (the White Paper). Significant aspects of the SRP involve ICT-enabled business transformation. When the SRP was announced in May 2009, the Government announced that it would invest more than $940 million over four years to reform and remediate the Defence Information Environment (DIE) and its supporting infrastructure in order to support the White Paper objectives and achieve long-term ICT savings of $1.9 billion.¹¹

10. Since then, Defence has made modest progress in improving the performance of its ICT systems and has started replacing obsolescent equipment. The SRP ICT stream exceeded its savings target in 2009–10 and met its savings target for 2010–11. At the time of this audit, the SRP ICT stream had reported total savings of $224 million (11.5 per cent of the stream target of $1.9 billion total savings over the period 2009–19) for expenditure of $249 million (26.5 per cent of total planned stream investment).

11. The Chief Information Officer Group (CIOG) has primary carriage of remediating Defence’s ICT and the ICT initiatives and reforms supporting the SRP. Since 2007, CIOG has sought to progressively map and cost all of Defence’s ICT systems and investments, and develop a Defence-wide coordinated approach to ICT investment. In November 2009, CIOG set out an overarching Defence ICT Strategy to complement the White Paper. Along with the Deputy Secretary Intelligence and Security, the Chief Information Officer (CIO) is responsible for the governance of the SRP’s ICT reform stream, thus achieving greater oversight of ICT planning and investment activity in Defence than in previous years.

12. At the time of its March 2010 progress report to the Government, Defence considered the SRP to be as complex an organisational reform agenda as had ever been undertaken in either the private or public sectors in Australia. Delivering ICT reform in Defence is a challenge of a very high order, entailing the simultaneous remediation of existing systems, the development of ICT systems critical to the SRP reform streams, and the achievement of savings at the upper bounds of feasibility. More than two years into the reform process, ICT continues to represent a material risk to the timely achievement of the SRP investment and savings targets set in support of the longer-term objectives of the White Paper.

13. To help manage these risks, Defence has taken steps to formalise and develop the governance and management of its ICT. Defence has established a high level governance committee—the Defence Information and Communication Technology Committee (DICTC)—to provide strategic direction for the planning, coordination and execution of ICT initiatives across Defence.¹² However, while the bulk of Defence’s ICT investments to July 2013 will be in SRP related initiatives, DICTC is not well-integrated into the governance of the SRP. Decisions affecting the scope, timing, relative priority, and overall savings to be achieved by major ICT projects can presently be made by other high level Defence committees without the direct knowledge of, or coordination with, DICTC or CIOG. These other major committees include the SRP Stream Governance Committees, the Defence Workforce and Financial Management Committee, and the Defence Capability and Investment Committee. Coordination and information-sharing between these committees currently relies heavily on common membership, mainly of very high-level officials who are time-poor.

14. While the impetus of ICT reform has started to erode Defence’s compartmentalised management of its ICT, the absence of fully effective governance arrangements means that Defence ICT initiatives continue to be developed in the absence of processes to clearly identify and resolve competing priorities, properly identify interdependent initiatives, or provide a clear view of resources. Notwithstanding successive surveys of Defence’s ICT environment, senior decision-makers are yet to have a reliable, consolidated view of Defence’s ICT domain including all expenditure, servers and hardware, and software applications. CIOG’s current knowledge of the Defence-wide ICT systems and expenditure, while the best available consolidation to date, is incomplete.

15. The multiple ICT reform agendas underway in Defence present particular complexity in the organisation’s ICT portfolio. At the time of this audit, CIOG had direct visibility of some 75 per cent of Defence’s ICT expenditure, which is a notable improvement on the situation at May 2009, when CIOG had visibility of less than half of Defence’s ICT expenditure. Defence informed the ANAO that the improvement was due largely to:

improved financial reporting of ICT, the Defence ICT Costing Baseline activity, which is now in its third year, and the ongoing maturing governance and consolidation of ICT infrastructure and software licences.

16. However, some $300 million of Defence’s estimated $1.2 billion of ICT expenditure in 2010–11 was not directly visible to CIOG. While Defence’s financial reporting of ICT has improved, the estimate of $300 million in expenditure includes information provided by Defence Groups and Service entities that is not necessarily compiled, recorded or calculated on a consistent basis. The lack of consistent Defence-wide ICT financial data has meant that, to estimate future expenditure and likely ICT savings, Defence has, in some cases, relied on data provided by consultants using proprietary estimation techniques that Defence is not in a position to verify or validate. Defence therefore has a less than complete view of the information needed to effectively manage its ICT, plan future systems, and fully deliver the savings necessary to support the White Paper targets.

17. It is also difficult for Defence to have a central view of all its ICT initiatives and proposals, as there are currently a range of different approaches and points of entry into its ICT approval processes. Without enterprise-wide processes for the development and approval of ICT initiatives, Defence is unlikely to be able to strategically guide its ICT reforms. CIOG has developed a uniform set of approval processes, though they are yet to be fully implemented and applied to all initiatives. Defence informed ANAO in October 2011 that:

• in consultation with the Department of Finance and Deregulation (Finance), CIOG is currently finalising an ICT two-pass approval process to apply in Defence; and
• that the task of advising DICTC and the CIO of identified ICT interdependencies and conflicting priorities, including across the SRP reform streams, was now the responsibility of the Defence Information Environment Committee (DIEC).

18. These developments and activities are consistent with CIOG’s November 2010 management maturity rating assessed under the P3M3® model mandated by the Australian Government.¹³ The assessment indicated that, while ICT programs and projects were recognised as organisational investments, there were no standard portfolio processes, and limited consistency and coordination across programs and projects.¹⁴

19. As chief ICT service provider and de facto ICT program manager for much of Defence, CIOG’s P3M3® management maturity ranking is in line with that of ICT management entities within other large Australian Government agencies. However, no other agency is currently undertaking such a large ICT-enabled business transformation as Defence’s ICT reforms and the SRP, and CIOG’s assessed level of management maturity presents risks arising from:

• the relative immaturity of standard portfolio-wide governance processes, such that they are not yet fully defined, documented, widely understood and consistently applied;
• the lack of a portfolio-wide view of ICT interdependencies and competing priorities;
• complex and sometimes confused accountability structures, including the absence of clear responsibilities for determining trade-offs among competing initiatives, and ambiguity in CIOG’s role as coordinating capability manager for ICT; and
• a high level of demand on the CIOG’s ICT capacity, currently some 350 staff short of projected requirements.

20. Defence is presently working to ameliorate these risks, which are acute. Most recently, Defence signed a contract with five preferred industry partners to improve ICT development, and alleviate immediate skills shortfalls and the pressure on Defence’s own ICT resources.¹⁵

21. However, the risks remain high, as eight major SRP reform streams depend for their success on ICT projects, or on conjunct elements of ICT projects.¹⁶ Schedule slippage is already evident and the failure or even the significant delay of one of these projects is likely to have a domino effect on other SRP activities that could delay or deny the anticipated flow of SRP savings into improved Defence capability. Defence’s management of sustained high levels of ICT-related risk would benefit from program managers and SRP Streams adopting a full partnership model with CIOG to deliver these Defence portfolio initiatives. There is also a real need for CIOG to strengthen its organisational governance arrangements, to support the effective functioning of high-level governance bodies (including DICTC and the Strategic Reform Governance Executive–SRGE), and to clarify accountability.

22. Attaining a portfolio-level view of Defence’s enterprise needs and managing it as a single entity is a challenging goal. In particular, the scale and complexity of Defence ICT requirements, the attendant organisational interdependencies, and the risks to the delivery of its transformation program underline the importance of the Defence leadership having a clear view of the strategic priorities for ICT. Inevitably, circumstances will change, requiring variations to plans. In this challenging environment, strong leadership focus will be required to deliver the benefits envisaged for the Defence organisation from the ICT transformation program over the next ten years.

23. The ANAO made two recommendations aimed at clarifying the role of key elements of Defence’s ICT management structure and improving Defence’s portfolio-level oversight and management of its ICT.

Key findings by Chapter

Chapter 2 - Governance structures and decision-making processes

24. The effective planning and prioritisation of ICT projects is important to achieving an optimal balance between business-as-usual and ICT reform activities. To help align its ICT investments with the priorities set by the Secretary of Defence and Chief of the Defence Force (CDF), in 2008 Defence established the DICTC as its pre-eminent senior ICT committee. The role of the DICTC is to provide strategic direction for Defence’s ICT investments through the review and prioritisation of all ICT initiatives and expenditure.

25. To assist DICTC, in 2008 CIOG provided the committee with information on the broad range of ICT activities and initiatives in Defence, which CIOG was in the process of mapping and costing. From its initial surveys, CIOG has subsequently developed a list of ICT projects, the current version of which is an Integrated Plan of Work (IPW) comprising 99 ICT projects, to assist DICTC and to articulate and guide Defence’s ICT reform program.

26. Following the announcement of the SRP in May 2009, Defence separately established the joint ICT and Intelligence SRP Stream Governance Committee (the SRP ICT governance committee) which first met in June 2009. To help manage its ICT investments and facilitate stakeholder engagement in the SRP reform process, Defence established three SRP ICT sub-portfolio committees (the Military, Corporate and Intelligence sub-portfolio committees) and other Stakeholder Engagement Teams (SETs) to represent ICT business needs within the ICT reform process. The sub-portfolio committees and SETs have represented the Services’ ICT priorities both to the DICTC and to the SRP ICT governance committee.

27. A key role of the SRP ICT governance committee is to help align Defence’s ICT investments with SRP requirements. This role overlapped to an extent with that of the Defence Information Environment Committee (DIEC), established in August 2008 to advise the DICTC on the ICT planning cycle and, subsequently, on ICT-related matters associated with the SRP. DIEC is charged with providing advice on priorities within the IPW, coordinating stakeholder perspectives on ICT capability being considered by DICTC, and identifying interdependent ICT projects and initiatives, including across the SRP reform streams. However, after being constituted in August 2008, DIEC became inactive until September 2010, and the SRP ICT governance committee did not meet between March 2010 and April 2011.

28. By early 2011, it was evident that the relationships between the Defence committees responsible for the governance of ICT reform, for the governance of the SRP ICT reform stream, and for the oversight of ICT initiatives supporting other SRP streams were not clear. By February 2011, Defence internal surveys of ICT stakeholders were reporting that ICT demand management and prioritisation were not functioning well, and that there was no effective decision-making for trade-offs between competing initiatives, including between the needs of stakeholder groups. For instance, though ICT initiatives underpinned other SRP reform streams, CIOG was not always included in stream governance arrangements and did not always have visibility of these ICT initiatives.

29. In addition, surveyed senior business stakeholders took the view that the business before DICTC was pitched more at immediate issues rather than at supporting strategic decision-making, providing DICTC with neither the lead-times nor the information suitable for informed strategic decision-making.¹⁷ As a key support to DICTC, the CIO still has only limited visibility of the Defence‐wide ICT costs and budget, and the ability of DICTC to formulate strategic direction for ICT within budget constraints was correspondingly limited.

30. After a hiatus of some months, during which the DIEC was effectively in abeyance and the SRP ICT governance committee did not meet, the relevant responsibilities of the two committees were clarified early in 2011. The SRP ICT governance committee met for the fourth time in April 2011. Defence informed ANAO in October 2011 that DIEC had not been effective in its intended role in respect of the SRP, which had instead been taken up by the SRP ICT governance committee.¹⁸

31. Defence informed the ANAO in December 2011 of recent additional Shared Services and accountability reforms aimed at enhancing personal and institutional accountability, streamlining senior committees and the decision-making systems, and improving personnel skills development:

The Shared Services review clarifies and strengthens the Coordinating Capability manager role of the CIO. Implementation of the Shared Services review outcomes, currently nearing completion of a ten week planning phase, will allow the CIO to have full visibility of the Defence-wide ICT systems and expenditure in a controlled and sustainable way.

32. Defence has also taken steps to clarify the approval processes for Defence ICT initiatives. At the time of this audit, three separate two-pass approval processes were in place:

• a Defence two-pass approval process coordinated by Capability Development Group, focused on capability acquisitions;
• the whole-of-government ICT two-pass approval process administered by the Department of Finance and Deregulation; and
• a CIOG-managed ICT Investment two-pass approval process.

33. There were multiple, uncoordinated entry points into Defence’s ICT approval processes that were not well understood, giving rise to apparent inconsistencies in decision-making and the risk that Defence stakeholders would pursue individual, uncoordinated ICT solutions without the benefit of strategic guidance consistent with reforming Defence’s ICT.

34. Defence informed ANAO in October 2011 that it was finalising the ICT two-pass process to apply in Defence, in consultation with the Department of Finance and Deregulation, and Defence stakeholders. The intention is to set out in detail the steps required, and CIOG has established a team to support and guide projects through the ICT two-pass approval process. This includes minor ICT projects, with some approvals already in train, though no project has completed the process to date. Defence informed the ANAO in December 2011 that:

There are two approval processes for ICT projects: through the [Defence Capability Plan ] or through …DICTC to the Whole-of-Government two-pass approval process. Minor projects from Groups and Services, go through an internal … process and then to the DICTC, having engaged with the relevant Stakeholder Engagement Team within ClOG.

[This] is a reflection of the transition to a new approval process as we concurrently conduct a process trial that spans many months.

Chapter 3 – ICT investment, benefits and risks

35. An important element in reforming Defence’s ICT was gaining a better understanding of the baseline information in respect of existing systems, particularly in terms of the extent and costs. At the time of the appointment of Defence’s first CIO in 2007, Defence had only a limited overall view of its total ICT investments, including its annual expenditure on maintaining and improving its ICT infrastructure.

36. Since then, Defence has continued to refine its cost estimates, though it is yet to achieve full visibility of its ICT expenditure. Estimates provided by consultants in 2008 formed the basis of SRP ICT savings targets and indicated annual Defence ICT expenditure in the vicinity of $1.2 billion, excluding the cost of ICT components in deployable military equipment. Defence has undertaken additional work to develop ICT baseline expenditure estimates, and CIOG informed ANAO in October 2011 that its estimate for 2010–11 total ICT expenditure was $1.2 billion. Defence informed the ANAO in December 2011 that:

The financial information populating the Defence ICT Costing Baseline has and continues to be progressively validated against the Defence financial systems (ROMAN and BORIS) records. This strategy is to ensure that Group and Service Heads understand and own the ICT activities that are performed within their own space.

We have enough visibility of the Defence ICT spend to continue to deliver the ICT Reform Program. The implementation of Shared Services will progressively reduce the visibility gap in line with delivery of the ICT Reform Program. Significant progress has been made in this area.

37. The reform of ICT in Defence involves significant up-front investment in order to achieve long term savings and improvements in Defence’s ICT support to its military and corporate functions. In particular, the SRP reforms set out an aggregate savings target for the SRP ICT reform stream of $1.9 billion to 2019, to be achieved from an investment of $940 million over the four years 2009–10 to 2013–14. However, Defence informed ANAO in October 2011 that it was unable to provide the underlying evidence supporting the derivation of the savings target, as it comprised estimates developed by external consultants using proprietary estimation techniques. In this circumstance, there is little evidence available to validate the processes used to develop the SRP ICT savings target. While the work undertaken by Defence over the first two years of the SRP has given CIOG a much better understanding of Defence-wide ICT costs, it does not constitute a basis for validating the SRP ICT savings targets and investment schedule, or assessing the likelihood of the savings being realised.

38. Defence has developed Key Performance Indicators (KPIs) to measure the cash and non-cash benefits derived from the implementation of ICT projects. The non-cash KPIs provide an overview of the non-financial performance of Defence ICT reform activities, however only four of the total of 18 non-cash KPIs have established baselines, diluting their value to managers and decision-makers.¹⁹ KPIs are more informative to decision-makers when they are prepared and reported with a frequency that supports the particular measure concerned, and Defence’s non-cash KPIs relating to ICT would benefit from better-specified time-bound measures in order to provide information to decision-makers that is comparable over time.

39. Defence has in place a register of ICT project issues and risks, and accountability for attending to these is assigned at CIOG’s weekly ICT reform meeting. However, the completeness of the CIOG ICT risk register, while improving over time, does not yet extend to all ICT risks, including those arising in other SRP reform streams. A key risk is that, while the majority of the SRP Reform Streams have some level of dependency on ICT capacity redevelopment, the mapping of SRP ICT interdependencies is still work in progress and is some way from completion. At present eight SRP streams are critically dependent on ICT initiatives, of which:

• seven streams are critically dependent on two or more ICT initiatives;
• most are heavily reliant on the early success of ICT initiatives for their long-term, overall success; and
• some are dependent on the same ICT initiative.

40. Ideally, the mapping of SRP ICT interdependencies would have received early attention. However, the first such mapping was only available within Defence from November 2010, and then only at a high level of generality. Mapping and managing ICT project interdependencies is important if Defence is to manage and deploy its ICT staff to greatest effect. Defence currently estimates its shortfall of core IT staff at 350 people, and the marked shortage of personnel to undertake the extensive ICT reform agenda ranks near the top of the risks cited for most Defence ICT initiatives.

41.Defence informed the ANAO that this is a challenging issue that is receiving significant senior management focus and, in October 2011, Defence entered into preferred partnership contracts with five key IT service providers. The partnership arrangements have the potential to afford Defence some flexibility in deploying its core IT staff and some resilience in the event of unexpected demands. However, building and retaining a core IT capacity to support Defence’s sustained program of ICT reform remains a significant challenge and a continuing, significant risk.

Chapter 4 - Chief Information Officer Group management maturity

42. Management maturity models, notably the Portfolio, Programme and Project Management Maturity Model (P3M3®) of the UK Office of Government Commerce (OGC),²⁰ are now being widely applied to assess and help lift standards and capability in public sector management. In November 2010, CIOG received the results of a P3M3® assessment undertaken by an independent consultant.²¹

43. CIOG’s assessed P3M3® maturity ranking of Level Two – Repeatable Process (briefly described at paragraph 18) was in line with those of equivalent ICT management entities within other large Australian Government agencies.²² The key difference however, is that no other agency is currently undertaking such a large ICT-enabled business transformation as Defence’s ICT reforms and the SRP.

44. Defence’s shift from individual Services and Groups developing and managing their ICT, to a coordinated approach with CIOG as coordinating capability manager for all Defence ICT is consistent with CIOG becoming Defence’s ICT program manager within a larger portfolio. On this basis, the P3M3® assessment of CIOG is a reasonable guide to assessing the maturity of CIOG as a program manager with significant and diverse responsibilities for ICT within the Defence portfolio, including for ICT in the SRP investment portfolio.

45. The importance of improving the maturity of Defence’s management of its ICT is accentuated by the scale of the ICT reform program and the underpinning and interdependent role improved ICT capacity will play in achieving the SRP objectives. Eight SRP streams (out of a total of 15) were found to have a critical dependency on CIOG ICT initiatives, creating a single-point-of-failure risk to more than half of the SRP streams. A high level of accurate and timely information on the progress of ICT initiatives is therefore essential to managing risk and realising benefits. However, while ICT is an essential enabler of major SRP Streams, CIOG has not always been incorporated as a full partner into those SRP Streams with heavy dependencies on ICT initiatives. A March 2011 internal Defence steering group found that:

For the majority of projects, CIOG does not have visibility of when the SRP benefits are to be realised. Hence the desire to synchronise capability development and delivery with benefit realisation is a matter of luck rather than planning.²³

46. Further, for the first time, Defence is operating with a fixed long-term funding model, setting the real rate of growth of funding to 2029–30.²⁴ Each year the Defence ICT budget will be reduced to achieve gross savings of $1.9 billion over the 10 years to 2019. This places additional pressure on CIOG to become more efficient and effectively manage its risks. Positively, the P3M3® assessment indicated that CIOG was on the path to providing effective management of Defence’s ICT investment program, with some achievements to note and potential for more consistent application of management processes and improved coordination.

47. Defence’s recent reviews of ICT reform in March and July 2011 noted that CIOG had successfully moved its focus from planning to executing ICT reforms. Defence informed the ANAO in December 2011 that it was making progress in partnering CIOG with SRP streams, notably in the human resource, finance and logistics domains, and hoped to extend the approach to other domains during 2011–12. However, further progress will also depend upon senior leadership support for corresponding improvements in the maturity of Defence’s broader ICT governance and planning arrangements at the portfolio level. In particular, Defence would benefit from improved whole-of-enterprise ICT governance arrangements, including the setting of clear accountabilities across senior committees, improving the quality of management information (including ICT budgets and expenditure), and the active, high-level management of processes for resolving competing priorities and deciding trade-offs between ICT projects and stakeholders’ ICT preferences.

Agency response

48. Defence responded to the report as follows:

Defence acknowledges the findings contained in the audit report on the Oversight and Management of Defence's Information and Communication Technology and agrees with the two recommendations.

Defence has made significant progress on capacity and capability building in the ICT project, program and portfolio management areas since the commencement of the Strategic Reform Program. However, more work is required and this activity is already underway.

Defence, through the Chief Information Officer Group (CIOG), has sufficient resources to support military operations and reform activities. Resource constraints are being applied to lower priority, non-reform related ICT activities. CIOG has recently entered into partnership arrangements with five industry specialist companies to provide additional project capacity, in particular to major reform activities such as the next generation HR and financial systems. Resources will continue to be closely managed to ensure high priority reform activities are delivered

Defence remains committed to the delivery of the Strategic Reform Program (SRP) and acknowledges the challenges associated with a reform program of this magnitude. Defence also notes that not all the SRP reforms are dependent on ICT investment for program activities or savings. The SRP is progressing well and exceeded savings targets in its first two years. Defence is committed to managing the complexities of the reform programs and continues to drive ICT reform initiatives to ensure Defence's ICT requirements are met.

Footnotes