Figure 1

1,743 views

Published on

0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,743
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
17
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Figure 1

  1. 1. ICT Strategy Enabling the Glasgow City Council e-Government Strategy Strategy Product Version 0.4 (Draft) Transformation in Partnership
  2. 2. Contents 1 INTRODUCTION..................................................................................................... 6 1.1PURPOSE...................................................................................................................................6 1.2SCOPE......................................................................................................................................6 1.1.1 Scope Inclusions...................................................................................................................................................6 1.3STAKEHOLDERS............................................................................................................................8 2 APPROACH TO ICT STRATEGY WITHIN ACCESS.....................................................10 1.4STRATEGY DEVELOPMENT WITHIN ACCESS.........................................................................................11 1.5STRATEGY CONSULTANCY AND ADVICE WITHIN ACCESS...........................................................................11 1.6STRATEGY COMMUNICATIONS WITHIN ACCESS.....................................................................................12 1.7STRATEGY GOVERNANCE WITHIN ACCESS..........................................................................................12 1.8ADOPTION OF ENTERPRISE ARCHITECTURE AS THE BASIS FOR ICT STRATEGY.......................................................12 2.1.1 Enterprise Architecture Layers..........................................................................................................................13 2.1.2 Enterprise Architecture Framework..................................................................................................................18 2.1.3 Enterprise Architecture Reference Models (Blueprints)...................................................................................19 3 STRATEGIC DRIVERS............................................................................................. 20 1.9BUSINESS VISION .......................................................................................................................20 1.10 BUSINESS OBJECTIVES................................................................................................................21 1.11BUSINESS CONSTRAINTS..............................................................................................................22 1.12EXTERNAL INFLUENCES................................................................................................................24 3.1.1 E-Government Interoperability Framework......................................................................................................24 4 CURRENT SITUATION........................................................................................... 25 1.13CURRENT APPLICATION SITUATION...................................................................................................25 1.14CURRENT INFRASTRUCTURE SITUATION..............................................................................................27 4.1.1 Current Server Estate.........................................................................................................................................27 4.1.2 Current Domain and Directory Services ...........................................................................................................28 4.1.3 Current File and Print Services..........................................................................................................................29 4.1.4 Current Messaging Services...............................................................................................................................29 4.1.5 Current Desktop Estate......................................................................................................................................31 4.1.6 Current Printer Estate........................................................................................................................................31 PRINCIPLES............................................................................................................ 33 1.15BUSINESS PRINCIPLES.................................................................................................................33 1.16SERVICE PRINCIPLES...................................................................................................................41 1.17SECURITY PRINCIPLES .................................................................................................................44 1.18DATA PRINCIPLES.....................................................................................................................50 1.19APPLICATION PRINCIPLES.............................................................................................................56 1.20INTEGRATION PRINCIPLES.............................................................................................................59 1.21INFRASTRUCTURE PRINCIPLES.........................................................................................................60 ICT Strategy Page 3 of 152
  3. 3. RECOMMENDATIONS ...................................................................63 1.22SECURITY RECOMMENDATIONS.......................................................................................................63 4.1.1 Channel Security Capabilities............................................................................................................................64 4.1.2 Application Security Capabilities.......................................................................................................................65 4.1.3 Data Security Capabilities..................................................................................................................................66 4.1.4 Integration Security Capabilities........................................................................................................................67 4.1.5 Infrastructure Security Capabilities...................................................................................................................68 4.1.6 Physical Security Capabilities.............................................................................................................................69 1.23APPLICATION RECOMMENDATIONS...................................................................................................71 4.1.7 Interaction Channels Capabilities......................................................................................................................73 4.1.8 Business Management Capabilities...................................................................................................................84 4.1.9 Specialist Recommendations.............................................................................................................................97 4.1.10 Platform Recommendations..........................................................................................................................104 1.24DATA RECOMMENDATIONS.........................................................................................................109 4.1.11 Business Intelligence Capabilities..................................................................................................................109 4.1.12 Knowledge Management Capabilities...........................................................................................................111 1.25INTEGRATION RECOMMENDATIONS.................................................................................................113 4.1.13 Channel Integration Capabilities...................................................................................................................113 4.1.14 Data Integration Capabilities.........................................................................................................................114 4.1.15 Process Integration Capabilities....................................................................................................................115 1.26INFRASTRUCTURE RECOMMENDATIONS.............................................................................................118 4.1.16 Sharing Capabilities.......................................................................................................................................119 4.1.17 User Device Capabilities................................................................................................................................120 4.1.18 Hosting Capabilities.......................................................................................................................................121 4.1.19 Storage Capabilities.......................................................................................................................................123 4.1.20 Remote Connectivity Capabilities..................................................................................................................124 4.1.21 Fixed Connectivity Capabilities......................................................................................................................125 4.1.22 Mobile Connectivity Capabilities...................................................................................................................126 .............................................................................................................................................127 5 CURRENT TRANSITION INITIATIVES....................................................................128 5.1.1 Launch of the Enterprise Service Centre.........................................................................................................128 5.1.2 Infrastructure Transformation ........................................................................................................................128 1.27 APPLICATION TRANSFORMATION .................................................................................................129 6 CURRENT STRATEGIC OPPORTUNITIES..............................................................131 1.28OFFICE IMPROVEMENT PLAN.......................................................................................................131 1.29VEHICLE TRACKING BUSINESS REQUIREMENTS....................................................................................131 1.30LAND AND ENVIRONMENTAL SERVICES BUSINESS REQUIREMENTS...............................................................131 ICT Strategy Page 4 of 152
  4. 4. 1.31CORPORATE ADDRESS GAZETTEER INTEGRATION......................................................132 7 STANDARDS....................................................................................................... 133 APPENDIX A – CURRENT TRENDS.........................................................................134 1.32SECURITY TRENDS...................................................................................................................134 1.33DATA TRENDS.......................................................................................................................135 1.34APPLICATION TRENDS...............................................................................................................136 7.1.1 Collaboration Application Trends....................................................................................................................137 7.1.2 Business Application Trends............................................................................................................................141 7.1.3 Integration Trends...........................................................................................................................................143 1.35INFRASTRUCTURE TRENDS...........................................................................................................145 7.1.4 User Device Trends..........................................................................................................................................145 7.1.5 Server Trends...................................................................................................................................................146 APPENDIX B – GLOSSARY OF TERMS....................................................................148 APPENDIX C – REFERENCES.................................................................................. 151 ICT Strategy Page 5 of 152
  5. 5. 1 Introduction This document sets out an ICT Strategy that describes key technical recommendations for the Services provided to Glasgow City Council. The key strategy will underpin the Council’s own e- Government strategy which sets out how the Council will leverage technology to improve and transform its Services and the City. This ICT Strategy documents the transformation of ICT, specifies principles and standards that will be used as the basis for governing conformance with the strategy and provides recommendations for how ICT can be used to transform Council services. 1.1 Purpose The purpose of the ICT Strategy is to provide the stakeholders listed in the next section with a view of how the Services provided by ACCESS to Glasgow City Council will evolve to support the transition of the Council’s own Business and Services. It will be used to assure that ACCESS leverages the latest and most appropriate technology to deliver business requirements and to minimise cost of ownership to the customer by focusing on consistency, re-use, and the use of best of breed ICT technology. It will be used to communicate the strategy to customers within Glasgow City Council to demonstrate how the ICT services will evolve to support their future needs and will be used within ACCESS to communicate to development and support teams the strategic direction for the ICT Services and will form the basis for assuring (through governance procedures) the delivery of the ICT Strategy. 1.2 Scope 1.1.1 Scope Inclusions This document describes the ICT Strategy for the ICT Services provided by ACCESS to Glasgow City Council and its Affiliates. It provides technology recommendations for:- ICT Infrastructure • The server side (application and web hosting, storage, backup and restore, etc) • The client-side (user devices) such as personal computers, mobile devices, etc. • Voice and data communications (fixed and mobile) • Software Applications ICT Strategy Page 6 of 152
  6. 6. • Desktop/office applications • Business applications (e.g. Finance, Human Resources, etc) • Specialist applications • ICT Security • Authentication, logging and auditing ICT Strategy Page 7 of 152
  7. 7. 1.3 Stakeholders The following stakeholders have been identified for the ICT Strategy and they have the following interest/concerns:- Table 1 ICT Strategy Page 8 of 152
  8. 8. STAKEHOLDER Third party Council partner for Service (e.g. Health) ACCESS Partners and Suppliers IT Function of Council Affiliate ACCESS Employees Council Services Councillers Citizens NEED Understand the technologies that are available to Glasgow City Council to deliver transformation of its services a a a a a a a To gain an understanding of the business reasons and justification of the approach that ACCESS has to delivering ICT a a a a a a Services on behalf of Glasgow City Council Understand how ACCESS is focussed on delivering high-standard and high-quality services to the Council and (where applicable) a a a a a it's affiliates and partners Understand the value-add of the ACCESS Joint Venture with respect to blending Public/Private experience (and in particular familiarisation with Glasgow City Council) to deliver a coherent a a a a technology strategy aligned to the Council's e-Government Strategy Understand the extent of the ACCESS ICT Service portfolio and the technology direction of this portfolio a a a a Understand how ACCESS can enable interoperability with National Projects a a a Understand the basis to which ACCESS selects the most appropriate technologies and makes recommendations to deliver business benefit aligned to business objectives to Glasgow City a a a a a a Council (and affiliates and partners for service) Understand how ACCESS governs its ICT Strategy to ensure that ICT Service developments are aligned to the ICT Strategy and therefore (by implication) the Council e-Government Strategy a a a a a Understand how ACCESS can deliver value for money through implementation of a strategic approach a a a a a Understand the framework within which suppliers and partners must conform within to be integrated within ICT Services provided a a a by ACCESS where ICT products fit within the ACCESS ICT portfolio Understand and strategy a a ICT Strategy Page 9 of 152
  9. 9. 2 Approach to ICT Strategy within ACCESS ACCESS regards the management of the ICT Strategy as a Business As Usual activity rather than an adhoc activity upon request. “Strategy and Governance” is described as a core function of the ACCESS Operating Model and the approach described within this section are underpinned by Policy, Processes and Procedures within the ACCESS Quality Management System. The capability is delivered by a Strategy and Governance team that draws upon the public and private sector with skills, knowledge and experience of ICT Strategy development, ICT Architecture and Glasgow City Council’s ICT environment as well as Scottish and UK Government ICT projects. This approach to delivering and managing Strategy is summarised in Figure 1 STRATEGY COMMUNICATIONS STRATEGY STRATEGY CONSULTANCY GOVERNANCE AND ADVICE STRATEGY DEVELOPMENT STRATEGY STRATEGY REQUIREMENTS CHANGE MANAGEMENT MANAGEMENT RESEARCH AND TREND ANALYSIS Figure 1 Approach to ICT Strategy within ACCESS Figure 1 provides an illustration of the approach that ACCESS has adopted to ICT Strategy. The following sections describe in more detail how ACCESS manages these aspects of the ICT Strategy ICT Strategy Page 10 of 152
  10. 10. 1.4 Strategy Development within ACCESS At the heart of the method is the development of the Strategy which includes the analysis of the business vision, strategy, objectives and constraints (as described in the Council Plan [1] and e-Government Strategy [2], in the case of Glasgow City Council), internal ICT Service Plans, analysis of technology industry trends, and ICT suppliers’ roadmaps and developing a strategy that matches the business strategy to technology to realize the maximum business benefit to the Council. The output of this exercise is:- The ICT Strategy This document (which serves as an aide to communicate the Strategy) Principles and Standards Which define the constraints which ACCESS will place onto the development of ICT services within ACCESS to enable the strategy. Recommendations Technology Recommendations for delivering ICT Capabilities that can be used to underpin business objectives. Reference Models Blueprints that provide the ACCESS development community and ACCESS customers with a view of what the ICT services will look like at a point in time. Metrics Measures of how mature the actual ICT Services are with respect to the ICT Strategy 1.5 Strategy Consultancy and Advice within ACCESS ICT Strategy Page 11 of 152
  11. 11. ACCESS has the capability to provide Consultancy and Advice on its Strategy to any of the Stakeholders. In particular ACCESS provides regular advice and consultants to its employees involved in developing services. 1.6 Strategy Communications within ACCESS Communications is a key aspect of Strategy and Governance as the primary purpose of the Strategy is to help the Stakeholders of the Strategy understand and comprehend the Strategy and its implications. 1.7 Strategy Governance within ACCESS ACCESS is particularly focussed on establishing strong governance to underpin its ICT Strategy to assure that the development of ICT Services is aligned to the ICT Strategy. A primary mechanism to achieve this is the introduction of Quality Gates into the development process to assure the development of ICT Services across the following dimensions:- Commercial Assurance – Assurance of Business Benefit Realisation and Total Cost of Ownership Service Assurance – Assurance that the ICT Services ACCESS delivers are not compromised, and indeed that developments focus on improving service Technical Assurance – Assurance of conformance with the ICT Strategy and Enterprise Architecture Supply Chain Assurance – Assurance that developments minimise unnecessary contractual impacts on suppliers and avoid unnecessary expansion of the supply chain. In addition to the quality gates, ACCESS is evolving its service development model to enable increased alignment to the ICT Strategy/Enterprise Architecture and to achieve greater reuse of existing Capability Standards. 1.8 Adoption of Enterprise Architecture as the basis for ICT Strategy ICT Strategy Page 12 of 152
  12. 12. ACCESS has adopted Enterprise Architecture as the basis for achieving Business/ICT alignment within the ICT Strategy. The ACCESS Enterprise Architecture is based upon industry best practice frameworks such as the Zachman Framework [3] and TOGAF (The Open Group Architecture Framework) [4]. The use of the term “Architecture ” within the context of ICT Strategy has emerged over the last decade and serves the same purpose as the traditional use of the word within the building trade. Architecture provides a blueprint of which multi-disciplinary teams can all use as the basis for building towards the customer’s strategic vision, ensuring that the output from different teams integrates with each other and delivers a cost-efficient and fit for purpose solution that fits within the overall strategy. The use of the word “Enterprise ” within the phrase “Enterprise Architecture” represents the close alignment of business and ICT. Thus, by providing a holistic approach to defining business and ICT strategies, Enterprise Architecture has (in recent years) proven to provide a solid basis for defining ICT Strategies that are closely aligned to Business Strategies The ACCESS Enterprise Architecture consists of three elements:- • Enterprise Architecture Layers • Enterprise Architecture Framework • Enterprise Architecture Reference Models (Blueprints) 2.1.1 Enterprise Architecture Layers In general, the scope of Enterprise Architectures is deliberately large and all-encompassing. It is intended to provide a coherent blueprint across the business organisation and processes, services, security, software applications, operating systems, database technologies, server technologies, desktop and mobile computing technologies, and communications and connectivity technologies. Consequently it is necessary to decompose the Enterprise Architecture into discrete (but connected) layers that reflect a portion of the overall Enterprise that can be managed as self contained components. These layers can be considered as ICT Strategy Page 13 of 152
  13. 13. architectures in their own right. Thus the overall Enterprise Architecture is built up from a number of discrete but interdependent architectures. There are various standards and frameworks available across the industry for decomposing the enterprise into layers. ACCESS has adopted The Open Group Architecture Framework (TOGAF) [4] as the basis for its Enterprise Architecture but has adopted it (and extended it) to tailor it to the ACCESS Business Model. The layers adopted by ACCESS are summarized below:- ICT Strategy Page 14 of 152
  14. 14. Business Security BUSINESS LAYER OUT OF SCOPE Business Services (see Glasgow City Council Application Security e-Government Strategy) APPLICATION LAYER Application Services Data Security DATA LAYER Data Services Integration Security INTEGRATION IN SCOPE LAYER Integration Services Infrastructure Security INFRASTRUCTURE LAYER Infrastructure Services Property Security PROPERTY LAYER Property Services Figure 2 - Enterprise Architecture Layers Business Architecture Layer ICT Strategy Page 15 of 152
  15. 15. The top layer of the Enterprise, the Business Architecture provides the blueprint for the business vision, drivers and constraints, business capability, process and organisation. The business layer of the Enterprise Architecture is out of scope for this document as it represents the Council’s own organisation, however the business vision, drivers and objectives of the Council from the Council e-Government Strategy [2] and Council Plan [1] are captured as the primary inputs into the ICT Strategy. Service Architecture Layer A layer that is perpendicular to many of the Enterprise Architecture Layers, the Service Architecture defines the blueprint for the exposure of Service between organisational boundaries, the provision of service to customers and the consumption of service from suppliers. It provides the blueprint in terms of Service Management considerations. The layer is considered as a vertical layer because ALL layers of the enterprise can be used to deliver service to customers or can contribute to the delivery of service to customers Security Architecture Layer Another vertical layer of the Enterprise Architecture, the Security Architecture provides the blueprint for Information Security across all layers of the Enterprise. By including security as a layer within the Enterprise Architecture ACCESS is bringing security to the forefront of its ICT strategy and governance to ensure that Information Security is built into its services as a matter of course and in a calculated and coherent manner. Application Architecture Layer Sitting beneath the Business Architecture layer but above the Data Architecture layer is the Application Architecture. The Applications Architecture provides the blueprint for the software applications utilised within the business layer. The scope of these software applications includes all software, including office applications, business applications, communications and messaging applications as well as specific software applications required to deliver particular services. It describes the functionality provided by the software applications estate and contains the catalogue of the complete set of software applications leveraged across the business together with the functionality that they provide. The Application Architecture will ICT Strategy Page 16 of 152
  16. 16. provide the roadmap for how software applications will evolve to reduce costs, improve quality and deliver the business strategy. Data Architecture Layer ACCESS has deliberately introduced the Data Architecture layer into the Enterprise Architecture to enable ACCESS and its customers to manage information as a corporate asset by providing an enterprise-wide approach to information management. The Data Architecture layer will provide a corporate data model which will describe information from an enterprise wide perspective and will contain reference models of how the data entities described in this model are managed across the application architecture. The Data Architecture layer will also provide an enterprise-wide blueprint for Master Data Management and Business Intelligence. Integration Architecture Layer Traditionally disparate applications have been integrated in an ad-hoc manner using a variety of technologies (centred on batch file integration). This can result in an ever increasing complex network of point-to-point integrations resulting in the daisy-chaining of information across multiple applications (rather than sourcing data from a master repository), data inconsistencies, latency, high cost of ownership, unnecessary complexity, inflexibility and fragility in the Application Architecture and Business Architecture. To raise the focus on the problems of point-to-point integration and to begin to establish an enterprise-wide approach leveraging real-time transactional integration technologies such as Enterprise Application Integration (EAI) or Enterprise Service Bus (ESB), ACCESS is introducing an Integration Architecture Layer. This Layer will provide an integration blueprint that will underpin goals of the Business Architecture, Application Architecture, Data Architecture, Service Architecture and Security Architecture. Infrastructure Architecture Layer The Infrastructure Architecture provides the blueprint for the underlying physical ICT Technology that is used to process and store applications and information. It provides the blueprint for server technology, storage technology, communications and connectivity ICT Strategy Page 17 of 152
  17. 17. technology, as well as user devices such as laptop and desktop computers and mobile devices. Property Architecture Layer The Property Architecture provides the blueprint for facilities and properties. The incorporation of property as a unique layer within an Enterprise Architecture is aligned to the objectives to achieve synergies between property and ICT. It is rare for Enterprise Architectures to include property and therefore represents a step beyond industry best practice that is currently unique to ACCESS. 2.1.2 Enterprise Architecture Framework The Enterprise Architecture Framework provides a structure for describing and defining the framework to which ICT development should be constrained and contains:- • A set of Principles (defined from the Council’s Business Objectives) that provide the basic rules for ICT Service Development within ACCESS • A high level definition of the capabilities provided by the Enterprise Architecture • A set of standards that outline the preferred technologies (and standard configurations) to deliver the capabilities in a consistent and coherent manner • A set of measures that can be used to measure compliance, conformance and maturity of the ICT Services against the Enterprise Architecture This is summarised in the below illustration:- ICT Strategy Page 18 of 152
  18. 18. BUSINESS OBJECTIVES Describe what the business wants to achieve CAPABILITIES MATURITY METRICS PRINCIPLES Provide the indicators of Describe the “functionality” Describe the implications of conformance and Provided by each layer of the the Business Objectives to performance of Capabilities Architecture. i.e. Provides the each layer of the Architecture portfolio of functionality against the Criteria of and define a set of high level Business Objectives, delivered to the business “Rules” Principles and Standards STANDARDS Describes the standard solutions and methods that will be used to deliver Capabilities based upon the Principles Figure 3 - The Enterprise Architecture Framework 2.1.3 Enterprise Architecture Reference Models (Blueprints) The primary challenge for any ICT Strategy is the ability to articulate the relationships to business benefits at one level and to articulate sufficient detail to make a practical difference on a day-to-day operational basis when technology decisions are being made on a regular (if not continuous) basis. Understanding the complex relationships between (and within) objectives, principles, standards, and how they relate to actual people, processes, information and technologies across all of the layers (Business, Service, Security, Applications, Data, Integration, Infrastructure and Property) can appear to be an overwhelming challenge. Indeed it is a challenge that most people in an organisation grapple with on a day-to-day basis. To address this ACCESS has adopted an Enterprise Architecture Modeling Tool in which the complex relationships and dependencies can be modeled and therefore managed, presented and communicated in a manner that can be understood across organizational boundaries. ICT Strategy Page 19 of 152
  19. 19. 3 Strategic Drivers This section describes the inputs that have been considered as the driving forces behind the ICT Strategy. Consequently the Drivers for the ICT Strategy bring together both the business Drivers (e.g. Business and Service Vision, Objectives, Strategy, etc) with ICT Technology Trends and Best Practice. The intention of the ICT Strategic Drivers is to ensure that the ICT Strategy has (on an ongoing basis) remains “Continuously Business Relevant” BUSINESS AND SERVICE VISION & OBJECTIVES EXTERNAL ICT TRENDS INFLUENCES STRATEGY CURRENT SITUATION Figure 4 - ICT Strategic Drivers 1.9 Business Vision The business vision and business objectives of Glasgow City Council can be found within the st “Access Glasgow - Creating a 21 Century City” Document [2] and these are summarised here for completeness. Glasgow City Council Vision Statement we want to: 'create a proseperous city for all Glaswegians'. That means creating a healthy, clean and safe city, with a strong economy, where citizens of all ages and backgrounds can work, learn and thrive. ICT Strategy Page 20 of 152
  20. 20. 1.10 Business Objectives Underpinning this Vision, Glasgow City Council has outlines five key business objectives that are specified within the Council Plan 2008-2011 [1] Key Objective 1 Improving the efficiency and effectiveness of our services Key Objective 2 Increasing access to lifelong learning Key Objective 3 Making Glasgow a cleaner, safer city Key Objective 4 Building a prosperous city Key Objective 5 Improving health and wellbeing The following principles are defined within the e-Government Strategy [2] to underpin the Council’s key objectives. These principles will be used to test all of the recommendations within this document. Removing the Boundaries. Principle 1 The Council will work to promote and deliver local government services where organisational boundaries do not matter Democracy, Openness and Transparency. Principle 2 Technology will be used to enhance the democratic process and to make the Council more accessible and accountable. Programme Governance Principle 3 Governance is vital to the delivery of Access Glasgow and effective reporting is embedded in the programme structure thus providing the required level of accountability. City Promotion Principle 4 The Council will actively promote the effective use of technology both outside the City to raise Glasgow’s profile and inside to ensure that all have access to the opportunities Customer Care Principle 5 The impact on the customer and their preference must be a consideration in the use of technology How Technology will be used Principle 6 Technology provides the means to transform the effectiveness of services Transformation of the Council Principle 7 Integrated reviews of organisation, process and technology solutions will increasingly support the transformation of our business Shared Services Principle 8 Business Transformation supported by technological solutions provide the means to remove waste and duplication while improving customer service Service Planning Principle 9 Consideration of technology requirements is a key service planning issue ICT Strategy Page 21 of 152
  21. 21. 21st Century Staff Skills Principle 10 Staff must develop an increased range of skills in order to deliver the Council’s e-Government agenda Strategic Partnerships Principle 11 Strategic Partnerships are a productive approach to delivery of robust e- Government services Partnership Working and Information Sharing Principle 12 Technology is an enabler of proper security and authentication for access to information and its effective use will build trust and confidence in electronic service delivery and information sharing Technology Building Blocks Principle 13 Continuous development is required to ensure value for money through a standards-based infrastructure of up-to-date technologies E-City Index and Action Plan Principle 14 Learning from others, benchmarking and measurement of performance are important to achievement of e-Government goals How Technology Can Make a Difference to Quality Life Principle 15 The Council has a duty as part of the social renewal of the City to ensure Citizens can participate in the Knowledge Society Charter of e-Rights Principle 16 The Council will work to ensure that the rights of citizens in the Knowledge Society are recognised and protected Access to Technology Principle 17 Provision of internet access by the Council addresses a fundamental right of citizens Promotion of the Benefits Principle 18 The benefits of using modern technologies will be promoted in order to enhance the life choices of our citizens Equalities Principle 19 Technology has the capacity to assist in addressing issues of equality and this should be a consideration for each project 1.11 Business Constraints Glasgow City Council recognises the following constraints associated with delivering the recommendations within this ICT Strategy:- Funding The global economic downturn is having a real effect on Scotland’s economy, with a recession looming. The Ernst & Young ITEM Club [5] forecast a 0.4% cut in output and a net loss of 26,000 jobs in 2009 compared with a 0.9% loss of GDP in the UK, suggesting that Scotland may be less affected than the rest of the UK. ICT Strategy Page 22 of 152
  22. 22. Funding is a perennial problem in the public sector and the reality is there will have to be sufficient funds to deliver all that Government would wish. Specific challenges affecting Glasgow City Council come from three successive years of zero Council Tax increase in pursuit of the Administrations priority for Council Tax stability and the significant cost of putting in place Equal Pay settlements. Cross Boundary Operations. Increasingly public sector organisations such as Glasgow City Council need to work seamlessly with other service delivery organisations both through public-private partnerships and closer co-operation with other public (e.g. NHS) or private service providers. The ICT Strategy needs to be cognisant of this by enabling Glasgow City Council and its partners to operate effectively and it needs to recognise the difficulty in achieving synergy across multiple organisations. Diversity of Service The range of services which are the responsibility of Glasgow City Council is considerable. Services include Social Care, Revenues and Benefits, Education, Sport and Culture, Development and Regenerations Services, Land and Environmental Services, and Direct and Care Services, and they all have unique requirements. Delivering a consistent customer experience across these services for its citizens necessitates however, a greater consistency of processes across these services supported by common ICT solutions. A distinct challenge of the ICT Strategy is to enable the delivery of specific ICT solutions where they are required for specific services and providing a common set of ICT solutions across all services that enable greater consistency in the Council’s overall service to its citizens. Transparency As a public spending organisation Glasgow City Council (like any other public sector organisation) has to provide a high level of visibility of value for money and is subject to a high level of scrutiny that necessitates a great deal of traceability. The ICT Strategy has to enable this through provision of suitable storage capacity, data access and information ICT Strategy Page 23 of 152
  23. 23. security to underpin the Council’s responsibilities (for example, for the Freedom of Information Act [6]). 1.12 External Influences 3.1.1 E-Government Interoperability Framework Joining up services across the public, private, education and voluntary sectors, including national and UK agencies will make a significant impact on the lives of citizens. Compliance with the e-GIF framework [7] is a pre-requisite in achieving the level of integration and data- sharing necessary to deliver the Access Glasgow vision for the City. ICT Strategy Page 24 of 152
  24. 24. 4 Current Situation This section provides an overview of the current ICT Services provided to the Council and some of the key challenges facing Glasgow City Council in achieving it’s objectives that are associated with the current ICT services provided to the Council. The ICT Services provided to the Council have evolved over many years and driven primarily from departmental perspectives. The result of this evolution is a high-degree of variability across the ICT Services, duplication and insufficient cohesiveness of the ICT Service as a whole at a corporate level. Investment associated with the ACCESS Joint Venture between Glasgow City Council and Serco is being used to address these Challenges. The opportunities associated with this investment are described in Section 5. 1.13 Current Application Situation The table below provides a summary of the total number of software applications in use across Glasgow City Council broken down by application type:- Type Business 1230 Desktop 176 Specialist 87 Tool 128 Platform 130 Totals 1751 Whilst a small number of these applications are used by all of the Council’s corporate and operational departments, a great many have been deployed specifically for the needs of one department. The current estate contains a proliferation of business applications developed to service a point requirement or a small user community. In total there are 283 applications that have ICT Strategy Page 25 of 152
  25. 25. been developed using desktop office applications (Microsoft Access) and serve small user bases. These represent approximately 16% the total application estate. Of these 283 applications, 73 hold sensitive or critical data. Multiple versions of the same application (mainly desktop applications and tools) are in use across the Council. The table below provides a summary of the volume of applications in use within each Council service area (including CSG and DACS affiliates). Type CE DRS LES SW/EDU FIN CSG DACS Business 209 117 455 224 47 135 94 Desktop 8 46 54 10 1 74 14 Specialist 0 2 72 0 0 87 3 Tool 18 11 43 6 4 126 11 Platform 3 2 8 0 1 23 2 Totals 238 178 632 240 53 445 124 The legacy of this situation is that Glasgow City Council now operates an application landscape where: • Elements of functionality and the associated deployment and support effort are duplicated in a number of departments. • Outwith corporate applications there is no standardisation of application versions resulting in duplicates support effort. • Applications operate as silos within departments. ICT Strategy Page 26 of 152
  26. 26. • Physical application data stores are geographically disparate and at times unfit for purpose. • Application integration is largely achieved using point to point batch interfaces between systems. • Council wide data and process visibility is low. • Benefits realisation is below optimal - only individual departments or projects see return on investments. The investment budget available for overall application upgrade and enhancement is diluted across many applications. A consequence of this that a number of service areas are using old or unsupported software to deliver business critical processes. 1.14 Current Infrastructure Situation The challenges outlined in this section represent the current state of infrastructure within Glasgow City Council. Many of these challenges are being addressed specifically as part of the transition of Services into the ACCESS Joint Venture between Glasgow City Council and Serco. As the Transition Projects are affecting the current infrastructure, this section contains out of date information but since it is being radically altered by the Transition projects it has been decided that this will be rewritten on completion of the appropriate phases of these projects. 4.1.1 Current Server Estate The Intel server estate supporting Glasgow City Council comprises of 293 Windows servers and 83 Novell servers. The vast majority of these servers are running legacy operating systems on legacy hardware (some of which are on non-supported versions of operating systems). The servers are also geographically dispersed over a large number of large and small sites which from a user perspective constrains access to applications to particular locations and from an ICT service The geographical diversity and inconsistency of the environments in which Servers are hosted has a negative affect on the service provided to the Council through variable application availability and longer service maintenance and repair times. ICT Strategy Page 27 of 152
  27. 27. The existing Glasgow City Council UNIX server estate consists of 44 servers located in 8 machine rooms. Platforms include: • Sun – approximately 32 servers • Bull – 6 running AIX and Linux • HP-UX – 3 but only 1 in production • Dec Alpha - running True 64. • IBM AS400 – 3 With the exception of two Sun V890’s the server base utilises older CPU technology. Most of the servers have reached End-Of-Line (EOL) using older versions of the Solaris operating system, which are no longer supported by Sun. The operating systems versions vary from Solaris 2.4 to Solaris 9. There is an Enterprise 10000 (E10K) server, which comprises 5 domains hosting, amongst others, the SAP production and QA/test environment. The storage for the above servers is mainly stand-alone apart from the E10K, which is connected to a SAN based on HP EVA storage, which it shares with some of the Windows based systems. The AS400 servers within the estate are currently supporting revenue generating applications and should be reviewed as part of the application rationalization. 4.1.2 Current Domain and Directory Services Microsoft domain services are currently provided by two NT 4.0 domains, and directory services by an Active Directory (AD) forest with four domains. The NT 4.0 domains are linked to the AD forest by two-way trust relationships. The exact number of users in each domain (AD and NT 4.0) is not known at this time, but it is estimated that around 12,500 users are in AD (with the vast majority in the user.ad domain), and 1,500 in NT 4.0. An MIIS server performs directory synchronisation with the NHS for contact and Distribution List (DL) information between messaging systems. ICT Strategy Page 28 of 152
  28. 28. Novell NDS and Bindery services also currently provide some directory services; these will be migrated as part of the Domain and Directory Service and the File and Print consolidation programmes. 4.1.3 Current File and Print Services The Council’s File and Print services currently provided to Glasgow City Council are delivered by 142 Novell and around 20 Windows based File and Print servers. The amount of data stored on these servers is currently unknown. These servers are geographically dispersed across a large number of sites. The current data storage practices associated with this situation are not conducive to meeting the requirements of flexible working as data storage is associated with particular locations. 4.1.4 Current Messaging Services The Current Messaging services are provided by a single Microsoft Exchange Organisation. This Exchange Organisation spans several domains including user.ad, city_building.ad and education.ad, with each domain hosting either Exchange 2000 or 2003 servers. The majority of Exchange services in the User domain are serviced from a centralised blade infrastructure storing around 650 Gb of message data. There are seven Exchange 2000 servers in the user.ad domain, which provide messaging services to the majority of departments, including Land Services; there are also two Exchange 2003 servers for the city_building.ad domain, and one Exchange 2000 server for the education.ad domain. These ten servers provide mailbox services for approximately 11,500 users. The GCC Exchange infrastructure connects to the Culture and Sport Glasgow (CSG) Exchange Organisation. This infrastructure is based on Exchange 5.5 and hosts 1580 mailboxes across three servers. The GCC Exchange infrastructure provides external SMTP mail routing for CSG. There is also a DirSync connector that performs directory synchronisation between the two Exchange organisations. There are currently 46 CSG mailboxes hosted on GCC Exchange servers in order to provide Blackberry Access. ICT Strategy Page 29 of 152
  29. 29. Message archiving services for the Exchange servers in the user.ad domain are provided by KVS Enterprise Vault on three servers storing approximately 1.4 TB of data. There is currently a project to implement KVS for servers in the City_Building domain. Outlook Web Access is provided to around 200 users in Social Work. The OWA interface has not been customised. The Blackberry messaging infrastructure consists of four servers running Blackberry Enterprise Server software 4.1.3, which are integrated into the GCC Microsoft Exchange Organisation. There are two servers running the primary components of Blackberry Enterprise Server, a server running the SQL components, and a server located in the DMZ, which performs the role of the Blackberry Message Router. These servers provide access for approximately 900 heavily used Blackberry devices. There are also a number of external connections to the Exchange organisation. Incoming Internet e-mail is filtered by the Postini managed service, which scans for viruses and unsolicited bulk e-mail. Outgoing Internet e-mail is currently not scanned by Postini. All external e-mail, including those sent via private connections such as NHS, are routed via the MIMESweeper servers and any internet mail is then forwarded to Postini. There are two MIMESweeper servers; one dedicated to outgoing mail, and one dedicated to incoming mail. Directory synchronisation with the NHS network is also performed via MIIS. ICT Strategy Page 30 of 152
  30. 30. 4.1.5 Current Desktop Estate The current desktop equipment environment has evolved over time and has been subject to diverse technical and organisational influences. This has created an estate with several flavours of operating systems, management toolsets and a Service Area based set of local application installations. While the desktop equipment in the current environment can provide service to the current user base it is not supporting the council’s ambitions for more flexible working and is difficult and inefficient to manage. The current desktop architecture is partway through a refresh which commenced in 2004. The intent was to deploy a single hardware and software image with the Altiris management tool, however, due to various localised requirements, the number of software images is still greater than one, Altiris is not everywhere and the file and print environment is a mix of Windows and Novell. • The following outlines the size and scale of the current environment • There are approximately 14,000 desktops and 2000 laptops across the whole GCC and affiliate estate • As many as 1600 individual Desktop Applications are reportedly used– although it is expected that these normalise to approximately 500 • There is a mixture of Novell, Windows Domains and Windows AD in place today • Approximately 6000 desktop machines are not in a domain. • Approximately 4000 desktops are outside of Altiris with no management or software deployment client. 4.1.6 Current Printer Estate The current hardcopy output environment within Glasgow City Council consists of a high ratio of devices to users. This current print environment consists of mainly older mono laser printers and a selection of colour devices, both laser and ink based. Most of these devices do not have duplex capability. Approximately 25% of the printer estate consists of a variety of personal printers ICT Strategy Page 31 of 152
  31. 31. (small LaserJets, dot matrix and DeskJet’s). It is strongly recommended that these units be retired due to their higher overall running costs and poor reliability. This current situation has arisen because no one has taken an holistic view of printed output facilities across the estate. There are a small number of Service Areas where a more strategic view has been taken including Development and Regeneration (DRS) and Education HQ. These areas are notable for their lower device to user ratio and lower pence per page costs. ICT Strategy Page 32 of 152
  32. 32. Principles The Principles list in this section define a core set of rules that can be used to maximise return on investment for future ICT development by improving the quality of decision-making during the development phase and by providing a means for governing ICT development to assure alignment to the Council’s business vision, objectives and strategy. The Principles are derived from the Business Vision, Objectives and Challenges. These Principles form the basis of the ICT Strategy by providing a set of top-level values that will be adopted for ICT development within ACCESS. They have a timeless quality because they define a value system and are therefore stable. Once Principles are established, only very slight adjustments should be needed to address changing business strategies and priorities. If significant modifications are required, their impact is rigorously assessed through a formal change management process. 1.15 Business Principles The business principles listed here are not intended to provide a complete set of prescriptive for the Council’s business, more they represent a core set of principles that are needed to enable the ICT to facilitate a modern and flexible Council Principle Statement Rationale Implications Primacy Of These principles apply to all • Consistency for all • All initiatives must be examined for Principles organisations within the • A common approach and compliance with these principles scope of the ACCESS service set of measures are used to • Non compliance must be resolved evaluate initiatives by changing the initiative not the principle Corporate Design decisions are made to • Service above self • Enterprise wide benefit could ICT Strategy Page 33 of 152
  33. 33. Principle Statement Rationale Implications Responsibility maximise the benefit to the require changes to business And Benefits enterprise as a whole • Decisions made from an processes. Maximisation enterprise wide perspective • Organisational units must yield greater long term demonstrate corporate benefits than those made responsibility and concede their from any particular own preferences for the greater organisational perspective benefit of the enterprise • Initiatives need to be prioritised by • This principle must not the enterprise for the enterprise. impede an organisational As needs arise, priorities must be unit operating effectively adjusted • Organisational units should ensure that initiatives conform to enterprise plans, roadmaps and priorities Control The Design decisions are made to • Design decisions and • Solutions and product lifetime Total Cost Of control solution total cost of product selections which costs will need to be evaluated as Ownership ownership consider and minimise the part of the design and selection cost of a solution over its process lifetime, and not just for its ICT Strategy Page 34 of 152
  34. 34. Principle Statement Rationale Implications creation, will lead to a more • The enterprise should recognise cost effective service that whilst point solutions may offer a lower setup cost, they are • This principle must not unlikely to offer the best long term impede solutions that are value for money when compared to scalable, robust, resilient, shared enterprise class function in line with user applications requirements and which are designed to meet relevant • Solution total cost of ownership service levels should be evaluated in line with long term business savings, It is recognised that timescales will service benefits and process demand short-term tactical efficiencies solutions, however where they are implementing it is important to understand the total cost of ownership of extending or migrating the solution to deliver all of the requirements at a later date. Requirements Changes to applications and • To ensure that the purpose • Changes will follow full Based Change technology are only made in of any proposed change is examination of the proposed ICT Strategy Page 35 of 152
  35. 35. Principle Statement Rationale Implications response to business or for sound business or change using the enterprise service needs service reasons architecture principles and standards • Unintended effects on the enterprise due to • Change is not undertaken unless technology changes will be there is a documented business or minimised service need However a change in technology may provide an opportunity to improve a business process or assure a service. Where this is the case opportunities should be registered for candidate business cases to deliver true business benefit and consequently, business requirements be derived from the potential improvement. This principle must not interfere with the need to ICT Strategy Page 36 of 152
  36. 36. Principle Statement Rationale Implications provide responsive emergency remedies as part of an assured service Common The enterprise utilises • The enterprise should • Enterprise wide best practice Functions And common business functions ensure that all organisations processes used by common Services for common business utilise common shared business functions may differ from requirements services and business those currently used by a particular functions for common organisation business requirements • Organisational units should • Common functions enable concede their internal functions an agile and efficient where common shared service enterprise where change functions are established impact is minimised and efficiency gains are • The enterprise should be prepared maximised to commit change management resources to organisations during • This principle must not the implementation of common impede an organisational functions and shared services unit operating effectively ICT Strategy Page 37 of 152
  37. 37. Principle Statement Rationale Implications Common The enterprise utilises • A skills based resourcing • The implementation of a skills Resources common multi skilled model is more efficient than based resourcing model will resources within and across a headcount based model. require the enterprise to commit organisations and functions • Multi skilled resources are change and people management wherever possible able to perform a number of resources to affected organisations different tasks. As a result resource utilisation can be • Organisational units should maximised concede the unutilised time of their internal resources where cross • A multi skilled workforce training opportunities exist provides business agility and flexibility • The cost of cross training should be balanced against the • This principle must not efficiencies offered by multi skilling impede an organisational resources. Only when a viable unit operating effectively business case exists should cross training be undertaken Common The enterprise utilises • The enterprise should • Enterprise wide best practice Processes common best practice ensure that all organisations processes may differ from those business processes for utilise common best currently used by a particular ICT Strategy Page 38 of 152
  38. 38. Principle Statement Rationale Implications common business practice process so that the organisation requirements return on the investment required to develop and • Organisational units should deliver these is maximised concede their internal processes where common processes are • This principle should not established impede an organisational unit operating effectively • The enterprise should be prepared to commit change management resources to organisations during the implementation of common processes Compliance Enterprise processes comply • Enterprise policy is to abide • The enterprise must comply with With Law with relevant laws, policies, by laws, policies and laws, regulations and external regulations and best practice regulations policies regarding the collection, standards. The enterprise processing, retention and should be able to provide • The adoption of and management of data evidence and assurance of compliance with best compliance practice standards will allow • Staff education and access to the the enterprise to realise the appropriate information resources ICT Strategy Page 39 of 152
  39. 39. Principle Statement Rationale Implications benefits these practices is required have been proven to yield. • Changes in laws, regulations and • This principle does not policies can also drive changes in preclude business process processes and applications improvements that lead to changes in enterprise policies and regulations Continuous Strategy development is a • The rate of technological • The business and ICT st Strategy continuous activity to reflect change in the 21 Century development teams have to be Development the changing world and the mandates that the ICT flexible enough to absorb change opportunities presented by Strategy should be in direction of the ICT Strategy and technological advances managed on a continuous absorb new technologies basis to ensure that Services can be transformed using the most appropriate best of breed technology to realise business outcomes ICT Strategy Page 40 of 152
  40. 40. 1.16 Service Principles Principle Statement Rationale Implications Designed For ICT solutions should be • As shared systems become • Risks of interruption and criticality Support designed to ensure more pervasive and to enterprise operations must be enterprise operations are enterprise operations assessed at design time maintained and ensure become more reliant on service levels are met or them, ACCESS must • Recoverability, redundancy and exceeded consider the reliability of maintainability must be considered these systems during the at design time design process and throughout their operational • Criticality of enterprise operations life will drive the level of continuity, resilience and redundancy required • Enterprise operations to delivery Service Level should be allowed to Agreements continue regardless of events such as system failures, disasters and data corruptions Service ACCESS is responsible for • Efficient and effective • ACCESS must define processes Responsibility implementing ICT solutions have reasonable for the management of timely processes and solutions in costs and clear benefits change and organisational unit ICT Strategy Page 41 of 152
  41. 41. a timely manner which meet expectations user defined requirements • Solutions need to reflect the for functionality, service requirements of the • The enterprise will require access levels and cost enterprise to subject matter experts to help with requirements definition • Management of expectations and alignment • Business, data, application and of these with capabilities technology architecture models and costs such that projects must be created to enable quality are cost effective integrated solutions and to maximise results. These models must be maintained Plain English To avoid confusion, • Jargon is useful shorthand • All forms of communication must ACCESS must express when used within specialist be reviewed for compliance with itself using simple words groups to express this principle that are commonly complicated and subtle understood, rather than concepts., but used by • Governance and review using special technical or specialists to outsiders it is procedures must reflect the need business terms. alienating and leads to for all communications to be in misunderstandings plain accessible language ICT Strategy Page 42 of 152
  42. 42. • Jargon is often used to mislead and cover shortcomings. Encouraging plain English reduces these risks Capacity ACCESS is responsible for • Service to users and the • All systems must be designed with Management ensuring that the enterprise citizen must not be hindered scalability and expandability in is able to deploy new by poor capacity mind. systems or increase the management or planning. • Capacity threshold should be set capacity of the existing ones and monitored. in a timely fashion, To enable ACCESS to deliver capacity in a timely manner without impacting customer service, customers will need to provide ACCESS with a foreward view of demand Similarly, ACCESS should be provided with details of expected abnormal growth in demand in a timely manner in order to deliver the required Capacity in a timely manner. ICT Strategy Page 43 of 152
  43. 43. 1.17 Security Principles The Security Principles listed in this section represent the core principles of the Glasgow City Council Information Security Policy. Principle Statement Rationale Implications Protection Of Data and intellectual • Open sharing and the • In order to adequately provide Data And property is protected from release of information to access to open information while Intellectual loss, unauthorised use and conform with one set of maintaining secure information, Property disclosure. These legislation must be security needs to be identified and requirements must be balanced against the need developed at the data level and not reflected in the ICT to conform with another set at the application level architecture, implementation of legislation and to restrict and governance processes the availability of classified • Processes for data security state and sensitive information change are required such that information is not released until • A major part of an authorisation for its release has enterprise’s intellectual been granted property is hosted in the ICT domain • While protection of intellectual property assets is an enterprise • Single instances of digital wide responsibility, much of the ICT Strategy Page 44 of 152
  44. 44. information actual protection is implemented in are vulnerable to loss the IT domain through hardware failure, software bugs or human • A security policy governing user error. A robust backup and and systems, will be required that recovery process is needed can substantially improve to protect all but the most protection of data, avoid trivial information compromises and reduce liabilities • Backups should be undertaken in line with schedules agreed with the information steward and recovery processes should be tested regularly Common Security Electronic security • There is a real non trivial • Common policies, procedures and functionality is standardised cost for maintaining the standards are required for a and diversity is controlled to skills necessary to operate common security platform minimise the total cost of a technically diverse ownership for the enterprise security platform • A enterprise security platform needs to provide access control • Standardising on a limited (authentication, authorisation and ICT Strategy Page 45 of 152
  45. 45. number of auditing), unified identity enterprise class security management (enterprise security components will simplify account provisioning) and data maintainability and reduce encryption services (data in transit costs and data storage) • Diversity in the security platform increases the operational administrative burden and increases the likelihood of configuration errors and inconsistencies Security Cuts Security must operate • Security weaknesses • Partnerships, joint working and Across across technical and commonly appear where data sharing must consider the Boundaries organisational boundaries responsibilities are unclear issues of data ownership and at organisational boundaries clarify who owns what, and when or at the interface between IT systems. • Third party service agreements should explicitly state their security • The ACCESS responsibility requirements for data security does not ICT Strategy Page 46 of 152
  46. 46. necessarily • Audit rights should be considered stop when data is when drawing up agreements with transferred to another partners and suppliers organisation • All areas of the organisation, including HR and Property have important contributions to security Security Is Protection should be • Ensures efficient use of • Risks must be continually Proportional And proportionate to risk and be resources assessed to ensure controls are Consistent applied consistently across proportionate the organisation • Treating all assets as if they are the same inevitably • A standard set of security breach leads to many of them impact categories must be agreed having the wrong level of and documented protection. Inconsistency across the organisation • Information stewards must likewise makes it inevitable categorise the information, rather that too much or too little than have each user take a view protection is applied on how important it is somewhere. Proportionality strikes the best balance • The information has to be marked ICT Strategy Page 47 of 152

×