Government is not investing enough in ICT

government ICT

In the 1990’s the Americans had a catchphrase as markets dropped drastically; “shrink your way to success.” In New Zealand the catch cry in the last few years within government has been “do more with less.” That approach has seen a sinking lid across Government on ICT spend.

This approach is a cause for concern, the effects of the lack of maintenance in core ICT infrastructure and applications is increasingly starting to spill into the public arena. While privacy breaches are a result of business failure, because the technology is doing exactly what it was designed to do, the underlying ICT infrastructure and applications are slowly falling behind, decaying, and as such, present a real problem for Government agencies as the use of technology grows and the demand for online services increases.

The current spend for ICT Services across all government is estimated at about $1.9B per annum (2012 figure). If you split this across the number of full-time positions in central and regional government, this works out to about $5,500 per annum. A figure which some has seen as unreasonably high. But its an incorrect and blunt calculation. The reality is that more than 25% of the country have some online interaction, using ICT, with Government. That drops the figure to a conservative $1,900 per person per year.

Not investing in your core assets can lead to serious problems. Sweating assets, because of a sinking operational cost, is a temporary solution but one that government has been doing with ICT for nearly nine years. In addition, the political push to utilise “All of Government Services”, further delays the decisions on investment in ICT.

The government CIO and ICT organisation faces an uphill battle to educate general managers, CEO’s, and their ministers about what ICT actually is. The level of knowledge at a business level in New Zealand about what ICT is and how it is applied is low. Most business leaders see ICT as a pure cost overhead and nothing more. This leads to continued pressure on operational spend and means that services that ICT need to deliver are curtailed. Spend on softer areas such as security, disaster recovery, mobility, and even standard upgrades like desktop operating systems are pushed out.

The cumulative effect is one of risk. Not investing in ICT means increasing risk of systems failures, security breaches, outright technology failures, increasing costs, no skilled resources to manage the services, poor decision making, and a massive gap between where the world’s ICT is at and where we are at; somewhere around 2004 I would suggest.

It has now been several years for a number of agencies since they last completed technology updates. They’ve put those off to save costs and as a result find themselves in perilous positions. Windows XP is a good example of this, the fact that the majority of agencies seem unable to upgrade a simple desktop operating system is a telling sign.

Those updates can’t be put off forever. At some stage agencies are going to have to go cap in hand to Treasury, a money focussed, not ICT focussed agency, to request hundreds of millions of dollars to complete upgrades. It is inevitable.

Because we have not spent enough money on ICT in the last few years we are going to be forced to play catch up at great cost.

So what do we do?

We need to invest more money in ICT in order to get ourselves back up to a level of technology that can support the government moving forward. Easy right? It’s an easy statement, but it requires a complex approach.

1. Pay for an overview of what you have and where you might go.

You need to figure out where you are. That means a scan of your ICT services in terms of age, risk, cost, and management.

Strategy is not something that kiwis do well. Be honest. We create “strategy” that then is published to a bookshelf where it sits and languishes. A proper strategy is a war plan. It needs to be created in broad terms, be changeable quickly, and be available to everyone. Create a war plan. Take your people away for a couple of days and draw it on a board. If it can’t be fit on an A3 page, its probably worthless.

2. Be very cautious of “All of Government” services.

Everyone thinks it and no one says it. So let’s be honest again. The All of Government services in general are market price breakers and leaders at the early stage of their product life cycle and then the are moved to obsolescence. That’s because the market rallies against them. This means that if you get in as an early adopter it is likely that you will save money. But as the time passes, the wider market reduces cost while increasing functionality making the All of Government service more expensive and less flexible than something you can buy from a vendor or partner.

Check where the All of Government service is in it’s life cycle and match it against the wider market.

3. Start planning for Cloud services now.

This stuff isn’t rocket science anymore for commoditised ICT Services.

Let me give you an example. To setup and manage a test and development environment on Amazon will cost you around $5,000 upfront and $500 ongoing monthly. The data is in Sydney and its a local New Zealand ICT company that manages it for you. You turn that system on in the morning, and off in the evening, it scales further than you’ll ever need, and its as cheap as chips.

Likewise Microsoft’s Azure.

Targets for Cloud that make financial sense are Test, Development, other associated environments (UAT), disaster recovery, desktop office services, and email. There are plenty of local New Zealand ICT companies who do this stuff now.

4. If you haven’t, pick a standard virtual solution and get it rolled out.

This is the only way you will consolidate your infrastructure, standardise your infrastructure, and leave yourself in a position where you can move your legacy, bespoke, applications into the Cloud. It’s not easy, but its doable.

5. Establish yourself as an ICT Service Organisation and introduce cost models.

It is far too easy for the business to look at ICT as sunk revenue when they themselves are the ones that are simultaneously increasing your cost while slapping you with the other hand because its too expensive.

Picking ITIL level 1 maturity with a simple cost model will take a year for a larger organisation to deploy. It will mean that you can go back to the business and show them how much it costs to deliver a service that they have demanded. It pushes that investment discussion back into the business area with ICT as a guide.

6. Invest in your staff.

I’m quite passionate about this, so you will excuse me if it comes across somewhat emotive.

The reason that we are shedding skilled ICT workers in government is because we treat them very badly. Come on, let’s be honest, even as a CIO of a government agency you will be getting substantively less than your private counterparts while you have an arguably more complex and critical role than they.

On average, government pays their ICT staff 20% or more under market rate. Why? This is a completely ridiculous and illogical thing to do. People won’t work for you, unless they are desperate, and they certainly won’t stay.

Government offers fixed term employment contracts as standard for ICT roles. This is also stupid. Why would I move from a secure job to one where I only had a few months of work?

Government doesn’t train its ICT staff anymore. It used to be that even though government ICT workers were slightly less paid than their private peers, that the training benefits offset the cost. We don’t invest in our ICT resources at all any more. Every other organisation in the world does. If you are a hospital its mandatory, if you are in any trade work its mandatory, any skilled profession requires ongoing training.

Government is still very “command and control” in an age where the rest of the world has given it up. An example of this is the anti-work from home attitude that you find. Making prisoners of your staff are only going to make them, and you, unhappy. Loosen up on the work, life balance and instead of clock watching, start results watching. Does it matter where someone works from, the hours that they work, and how they get the job done as long as it gets done?

Government needs to come a very very long way and quickly with how it treats its ICT organisation from CIO to front line staff or it will find that no one will want to work for them.

7. Educate your executive.

The majority of issues that are laid at the feet of ICT originate within the business itself. Educate them on this.

Privacy issues are usually the result of business problems, security issues arise from a lack of investment in that area, technology failures arise because of a lack of funding, services are inflexible because they are old, projects go bad because the business has “get there itis”, programmes fail through lack of business input.

8. Talk to each other.

I’ve worked in over a dozen agencies over the years and I offer this observation:

Every agency thinks that their issues are unique and that their business requirements for ICT are unique. They aren’t. They are nearly always the same. That means that someone out there has already solved the problem you are having today and you’ve solved a problem they were having.

9. Talk to private organisations.

They are miles ahead of government. Why? Go and find out how they do that.

10. Buy two books and invest in yourself.

The first is the “Business Models for Social Mobile Cloud.” This is an excellent book written at an easy level that talks about the future of ICT. It is important. While it is a new model, it is coming into existence rapidly.

The second is “Leadership and Self-Deception.” This book talks about a new leadership model that, while it takes some time to get your head around and master, is very valuable.


  1. Most of the things you’ve written here are spot on with my experience. From what I’ve seen the really big lack in NZ Govt ICT is people – the ICT staff. Not because they leave (the positions are usually filled again) – but because the number of positions are simply not enough.

    I’ve seen ICT staff ratios which are astonishingly different to anything that would be seen as viable in the private sector. You don’t get decent monitoring and proactive maintenance if the staff are barely able to cope with fire-fighting. Some places seem be set up really well (I listened to a great interview about release management in IRD recently) but many areas of Govt ICT are barely able to cope with business as usual.

    I see the lack of investment in security, for example, as being mostly about lack of staff investment – not technology. You can invest in the fanciest SIEM gadgets you like but if you don’t have staff with time to check the reports and act on the results then it’s all a waste of money.

    The MSD kiosk fiasco reeked of an ICT group that had too much on and did everything in a rush – getting DiData in for an audit was good, but I’m guessing that they didn’t ignore the report because they just couldn’t be bothered but because other pressures were put on them to get those things working and to move onto something else (yes – I’m guessing – incompetence is a possibility but I doubt it).

    The other issue I have is that some areas are not easily able to use cloud. I know that healthcare can’t (easily) migrate to AWS or Azure I would not be surprised if this was also the case for other areas of Govt.

    1. Great comment, and yes you are right, there should have been a bit more focus on the staff.

      I’ve watched over the last twenty years govt go from mentoring programmes, high quality professional path planning, and excellent training to treating people quite badly. Government ICT is quite a miserable existence for a lot of staff in what should be a very exciting profession.

      I agree with the MSD comment. I doubt incompetence, I suspect overload. One agency I worked for in the past had no less than THIRTEEN different audits each year in the space of three months. There was little the ICT organisation could do with the ream of recommendations that came from that given the level of resource.

      Not all use cases are appropriate for Cloud, but I think that the link you referred too has some of the old fear, uncertainty, and doubt (driven by ignorance of the technology) displayed.

      I’d argue that Cloud deployed correctly, regardless of location, is far more secure than the Ministry of Health could ever afford to deploy. Deep encryption of data on the Cloud provider platform, double encrypted transmission of that data, and a host of other security services are available.

      I worked on the Government Cloud Programme for six months, my role was to study the viability of a Government Community Cloud. It is possible, but it relies on some very different thinking in terms of its management. I.e. The existing IaaS could be used to home that service but it would require radical change.

      If we choose to constrain ourselves to retaining data in New Zealand then what we are really saying is that we choose to only deal with New Zealand owned onshore companies and we are prepared to pay around 500% more than if we want to offshore.

      The cost is very compelling FOR SOME services. I.e. A client of mine ran a DR test at a cost of around $150,000 and required all the infrastructure to be in place (cost of millions). I saw a private company recently stand up a similar test using AWS and it cost about $150 to run and $5000 to setup. There will be a point where the cost is so compelling that all other factors will be overridden.

      There are two tricks to Cloud. Having a mature ICT organisation and an educated executive. Understanding that Cloud itself is about 20% of the cost and effort in terms of taking up that service; it takes a hell of a lot of planning in other words.

      Its an interesting debate.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: