Foreign Affairs, Trade and Development Canada
Symbol of the Government of Canada

Foreign Affairs, Trade and Development Canada

international.gc.ca

Archived Document

Information identified as archived on the Web is for reference, research or recordkeeping purposes. It has not been altered or updated since it was archived. Web pages that are archived on the Web are not subject to Government of Canada Web Standards; as per the Communications Policy of the Government of Canada, you can request alternate formats by contacting us.

IM/IT Needs Analysis Study

(November 2005)

(PDF Version, 461 KB) *

Table of Contents

List of Acronyms

BI
- Business Intelligence - a Cognos-based reporting and analysis tool for integrating data from IMS, HRMS, SMS and major data sources
C4
- SIGNET C4 - the current system for processing sensitive information
C5
- SIGNET C5 - the proposed replacement for SIGNET C4
COTS
- Commercial Off-the-Shelf Software
DISA
- Direct Inward System Access - cards for secure remote access to MITNET
ERP
- Enterprise Resource Planning - integrated financial, human resource and materiel management applications (e.g. IMS and HRMS)
DFAIT
- Foreign Affairs and International Trade Canada
FSD
- Foreign Service Directives
GoC
- Government of Canada
HR
- Human Resource(s)
HRMS
- Human Resources Management System (the FAC Peoplesoft-based HR system)
HTML
- Hypertext Markup Language - the document format language for Web pages
IM
- Information Management
IMS
- Integrated Management System (the FAC SAP-based financial system)
IPS
- Canada's International Policy Statement
IT
- Information Technology
ITCan
- International Trade Canada
LAN
- Local Area Network
LES
- Locally-Engaged Staff
OGD
- Other Government Department
PC
- Personal Computer
Q&A
- Questions and Answers - response to Parliamentary questions
RDIMS
- Records, Document and Information Management System (InfoBank)
SIGNET
- Secure Integrated Global Network
SMS
- Salary Management System (also the symbol for the Corporate Systems Management and Policy Division)
SXD
- Symbol for the Information Management and Technology Bureau
TBS
- Treasury Board of Canada Secretariat
TEMPEST
- Transient Electromagnetic Pulse Emanation Surveillance Technology - a set of standards to ensure that the information processed by equipment such as PCs, monitors and printers cannot be captured by remote surveillance equipment.

Top of page

Executive Summary

Overview

this report conveys the findings, conclusions and recommendations of an independent assessment of the information management (IM) and information technology (IT) needs of Foreign Affairs and International Trade Canada (including Passport Canada) and International Trade Canada. the Study was conducted by the Evaluation Division (ZIE) from June to August of 2005 and involved more than 50 focus group sessions, mission teleconferences, formal interviews and other meetings. Over 200 executives, managers and other experienced personnel from the two Departments were consulted. the Study began with an analysis of the IM/IT capabilities needed to support the Government priorities and initiatives set out in Canada's International Policy Statement.

Scope and Objectives

the scope of the Study comprised the full range of IM/IT activities conducted by the two Departments, including the common technology infrastructure and other IM/IT services delivered centrally by SXD and the business applications deployed by a variety of business units. It included all headquarters locations, missions abroad and ITCan regional offices in Canada but, due to Passport Canada's very different business needs and operating environment, was restricted to that agency's outstanding business needs with respect to connectivity with FAC.

SXD's 2005/2006 budget of $101 million for salary, capital and operating costs represents approximately 5.1% of the overall budgets of the two departments. Total IM/IT spending cannot be estimated with any reasonable degree of precision because the cost of business applications and supporting functions is spread across many budgets and is not always coded to recognizable IM/IT budget items. Historically, SXD has accounted for 70% of total departmental IT capital spending and 65% of IM/IT operating expenditures. Adjusting for personnel costs, this would suggest that the Departments total IT-related expenditures amount to approximately $145 million. While only $8 million of the 2005/06 SXD budget was allocated for projects as opposed to core services, the CIO does have some ability to set priorities each year and could choose to reduce service levels, but this would have impacts elsewhere in the Departments.

the primary objectives for the Study were to review the Departments' current and future business needs with respect to IM/IT services, to identify the degree to which those needs are currently being met, and to identify the root causes of any significant gaps where needed services are either not being provided or where their delivery is less than fully effective. Future business needs were inferred from the analysis of the International Policy Statement.

Findings and Conclusions
Governance and Leadership

One key requirement for addressing the majority of the issues identified in the course of this Study is to better align IM/IT decision making with broader departmental interests. the existing IM/IT governance structure has not operated at a strategic level and has therefore not been able to perform that alignment role. All IM/IT decisions must be informed by meaningful information and application architectures and standards. Discipline is required to ensure compliance and to optimally leverage both existing and proposed assets. Collectively, these findings point to an overarching need for an effective CIO leadership role coupled with equally effective senior management engagement.

Productivity and Effectiveness

there was a strong consensus among the vast majority of participants that, with the notable exception of unmet needs on the Classified side, the Departments have now "gotten it right" with a common SIGNET/MITNET technology infrastructure that is pervasive, stable and reliable, and that the most important need going forward is better use of the available technology. Specifically, the Departments need to shift their IM/IT priorities in the direction of a well integrated portfolio of business applications and information resources that directly enhance the productivity and effectiveness of both individual employees and business units.

the Study found that, in general, the Departments do not manage business applications and information resources in a coherent manner. Instead, individual organizational units independently deploy applications which, while they may serve to optimize those units' particular business processes, can negatively impact the overall productivity and effectiveness of the Departments. the negative consequences of application fragmentation include very different user interfaces, duplicate data entry, the need to reconcile inconsistencies among overlapping databases and the diversion of line officer time and attention away from higher-value activities. Fragmented information resources have resulted in a loss of corporate memory; decisions made or conflicting advice given on the basis of incomplete information; data integrity issues; and substantial time wastage due to employees constantly needing to search multiple information stores to locate needed pieces of information.

Productivity and effectiveness are further impacted by information overload, which is in part due to a lack of well-defined, enforceable protocols for the appropriate use of common tools such as email.

the Departments need more effective mechanisms to independently validate business cases for application-related initiatives; adequately evaluate their global costs and benefits; develop and enforce standards; verify application usability before deployment; and more effectively leverage existing and proposed technology investments to meet broader departmental objectives.

the InfoBank initiative is intended to address the Departments' business needs for corporate memory, based on a TBS-mandated government-wide document management application. For a variety of reasons, it has not yet been accepted by the majority of HQ divisions to which it has thus far been deployed, thereby increasing rather than reducing the problem of information fragmentation. Other Government departments have also encountered initial difficulties with user acceptance.

Responding to the International Policy Statement

An analysis of the seventeen Government priorities and the related key initiatives set out in the IPS suggested a need to enhance specific FAC/ITCan/Passport Canada functional capabilities for which effective IM/IT tools are particularly important. these relate to program and content management (collaboration, contact and issues management; readily accessible corporate memory; research tools and interoperability with partners); financial management (transactional business processes) and situational responsiveness (tools for a more mobile workforce; the capacity to rapidly identify and deploy appropriate teams; and tools for effective emergency response).

In general, the IPS priorities and initiatives point to the need for a nimbler, more responsive and more effective foreign service. their sheer number implies that the Departments will be under pressure to significantly improve productivity, cut back on existing activities to free up time and resources, or both. Hence all of the productivity recommendations made in this report support the IPS agenda.

Top of page

Other Findings and Conclusions
1. Business Continuity Planning

the Designated Computing Centre (DCC) in the basement of the Pearson Building represents a single point of failure for both SIGNET and the majority of departmental business applications. In the absence of a formal business plan and an identified alternate site from which critical services could be restored within a week in the event of catastrophic fire, water or other damage to the DCC, the Departments are carrying an unacceptable risk to the continuity of their critical business functions. While SXD has made some progress within existing cyclical replacement budgets in ensuring redundancy of critical network functions between the two adjacent computer rooms that constitute the DCC, this offers no protection in the event of physical damage that simultaneously strikes both rooms. Hence FAC may not be fulfilling its obligations under the Government Security Policy and subsidiary TBS operational security standards.

2. Value for Money

Comparisons with other federal departments and with other foreign ministries indicated that FAC IM/IT expenditures are in line with those of other comparable organizations. Based on Treasury Board data, the Department's per-user IM/IT costs fall near the median of the 23 largest federal departments and agencies, despite the additional costs inherent in its global operations. With respect to comparable foreign ministries, the Canadian IM/IT support model is far leaner than that of the UK and roughly comparable to that of Australia, which has a slightly lower ratio of support personnel to users but a more limited range of functionality being supported. It should be noted that both the UK and Australia reported concerns related to escalating IT costs whereas SXD's budget has remained essentially static over the past several years despite a steady increase in the user population. Overall, the vast majority of participants in this Study gave no indication that they would like to see the resources devoted to IM/IT reduced in any substantive way.

3. Government-Wide Directions

the Government is moving ahead with an Internal Services Modernization Program that is intended to achieve substantial standardization and consolidation of both corporate administrative and IT services. While neither FAC nor ITCan have been included in the initial "Wave 1" departments, they need to engage with all appropriate interdepartmental working groups and other governance bodies related to shared services in order to be in a position to influence the process to the extent possible and to optimally align departmental IM/IT planning with the broader GoC directions.

4. Passport Canada Issues

Passport Canada has several longstanding issues with respect to cost-effective access to SIGNET services such as email to missions and Intranet access. these can be addressed and resolved in short order by applying similar solutions to those that SXD is providing to ITCan regional offices.

Recommendations

Senior management should direct that the CIO, in consultation with major business application owners, develop a comprehensive three-year action plan to systematically address the following recommendations:

Governance and Leadership

1. Senior management should assume a more central role in IM/IT governance, including ongoing oversight of major IM/IT investments and approval of all business application initiatives that imply a total life-cycle investment of more than $100,000 or are to be used by more than 100 users outside of the sponsoring bureau. this role could be performed by Management Committee or by an ADM-chaired IM/IT subcommittee.

2. the CIO should perform a more strategic leadership role, including clear authority to ensure that all business application and database initiatives conform to departmental standards and architectures.

Productivity and Effectiveness

3. Business applications and databases should be managed on a portfolio basis under CIO leadership with the goal of rationalizing each portfolio to optimize data quality, effectiveness and user productivity.

4. All business applications should undergo independent usability testing prior to being deployed outside of the sponsoring unit to validate their readiness, consistency with the business cases that led to their approval and compliance with all applicable standards. A designated authority who represents mission and program interests should participate in the sign-off, which should also be contingent on an adequate change management strategy.

5. A dedicated task force should be struck to develop strategies for addressing the information management issues identified in this Study, including the alleviation of information overload. those strategies should address ways to enable InfoBank to fully realize its original objectives and should include explicit measures to achieve a 10% improvement in email productivity for each of the next three fiscal years.

Top of page

Responding to the International Policy Statement

6. the CIO should propose IM/IT strategies to senior management that address the key capabilities identified as being necessary for the Departments to effectively respond to the Government's IPS priorities and initiatives. these should include mobility tools and services; more effective and responsive human resource business processes; tools to facilitate collaborative work processes; and departmental standards for contact management, project management and workflow.

Other Recommendations

7. Senior management should require, approve and fund a formal business continuity plan that identifies mission-critical IM/IT services and sets achievable timeframes for their resumption. Such a plan will require an alternate site for SIGNET and application servers.

Implications

None of the above recommendations are "rocket science" in the sense of requiring leading-edge technology solutions. Rather, they require more coordination, discipline, rigour and leadership to better utilize existing budgets, technologies and assets in order to advance departmental goals and objectives.

the seven high-level recommendations are tabulated below along with an indication as to the nature of each recommendation (what needs to be done to implement it), the time required to fully implement it and the likelihood of new funding being required (above and beyond current SXD and application owner budgets).

RecommendationNature of RecommendationTime to implementNew funding required?
1. A more central senior management role in IM/IT governancegovernanceno
2. A more strategic CIO leadership rolegovernanceno
3. Portfolio management of applicationspolicy1 - 2 yearsno
4. Independent usability testingpolicy1 - 2 yearsno
5. Task force on IM strategiesstrategy and implementation3 yearsno
6. IMP capabilitiesevaluation and implementation2 - 3 yearspossibly
7. IM/IT business continuity planningplanning and implementation1 - 2 yearslikely

Section 1 - Introduction

1.1 Overview and Background

this report summarizes the results of an independent assessment of the information management (IM) and information technology (IT) needs of Foreign Affairs Canada (including Passport Canada) and International Trade Canada. It was commissioned prior to the division of the former Department of Foreign Affairs and International Trade into two separate departments and was conducted while the mechanics of that split continue to be worked out. the majority of the findings apply to both departments, which will continue to share a common FAC-provided IM/IT infrastructure. Hence the term "the Departments" is consistently used in this report as a collective reference to FAC and ITCan.

the IM/IT Needs Analysis Study was launched by the Evaluation Division (ZIE) as a result of discussions between the Associate Deputy Minister of Foreign Affairs (DMA), SCM, SXD and ZID (among others) pursuant to a request from the Deputy Minister of Foreign Affairs for a review of IT in the Department. the goal was to identify the Departments' key current and future IT and IM needs in the context of the current climate of fiscal constraint. Major questions raised in the Study relate to:

  • the business needs of the Departments in light of the new Government priorities set out in the International Policy Statement;
  • the overarching requirement for the Departments to uphold and promote the broad government-wide principles set out in Results for Canadians (i.e. good governance, value for money and client satisfaction); and
  • the need to take into account the of implications of planned government-wide consolidation of many IT functions.

through a competitive RFP, the Evaluation Division retained a consulting firm to conduct the Study on its behalf. the Study was managed by ZIE and guided by an advisory group drawn from the FAC/ITCan IMT Steering Committee.

Top of page

1.2 Report Outline

this report consists of five sections:

  • Section 1 introduces the Study;
  • Section 2 discusses the methodology followed in the Study;
  • Section 3 provides an overview of the IM/IT function in the Departments;
  • Section 4 details the findings of the study for each topic area that was evaluated;
  • Section 5 presents the conclusions and recommendations following from those findings; and
  • Section 6 presents the CIO's response to the recommendations.

Section 2 - Approach and Methodology

2.1 Scope and Objectives

the scope of the Study comprised the full range of information management and information technology activities engaged in by the two Departments. these include the common technology infrastructure and other IM/IT services delivered centrally by the Information Management and Technology Bureau (SXD) as well as the business applications deployed by a variety of different business units. those applications range from large corporate systems such as IMS, major business lines applications like the Export Import Control System, and a myriad of smaller applications, databases and information resources that are intended to meet the needs of department-wide clientele as well as those of individual bureaux, missions, workgroups and employees. the geographic scope included all headquarters locations, missions abroad and ITCan regional offices in Canada.

Due to Passport Canada's very different business needs and operating environment, the scope of investigation was restricted to outstanding business needs with respect to connectivity with FAC.

the primary objectives for the Study were to review the Departments' business needs with respect to IM/IT services, to identify the degree to which those needs are currently being met, and to identify the root causes of any significant gaps where needed services are either not being provided or where their delivery is less than fully effective.

2.2 Approach

the following data collection methods were used to collect the information needed to determine IM//IT-related business needs and to assess the degree to which they are being effectively met within the Departments:

  • Document review: the Study began with the identification, collection and review of relevant IM/IT policy, planning and evaluation documents.
  • Informal interviews: Numerous informal, off-the-record interviews and discussions (~50) were held with managers, users and IM/IT practitioners at all levels throughout the Study. these served to fill in gaps in the documentary record, assisted in framing the questions that would be posed to participants in the formal sessions, and were of invaluable assistance in the analysis stage for identifying underlying causes for the many concerns raised by users.
  • Formal presentations: Formal presentations were made to the IMT Steering Committee, the Major Application Owners' Group, the Passport Canada Executive Committee and the Interdepartmental Working Group on Common Services Abroad. In each case, committee members were asked to identify and prioritize the issues that they believed should be pursued in the course of the Study. three subsequent meetings were held with a subcommittee of the IMT Steering Committee to report on progress and seek their further guidance.
  • International Policy Statement Review and Analysis: the IPS was reviewed and analysed to identify potential IM/IT needs for validation with user groups.
  • Formal information collection: Formal interviews (24) were conducted with senior executives (the Associate Deputy Minister of Foreign Affairs and the Assistant Deputy Minister for Global Issues), the Chief Information Officer and senior managers responsible for a representative set of major functional and operational areas, as well as representatives of other foreign ministries whose approaches to IM/IT were deemed to be potentially relevant. Formal focus group sessions (12) were held with a representative cross section of FAC and ITCan Headquarters business lines for an in-depth exploration of particular needs, issues and concerns. Branch focus groups were composed of Directors, Deputy Directors and experienced line officers whose divisions were broadly representative of the business of their respective branches. Mission and ITCan Regional Office input was obtained through teleconference calls (11). Finally, information on business risks related to major applications was obtained through interviews with the responsible application managers (12).
  • Analysis:All of the information collected in the course of the Study was reviewed and distilled into five broad categories, as documented in Section 4 below. these were:
    • Productivity and effectiveness;
    • Responding to the International Policy Statement;
    • Governance and leadership; and
    • Other findings
  • Conclusions and Recommendations: Conclusions with respect to unmet business needs and the root causes for the identified gaps were summarized according to the same five categories, along with recommendations as to how they might best be addressed.

Top of page

2.3 Limitations of the Study

the Study was hampered by the lack of sufficient management information on IM/IT expenditures, business applications and information resources to provide a more quantitative basis for a number of the findings and recommendations. For example,

  • there is no reliable source of information on the substantial proportion of IM/IT expenditures that occur outside of the SXD budgetary envelope;
  • there is no complete inventory of either business applications or information resources; and
  • there is no accepted business model for departmental operations to support detailed analysis of the costs of identified IM/IT deficiencies.

As the process of collecting such information to any reasonable degree of accuracy would constitute a substantial project in its own right, it was beyond the budget and scope of this Study.

Mission input was restricted to conference calls, with no on-site visits. Only nine missions participated, in large part because the summer timeframe made it difficult to arrange such sessions.

It should be noted that the methodology described above emphasized the collection of information from the users of the Departments' information systems, services and technology as opposed to IM/IT practitioners. the findings of this Study therefore document the needs, perceptions and concerns of business units and the user community. Hence, many of the reported observations are necessarily anecdotal in that they are based on participants' experiences with and understanding of the tools and services which they work with on a day-to-day basis. In some cases, there may be underlying policies or constraints which unavoidably impact user productivity and convenience. All key findings were reviewed with IM/IT personnel to ensure that the resulting conclusions and recommendations were well substantiated.

Section 3 - FAC/ITCAN IM/IT Overview

Information management and information technology services supplied to FAC, ITCan and OGD employees fall into the following four broad categories:

  • Telecommunication Services: MITNET, telephone and other telecommunications
  • Computing Services: Unclassified/Protected-A networked computing (SIGNET 3), classified networked computing (SIGNET C4) and user support
  • Information Services: On-line services, speciality services, information management and library/resource services
  • Business Applications

the SIGNET user population is characterized in the following table. Excluding non-employees, two-thirds of SIGNET users are located at missions abroad and one-third at HQ. Of the Canada-based employees at missions, less than half are FAC personnel. this underlines the fact that the SIGNET infrastructure serves the entire Government of Canada abroad.

 FTEs% of CBS% of employees
FAC CBS at missions79746% 
ITCan CBS at missions34520% 
OGD CBS at missions57734% 
Total CBS at missions1,719100% 
LES4,995  
Total employees at missions6,714 67%
FAC employees at HQ (in flux)2,640  
ITCan employees at HQ (in flux)610  
Total employees at HQ3,250 33%
Total SIGNET users11,200  
Total employees9,964 100%
Balance (contractors, temps, OGD sites, etc.)1,236  

the current IM/IT service delivery model at FAC and ITCan is centralized in some aspects and quite decentralized in others. Telecommunications, computing and many information services are centralized and, as such, are provided to nearly all FAC and ITCan employees as well as OGD personnel at missions abroad as a common service by the Information Management and Technology Bureau (SXD). the major exception is Passport Canada which, as a separate operating agency with very different operational needs, has developed, deployed and maintained its own technology infrastructure utilizing its passport fee revenue stream. Business applications are funded and managed on a decentralized basis by individual FAC and ITCan business units.

Service Groupings from 2005/06 SXD Bureau PlanFTEsPersonnelOperationsCapitalTotal
Essential Telecom Services28$1,937,000$19,817,000$2,600,000$24,354,000
Essential Telephone Services31$2,149,000$4,475,000$1,700,000$8,324,000
SIGNET 3 Desktop Services &101$6,851,000$5,689,000$7,210,000$19,750,000
Classified Processing Services &19$1,391,000$1,130,000$3,600,000$6,121,000
Mobile Computing9$530,000$889,000$710,000$2,129,000
System Security Services15$1,005,000$827,000$0$1,832,000
Systems Support Abroad31$2,223,000$3,897,000$430,000$6,549,000
Business Solutions53$3,899,000$2,461,000$900,000$7,260,000
FAC/ITCan Internet & Int'l Service15$912,000$531,000$500,000$1,943,000
Information and Knowledge121$6,404,000$2,099,000$3,900,000$12,404,000
Program Management Services91$6,258,000$2,700,000$500,000$9,458,000
Total SXD Budget514$33,560,000$44,515,000$22,050,000$100,125,000

SXD expenditures represent approximately 5.1% of the overall budget of the two departments. Total IM/IT spending cannot be estimated with any reasonable degree of precision because the cost of business applications and supporting functions is spread across many budgets and is not always coded to recognizable IM/IT budget items. Over the past decade, SXD accounted for an average of 70% of the Departments' IT capital expenditures, HQ business lines accounted for just over 20% and missions just under 10%. SXD's IM/IT operating expenditures averaged approximately 65% of the total. Assuming a continuation of those averages, the Departments' current level IM/IT spending is likely on the order of $145 million.

As part of a 2003 Government Operations Review on IT, the Treasury Board Secretariat reviewed Public Accounts data and estimated DFAIT's total IT-related expenditures at $167 million. When adjusted for a $29 million spike in program integrity and Government Online capital funding in FY 2003/04, this is consistent with the above estimate. Adjusting for FAC's extensive LES and OGD user population at missions, this would indicate an annual per-user IT expenditure of $16,728 in 2003/04, which placed FAC roughly in the mid range of departmental IT cost intensity - 11th out of the 23 largest departments in 2003/04 despite that spending peak and the additional overheads of maintaining and supporting a global network.

It is difficult to determine what proportion of SXD's budget might be considered in any way discretionary. Internally, SXD splits its budget into "core" (operating, salary and overtime funds for Bureau services) and "projects". Most projects are not discretionary in the sense that they renew elements of the existing infrastructure. In 2005/2006, only $8 million was available for projects.

Flexibility comes from scheduling and the choice of the direction for renewal. Hence the CIO does have some ability to set priorities each year, and to set aside funds for new initiatives. there is also a discretionary element to "core" services in that SXD could choose to reduce service levels but all such decisions would have impacts elsewhere in the Departments.

Top of page

Section 4 - Findings

4.1 Productivity and Effectiveness

4.1.1 Overview - Shifting Focus

the common theme that emerged from all of the focus group sessions, mission teleconferences and interviews that were conducted in the course of this Study was the need to shift away from a perceived emphasis on delivering new technology solutions and toward making more effective use of existing technologies to better serve the real business of the Departments. the vast majority of the suggestions that were made and the concerns that were aired in the course of those sessions were directed at improving the productivity and effectiveness of individual employees, their workgroups and the Departments as a whole.

Finding 1: Most FAC and ITCan employees are very satisfied with SIGNET 3 and MITNET infrastructure services but believe that there is insufficient emphasis on making the most productive and effective use of the Departments' technology investments.

Individuals and groups who contributed to this Study were almost uniform in their expressed satisfaction with SIGNET 3 and MITNET services. the perception was that FAC had now "gotten it right" with a common infrastructure that is pervasive, stable and reliable. Several focus group participants who had recently worked in other government departments pointed out to their colleagues that such stability should not be taken for granted. Even those who were critical of the size of the IM/IT function within FAC did not go so far as to suggest that they would support any significant reduction in those service levels. However, participants then went on to detail the many ways in which the business applications and information resources that were provided through that infrastructure could be better deployed, managed, integrated and supported.

4.1.2 Business Applications
4.1.2.1 Business Application Overview

IT infrastructures such as SIGNET provide the essential information "highways" that underpin geographically dispersed modern enterprises. However, the actual business value of IT investments is measured by the degree to which they enable employees and business units individually and collectively to achieve the overall objectives of the enterprise. that value is primarily delivered through business applications, which are self-contained software programs performing well-defined sets of business-related tasks under user control.

From an enterprise perspective, the only valid reason for an organization to invest limited resources into business applications is to improve the efficiency and/or effectiveness of its business processes. In practice, business processes and applications evolve in a symbiotic manner. While business processes should properly drive the selection of applications, the latter provide new opportunities for streamlining and improving those business processes. It makes little sense to invest in the development of custom applications for existing business processes that may be sub-optimal and/or idiosyncratic when off-the-shelf software is available for standardized versions of those same processes. As business processes seldom operate in isolation, coherent application portfolios are designed to integrate and streamline those processes while minimizing cost and complexity.

there are essentially three alternatives when acquiring business applications in support of particular business processes: purchase off-the-shelf (COTS) software; apply, adapt or integrate one or more existing systems (e.g. IMS or HRMS); or build a customized application. the latter is nearly always the most expensive route as it incurs long-term costs that are often ignored or seriously underestimated (typical annual maintenance and enhancement costs amount to approximately 22 percent of the original investment).

As indicated in Section 2.3 above, the total number of business applications currently in use in the Departments is unknown. the 17 largest and most visible applications which are listed in the following table account for all but a very small percentage of actual transactions. SXED maintains approximately 40 applications that it has developed on a cost-recovery basis for business owners throughout the Department as well as approximately 200 web sites. However, many HQ units and missions have developed and maintain their own applications without reference to SXD, either with their own staff or through consulting firms. the magnitude of this unknown category could only be determined by conducting an exhaustive unit-by-unit inventory.

NameAcronymOwnerBusiness Function/User Base
CFSI Virtual CFSITraining info & calendars for all FAC/ITCan personnel
IMT Learning Portal CFSIOnline IM/IT training courses - all personnel
Virtual Campus CFSIOnline training courses - all personnel
Consular Management Operations SystemCOSMOSCNCConsular program case management - all consular personnel at missions and HQ
ATIPFlow DCDCase tracking for all ATIP requests (~1,500 per year)
Briefing Products Tracking SystemBPTSDCDBriefing note related workflow ~1000 HQ users
Electronic Question and Answer SystemEQAMSDCDQ & A related workflow; ~1000 HQ users
Ministerial Correspondence Management SystemMCMSDCDMinisterial correspondence workflow; ~1000 HQ users
Export Control SystemECSEPCExport permit reporting: 200-400 companies
Export Import Control SystemEICSEPCPermit processing - 200 customs brokers
Business IntelligenceBISMSCorporate data analysis/reporting; up to 4,000 users
Human Resources Management SystemHRMSSMSHuman resources transactions; up to 4,000 users
Integrated Management SystemIMSSMSCorporate financial transactions ~4,000 users
Salary Management SystemSMSSMSSalary management data; up to 4,000 users
Prime-MPMP SRDInfo on mission facilities/accommodation - all personnel
Trio TCEContact management - all Trade missions and some HQ
Virtual Trade CommissionerVTCTCEMarket info & business opportunities for Cdn exporters

Finding 2: the Departments require more coherence among their business applications in order to significantly reduce negative impacts on the productivity and effectiveness of their employees and business units.

Over the course of many interviews and focus groups, both HQ and mission participants repeatedly cited applications that did not meet their business needs, were inconsistent with their work patterns, failed to function reliably in their particular environments, for which they felt that they were not adequately trained and for which they could not obtain timely support. While individual participants cited particular applications such as COSMOS and the Virtual Trade Commissioner as adding real value, in general, they saw applications being deployed for their use by many different groups within the two departments in an uncoordinated manner, utilizing very different underlying technologies, user interfaces ("look and feel") and data structures. Even applications produced by the same sponsoring bureau were perceived as being insufficiently integrated in the sense of requiring users to repeatedly input the same information in different ways. All of these factors were seen as costing them time and hence productivity.

the specific application-related concerns expressed by focus group and mission teleconference participants are explored in more detail along with their root causes in the following subsections.

4.1.2.2 Financial and HR Management Applications

Finding 3: the Departments need to provide managers with more useful access to common financial and human resource data while reducing the proliferation of business applications that maintain their own copies of such data.

this Study found a longstanding misalignment between the major corporate applications that are primarily focussed on central financial and human resource management requirements and the needs of business unit managers who require easy-to-use tools to effectively track and manage their own budgets and FTEs. Focus group and interview participants frequently referred to the myriad of database and "black book" applications that have been developed over the years to track and manage financial and human resource data. As most of these databases are not directly linked to the authoritative corporate data systems, they tend to be inconsistent with each other. Contract resources are frequently required to update and reconcile such databases.

the largest of the corporate applications is the Integrated Management System (IMS), which was developed from a financial management as opposed to a program management and reporting perspective. there was a reported lack of leadership among business process owners when IMS was built on issues such as what should reports look like. It implements batch processing for certain functions such as payroll. Batch events such as pay reconciliation (which occurs on the fifth day of every month) can be disconcerting to business unit managers because they result in sudden changes to budget data that are not necessarily reflected in all corporate and related systems at the same time.

Most human resource information is recorded in the Human Resources Management System (HRMS). HRMS data was consistently cited as being both incomplete and out of date. Investigation revealed that, while HRMS serves to record much of the Departments' Canada-based human resource information, data entry occurs only after the fact. In general, the only way to ensure that data systems will always be up to date is to make them an integral part of the underlying business processes so that transactions are recorded in real time. If, for example, all pay actions were input through HRMS, then the data would necessarily be kept up to date. As it stands, individual HR personnel are faced with allocating their time between inputting a paper backlog of data into HRMS or responding to client managers who are demanding urgent action. While this flaw has been recognized, its resolution is realistically at least two years away since plans to integrate the pay process with HRMS call for the necessary interface to the PWGSC pay system to be built only after HRMS is upgraded to the next major Peoplesoft cluster release.

A separate Salary Management System (SMS) is used for budget planning purposes.

For historical reasons, the major corporate applications have been built on separate platforms by different vendors (e.g. IMS is based on the SAP product and HRMS on Peoplesoft). Business unit managers and personnel must therefore learn to use multiple corporate systems that all work according to different principles. Because each of these systems is updated according to different schedules, it is never possible for business unit managers to obtain an exact picture of their budgetary free balance and FTE utilization at any particular point in time. Managers consistently identified this problem as a significant impediment to their ability to manage their units effectively. their only option is to arbitrarily pick one of those systems and base decisions and reports on its data, knowing that those relying on other systems will see different figures.

A "business intelligence" system (BI) has been implemented to provide managers with an analytic tool to more easily produce reports drawn from IMS, HRMS and SMS information that have been used to populate predefined "data cubes", but this does not address the data currency issue. there is also some uncertainty as to the financial viability of BI as it requires contributions from business unit clients.

Finding 4: the Departments need an enterprise data architecture and supporting policies to ensure that all corporate data elements are assigned identified "owners" who will be held accountable for their currency and accuracy.

Overall, FAC/ITCan lack both an enterprise data architecture and policies to ensure that every corporate data element has an identified owner who is clearly accountable for its currency and its accuracy. In the absence of that accountability, corporate data will continue to lack the integrity and hence credibility necessary to wean managers away from developing their own databases.

Every business application represents an investment of departmental resources, not only to build and maintain from a technical perspective but also to cover the operational costs of data update and maintenance. While it was clear from participants' observations that the Departments incur a very significant cost for redundant applications and lost productivity due to duplicate data capture and reconciliation, the magnitude of that cost could not be determined within the scope of this Study due to the lack of inventory information. Whatever the exact magnitude of the costs, those resources could be better applied to resolving the longstanding issues around corporate data and providing all managers the common tools and reliable information they need in order to be effective in their jobs.

Top of page

4.1.2.3 Application Usability and Productivity

Numerous focus group participants suggested that line officers are overloaded by the constant stream of new and modified applications for which they require training and need to overcome a learning curve in order to use productively. Each such application constitutes a drain on their productivity and many consume more time than the existing processes that they are intended to replace. Participants suggested that, while those applications are all well-intentioned, their design decisions are primarily driven by the business needs, priorities and perspectives of the sponsoring units ("business owners"), which generally represent the service functions of the Departments. the practice of deploying such applications to users in the program areas without a full weighing of costs and benefits to both sponsors and users carries with it the risk of deploying applications which may benefit the business owner while paradoxically reducing the overall productivity and effectiveness of the Departments.

Finding 6: Independent usability testing of all new and modified applications is needed to confirm their consistency with the existing suite of applications from a user perspective and to ensure that they can be productively used in their intended work environments prior to actual deployment. this is of particular concern in the case of bandwidth-limited missions.

Another common concern expressed by focus group and teleconference participants was a perceived lack of usability testing before applications are deployed outside of the sponsoring units. HQ users cited new or substantially modified applications that caused compatibility conflicts with one or more of other applications (e.g. the negative impacts of the InfoBank application on the speed and stability of Outlook that are documented in Section 4.1.3.4 below) or had a very different "look and feel" than existing applications. For example, business owners may choose to develop non-standard user interfaces because they appear to be attractive or innovative, may be slightly cheaper to develop or are seen to provide other benefits for the developers. However, those non-standard features may require additional training, which itself is disruptive and takes user time away from advancing business priorities. Unfamiliar interfaces also extend learning curves and prevent staff who only occasionally use those applications from becoming proficient in them. Independent usability testing would identify consequences and the associated costs so that informed decisions could be taken prior to deployment, thereby protecting end-users from unnecessary productivity hits.

the example that was most frequently cited in headquarters focus groups was the EQAMS system, which was variously stated to have increased the time that it takes desk officers to produce Q&As by a factor of two to four. Mission users most often pointed to the new Performance Management Program (PMP On-line).

the Departments lack any formal processes or guidelines for addressing usability and productivity issues. While SXD provides "account managers" to assist prospective business owners in planning new application initiatives, those services are optional and are not always used. the existing IMT project approvals process is silent on such issues and, as discussed below in Section 4.4, the vast majority of application development initiatives are exempted from scrutiny.

Finding 7: Program areas need a recognized voice to address their interests prior to both the approval and the deployment of new and substantially modified business applications.

the point was made in several focus groups that there is no identified authority that speaks for the business needs of the line officers and staff in the geographics, functional bureaux and missions who are charged with delivering the real value added of the two departments. Such an authority could provide the perspective needed to more effectively balance the interests of business owners, users and the Departments as a whole when considering business cases for new and substantially modified applications and their readiness for deployment.

At present, the scope of SXD pre-deployment testing is limited to ensuring compatibility with the SIGNET environment. there is no independent verification that proposed releases meet the objectives set out in the business cases that led to their approval, that they adhere to departmental standards or that they are sufficiently stable to not pose unacceptable productivity risks for the user community. Independent usability testing is important in this regard because of the longstanding tendency in both the public and private sectors for applications to be deployed before they are verifiably ready in response to schedule, budget and other pressures.

Missions, particularly those with limited bandwidth, observed that HQ developers often do not pay sufficient attention to the realities of bandwidth availability at missions. ITCan's increasing reliance on graphics-rich Web-based applications was frequently cited. the Public Diplomacy Resource Site was also mentioned as one for which many missions lack the bandwidth to download materials.

Because MITNET bandwidth to missions is a shared and limited resource, the productivity costs of graphics-rich Web pages go beyond the immediate users of those applications who may have to wait many minutes for a single page to load. All other users who are simultaneously sharing that bandwidth also lose productivity due to the resulting congestion. It was suggested that all applications, not just those developed by SXD, be required to undergo usability testing in which the testers' bandwidth is artificially restricted to match that of the lowest common denominator of missions that are expected to use those applications, and that alternative bandwidth-conserving versions be required of any applications that fail that test.

A number of missions raised the issue that a majority of the documentation, forms, letters, templates, etc. that they receive from various HQ units assume North American standard paper sizes whereas those missions are set up to use exclusively European sizes (e.g. A4 paper). this results in considerable time wastage and delay in reformatting. It was suggested that a usability testing process should explicitly be required to catch such instances before they are sent to missions.

4.1.2.4 Application Training

Finding 8: Training needs to be better aligned with the work context in which business applications are intended to be used in order to facilitate their successful adoption by their intended users.

Training was typically raised in the focus groups and interviews as one of the reasons why particular applications had not been successfully integrated into participants' work environments. the most commonly expressed observation was that the trainers necessarily focussed on the mechanics of the application, not how to apply it to the real work of the intended users because they themselves had not been sufficiently trained in the business of the Departments. InfoBank, HRMS and PMP were all cited in this regard.

At HQ, more so than missions, participants indicated that there was often little or no advance contact between those responsible for training and the managers of the affected bureaux or divisions to establish a meaningful work context for the instruction. Training was frequently cited as having been largely wasted or lost because for various reasons the application was not fully functional from the moment the user returned to his or her workplace. Many participants indicated that they knew how to use only a fraction of the capabilities of most of their applications.

Experience with the online training offered by CFSI was mixed. A few participants expressed appreciation for its availability whereas a larger number felt that online courses that they had tried were either too detailed or otherwise didn't work for them. the Performance Management Program was the application most frequently cited in the latter case. While the number of participants that commented on such courses was too small to draw firm conclusions, the usefulness of online training may be proportional to the bandwidth available to missions.

It was suggested that applications are sometimes deployed to missions without adequate training. While informal peer-to-peer training does take place (interested users who explore the features of a new application passing on that information to their colleagues), it risks the spreading of misconceptions that detract from the effective use of such applications. Virtual Trade Commissioner and InfoExport were cited as two examples of potentially great applications which many users had not sufficiently mastered in order to use effectively.

Top of page

4.1.2.5 Funding for Application Maintenance and Support

Finding 9: Applications need the assurance of adequate long-term funding for maintenance and support before they are deployed to a broad user community.

the business cases (cost-benefit analysis) that are used to justify the cost of building or acquiring business applications often ignore or significantly underestimate the long-term maintenance and support costs necessary to optimize user productivity, ensure availability and respond to changing business requirements. Training costs and the productivity "hit" associated with becoming proficient in yet another unique application also tend to be overlooked or minimized.

One question that was repeatedly asked by both application owners and user groups was "what is a corporate application?"; i.e. when does an application qualify for central as opposed to business unit support funding. While nearly everyone would agree that the major administrative systems such as IMS, SMS and HRMS are corporate, the distinction becomes fuzzier for business line applications such as COSMOS or more specialized applications such as EQAMS. In general, the usage of the term "corporate" varied between application owners who saw corporate applications as those that were centrally funded and users who used it to refer to all applications, regardless of size, that were broadly deployed across the Departments.

the above distinction has important consequences for both application owners and their users in that some widely used business applications have base budgets for ongoing maintenance and support whereas others do not. For example, the Executive Services Bureau (DCD) has deployed a number of significant applications related to Q&As, briefing notes, Access to Information requests, etc. In several cases, the requirement to purchase those particular applications was dictated at some point in time by particular Ministers or DMs, but no long-term funding was provided. this has resulted in a series of aging applications whose user interfaces can be quite different from other departmental systems and for which no funding is available for upgrades or replacement despite known limitations that negatively impact the productivity of users across the Departments. As well, there are common application services (e.g. Canadian Representatives Abroad) for which no one wants to take ownership because of the budgetary implications.

4.1.2.6 Root Causes of Application Fragmentation

Finding 10: there is a need for well-defined and consistently applied managerial processes that better align application-related initiatives with the business needs of the Departments in order to address the root causes of the concerns and deficiencies identified in this Study.

A focus group of application specialists that was held to explore the root causes of the above problems revealed a number of contributing factors:

  • Clients seldom come to SXD with business needs; rather, they already have preconceived technical solutions in mind;
  • the focus begins and remains with a proposed application as opposed to how best to streamline, enhance or integrate the underlying business processes;
  • Application developers often lack an understanding of the business of the Departments;
  • there is no identified authority who speaks on behalf of the general policy areas and their users (unlike the case of more tangible program areas such as Consular, Passport Canada, Import/Export Controls and the Trade Commissioner service that have unified leadership and highly focussed applications to support their programs);
  • Likewise, nobody speaks on behalf of enterprise needs;
  • Anyone with money and influence can get whatever they want (this observation was made repeatedly in numerous interviews and focus group sessions);
  • there is no enterprise architecture for either data or applications that developers are required to work within; and
  • SXD personnel believe that they lack the mandate and managerial support needed to constrain client wishes in favour of consistency with enterprise directions and overall value for money considerations.
4.1.3 Information Management
4.1.3.1 Information Management Overview

One of the most useful definitions of information management (IM), drawn from the US military, is "the provision of relevant information to the right person at the right time in a usable form to facilitate situational understanding and decision-making." the provision of information to facilitate understanding and decision-making has always been central to the core business of FAC and ITCan. However, given that computerized tools are incapable of "understanding" the information that they store, communicate and process, the fundamental problem of IM is how to usefully apply such tools in finding the "relevant" information and determining who are the "right" people, what is the "right" time and what constitutes a "usable" form for any given business need.

Relevant information may be found in documents; email folders; newspapers; books; periodicals; paper files; directories; collections of business cards; internal and external Web sites; electronic media such as floppy disks, CDs and DVDs; databases; correspondence; photo collections; radio and television programs; and a huge variety of other sources (including individual memories). there is no shortage of information to meet FAC and ITCan business needs. the challenge lies in coping with its fragmentation and winnowing the universe of available information down to what is relevant and can realistically be accessed in the time that is available.

Finding 11: Now that SXD has succeeded in delivering a stable and effective technology infrastructure, it needs to shift its priority to providing employees with the means to productively and effectively manage information in the context of their actual work environments. this will require the development of coherent and readily understandable information management policies that are consistent with departmental culture, work practices and business priorities.

A common theme that was expressed in the course of many interviews and focal groups was that, while information technology is now working very well in terms of a stable and effective SIGNET 3 infrastructure, the Departments continue to fall seriously short on the information management side. Several participants observed that the Departments reflected a government-wide collapse of information management which occurred during the 1990s as information technology was brought in on a haphazard basis to replace traditional support personnel in a climate of severe budget cuts. A number of different participants expressed concern that SXD had been so focussed on the technology for so long that its orientation and skill sets might not lend themselves to effectively addressing information management challenges. Whatever the root cause, the Departments' perceived inability to effectively manage information was seen as seriously undermining both their effectiveness and their credibility when interacting with others on the basis of incomplete or fragmented information.

Prior to the 1990s, departmental work practices were guided by a consistent set of IM policies and practices which ensured that all the relevant information and decisions related to any given topic was stored in the appropriate physical files and were therefore readily accessible when needed. those policies and practices worked because all business units had an adequate number of support staff who were trained in their implementation. the many application, data and document management issues that are discussed in the following subsections point to the overarching need for an updated set of IM policies and practices that, while appropriate to an electronic age characterized by powerful automated tools and minimal support staff, will restore the earlier shared understanding of how information should be managed and provide the virtual equivalent of a definitive file on any given business topic.

Top of page

4.1.3.2 Information Overload and Email Productivity

Finding 12: there is an urgent need to address information overload, which is perceived as constituting the single most important drain on departmental productivity and effectiveness. Effective protocols for controlling the volume of SIGNET messages are viewed as an especially important requirement in this regard.

Information overload is a "burning issue" that was raised in virtually every focus group and mission interview. Most participants praised the SIGNET email system itself and its rich functionality. However, they were dismayed by the way that it is being used. Officers at both HQ and missions reported being overwhelmed by email, with literally hundreds of messages waiting for them every time they return from a short leave or business trip. Mission personnel pointed out that the reason the Departments invest so much in keeping them abroad is so that they can interact directly with foreign officials, businesses and society; not to sit in their offices clearing their inboxes. Many felt that the mundane demands of dealing with email overload detracted from their ability to focus at the strategic level. As one officer pointed out, "it controls us".

there are two ways of providing information to employees: the "push" approach where information is sent to individuals regardless of whether they want to see it or not, and the "pull" alternative where it is posted in a known location for them to access when and if it is convenient for them to do so. Email is a prime example of "push" communications - it appears in your Inbox and it is up to you to decide what to do with it. the Intranet is an obvious example of "pull" communications. In cases where immediate action is required, the push approach is obviously superior. However, when employees are suffering from information overload, an organizational shift to the pull approach for non-critical communications can do much to alleviate stress and provide staff with more of a sense of control over their schedules. As several participants pointed out, it is human nature to regard what one is doing as important. Hence clear protocols and ongoing feedback on what is truly critical, what is not, and limits on the number of addressees for given types of messages would be necessary for the Departments to shift to a more effective balance between push and pull.

Numerous participants pointed out the need for such protocols to control the flood of emails. the practice of copying people unnecessarily on emails was cited as the biggest single contributor to information overload. One seemingly practical solution that was proposed independently by several different officers would be to centrally create and maintain email distribution lists for reporting messages on all issues that require widespread dissemination. If this suggestion were to be implemented, individuals and organizational units would be able to subscribe and unsubscribe to each list. All such messages would be posted on the Intranet in an easily accessible manner so that employees for whom the most recent developments were not critical could view the accumulated message threads at their convenience. this would also offload from missions the time-consuming and duplicative task of constantly updating distribution lists as recipients change positions. Administrative notices, media summaries and all other non-critical broadcast messages would be handled in the same manner.

Protocols only work when most of those involved exert self-discipline and often require enforcement mechanisms; for example, a SIGNET email address to which users could forward copies of messages that were perceived as being in violation of the agreed protocols. Follow-up action might range from polite reminders to consultation with repeat offenders' supervisors.

Another suggestion is the need for protocols to automatically categorize incoming email to facilitate visual identification of the most important ones. Outlook provides options for both manual and automatic colour coding but, as was pointed out, most users are unaware of them.

Finding 13: Existing SXD policies with respect to the setting and enforcement of email storage quotas need to be reviewed in the context of an enterprise cost/benefit analysis that explicitly factors in user effectiveness and productivity considerations.

Email storage quotas were repeatedly raised in focus groups and mission interviews as having a serious negative impact on user productivity and effectiveness. Individuals at both HQ and missions vary dramatically in the number of emails that they receive, the size and content of those messages, and the degree to which effective management of the issues for which they are responsible requires them to maintain extended correspondence threads for immediate access. Officers who frequently travel or find themselves acting for others can quickly reach their quotas and find that their accounts have been automatically frozen, creating an immediate operational crisis that is quite out of proportion to the seriousness of the offense. the alternative of archiving emails to CD-ROMs fragments officers' message stores, significantly impairing their productivity and effectiveness. It was pointed out that a busy mission officer whose time costs the taxpayer more than $200 an hour may devote half a day or more every month culling email messages in order to save less than a dollar's worth of disk storage space. this is a clear example of policies which may make eminent sense from a narrow IT perspective while simultaneously incurring huge costs in terms of the real business of the Departments.

Email is only one element of information overload for officers who need to keep on top of ever-increasing information flows over an expanding variety of channels. Nevertheless, it is the one that is most directly under departmental control and hence most amenable to conscious improvement. A comprehensive initiative to improve email productivity could free up some $40 million worth of productive time annually.

Top of page

4.1.3.3 Corporate Memory

Corporate memory is information about an organization, its employees, its clients, its objectives and its operations that has been created or learned on "company time". It is therefore by definition a corporate asset. It may exist in corporate repositories, in individual files or in the memory of individuals. Some is of limited or ephemeral value but much is critical to the success and effective operation of the organization. Because nobody in the real world ever has the time to record or transmit everything that they know, it is continuously lost as people move on. Hence organizations such as FAC and ITCan that experience a rapid turnover of personnel are particularly vulnerable to such losses. Participant after participant in the focus groups and interviews cited the continuous haemorrhaging of valuable information and knowledge in the course of the posting cycle.

Business needs with respect to access to and retention of corporate memory may be categorized at three distinct levels: enterprise, workgroup and individual:

Enterprise Corporate Memory Needs

Finding 14: the Departments need to significantly reduce the fragmentation of corporate memory in order to enhance their credibility by minimizing the risk of employees speaking or acting without having the full picture.

One of the most important assets of a foreign ministry (FAC) or a department that serves the business community (ITCan) is its credibility. this can be undermined when, for example, the same foreign official being separately approached with similar questions by different elements of the department or when the same question posed to different FAC and ITCan personnel yields widely differing answers. A number of focus group participants cited the fragmentation of information stores within the Departments as major impediments to achieving an appropriate degree of consistency. As one concrete example, it was pointed out that a headquarters unit had polled the diplomatic community in Ottawa for contact information to populate a database that it had built which essentially duplicated the existing one maintained by the Office of Protocol.

Corporate memory is only useful if the enterprise makes it available to the personnel who need it in order to effectively conduct the business of the organization. Many participants cited the recent removal of staff profile information from the Intranet as an action that had significantly impaired their productivity and effectiveness. they pointed out that a key question when researching any given topic is who held a particular position at the time of the event, issue or policy decision in question and hence might be able to shed light on it or point them to other contacts. that such an important and longstanding resource was removed without warning, explanation or consultation was cited as a prime example of what they saw as service groups being out of touch with business realities. those who recognized GoC privacy policies as the likely reason for the decision wondered whether the staff profiles application could have instead been modified to conform to the policies.

Workgroup Corporate Memory Needs

Finding 15: In order to be consistently productive and effective, departmental workgroups need uninterrupted access to corporate information when employees are away from the office or rotated to new positions.

Effective handover processes are particularly important to workgroup productivity and effectiveness in a rotational service. Foreign service officers frequently cited instances of having arrived at missions to nearly blank slates with much of the information that predecessors had been working on being largely lost to the extent that it was not well known to locally engaged staff. the ITCan transition checklist was seen as a step in the right direction but one that needed to be more institutionalized as not everybody found the time to complete it. Contact information was cited as being of particular concern.

Another common concern related to accessing the information stores of individuals who are away from the office. Workgroup-related information contained in their personal files is often inaccessible during this period. this problem has been exacerbated by the increasing use of personal rather than organizational mailboxes. As a result, participants reported that important messages are frequently unnoticed and left unanswered while the officers to whom they are directed are away.

Top of page

Individual Corporate Memory Needs

Finding 16: Individual employees require tools to facilitate rapid access to the totality of their previous work in order to maximize their productivity and effectiveness.

Everyone spends time almost daily searching for pieces of information that they know they have seen before and believe will be relevant to the task at hand, but cannot immediately lay hands on. Indeed, one of the hallmarks of very productive individuals is their ability to rapidly find and reuse previous work so that they do not have to waste time "reinventing the wheel". Participants in several focus groups alluded to the need for tools that automatically index emails, documents, Web pages, notes and other useful information so that they could find and retrieve them immediately when needed. Individuals who had found the free Google Desktop tool very useful in this regard at home wondered why there was nothing similar on their SIGNET desktops. It was pointed out that InfoBank was not a viable answer to this need because of the time required to individually enter each document and email and the fact that the majority of messages are not seen at the time as being of enduring organizational value ensures that individuals will realistically archive only a fraction of their daily work. Instant access to the totality of one's previous work was seen as a major contributor to personal productivity and effectiveness, as well as a partial solution to the problem of fragmented information stores.

Interviews with line officers and IM specialists revealed a divergence of opinion between the two groups on the issue of personal information stores. As increasing expertise in particular issues is part and parcel of the career paths of officers as they move from position to position, their productivity and effectiveness are enhanced by having ready access to their previous work. For that reason, many of them seek to take their previous email stores with them on CD-ROMs when they move to their next assignment. IM specialists, on the other hand, expressed reservations about this practice due to concerns that the information properly belongs to the business unit rather than the individual. there is a need to either formalize this practice or provide alternatives in such a way as to effectively balance individual productivity with information ownership issues within the Departments.

4.1.3.4 InfoBank

SXD is in the process of deploying the new InfoBank document management application across the Departments with the specific objective of meeting most of the enterprise and workgroup information management needs expressed above. the term "InfoBank" is the FAC label for the Records, Document and Information Management System (RDIMS) a Government of Canada Shared System mandated for use by all departments. RDIMS integrates a number of related commercial software products, chief among them the Hummingbird document manager that users see when they open InfoBank.

Finding 17: there is an urgent need to address the overwhelmingly negative initial impression of InfoBank described by HQ focus group participants and the fact that the majority are not using it regularly after having completed their training.

As none of the missions that were interviewed had yet undergone InfoBank installation and training, the extensive comments and user feedback received in the course of this Study all referred to the HQ experience. that feedback was extensive and overwhelmingly negative. While many participants had long recognized the business needs that InfoBank was intended to meet and some had been enthusiastic proponents prior to their training, the majority had stopped using the application and were unhappy with its continuing impact on their productivity and SIGNET experience.

Finding 18: there is an urgent need for a comprehensive strategy to assist workgroups in moving existing information from facilities such as the i-drive to address the further fragmentation of the departmental information stores and to encourage InfoBank usage.

Most of the expressed user concerns were variants of the following observations:

  • Some participants have tried many times to get into the habit of saving documents and messages but considered the program to be overly cumbersome and perceived that it so slowed their work that they normally resorted to hitting "Cancel".
  • As documents and messages that they had saved in InfoBank were harder to find than in the i-drive, which they considered more intuitive, more effort was required to devise targeted searches.
  • Free-text searches were viewed as returning far too many documents.
  • Documents that are not on a limited list of supported formats must be stored separately on local or network hard drives (HTML, which underlies Web pages, was the most frequently cited example). Some users feared that the i-drives would be shut down and noted that, if that were done, a comparable shared storage facility would continue to be required for non-supported file types.
  • the overheads inherent in using InfoBank were stated to be especially annoying for email:
    • Participants characterized it as being the wrong tool for officers needing to access their own work because it was overly time-consuming to retrieve emails,
    • Various participants estimated the proportion of emails that are not saved as between 95% and 99%. Hence, the claimed 5-10 second delay caused by the InfoBank dialog box that comes up for each and every email that they sent was viewed as a significant drain on their productivity.
  • Users' PCs noticeably slowed down after InfoBank installation and were stated to be significantly more prone to crashes and freezes;
  • there was no training or support for moving existing documents over to InfoBank (some reported having been advised by trainers not to). Users who tried found the process to be neither user-friendly nor natural. As a result, a few divisions that were still making a serious effort to use the application had hired consultants to move files from their i-drives;
  • InfoBank installation and training were communicated on a division by division basis, with little or no advance discussion with divisional managers as to how this would impact their work environments or how it could best be applied to their particular needs. Several participants also noted that there had been no direction from their senior managers to encourage them to make the transition;
  • A number of participant were unhappy with the training they had received, which they characterized as overly focussed on the technicalities of the program as opposed to how to effectively apply it in the real world. Some believed that their trainers had little understanding of the work of the Departments.

Other concerns that were expressed by focus group participants included:

  • An inability to easily share documents via email, particularly with outside collaborators;
  • "Glitches" when attempting to use InfoBank from SIGNET Remote Access;
  • Awkwardness in storing messages from organizational mailboxes (which almost by definition are of organizational interests so should be consistently saved);
  • the inherent gaps in corporate memory because Ministers' offices will not be connected;
  • Inability to toggle between the French and English versions of documents; and
  • the need for an equivalent facility on the classified side, with sufficiently granular access controls to prevent "fishing expeditions" by users lacking authority to do so.

Finding 19: A strategy is needed to address the significant negative impacts that InfoBank users have experienced with respect to the speed and stability of other SIGNET applications, especially Outlook and WordPerfect. Suppression of the dialog box that appears when sending messages in Outlook could be considered as one element of such a strategy.

Interviews held with the members of the InfoBank technical and implementation team to validate the above user concerns followed by an expert-level demonstration of the InfoBank product yielded the following information:

  • InfoBank installation does indeed have the side effect of making Outlook less stable, since it inserts "hooks" that intercept a number of Outlook processes and redirects them to the Hummingbird software. Minor network disturbances that would otherwise go unnoticed can then cause Outlook to freeze or exit. this problem can be exacerbated for Trio users, since that application also interfaces with Outlook in the same manner. the technical team has produced a number of "patches" which have served to reduce this problem, along with several other annoyances such as a roughly 45-second delay the very first time that users saved a document or email on return from training.
  • the process of saving documents is inherently more likely to cause WordPerfect to crash than is the case with Microsoft Word, likely due to Hummingbird's much greater experience with the latter. the relatively limited market presence of WordPerfect suggests that this is unlikely to change significantly in the foreseeable future.
  • Document management systems associate each record with user-supplied "metadata" describing the subject, file or folder reference, author, version, date and a variety of other information which, along with free text search, enables all relevant records to be retrieved. Infobank enables each user to create a custom template containing default values for virtually all the metadata to speed and simplify the process of saving documents and emails. While the dialog box that appears every time the user elects to save something in Infobank contains a daunting number of metadata fields, properly set defaults should simplify that process in most cases to a few clicks, occasionally augmented by some words of descriptive text. As their final step in InfoBank training, users are guided through the creation of an initial profile. However, the number of focus group participants who complained about the complexity of saving material in InfoBank suggests that some individuals left before the end of the training session or that this task was not always adequately completed.
  • the observed InfoBank-related delays in saving documents and sending email were significantly less than those reported by many focus group participants. Saving an email or document and associating it with a previously used folder required four extra clicks and approximately 5 seconds. Sending an email without saving required one extra click (~1 second) while saving an email using only default metadata took two extra clicks (2-4 seconds). Part of the difference may be explained by the fact that it was being demonstrated by a truly expert user on a fast PC. the balance is likely attributable to frustration in that users who do not see value in what InfoBank provides them, have not used it enough to become proficient in its use and cannot remove it from their systems may have a heightened perception of the time that it costs them every time they need to save a document or send a message.
  • While the technical team has implemented a number of patches and customizations, FAC is quite limited in its ability to modify the underlying Hummingbird product as the channel for input to the vendor is the government-wide RDIMS cluster group, whose priorities for enhancement do not necessarily match those of the Departments. Also, customization creates a long-term burden in that all local changes must be re-engineered and reapplied before SXD can roll out the next vendor release of the product.

Further investigation into InfoBank's configuration options revealed that the feature whereby a dialog box intercedes every time a user attempts to send an email message in Outlook is optional and subject to direct departmental control. that feature was cited in focus groups as one of the prime reasons for dissatisfaction with the application. Both TBS and PWGSC chose to deploy RDIMS without that feature enabled as a result of user feedback obtained during sensitivity testing.

Top of page

Finding 20: A comprehensive strategy is needed to address the 75 to 80 percent of HQ divisions that have completed InfoBank training but have not incorporated it into their day-to-day work processes.

SXD usage statistics collected in early August indicated that, of 765 HQ individuals who had completed their training, 40 percent were saving at least some documents and emails into InfoBank on a regular basis. While no rigorous survey was taken during the focus group sessions, the extensive discussions on the subject suggested that InfoBank had "taken" in 20 to 25 percent of HQ divisions that have implemented to date. those divisions are ones in which the majority of personnel are saving material regularly and the application has been incorporated into daily work patterns. Implementation may be deemed to have failed in the majority of divisions in the sense that InfoBank is not being used sufficiently that the division gains any real benefits from its use that offset the productivity costs. there is therefore little or no incentive to busy individuals to invest time in becoming proficient in its use. Consequently, the training that they received is rapidly lost.

Despite the above negatives, InfoBank cannot be viewed either as a complete failure or even as an inappropriate product because a minority of divisions have successfully adopted it and are obtaining value from the application. the distinction was striking in some focus groups where one particular division had successfully integrated it into their work environments while sister divisions had not and could see no reason to do so. three major factors appeared to distinguish those divisions where InfoBank had succeeded as opposed those where it had not:

  • the Director concerned had made it clear that the division would henceforth be using InfoBank as a primary tool for records management and corporate memory, and had instructed all staff to begin using it;
  • Collaboration on document preparation played a significant role in those divisions' normal work practices, allowing InfoBank's versioning capabilities to add value; and
  • At least some effort had gone into transferring existing documents from the i-drive.

the first point may be the single largest success factor in that InfoBank touches on the core of day-to-day work practices and therefore poses a significantly greater adoption barrier than most applications. Users face a significant learning curve as well as some significant productivity costs before they begin to perceive a "gain" that justifies the "pain". those costs include the further fragmentation of their information stores, which consist of paper files, current Outlook folders, archived Outlook folders, CATS, c-drive, h-drive, i-drive, classified versions of some of these stores, and now InfoBank (to avoid duplicate records, CATS information will be moved only when the InfoBank implementation is complete and CATS can be decommissioned). Hence, actions that contribute to creating a critical mass of the current working files of any given individual and division in InfoBank significantly increase the likelihood of their adopting it.

Finding 21: A well-considered and carefully implemented change management strategy is especially critical for the successful adoption of applications such as InfoBank which deeply affect individual and workgroup business processes.

In hindsight, a major change initiative such as the InfoBank project requires much more senior management engagement and a more comprehensive change management plan than was the case (references were made to such a plan having been developed but it was reportedly curtailed due to budget and/or scheduling considerations). Given the disappointing rate of adoption in HQ, the major question facing the Departments now is whether and how to proceed. While some HQ InfoBank training is continuing, the new CIO has reportedly scaled back the implementation schedule to allow for analysis and refining of the approach. One positive indicator is that mission implementations were stated by SXD personnel (confirmed in a recent CFSI evaluation of InfoBank training) to have been more successful, in part because of increased up-front engagement of mission management. However, this begs the question of what to do about the many HQ divisions that have not adopted the application.

4.1.3.5 Intranet and Internet Services

Finding 22: the utility of the departmental Intranet could be improved with a better search engine and text-only versions of key pages for missions with very limited bandwidth.

the departmental Intranet was frequently described as having an ineffective search engine. Many missions cannot effectively access Intranet pages due to their heavy graphical content combined with those missions' bandwidth limitations.

Finding 23: there is a perceived need for more discipline to control the proliferation of departmental Web sites, both internal and external, and to better manage their content.

Participants echoed the findings of the recent audit of Intranet management which found that the departmental Intranet was rife with "dead links", stale content, and had many page quality and accuracy problems. the GreenButton project was cited by a number of participants as evidence that standard content management software could meet their needs in this regard.

On Internet publishing, some participants expressed concern over Web site proliferation and the lack of coherence between those sites. In their view FAC/ITCan continue to have a multiplicity of external Internet sites, many with stale information, that undermine a coherent departmental approach on issues. For people from outside, there are "a million places to go". SXD was stated to lack the ability to enforce discipline or to require business cases for new Web sites. Some participants expressed doubts as to the wisdom of missions managing their own sites, wondering whether it is worth the effort and if those resources could perhaps be better applied elsewhere. While missions need to produce local content, the technical side could be perhaps be centralized (with the caveat that the function be adequately resourced to retain responsiveness).

Translation and official languages policy were cited by several missions as significant obstacles to mission publishing activities. HQ was stated to have devolved translation budgets to missions but failed to allocate enough to do the job. For example, missions attempting to meet Virtual Trade Commissioner requirements lose much of the up-to-date "intelligence" aspect of market intelligence while waiting for translation.

Finding 24: Departmental Internet users have expressed the need for a more transparent procedure for employees to obtain access to blocked sites for legitimate business reasons.

Departmental personnel make extensive use of the Internet both for research and for information dissemination. On the research side, some participants cited instances in which they had legitimate business needs to access particular blocked Web sites. While they recognized the policy reasons that necessitate restrictions on certain categories of sites, they argued for a more flexible and transparent override process that would be capable of responding to their business needs.

Top of page

4.1.4 Protocols and Templates

Finding 25: Departmental productivity, effectiveness and consistency would be enhanced by standardized protocols and templates to guide employees in the best use of applications and to facilitate their execution of business processes. In many cases, templates are best integrated into the relevant applications.

Several participants alluded to a general lack of standard protocols to assist individual users and organizational units in making the best use of the IM/IT tools that are made available to them. Individuals learning the functional details of how to use an application does not translate into that tool being effectively and productively integrated into the work processes of an organizational unit. Even as simple and longstanding a facility as the i-drive was variously described as highly effective or an unorganized mess depending upon whether the units in question had developed and consistently applied a common protocol for its use. It was suggested that every new IM/IT capability should be only be deployed if it is accompanied by one or more model business protocols.

Protocols serve to guide individuals and organization in implementing well-defined business processes. the absence of standard templates for common business processes were cited as a major productivity concern, requiring each mission to develop its own on a trial and error basis. One example that was cited was a standard media summary reporting template that would guide missions in providing exactly what HQ units or Ministers really need to know. Other examples included templates for incoming and outgoing visits; bilateral meetings and political reporting, etc. Such templates would provide coherence and consistency to mission reporting. the Outlook formal message template, which is integrated into the Outlook application, was referenced as a good example of such a template.

4.1.5 Technical and User Support

Finding 26: Missions need increased flexibility on the part of SXD and major application owners with respect to the hours of operation for technical and user support services.

the speed and quality of technical and user support is an important factor in the productivity and effectiveness of any system or application. While individual SIGNET support personnel were frequently praised and HQ participants were generally satisfied with the support services that they received, most mission participants who mentioned the support issue felt that current service levels were inappropriate for Departments that operate globally on a 24/7 basis. Mission participants suggested that both SXD and application support personnel tend to work on an Ottawa schedule. Asian missions usually have to wait a day for a reply from SXD and ITCan application response times were stated to be even longer. It was suggested that SXD and major applications owners make more of an effort to schedule their support personnel more equitably across the working day as SXD support services were stated to decline noticeably in the 3:30 pm to 6:00 pm period and application support rapidly became non-existent.

Other concerns expressed with respect to SIGNET support include the observation that personnel do not appear to be trained to offer help on the French platform and do not know enough about micro-missions to be helpful in problem solving. the latter problem was stated to increase the burden on very limited LES resources at such missions, which hurts their ability to function. Missions generally were stated to require affordable options for emergency support.

4.1.6 Other Productivity-Related Business Needs
4.1.6.1 Mission MITNET Connectivity

Finding 27: MITNET connectivity to missions remains a limitation and continues to constitute a serious productivity drain at many smaller, remote missions.

the majority of critical comments on the SIGNET 3 platform related to MITNET bandwidth. While many participants expressed satisfaction at the recent doubling of bandwidth to most missions, some cited the continuing inconvenience and productivity costs associated with slow response times at many of the smaller and more remote missions. A number of common and widely praised tools such as Citrix were stated to be almost unusable at such missions. A few individuals whose job functions involved video and graphic communications argued for the need for continuing and much greater increases in bandwidth to missions. However, considering the current costs of MITNET bandwidth ($20.9 million or fully half of SXD operating funds), further significant bandwidth increases must realistically remain in line with market-driven reductions in the price of that commodity.

Until recently, raw bandwidth to missions was the major productivity-limiting factor. While this continues to be an important consideration, latency (the time required for a piece of information to move between HQ and a given mission) has become increasingly important as many new applications require a very fast transaction time to operate and behave accepably.

4.1.6.2 Visit and Events Management

Finding 28: Visit and events management are both examples of common business processes that consume very considerable amounts of mission time and could potentially benefit from standardized IM/IT supporting tools.

Visit management ranks closely behind and is intimately linked to contact management as a common and very time consuming mission activity. In the absence of a standard, easy-to-use package to do visit planning, missions have developed low-tech tools (e.g. forms, templates, Outlook scheduling protocols) to deal with this business need. Missions reported often not hearing about OGD and provincial missions until they were already in progress. A centralized database and management tools for all incoming and outgoing visits was suggested as being an appropriate solution.

Events management was raised as a common mission requirement that could usefully be linked to both contact and visit management. this is particularly true on the ITCan side where missions participate heavily in events such as trade fairs. For missions and individuals to learn from each others' experiences, they need to drill down to actual data on participation and results. the earlier Trade Activity Management System (TAMS) and the replacement Trade Activity Planning System were cited as applications that had met that need. It was further suggested that comparable needs exist in the Public Affairs program.

Top of page

4.1.6.3 Electronic Publishing

Several missions indicated that electronic publishing is an increasing important requirement for them. With the right tools, it can be both more effective and less expensive to produce custom reports on demand from available content rather than maintaining a stock of outdated printed material on the shelf. this requires standardized tools so that missions and HQ can continuously share the most up-to-date content. In the same vein, missions and HQ units have taken multiple approaches to the production and dissemination of newsletters, both electronic and printed. Standardization and ease of access to common facilities would facilitate publication activities.

4.1.6.4 the Approvals Process for Commercial Software Packages

Finding 29: Missions and HQ units with specialized business requirements need the assurance of service level guarantees of more rapid and consistent turnaround times for the approval of specialized commercial application software.

A number of groups pointed out a service level problem with respect to obtaining approval to install specialized software on SIGNET PCs. Examples include statistical analysis packages and higher-end graphics. Subscription software that requires regular downloads is likewise problematic. the Trade Law Division, for example, ultimately abandoned an important subscription information resource because the problem of loading updates had resulted in their no longer being able to trust the integrity of the database. Many units have had to resort to purchasing additional non-SIGNET PCs for affected officers. To avoid unnecessary expenditures and the loss of both productivity and business effectiveness, participants stressed the need for service level guarantees with firm response times measured in weeks, not months.

4.1.6.5 More Effective Communications as to What is Available

Finding 30: Employees require improved access to information on what IM/IT and information resources are already available in the Departments.

Several participants observed that SXD does not communicate effectively on what products, services and capabilities are already available. Many participants reported that they knew only a fraction of the capabilities of the applications that they use, let alone others that they were not even aware of. the Departments often already have software or other facilities that may meet a particular business need, but users tend to find out about them only by chance. An easy-to-use Intranet information resource or perhaps a wizard application would enable users to locate existing software and applications not only by name but by functionality, with links to guidelines and protocols for how to obtain access and use them effectively.

the same is true of information. Functional units reported receiving frequent requests for data that had already been published on the Intranet or were available through the Virtual Library. Likewise missions complained of continuously receiving time-consuming requests from HQ units for information that had already been supplied in some other format. A similar guide to commonly sought information and reports would offload many of those requests if it were sufficiently easy to access and could be kept up to date.

4.2 Responding to the International Policy Statement

Canada's International Policy Statement (IPS) sets out the principles and priorities that will guide Canadian global engagement over the next number of years. In particular, the IPS defines 17 Government of Canada priorities in the areas of diplomacy, defence, development and commerce. Each of these priorities requires different levels of commitment from and collaboration among FAC, ITCan and OGDs. As IM/IT capabilities will play a significant supporting role in enabling the Departments to achieve the Government's objectives in these areas, the IPS was analysed from the perspective of identifying potential IM/IT needs for validation with the user community.

the analytic methodology was as follows:

  1. the 17 priorities defined in the IPS were listed, along with the key initiatives associated with each priority.
  2. Based on those initiatives, each priority was categorized as requiring a low, medium or high degree of involvement from each of FAC, ITCan and Passport Canada.
  3. Implied business capabilities were identified as being required to achieve each of the high-involvement priorities for the three organizations. Six distinct capabilities emerged: effective diplomacy, effective collaboration, effective advocacy, organizational agility; excellence in consular services and excellence in passport services.
  4. Twenty detailed functional capabilities were then derived from the six general business capabilities. these were prioritized in terms of the number of IPS priorities they each supported and categorized as to the importance of IM/IT support for their realization.

the ten detailed functional capabilities for which IM/IT tools were deemed to play a particularly important role were then raised in focus groups, mission teleconferences and interview for validation with the user community. those were as follows (listed in decreasing order of the number of IMP priorities supported):

  1. Contact management skills, tools and methodologies;
  2. Issues management skills, tools and methodologies;
  3. Ready access to comprehensive, up-to-date corporate memory;
  4. Tools and resources for a highly effective mobile workforce;
  5. Capacity to rapidly identify, staff and deploy appropriate teams ;
  6. Research skills, tools and resources;
  7. Effective communications, data sharing and interoperability with partners;
  8. Team-based collaborative skills, tools and resources;
  9. Effective transactional business processes; and
  10. Emergency consular response capabilities.

the sheer number and scope of the Government's IPS priorities and initiatives will require the Departments to improve their productivity and effectiveness to the maximum extent possible. Hence, all of the findings in Section 4.1 above provide indirect support for the IPS. New business needs related to the above capabilities list are described below.

Top of page

4.2.1 Contact Management

Finding 31: the unmet need for a departmental-standard departmental contact management application costs missions heavily in terms of lost productivity and reduced effectiveness.

Contact management is both a specialized subset of corporate memory and a universal business requirement for missions. It was identified in the IPS analysis as a key IM/IT capability that is required to effectively support all of the Government's international policy priorities.

the lack of effective, departmental-standard contact management software was cited by mission after mission as among their top three "time wasters". Participants reported that various sections within their missions and even individuals within a section stored their contacts in different applications, including spreadsheets, WordPerfect lists, home-brewed databases, WIN Exports, TRIO, Outlook Contacts, Contacts Plus, Maximizer and Goldmine. As a result, contact information is often not handed over in usable form when officers rotate. the burden of converting contact information from multiple incompatible formats (which often required manual re-inputting of all the data) was stated to be particularly acute in the context of planning mission-wide events such as the annual Canada Day reception. Also mentioned were the faux pas and the lasting impressions of a lack of professionalism that can result from two or more officers failing to realize that they are working with the same host-country contact.

Chief among the stated business needs to be met by a standard contact management tool were:

  • Efficient tools for preparing invitations and sending them out by mail and fax;
  • Support for non-Western scripts;
  • Appropriate read/write access controls to protect contact "ownership";
  • Integration with Outlook 2003; and
  • Integration with BlackBerries.

ITCan is in the process of deploying the Trio system as a standard contact management system for the trade function at missions abroad. In May 2004, Management Committee rejected an SXD proposal to develop and deploy variants of Trio for other mission programs in the absence of an identified source of funds. Participants criticized the failure to follow up with an improved proposal on the basis that the underlying need had not gone away and departmental funds continue to be expended on numerous local and individual solutions that constitute a drain on productivity.

Trio received mixed reviews from early adopters. It was seen as meeting an important need, especially with respect to corporate memory, but was also viewed as being somewhat complex and cumbersome.

4.2.2 Issues Management

Issues management as a business need did not gain any traction in either focus group sessions or mission teleconferences, perhaps because managing issues is part and parcel of what foreign service officers do and IM/IT tools have never been considered as particularly relevant in that regard. While there may be scope for applications to assist in the tracking and prioritization of issues, their interconnections and their outcomes, no findings to that effect surfaced in this Study.

4.2.3 Corporate Memory

Findings related to the need for ready access to comprehensive, up-to-date corporate memory are reported in Section 4.1.3.5 above under the general category of information management.

4.2.4 Mobility
4.2.4.1 Mobility Overview

the requirement for more effective IM/IT tools for the mobile officer was the single most frequent category of thus far unmet IM/IT business needs cited by participants in this Study. Both mission and HQ interviewees perceived that the current mobile "tool kit" is the result of ad hoc pressures and purchasing decisions by individual managers, resulting in uneven support and little or no consistency in terms of who gets what. Virtually all participants recognized that foreign service personnel would be more effective if they could spend less time at their desks and more actually interacting with the people and organizations that are key to advancing Canadian interests. A number of mission participants underscored the importance of similarly equipping the locally engaged staff whom missions increasingly rely upon for those functions.

4.2.4.2 BlackBerries

Finding 32: the Departments require comprehensive policies, strategies and support for the deployment and use of BlackBerries, which have become the tool of choice for mobile foreign service officers.

While the BlackBerry is far from the only personal digital assistant on the market, it was considered the tool of choice for officers on the move and dominated the discussions on mobility tools, particularly among mission personnel and ITCan Regional Office staff. A majority of participants preferred to use BlackBerries as opposed to laptops, particularly those engaged in frequent international travel or based in large cities such as London with long commutes by train and other public transit who wished to use that time productively.

the most frequently expressed concern was the lack of support for reading attachments, which was viewed as substantially impairing mobile productivity. ITCan Regional Office staff who are on the verge of switching from Industry Canada systems to SIGNET pointed out that Industry Canada has long since supported the viewing of attachments. Others indicated that the common workaround was to forward messages with attachments to personal Yahoo accounts for review and suggested that the Departments are actually increasing the risk of exposure of sensitive information by ignoring the problem. Several participants pointedly suggested that, since DMs and ADMs across government use and will continue to use their BlackBerries to communicate sensitive information, SXD and ISD need to come to terms with this reality by systematically addressing the safe use of these devices

A number of participants indicated that the Departments are only utilizing a fraction of the capabilities offered by the BlackBerry, including integrated cell phone functionality. Insufficient training in the most effective use of these devices was cited as contributing problem to this deficiency. Data access was also cited as a common problem, particularly by trade officers who need to manage contacts and access contact information while in the field, but cannot connect to Trio from their BlackBerries.

Top of page

4.2.4.3 Laptops

Finding 33: the provision of docking laptops as an alternative to SIGNET desktop PCs is a promising strategy to better meet the business needs of mobile employees. this strategy can partially address the need for a more consistent approach to the provisioning of laptops.

Finding 34: While SXD has significantly improved SIGNET Remote Access services, there remains a general need for a more effective means for mobile employees to securely access departmental IM/IT services from non-SIGNET PCs.

the new version of Remote Access provided with SIGNET 3 was generally deemed to be a major improvement, resolving most of the problems such as frequent disconnects that had previously discomfited users. Officers who are frequently on the road can now delegate emails from home, avoiding the need to come into the office early prior to leaving on trips and can remain in touch more easily while away. However, availability was stated to vary widely between missions, with access to DISA cards and other "hoops" restricting its use in many locations.

Two HQ bureaux indicated that they make extensive use of off-site workers for mission-critical after-hours functions. As those individuals do not have SIGNET PCs, reliable remote access is central to their operations.

Outlook Web Access provides an alternative means of accessing basic Outlook email, contact and calendar functions from a non-SIGNET computer. However, like the BlackBerry, it does not support the opening of attachments. Several participants cited its unreliability including, in one case, not being able to reply to messages for a full two-month period. An alternative to Outlook Web Access, currently known as "Zero Footprint SIGNET", has been undergoing pilot testing for several months and is being supplied as the SIGNET connectivity solution for ITCan Regional Offices.

One very common concern expressed by FAC and ITCan travellers was the long wait for Outlook to synchronize when attempting to access SIGNET at a different mission from one's home location. Waits of 45 minutes or more were reported, depending upon time of day and bandwidth availability at the mission concerned. Users also noted a tendency to freeze while accessing attachments, which requires waiting for yet another load. As a result, many found it faster and more convenient to connect from their laptop in a hotel via SIGNET Remote Access rather than using a mission SIGNET 3 workstation.

4.2.4.5 Other Mobility Needs

It was suggested that there is no easy way for travelling officers to find local phone numbers for DISA connections. Such information could usefully be provided in the form of a mobility profile for each city to be maintained on the Intranet. Other needed information would include whether or not BlackBerry connectivity is available and what types of cell phones will work.

A few participants indicated that they would like wireless connectivity to SIGNET to facilitate entering reports and retrieving information from conference rooms during meetings.

Instant text messaging, both online and via cell phones, was stated to be a common business requirement in Asia. In the Philippines, for example, officers reportedly use their personal phones for this purpose.

4.2.5 Team Building and Human Resource Business Processes

Finding 35: the Departments require more effective and responsive human resource business processes supported by accurate, up-to-date databases, workflow and self-service capabilities.

the IPS requirement for a more agile foreign service that can quickly respond to world events and, specifically, can rapidly identify and assemble the teams needed to carry out such responses suggests a strong business need for faster and more efficient human resource processes. the focus group conducted with the Human Resources Branch indicated that the Branch has recognized the need to streamline and modernize its business processes and is in the process of conducting a review of those processes. the intent is to do business process mapping from an operations perspective to derive standard business rules and ensure natural, effective workflow. the Branch has reportedly completed that review and expects to have an action plan ready in the Fall of 2005. It was suggested that more business requirements identification will be required. Reference was made to many problem areas that had been repeatedly identified in past exercises but for which few remedial actions had been taken.

Participants suggested a strong need for an on-line assignment application process that would enable employees to bid for both rotational and non-rotational assignments on a self-service basis. the Human Resources Branch currently relies on email applications, but this is a very manually intensive process. the US State Department reportedly has such a bidding system.

Also cited was the need for an online, department-wide succession planning tool that would be linked to training and personnel development. the reporting from such a system (e.g. how many people have bid on particular openings) would also link to the recruiting function to facilitate filling gaps where assignments are chronically underbid. Links would also be provided to financial systems to ensure the availability of funds, as well as to FSD and other systems that manage the postings of approved resources. While Peoplesoft provides succession, career planning, training and performance management modules that could be implemented within HRMS, FAC has not acquired these to date (it was pointed out that decisions to build separate applications for these functions rather than utilizing integrated modules tended to be one-off decisions that did not necessarily consider the ripple effects).

the departmental skills inventory was also mentioned as needing to be linked to an automated or online planning system this would allow HR to be proactive as opposed to always reacting to new business initiatives in crisis mode. It was noted that new legislation is coming that will require departments to create and manage pre-qualified pools. Other HR business needs that were raised include automated tools to produce organization charts and eligibility lists.

LES Pay was referenced as a problem application by several missions in terms of their ability to successfully apply it to meet their payroll needs. IMS was cited as working well but payroll reportedly continues to be a long, tedious and error prone process due to the need to use two different programs (IMS and LES pay). LES Pay has reportedly not yet been made compatible with SIGNET 3, requiring mission accountants to run it on separate computers.

Top of page

4.2.6 Research Tools

Finding 36: Program units require improved research tools such as regular think-tank summaries and advocacy information to better identify leverage points for advancing Canadian interests.

Participants in both HQ focus groups and mission teleconferences suggested a number of tools that would make them more productive in terms of finding relevant work-related information in the vast array of sources that are now available.

Regular summaries of the output of key think tanks such as those produced by London and Washington were cited as particularly helpful. Centralizing such services or contracting them out would offload missions and prevent potential duplication of effort.

A number of participants pointed out the need for a uniform self-service platform to access the many information sources available to the Departments though a common or at least consistent interface. the information resources made available on SIGNET 3 through the Citrix interface were almost uniformly praised, but many missions reported that they lacked practical access to them due to bandwidth limitations.

Many participants praised various Library services while a few criticized them for often providing less than useful information due to insufficient understanding of the needs of the intended recipients.

Mission personnel who frequently respond to requests for information concerning people or programs within the federal government would benefit from improved tools for finding such information. It was stated to be faster to resort to Google rather than using the Canada Web site as the latter often requires drilling down six to eight layers to reach the information of interest.

Several participants cited GoCCART (the Government of Canada Congressional Analysis and Research Tool) as an example of an innovative research tool that promises to directly improve the Departments' ability to more effectively identify the best leverage points for advancing Canadian interests and hence better meet the objectives set out in the International Policy Statement. GoCCART is intended to centralize trade and political advocacy information for the U.S. to improve both targeting and messaging. It will combine Government of Canada information with purchased data sets, including geographic information on congressional districts.

4.2.7 Interoperability with Partners

Finding 37: Led by units that collaborate extensively outside the Departments, a gradual migration from WordPerfect to the Microsoft Office suite is now well under way. there is a need to recognize that shift and address obstacles that are inhibiting it.

Informal polls taken in the course of focus group sessions and mission teleconferences suggested that, while a majority of personnel continue to rely primarily on the WordPerfect suite, the trend is strongly in the direction of Microsoft Office. Business units that collaborate extensively with OGDs, other domestic or international institutions and the private sector have mostly migrated to Word and Excel. Participants repeatedly cited the fact that most of the applications, macros and electronic forms that work with information on word processing documents are still tied to WordPerfect. this was stated to be a major impediment to migration and, in units that have switched to Word, a significant time-waster due to conversion difficulties. As the use of two different suites entails real productivity costs, many argued that a clear policy of gradually phasing out WordPerfect would be beneficial.

4.2.8 Collaboration

Collaborative software, also known as groupware, comprises applications that allow geographically separated individuals to work concurrently on a common project or topic area. the best known example of commercial groupware is the Lotus Notes family of products, which provide integrated messaging, calendaring, discussion groups and shared document repositories, all with security and access controls. Microsoft Outlook provides some of this functionality, but with a predominately email and calendaring focus. A variety of newer groupware products are now available in the marketplace.

the Department explored Lotus Notes in the late 1990s and developed some trial applications, at least one of which is still in use. However, a security analysis at the time suggested issues which resulted in a decision to focus on the Microsoft suite of products. In the meantime, the Australian Department of Foreign Affairs and Trade (DFAT) has successfully developed and deployed an integrated suite of Lotus-Notes based applications for both SATIN-low and SATIN-high (its equivalents to SIGNET  3 and SIGNET C4 respectively).

Finding 38: Further investigation is needed to evaluate IM/IT tools that might usefully be applied to meet collaborative business needs.

the IPS analysis indicated that improved collaborative capabilities will be key to the Departments' abilities to deliver virtually all of the Government's priority foreign policy initiatives. However, questions that were posed in the focus groups related to IM/IT business needs with respect to collaborative capabilities generally drew a blank.

Several participants pointed to the R-Branch initiative to develop a community of practice initiative on Internet and Intranet sites related to Public Diplomacy with considerable support from the B group and the Library. Most viewed this as a potential model for other such initiatives, though it was pointed out that a number of missions lack the bandwidth to download the content.

Both audio and video conferencing were cited as useful collaborative tools. Some HQ units are experimenting with video conference linkups to collaborate with NGOs and academics. Units that work a lot with missions use both conference calls and, more recently, video conferencing, which they find both effective and easy to use. Secure videoconferencing was stated as a need that, if feasible, would reduce the requirement for overseas travelling. Improved bandwidth to smaller missions and increased capabilities for netcasting were also considered to be desirable.

Top of page

4.2.9 Transactional Business Processes
4.2.9.1 Project Management

Finding 39: the large project-related programs that FAC is responsible for as a result of the IPS have created an urgent need for effective departmental standard project management tools and methodologies that are directly linked with corporate financial systems.

Several participants pointed out that FAC will be increasingly responsible for managing large projects, an area of expertise which was previously concentrated in the Physical Resources Bureau and, to a lesser extent, SXD. the IPS has resulted in FAC assuming responsibility for the effective and transparent management of new and highly visible project-oriented programs, including Global Partnerships, the Global Peace and Security Fund, Counter-Terrorism and Land Mines. these were all cited as requiring extensive planning and tracking of projects, budgets and deliverables.

the I Branch has recently established a Project Support Unit to meet the legal, contracting, finance, HR and IM/IT needs of a large portfolio of such projects and is reportedly considering leveraging the project management capabilities of the corporate IMS system as opposed to building new custom applications.

4.2.9.2 Workflow

Finding 40: the Departments require new and more effective workflow-based business processes to replace existing paper-based administrative processes that are unnecessarily labour intensive and time-consuming.

  • SXD administrative processes where clients are required to make multiple (some cited up to five) different requests when a new person arrives to obtain a SIGNET account, computer, telephone, access to various applications, etc. (it was suggested that this should ideally be automatically triggered by a staffing action in an up-to-date and reliable version of the HRMS database);
  • EQAMS and the Briefing Products Tracking System which, as previously noted, were perceived as taking two to four times longer than the WordPerfect-based processes that they had replaced;
  • FSD processing, which is still manual and requires double data entry; and
  • Forms Online which, while frequently praised as being a major improvement over JetForms, is still primarily used to produce a large number of printed forms which then must be sent to an administrative unit that then re-keys all of the information.

Finding 41: Given that the Departments already own at least five very different workflow engines in their existing portfolio of applications, there is an urgent need for a decision on a departmental standard to avoid the further proliferation of different user interfaces and incompatible applications.

On the positive side of the ledger, many participants praised the online forms processing for leave applications and for the pre-posting medical process as examples of how administrative processes can and should be performed. these two processes are based on the workflow functionality that is available in the Peoplesoft/HRMS system. Other participants pointed to the workflow functionality built into Microsoft Outlook (Outlook Forms), InfoBank, IMS and ccmMercury (which underlies DCD applications such as the Ministerial Correspondence Management System).

While workflow was seen as having great potential for offloading administrative burdens from missions and improving overall productivity, the point was made that the Departments need a single workflow engine, not a multitude of very different applications, each with a different look and feel. Managers in particular were singled out as having to complete a large number of forms for leave, appraisals, travel and a wide variety of authorizations. One standard look and feel with links to appropriate databases (not having to enter "tombstone" data from scratch each time and being able to cut and paste) would significantly improve their productivity.

4.2.10 Emergency Consular Response

Effective emergency response requires both the ability to rapidly identify and deploy response teams (as discussed above) and mobility tools to support their effectiveness on arrival. Such tools are particularly acute requirement for consular and other teams that may need to travel to crisis locations anywhere on the world on very short notice. the Consular Affairs Bureau and SXD have started to collaborate in the design of "fly-away kits" to provide communication facilities to such teams. these kits include laptops, DISA cards, satellite telephones, facsimile, personal safety radios and, in the case of public service disruptions, a generator.

Finding 42: Innovative approaches are needed to improve the Department's ability to communicate with Canadians who are at risk from crises occurring around the world.

Consular Affairs focus group participants reported issues such as restrictions on their ability to issue departmental-owned equipment to the volunteer Wardens who enable FAC ability to communicate with isolated Canadians in a crisis. Other problems include instances where they were not able to use the satellite phones provided in fly-away kits due to a lack of gasoline to run the generators or, in at least one case, to looters stealing the generators. A new generation of handheld satellite phones that could be recharged from small, inexpensive solar panels was seen as a potential solution.

Top of page

4.3 Governance and Leadership

(Click on image to enlarge)

FAC IM/IT Governance Model

the above diagram illustrates the theoretical governance structure for the Departments as of January 2005. In practice, neither the Partners in Mission Advisory Committee nor the Architecture Council are active.

Apart from Executive and Management Committees, the IMT Steering Committee is the only governance body with a mandate to perform a strategic role. While it has fluctuated over time in terms of its degree of activity and engagement, for most of its history it has served more as a discussion forum than a governance body. In many cases, the DG-level members have been consistently replaced by working-level alternates. It has therefore not been in a position to effectively align application initiatives with broader departmental interests.

Finding 43: Effective CIO leadership and senior management engagement are needed to better align IM/IT investments with the overall business needs of the Departments, thereby reducing application and information fragmentation.

Numerous interviews, both formal and informal, have suggested that the problem of application and information fragmentation is fundamentally one of discipline - an unwillingness to accept it coupled with an unwillingness to impose it. Bureaux and missions have a longstanding culture of autonomy, as well as an inherent distrust of corporate service units. Previous CIOs in their role as Directors General of SXD have been preoccupied with infrastructure issues and have not been seen as having the legitimacy to exert leadership or authority with respect to applications developed and deployed by other bureaux except in the very narrow sense of ensuring compatibility with the SIGNET platform. Senior management, in turn, have not been seen as having taken a strong interest in IM/IT issues.

the above dynamic is clearly illustrated by the one Departmental policy that attempts to regulate the applications development process - the Policy on Approvals Process for Proposed Information Management and Technology Projects which came into force in 1996. While this policy does not speak to the broader questions of departmental standards, value for money or whether a proposed application serves overall departmental interests, it at least set out a formal process to ensure that TBS project management guidelines were being observed. In practice, however, it has seldom been applied, in large part because the IMT Steering Committee raised the proposed dollar threshold to such a level that the vast majority of projects were exempt from scrutiny. there is a need to review information management policies and develop IM policies that take into account the business processes and priorities of the Departments.

Given that business priorities, opportunities and challenges are constantly evolving in response to changing circumstances and unexpected developments, effective IM/IT governance and senior management oversight should not stop with the initial approval and funding of an application-related initiative. In the course of this study, there was little evidence of any ongoing review of the existing portfolio of applications to critically evaluate their continuing relevance and to consider alternatives that might better support the Departments' business strategies.

the above findings strongly suggest that an effective CIO strategic leadership role coupled with effective senior management engagement in ensuring that application-related initiatives and ongoing operations are properly aligned with overall departmental interests are among the most critical IM/IT needs for the Departments going forward.

there is a government-wide trend towards ADM-level CIOs. At present, just under half of the CIOs of departments and agencies with a combined FTE count equivalent to or higher than the FAC/ITCan total are ADMs, but the number jumps to three-quarters for those with more than 10,000 employees (SXD currently supports more than 11,000 users in Canada and abroad). SXD manages more FTEs than most FAC and ITCan Branches, which implies a wide span of operational control that necessarily limits the time and attention that a CIO can devote to strategic issues.

4.4 Other Findings

4.4.1 Business Continuity Planning

Governments and other organizations are increasingly dependent upon IM/IT systems and tools to conduct both routine and mission critical business processes. this dependency carries with it intrinsic risks because, depending upon the availability and effectiveness of manual workarounds, those processes may be halted or significantly impaired in the event of unexpected system outages.

FAC experienced the consequences of such an outage in late July of 2005 when, over the course of a week, several successive hardware failures in an older server repeatedly brought down the Ministerial Correspondence Management System (MCMS). In addition to the down time associated with diagnosis and repair, a full day of transactions was lost due to previously unrecognized flaws in operational procedures related to the scheduling of database and disk backups for that application. Given the broad usage of MCMS, the consequences went beyond disruption to the work of DCD and its Ministerial clients to include lost productivity on the part of many program managers and staff who were required to redraft missing documents. Improved operational procedures have since been developed and tested to significantly reduce the impact of future outages of this nature.

the MCMS outage served to highlight the need for effective business continuity measures to better manage the risks associated with potential system failures and motivated an analysis in the context of this Study of the Departments' business continuity planning for major applications. the scope of the analysis included all major business applications that have been deployed to or are accessed by users outside of the sponsoring Bureau. Interviews were conducted both with SXD personnel to identify those applications and determine SXD's responsibilities with respect to their operations, and with managers or operational staff responsible for each of the identified applications.

the information collected included the nature and business function of each application; the types of data being managed; its user community; where primary and backup servers are located; operational issues such as frequency of backup, offsite storage of backup media, test results for restore procedures; and the nature and existence of formal business continuity plans. Based on the information collected, each application was categorized with respect to its business criticality from an overall departmental perspective and the residual business risks. the latter categorization was a judgement call based on a combination of the business consequences of loss of availability and the degree to which those consequences are mitigated by current business continuity plans, whether formal or informal.

Finding 44: SIGNET cannot meet departmental needs for acceptable guarantees of service availability in the absence of a formal business continuity plan and identified off-site recovery facilities.

Two systems stand out as being of very high business criticality: EPC's import and export permit processing systems and SIGNET itself. In the former case, the criticality stems from the potential economic disruptions that would result from any extended outages of those systems while the latter is due to the central role played by SIGNET in the operations of FAC, ITCan and the OGDs that are hosted at missions abroad. However, the actual business risk associated with EPC's systems is categorized as low because the risks are effectively mitigated through a formal business continuity plan and well-tested procedures for restoring service at an alternate site within an acceptable timeframe (a few hours). SIGNET, however, remains high risk due to the lack of a formal business continuity plan coupled with the lack of an identified alternate site.

COSMOS is mission critical to the consular program but was considered to be of high as opposed to very high criticality because missions can continue to deliver consular services to Canadians in the event of a COSMOS outage. the corporate applications managed by SMS are likewise rated as being of high criticality but the business risk to the Departments is low despite the lack of a formal business continuity plan due to the availability of "hot backup" servers at an alternate location and a proven ability to shift to that location within several hours.

Finding 45: the Designated Computing Centre (DCC) in the Pearson Building constitutes a single point of failure for both SIGNET and most departmental business applications.

SXD has taken steps to partially mitigate the previously very high risks associated with the concentration of all Canada-based SIGNET servers and associated networking equipment in the Designated Computing Centre (DCC) by leveraging cyclical replacement funding to ensure redundancy in critical elements and by dividing that equipment between two separate DCC computer rooms. Unfortunately, both are still located side by side in the basement of the Pearson Building and are therefore subject to a common risk of fire, explosion or flooding (a major water supply pipe runs over both). In the event of a catastrophic loss of equipment, the minimum time needed to restore SIGNET services would be tallied in weeks or months.

With the exception of EPC and SRD's PRIME-MPMP system, all major applications that were reviewed in the course of this Study utilize servers that are either currently located in the DCC or are in the process of relocating there. Most smaller applications (including the 285 developed and managed by SXE on behalf of numerous FAC and ITCan business units) are also hosted in the DCC. In general, this reduces the business risks associated with application outages because it ensures that they are all managed and backed up on a consistent and professional basis, as well as protected by effective physical security, air conditioning and emergency power. However, it also makes the DCC a single point of failure for both SIGNET and the vast majority of business applications.

three application owners (CNC, SMS and TCE) take advantage of the physical benefits of being located in the DCC but supply their own computer operations staff for all but backups, which are performed by SIGNET operations for all hosted systems except COSMOS. It is unclear whether or not business risks may be appreciably increased for these applications by virtue of non-standard operational procedures.

Top of page

4.4.2 Value for Money Considerations

Finding 46: FAC's per-user IM/IT costs are near the median of major federal departments and are likewise near the middle of the spectrum in terms of costs and functionality with respect to other comparable foreign ministries.

4.4.2.1 the Departmental Perspective

Value for money considerations were not a major issue in most focus groups and mission interviews. While a few HQ participants suggested that the funds being devoted to IT were out of balance with the resources available for core programs, the vast majority suggested ways that current resources might be applied to better effect but gave no indication that they felt those resources should be reduced in any substantive way.

4.4.2.2 Federal Government Comparisons

As reported in Section 3 above, TBS figures indicate that FAC's per-user IM/IT expenditures fall near the median of the 23 largest federal government departments and agencies. Given the costs inherent in its global operations, this does not suggest that current IM/IT expenditure levels are in any way out of line. It should also be noted that SXD's budget has remained essentially static over the past several years while its user population has climbed steadily.

4.4.2.3 International Comparisons

Since the core business of foreign and international trade ministries relates to advancing national interests vis-a-vis other nations, it was deemed useful to compare FAC's model for IM/IT service delivery with those of several "competitor" foreign and trade ministries. three of the foreign ministries that were selected for comparison purposes agreed to cooperate: Sweden, Australia, and the United Kingdom . Information was obtained directly from headquarters IT support units in all three cases and on-site visits were made to the Australian and UK High Commissions in Ottawa in order to better understand their approaches from a user perspective.

Sweden

Sweden has by far the leanest model for IM/IT service delivery, in keeping with a national government that is astonishingly lean by Canadian standards. With 300 headquarters employees in Stockholm and 600 (including LES) at 110 overseas missions, the foreign ministry is the largest single government department. It does not maintain its own IM/IT operations. Like all other departments, it is served by a single government-wide network run by the Office for Administrative Affairs that is based on Novell servers and Lotus Notes email. A centralized 25-person help desk provides 24/7 first- and second-tier support to both domestic and overseas users, supplemented by a 4-person third-tier technical team and a 20-person project management and planning organization. the very limited requirement for classified messaging is met by traditional encrypted telegrams.

the United Kingdom

the UK is at the other end of the spectrum with a very rich IM/IT service model. the Foreign and Commonwealth Office (FCO) maintains three separate networks (Unclassified, Restricted, Confidential) with each user connected to one of those networks with a single desktop PC. Most users work exclusively within a single tier so do not need multiple PCs. Where a user needs occasional access to a higher tier (e.g. Classified), one or more shared PCs are provided in a common area such as a reading room in the security zone. Interestingly, material at the Secret level and above material is not processed on any network. Rather, they have retained the traditional "telegram" system for those purposes. While the Confidential classification is falling into disuse in Canada because there is no real need to distinguish it from Secret under our system-high Secret approach, there is no incentive for over-classification under the UK approach since a Secret message would require using a different and more time-consuming procedure. the Confidential tier provides Internet access, albeit through a more tightly controlled gateway.

FCO provides 24/7 infrastructure and application support with up to 35 personnel on duty by day and approximately 12 by night. Overall, their central technical support group, including designers and a security team has grown from 45 to approximately 100 people since they partnered with Hewlett Packard. this tally excludes personnel at missions who are funded from mission budgets. Most of their missions have at least one local or UK-based technical support position per tier, and large missions like Washington and Paris may have 4 to 5 in total. With 240 missions, 90% of which have the Classified tier but many of which don't have all three, this suggests a total mission complement of on the order of 500-600 FTEs. their total user population abroad is about 13,000 people.

Australia

the Department of Foreign Affairs and Trade (DFAT) maintains two parallel networks, SATIN-low and SATIN-high which are equivalent to SIGNET 3 and SIGNET C4 in terms of their security accreditation. Both are based upon a common "thin client" platform with integrated messaging and applications that are provided through a Lotus Notes user interface. Considerable attention has been paid to templates, standardized distribution lists and common protocols for carrying out common business processes. While SATIN-high is generally more capable than SIGNET C4, the reverse is true for SATIN-low, which is much more of a closed and restrictive environment than SIGNET 3. While SATIN provides a number of features that could usefully be adapted by FAC, particularly the SATIN-high model for a classified network, most FAC users would consider SATIN-low to constitute a significant step downward in terms of functionality. For example, there is little or no support for the mobile worker.

the SATIN network is deployed to 105 sites in Australia and its overseas missions. there are approximately 5,000 SATIN-low users and 2,700 SATIN-high users, supported by approximately 87 FTEs. these include 14 FTEs devoted to 24-hour help desk support, 28 on-site technical and user support personnel (15 abroad and 13 at HQ), a 20-person software support team and 5 outsourced tertiary technical support and 20 FTEs devoted to long-term planning and development.

Analysis

Sweden does not provide an appropriate basis of comparison because its entire central government model is so different from that of Canada. However, it does provide a case in point of a foreign ministry that is adequately and economically serviced by a government-wide common service provider of IT and corporate administrative services.

SXD's 2005/06 Budget Plan indicates a total of 184 FTEs to support MITNET, SIGNET 3 and SIGNET C4. Hence FAC support model requires approximately one FTE per 74 users. this is far leaner than the UK's comparatively rich 17-20 users per support FTE and relatively close to Australia's even leaner ratio of 88.5 users per FTE. When adjusted for the fact that SIGNET 3 offers significantly more functionality than the Australian SATIN-low system, the Canadian and Australian support models are quite comparable. It is worth noting that both the British and Australian interviewees commented on the rising cost of IT services whereas SXD's budget has actually declined over the past several years.

4.4.3 Government-Wide Directions

Finding 47: the planned government-wide migration to a shared service delivery model for IT and corporate administrative services will, if it proceeds to completion, significantly impact the way IM/IT services are delivered in FAC and ITCan. As such, it carries both opportunities and risks that the Departments need to factor into their longer-term IM/IT planning.

Planning is now well advanced on a multi-year program for the modernization of Government of Canada internal service delivery activities, including financial, HR, material and IM/IT services. the Treasury Board Secretariat has established a 25-person Internal Services Modernization Program Office reporting to the GoC Chief Information Officer to coordinate the planned transformation. A major element of this process will be the government-wide consolidation of these functions following a shared services model. Transactional administrative services will be provided to all departments and agencies by a single corporate administrative shared services organization (CA-SSO) based on common business processes and information definitions. Likewise, standard desktop, data centre and corporate application services will be provided to all departments and agencies by a single IT shared services organization (IT-SSO).

the shared service model seeks to ensure long-term accountability and responsiveness through:

  1. fee-for-service arrangements based on Service Level Agreements (SLAs) that explicitly tie costs to service levels;
  2. open and transparent performance management frameworks (independent monitoring of actual performance against explicit standards and external benchmarks) with real consequences for the provider if commitments are not met; and
  3. a governance structure that provides clients with the ability to influence the terms and conditions of the provider CEO position, as well as the CEO performance appraisal.

An interview was conducted with the Internal Services Modernization Program Office at TBS, to explore the implications for FAC and ITCan IM/IT planning. there was stated to be no appetite for a "big bang" approach; rather, there will be successive "waves" of departments brought into the SSO over a 5 to 7 year time horizon. A particular department may be in one wave for IT and in other waves for other services. Wave 1 consists of twelve departments of varying sizes, including Citizenship and Immigration Canada but neither FAC nor ITCan.

From an IT perspective, the first two major targets are distributed computing (desktops and networking) and datacentres. TB Ministers have already approved funding for feasibility studies on the readiness of the Wave 1 departments. Preliminary Project Approval (PPA) for the Wave 1 implementation is expected in January 2006. the migration of datacentres is expected to lag distributed computing by about 12 months.

there are to be two levels of governance:

  1. a. Enterprise governance:
    1.  headed by the STAC, an invitation-only committee of DMs
    2. several ADM-level committees (IMB, Service Management Board, ASSC)
    3. an advisory panel - e.g. heads of Ontario and BC SSOs, private-sector CEOs
  2. Operational governance:
    1. a Management Investment Fund
    2. a Board of Directors (ADMs from client departments, who will perform pay-at-risk assessment of the SSO CEO

PWGSC's Information Technology Service Branch, which is transforming into an SSO, will offer multiple service "channels":

  • Waves - the planned progression noted above
  • Existing business lines
  • Opportunities
  • Business imperatives

It was suggested that, in an ideal world, all of government will ultimately be served by the SSO but that there was still the possibility of making a business case for exception status.

From a FAC perspective, the planned move to government-wide shared service delivery carries both opportunities and risks:

  • Government-wide datacentre consolidation could, if services were available quickly enough, provide a cost-effective way of addressing the longstanding business continuity vulnerability associated with hosting all SIGNET servers in the basement of the Pearson Building;
  • A standard, government-wide desktop would reduce the learning curve for OGD personnel stationed at missions abroad; and
  • As FAC is already operating as a shared service agency for overseas IM/IT and administrative services, it remains to be seen whether the migration to a government-wide service provider would be more or less cost-effective, and sufficiently flexible to accommodate the unique requirements of the overseas environment.

As the transfer of service delivery to a common government agency would be a form of outsourcing from a departmental perspective, industry best practices related to outsourcing would be applicable. For example, outsourcing initiatives tend to be far more successful for organizations that have already streamlined, rationalized and standardized their business processes.

Top of page

4.4.4 Passport Canada Issues

Passport Canada is a Special Operating Agency that reports to the Associate Deputy Minister of Foreign Affairs (DMA). It has no parliamentary appropriation, financing its operations entirely from a revolving fund that is supported by the fees it charges for passports and other travel documents. Given an operational environment and business needs that are very different from the rest of FAC, it has developed and maintains its own IM/IT infrastructure and services.

Passport Canada's IT infrastructure is based upon a wide area network that consists of its headquarters local area network and 30 remote, geographically dispersed Regional Office LANs. Major applications and services include IRIS (its mission-critical system for the secure processing of passport applications and production of passports), Passport On-line, its Human Resources Information Systems, the Foremost document management system and its office automation system that provides email and routine administrative support services.

there are two main systems connections with DFAIT: a dedicated link to the Department's IMS financial system and a high-bandwidth, two-way link for connection to SIGNET, including access to the consular COSMOS application. the latter link provides consular personnel in HQ and eventually at missions with access to the Electronic Service Request File for searching of the passport index database and will be used to convey mission-supplied data for the central printing of passports.

Finding 48: For Passport Canada, the only major outstanding IM/IT business needs related to FAC remain connectivity with the departmental Intranet and with SIGNET email.

Passport Canada's only major IM/IT concern with respect to FAC is the longstanding issue of access to the departmental Intranet, which currently requires the installation of dedicated SIGNET PCs. As an agency of the Department, they need access to FAC information, but not to specialized applications. Discussions on this issue were stated to have been going on since 2000 or 2001 but Passport Canada managers indicated that they had no single identified point of contact with SXD. they also lack a clear, complete list of the perceived obstacles to Intranet access that can be reviewed and addressed in an expeditious manner.

Under the status quo, SIGNET access is both expensive and onerous. Passport Canada must buy separate, dedicated SIGNET PCs and must maintain a separate wiring plant to provide SIGNET access. While they now have the ability to create SIGNET accounts, the cost and difficulty of providing the dedicated facilities severely restrict the number of personnel that they can afford to connect. Given that ability, it appears surprising that a remote access solution has not been considered and implemented. Passport Canada personnel that were interviewed in the course of this Study were unaware of the "Zero Footprint SIGNET" pilot project that would appear to meet their needs in a much easier and more cost-effective manner.

Email connectivity with FAC HQ and missions is a secondary issue. there is a general requirement for the exchange of Protected B messages, but this can only be done by the few staff with direct SIGNET access. Passport Canada uses GroupWise email rather than Microsoft Exchange but now have a viable X400 module that can be used for interface purposes. Hence, a gateway to a SIGNET Exchange server would seemingly provide a simple solution for this problem.

Section 5 - Conclusions and Recommendations

5.1 Major Conclusions

the above findings paint a clear picture of two departments, FAC and ITCan, that have spent the last 15 years building a stable information technology infrastructure which, with the notable exception of tools for classified processing, is now quite capable of meeting their business needs in a challenging global environment. Comparisons with other federal departments and other foreign ministries indicate that the Departments' IM/IT expenditures and support costs are in line with those of comparable organizations. FAC's per-user IM/IT costs are close to the median of the 23 largest federal government departments and agencies. Of the two comparable foreign ministries, Canada's per-user costs are far less than those of the UK and, when adjusted for similar functionality, are roughly similar to those of Australia.

that said, many IM/IT needs are still not being adequately met because of insufficient attention paid to the optimal application of that technology in support of the real business of the Departments. In a nutshell, there are relatively few identified needs for more technology but there are many outstanding needs for the existing technologies to be better applied. Participants in this Study cited example after example of practices that detract from their productivity and effectiveness. those practices are seldom the fault of the technologists; rather, they are symptomatic of the way that decisions are taken and resources are allocated. If the Departments are ever to adequately capitalize on their considerable technology investments, they must fundamentally change the way that they choose to acquire and apply technology. In a world in which the issues that matter are ever more complex, dynamic and interconnected, no organization can consistently act in a coherent manner without effective management of its information.

the two root causes of most of the unmet business needs identified in the course of this Study are the fragmentation of information and of the applications through which that information is captured, stored and processed, and the lack of common, well-understood protocols for the effective and productive use of IM/IT tools. Consequences include significantly reduced productivity and effectiveness at the individual employee, workgroup and enterprise levels.

In the longer term, departmental IM/IT planning will need to align with broader government-wide directions, including consolidation of key IT service delivery activities. While neither FAC nor ITCan are included in the first wave of departments and agencies to be brought into the government-wide IT shared services initiative, there are clear long-term impacts on the Departments' IM/IT planning. Early engagement with all relevant interdepartmental working groups and other governance bodies will therefore be important in order to be in a position to influence the process to the extent possible and to minimize the risk of making potentially unnecessary investments.

Top of page

Governance and Leadership

IT governance has been defined as "specifying the decision rights and accountability framework to encourage desirable behaviour in the use of IT". Effective IT governance must address the questions of what decisions must be made to ensure the effective management and use of IT, who should make those decisions and how those decisions should be made and monitored. Areas in which decisions need to be made include IT principles, IT architecture, IT infrastructure, business application needs and IT investment and prioritization. As simple technology solutions will not resolve many of the problems outlined in this report, there is a need to develop Departmental information management policies, involving consideration of how business is conducted in the Departments. Senior management need not and should not take all the decisions, but must ensure that they are being taken by the right people and that those individuals are held accountable for the results.

Existing FAC and ITCan IM/IT governance structures have consistently failed to engage senior management in the effective oversight of IM and IT activities. the longstanding fragmentation of applications and information stores that has been documented in this Study and the consequent impacts on productivity and effectiveness in the delivery of the Departments' core business processes all point to the lack of IM/IT governance mechanisms that are capable of aligning IM/IT decisions with enterprise goals and objectives. Hence the governance structure needs to be modified to make a clear distinction between strategic IM/IT decisions that must be elevated to the senior management level and operational decisions that can continue to be taken by consultative bodies such as the IMT Steering Committee.

Effective enterprise governance requires that senior management be willing to reallocate funds and adjudicate priorities as necessary in the broader interests of the Departments. the issue of a common contact management application provides a good example of this need as the cumulative development, maintenance and productivity costs of numerous fragmented solutions exceed that of a common department-wide approach.

While the Chief Information Officer function has been in place since 1997, the span of legitimate authority and leadership of successive CIOs has been largely restricted to their role as Directors General of SXD. In practice, CIOs have functioned more like Chief Technology Officers than true Chief Information Officers. this has resulted in a serious leadership gap with respect to the optimal use of IM/IT within the Departments. Effective leadership requires that the CIO function at the strategic rather than operational level, developing an overarching vision for information and technology in the two Departments, implementing that vision and, where necessary, standing up to and bringing into the fold other managers who may wish to embark on divergent paths.

Productiviy and Portfolio Management

this Study found that the Departments overinvest in applications and databases that are acquired, developed and deployed without adequate attention being paid to the underlying business processes that they are intended to facilitate, the information sources that they are to operate on, and their true life-cycle costs. Too often, new applications or redundant business processes are created because the data in existing departmental systems such as HRMS are perceived to be incomplete, out of date or inaccurate. From a departmental perspective, this represents a waste of resources that could be better applied to resolving the underlying problems, and incurs both long-term maintenance costs and productivity drains. Managers tend to focus on preconceived, quick-fix solutions rather than first examining their business processes and frequently neglect or underestimate life-cycle costs. Existing applications are not subject to periodic reviews to ensure their continuing relevance.

Business applications have been and continue to be deployed to departmental users without adequate consideration as to their impact on the overall productivity of either individual users or affected business units. Applications and information resources that are intended for broad distribution beyond the sponsoring organizational unit tend to be driven by that unit's budget, schedule and workload imperatives. the resulting costs to the Departments as a whole are seldom quantified. Hence, even where business cases are developed to justify proposed new applications or modifications to existing ones, they tend to ignore impacts (positive and negative, immediate and long term) on the users and business units that are expected to use those applications.

Productivity considerations include training time, user learning curves (the time needed to become proficient in a new or modified application, which is in turn influenced by the quality of the user interface, the degree to which it departs from existing departmental standard applications, and whether the typical user will access it frequently enough to become proficient), response time (the speed of the application, which may vary dramatically according to the bandwidth available at each site), its intrusiveness (does it interrupt the user's normal workflow), the degree to which it integrates or further fragments the user's information stores, and the degree to which it requires or eliminates redundant information capture (reentry of information that has already been captured in electronic form in another database or application).

High-performing enterprises are characterized by effective data and application architectures that simplify, standardize and improve accessibility to data; minimize redundancy; and control fragmentation. the Departments largely lack enterprise standards and architectures for applications and data. those few standards that do exist are not adequately enforced. this has resulted in a serious fragmentation of departmental data resources and a productivity-draining proliferation of different user interfaces. SXD's very modest architecture function has been allowed to lapse in recent years. Without such a function, there is no roadmap for integrating applications and information resources, or effectively leveraging them to meet broader departmental objectives.

While it is not feasible to fit all FAC and ITCan business applications into one mould, they can and should be grouped into a small number of portfolios that are aligned with major business functions (e.g. trade, political, administrative). All applications and data resources within a portfolio should then be managed in a coherent manner to minimize long-term cost and maximize overall user productivity and program effectiveness. Over time, non-standard and less effective applications can be integrated, migrated and eventually decommissioned. Effective portfolio management will require that all IM/IT initiatives be based on CIO-vetted business cases that explicitly address productivity and portfolio planning considerations; that accountable "owners" be identified for all corporate data elements; and that comprehensive departmental application and data inventories, architectures and standards be developed and maintained. It will also require close collaboration between the CIO and an identified portfolio leader from each major business function.

New business applications and substantial upgrades to existing applications should not be deployed before they are verifiably ready, since incomplete, unstable and inadequately supported applications constitute severe and unnecessary drains on user productivity. Independent validation of readiness for deployment is an essential check to protect users from the pressures that have historically resulted in applications being prematurely deployed. Technical factors that need to be considered when determining readiness for deployment include the stability of the application, its consistency with applicable standards, its ease of use, and the degree to which it actually provides the functionality that was promised in the business case that led to its approval.

Other essential prerequisites to the deployment of new business applications include effective communications, training and change management plans, as well as the timing of the proposed deployment vis-a-vis other departmental priorities and pressures. Change management becomes increasingly critical the more that proposed applications impact the day-to-day work of the typical user and organizational unit. High-impact deployments require in-depth consultation with the management of each affected organization unit. the recent problematic InfoBank deployment provides both a prime example of such an application and valuable lessons learned that should be incorporated into departmental change management standards.

Careful attention is required to identify serious productivity drains among the Departments' existing applications and information resources, especially those that have been identified as being implicated in user information overload. this Study has identified a variety of business applications and information resources which, in the way that they are currently deployed and used, exact a heavy cumulative cost in the overall productivity and effectiveness of the Departments. Some such areas lend themselves to low-cost solutions and represent a better potential return on investment than virtually any conceivable new technology-related initiative. Email is the most promising target for achieving major productivity gains due to the huge amount of time that SIGNET users spend using the system, the lack of commonly accepted protocols for its effective use and the availability of relatively low cost strategies for reducing unnecessary burdens on those users. More effective search tools are also needed, both for the departmental Intranet and to provide employees with a unified means of accessing their personal information stores.

Responding to the International Policy Statement

An effective departmental-standard contact management application is needed to stem the longstanding drain on departmental productivity caused by multiple incompatible applications while supporting the achievement of many of the International Policy Statement priorities and initiatives.

the Departments lack a consistent strategy and supporting policies to support an increasingly mobile population of employees who are often more effective and productive when travelling and working outside of their normal workplaces. For most practical purposes, the mobility tool of choice is currently the BlackBerry. the strategy should include a firm target for resolving the restriction on opening attachments, which tends to encourage users to resort to even less secure workarounds to meet this fundamental business need of the travelling officer. It should also address access to departmental applications, comprehensive user support, information on service availability worldwide, and management controls to "lock down" these devices and prevent access to their data when they are lost. the strategy should deal with laptops as alternatives to desktop SIGNET PCs for some employees, the provision of mobility tools to locally engaged officers, and support issues.

Other IPS-related needs include more effective human resource business processes and automated tools to enable a more agile foreign service that can quickly respond to new challenges and emerging situations anywhere in the world; collaborative tools; and a departmental standard for workflow applications to facilitate the streamlining of transactional business process and to ensure that workflow applications are both interoperable and consistent in their user interfaces. FAC also needs to improve its ability to communicate with Canadians who are at risk from crises occurring around the world.

Top of page

Business Continuity Risks

Almost all HQ business application servers are now consolidated in the SIGNET Designated Computing Centre (DCC) and most are professionally managed by SIGNET support staff. While this has significantly reduced business continuity risks at the level of individual applications, the Departments are seriously exposed to any event that could damage the two adjacent basement rooms that constitute the DCC. Offsite recovery facilities are essential to the Departments' ability to restore mission-critical services within an acceptable timeframe after such an event, as required by the Government Security Policy. An alternate location within the National Capital Region connected to the Pearson Building with high-speed fibre optic links would provide a cost-effective solution in the sense of enabling existing servers and related equipment to be divided into two nearly identical live sites, thereby avoiding the expense of purchasing and maintaining duplicate servers and related equipment that might otherwise never be used. Given the impending government-wide consolidation of datacentre services, hosting at an existing PWGSC datacentre should also be considered.

5.2 Major Recommendations

the following are strategic recommendations for senior management attention:

Recommendation 1: Senior management should assume a more central role in IM/IT governance, including ongoing oversight of major IM/IT investments and approval of all business application initiatives that imply a total life-cycle investment of more than $100,000 or are to be used by more than 100 users outside of the sponsoring bureau. this role could be performed by Management Committee or by an ADM-chaired IM/IT subcommittee.

Recommendation 2: the CIO should perform a more strategic leadership role, including clear authority to ensure that all business application and database initiatives conform to departmental standards and architectures.

Recommendation 3: Business applications and databases should be managed on a portfolio basis under CIO leadership with the goal of rationalizing each portfolio to optimize data quality, effectiveness and user productivity.

Recommendation 4: All business applications should undergo independent usability testing prior to being deployed outside of the sponsoring unit to validate their readiness, consistency with the business case that led to their approval and compliance with all applicable standards. A designated authority who represents mission and program interests should participate in the sign-off, which should also be contingent on an adequate change management strategy.

Recommendation 5: A dedicated task force should be struck to develop policies and strategies for addressing the information management issues identified in this Study, including the alleviation of information overload. those strategies should address ways to enable InfoBank to fully realize its original objectives and should include explicit measures to achieve a 10% improvement in email productivity for each of the next three fiscal years.

Recommendation 6: the CIO should propose IM/IT strategies to senior management that address the key capabilities identified as being necessary for the Departments to effectively respond to the Government's IPS priorities and initiatives. these should include mobility tools and services; more effective and responsive human resource business processes; tools to facilitate collaborative work processes; and departmental standards for contact management, project management and workflow.

Recommendation 7: Senior management should require, approve and fund a formal business continuity plan that identifies mission-critical IM/IT services and sets achievable timeframes for their resumption. Such a plan will require an alternate site for SIGNET and application servers.

5.3 Recommended Next Steps

Many of the above findings and conclusions set out in this report echo those of previous studies whose recommendations were never actioned. Senior management should therefore direct that the CIO, in consultation with major business application owners, develop a comprehensive three-year action plan to systematically address the recommendations made in this Study.

Top of page

Section 6 - CIO Response to the Recommendations

Introduction

the following are the responses of the Chief Information Officer (CIO) to the eight recommendations of the Information Management / Information Technology Needs Analysis Study, as requested by ZID-1310 of 21 November 2005.


Recommendation 1: Senior management should assume a more central role in IM/IT governance, including ongoing oversight of major IM/IT investments and approval of all business application initiatives that imply a total life-cycle investment of more than $100,000 or are to be used by more than 100 users outside of the sponsoring bureau. this role could be performed by Management Committee or by an ADM-chaired IM/IT subcommittee.

Response to ZIE

We agree that senior management should assume a more central role in the governance of information management and information technology (IM/IT). To support that role, the Departments' Chief Information Officer (CIO) should become a member of FAC Management Committee and a regular invitee to the ITCan IM/IT Advisory Committee.

FAC and ITCan investments in IM/IT respond to drivers originating from many different sources, including the Government of Canada's foreign policy platform, departmental priorities such as new forms of representation abroad or integrity of human resources information, the priorities of partner agencies (such as the Global Case Management System of Citizenship and Immigration Canada), and Treasury Board policies and initiatives, notably Common Administrative Services (CAS), Pro-active Disclosure and Management of Information Technology Security (MITS).

In the 21st century, IM/IT is central to departmental operations and program delivery, and now consumes approximately 7% of the Departments' budget. Enterprise-wide management of IM/IT is critical to balancing growth in demand for IM/IT goods and services with the cost of supply. To manage IM/IT on an enterprise basis, senior management must:

  • set strategic directions for IM/IT investment;
  • set enterprise-wide standards for IM/IT services through decisions on:
    • overall IM/IT expenditure across the Departments;
    • affordable levels of service and reliability for common infrastructure and services;
    • appropriate trade-offs between security and functionality;
  • assign leadership and accountability for major IM/IT projects;
  • exercise oversight of alignment and project implementation, particularly to ensure that promised business benefits are realized.

To accomplish this, senior management must establish:

  • an effective governance structure;
  • an "evergreen" Information Management Strategic Plan (IMSP); and
  • executive accountability, control and tracking of IM/IT priority investments.

As a member of FAC Management Committee, the CIO will:

  • be accountable for the implementation and operation of the approved IM/IT governance structure;
  • establish, in cooperation with the Strategic Management and Resource Coordination Bureau (DSD), an IM/IT planning and reporting framework;
  • bring IM/IT issues forward for resolution/decision;
  • establish IM/IT technology and project standards;
  • oversee the negotiation of IM/IT service levels among the Departments, business units, and technology suppliers.

We agree that FAC Management Committee must expand the existing Policy on Approvals Process for Proposed IM/IT Projects to cover all IM/IT investments in FAC, revise the thresholds for review (including considering the recommendation to lower the threshold for direct approval by senior management to $100,000), and assign authority to enforce decisions.

the investment control process is part of governance, and therefore managed by the CIO. Investment controls driven by objectives set by senior management will ensure that IM/IT investments across the Departments will align with both departmental and local (business line and mission) priorities. Success and reporting will reinforce senior management's understanding of IM/IT and ability to set and achieve priorities for its use.

the CIO has begun work in these directions, notably:

  • Encouraging greater discussion of strategic IM/IT issues among senior management.
  • Mandating the Major Application Owners Group (MAOG) to pursue strategic objectives such as greater coherence and integration of applications and data, and proposing a "CIO Fund" to encourage alignment with this objective.
  • Creating and supporting new governance bodies such as the InfoBank Management Board, Bandwidth Review Committee and Intranet Advisory Committee to expand consultation with clients of common IM/IT services.

In order achieve success under Recommendation 1, senior management will need to:

  • engage with IM/IT as a critical business issue;
  • set strategic directions and standards;
  • review and approve major IM/IT projects;
  • exercise ongoing oversight of major initiatives;
  • allocate appropriate authority to the CIO to enforce decisions reached through the governance process; and
  • communicate the CIO's role and authority across the Departments.

Recommendation 2: the CIO should perform a more strategic leadership role, including clear authority to ensure that all business application and database initiatives conform to departmental standards and architectures.

Response to ZIE

We agree that the Chief Information Officer (CIO) should perform a strategic leadership role for IM/IT. As a strategic leader, the CIO will:

  • promote an enterprise-wide view of information management and information technology (IM/IT), both for the Departments and for common services to support the operations of the Government of Canada abroad
  • interpret business priorities in terms of IM/IT investments, and
  • promote and enforce standards and architectures that ensure IM/IT cost containment while helping program managers meet business line needs.

To fulfill the governance mandate outlined in the response to Recommendation 1, the CIO must develop credibility with both business and IM/IT managers, with a specific goal of reducing the isolation between business and IM/IT at a departmental level, and between business-line and mission IM/IT managers and the Information Management and Technology Bureau (SXD). this means redefining the CIO as a departmental figure bringing solid information on IM/IT to the analysis of business issues, rather than primarily the manager of common IM/IT operations.

As a first step, the CIO should be made a member of FAC Management Committee, as recommended by the Needs Analysis, to assist senior management in fulfilling its role of setting strategic directions for IM/IT. With this additional authority, the CIO will build on the work already underway, as outlined below, to promote the enterprise view and achieve senior management directions.

  • the CIO has played a leadership role in the Government Online initiative and, as a way of sustaining the initiative, has established a partnership with the FAC and ITCan Communications Bureau (BCD). the partnership has resulted in the conception and launch of the Departmental Internet Review (DIR), an initiative that has drawn together business lines in FAC as well as ITCan, Citizenship and Immigration Canada (CIC) and the Canadian International Development Agency (CIDA) to develop a coherent Internet Government of Canada presence abroad
  • the CIO has highlighted the desirability of enterprise-wide directions and standards in presentations to FAC Management Committee, encouraged the Major Application Owners' Group (MAOG) to work collaboratively towards greater coherence among applications, and proposed the "CIO Fund".
  • the CIO has used new competencies in business analysis within SXD to support business areas in FAC and ITCan in reviewing and redesigning business processes around human resources, project management and knowledge management.
  • the CIO is undertaking initiatives to build the Departments' IM/IT workforce in line with Public Service Modernization, through an integrated human resources plan for the CS, LS, SI and locally-engaged IT professional (LEITP) communities. the plan will favour greater employee mobility among SXD and FAC/ITCan business lines, and in turn support the growth of an enterprise view among IM/IT staff.
  • the CIO has initiated the development of a performance framework to provide senior management with a standard enterprise-wide view of IM/IT activities, using categories and measures relevant to business decisions. this is linked to the definition of standard IM/IT activities within the Departments' current Activity-based Costing (ABC) exercise. the ABC exercise will enable programs to identify the cost of the IM/IT services they consume.

In setting objectives and priorities related to business directions and issues, senior management will also need to expand the CIO's authority to cover the management and enforcement of standards related not only to specific technologies, but also to information, application design, and business processes. To expand current initiatives and support leadership activities, the CIO will need to expand current expertise and operational capacity in the areas of governance, policy, architecture and marketing.

Industry best practices acknowledge the evolution of the CIO role away from operations towards strategic leadership. Increasingly, day-to-day operations are placed under the oversight of a dedicated Chief Technical Officer (CTO) so that the CIO can focus on developing the business value of IM/IT, aligning IM/IT with business strategy, and responding to organizational priorities and expectations. the value of such a split of roles may become more apparent as the Departments must respond to the Government's vision of shared IM/IT services.


Recommendation 3: Business applications and databases should be managed on a portfolio basis under CIO leadership with the goal of rationalizing each portfolio to optimize data quality, effectiveness and user productivity.

Top of page

Response to ZIE

We agree that portfolio management of applications across the enterprise (recognizing that the "enterprise" might be FAC or ITCan, or a group of partner departments, or the Government of Canada) is an objective that will yield benefits in data quality, effectiveness and user productivity.

Business applications are now as much a concern as infrastructure in managing IM/IT. Business-line managers own and are accountable for applications and their success. Portfolio management sets an enterprise context of preferred directions and standards. through control over portfolios and their directions, senior management can proactively influence application development across the Departments while protecting the accountability of individual application owners.

through his strategic leadership role, the Chief Information Officer (CIO) will develop the support functions required for portfolio management, and engage senior managers and application owners in defining applications and setting strategic directions and standards (see discussion above under Recommendation 2). through initiatives such as the CIO Fund and the Project Management Centre of Excellence, the CIO will encourage application owners to agree and follow directions and standards.

However, the full benefit of portfolio management requires that senior management approve the portfolios, set directions and priorities within and among portfolios, and delegate authority to approve initiatives and allocate or reallocate funds among business lines, based on these priorities. Because of the effect on the traditional autonomy of business lines, a transparent governance structure, one that links decisions at every level to authorities and decisions of senior management, is a basic requirement.

the CIO will work with application owners to design and manage a portfolio management framework appropriate to the Departments, integrated with business and financial planning and IM/IT governance. Senior management will be asked to approve and fund the approach, as there will be significant resource implications. However, with a portfolio management process in place, senior management will have an effective tool to draw greater value from investments in new applications, and ensure that they improve the effectiveness and efficiency of business operations.


Recommendation 4: All business applications should undergo independent usability testing prior to being deployed outside of the sponsoring unit to validate their readiness, consistency with the business case that led to their approval and compliance with all applicable standards. A designated authority who represents mission and program interests should participate in the sign-off, which should also be contingent on an adequate change management strategy.

Response to ZIE

We agree that project management practice in the Departments should recognize the importance of usability testing and change management in the success of business applications, and incorporate a final independent review before deployment. Project review should also be incorporated into the governance framework, as part of investment control (as discussed under Recommendation 1) or portfolio management (as discussed under Recommendation 3).

the Chief Information Officer (CIO) will revise the current recommended departmental system development life-cycle (SDLC) and project management standards to incorporate a usability plan, to urge program managers to consider impacts outside their immediate program, to incorporate change management as a requirement, and demand an independent review before deployment. As recommended in the Inspector General's 2004 Audit of Information Technology Project Management, the CIO is creating a Project Management Centre of Excellence to provide program business and IM/IT managers with an independent source of advice, support, and review.

Many factors influence the usability of an application: its fit with business procedures and functional requirements, interface and navigation design, performance, integration, training, ongoing support and release management. therefore steps to validate usability and to mitigate usability risks must be integrated early and throughout the application development and maintenance process. Usability is best managed as part of the overall project management framework.

the departmental SDLC and project management frameworks are currently mandatory within the Information Management and Technology Bureau (SXD), and recommended for use by other units. the CIO promotes the value of these standards to senior program managers and encourages them to demand that their staff use them. However, real success in achieving this objective will require:

  • senior management to approve a project review process as part of the IM/IT governance structure (either through investment controls or portfolio management) and to delegate the appropriate authority through the governance structure
  • senior management to set enterprise-wide priorities and objectives for applications and for business operations to provide a context for reviewing and approving individual projects
  • senior management to require executive accountability for the success of applications
  • the CIO to establish enforceable architectures and standards for applications, information, business operations and usability through the governance structure.

Recommendation 5: A dedicated task force should be struck to develop policies and strategies for addressing the information management issues identified in this Study, including the alleviation of information overload. those strategies should address ways to enable InfoBank to fully realize its original objectives and should include explicit measures to achieve a 10% improvement in email productivity for each of the next three fiscal years.

Response to ZIE

the Associate Deputy-Minister (DMA) has introduced to FAC Management Committee and Executive Committee an initiative to focus departmental attention on Corporate Memory. the task force is specifically examining the factors contributing to information overload and corporate memory and articulating the desired outcomes for the Department. As such, it is well-placed to initiate the development of policies and strategies to address information management issues in the study.

Sustained business-line engagement is crucial to improving information management (IM) in the Departments. Resolving concerns about information overload, email productivity and corporate memory requires agreement on how business units and the Departments want to work, and what are considered desirable outcomes. Further, IM issues cannot be resolved solely or mainly through technology solutions; rather, business commitments, incentives, and processes must also play a major role in driving behavioural change.

therefore, the task force must engage business lines in thinking of IM as a business issue rather than as a series of discrete "problems" such as information overload and email productivity. the task force must:

  • propose IM strategies that can be integrated by senior management with other IM/IT strategic directions;
  • identify objectives for improved information management, how they will be measured, and set targets (e.g. the proposed "10% improvement in email productivity over three years");
  • propose a mechanism for sustained business-line engagement (e.g. an ongoing IM committee within the governance framework); and

the CIO is a key collaborator with the task force. With the authority supplied by senior management, the CIO will assume accountability for the ongoing maintenance and application of IM-related strategies, policies and services.

IM is a business-line responsibility, but the CIO, through the Information Management and Technology Bureau (SXD) is responsible for the delivery of IM support services. As part of the new deployment strategy for InfoBank, the CIO is strengthening SXD capabilities in business analysis. Business analysts now work with programs to analyse local IM practices, and to create information architectures that meet program needs. this approach is practical recognition that meeting the IM challenge requires business lines to adjust their IM work processes and "own" their IM plan.

three other initiatives to address IM problems are currently underway.

  • the CIO has established the InfoBank Management Board as an element of the IM/IT governance framework. the membership, drawn from headquarters and missions, has already begun advising on functional changes, implementation approaches, user issues, and policy and practices related to InfoBank. the CIO will work with the Board to ensure InfoBank contributes to its original objective - the improvement of information management in FAC and ITCan.
  • In the development of the new classified system (SIGNET C5, see recommendation 7 below) the CIO and the Departmental Security Officer (DSO) have emphasized that improvements in IM practice are as important as the introduction of new technology. A process of focus groups and user surveys is identifying common IM tasks where new practices or supporting tools would bring the greatest benefit in productivity.
  • the CIO will work with the Canadian Foreign Service Institute (CFSI) to promote existing training courses on good email practice to workgroups and missions, and to promote sharing of best practices among business units.

Recommendation 6: the CIO should propose IM/IT strategies to senior management that address the key capabilities identified as being necessary for the Departments to effectively respond to the Government's IPS priorities and initiatives. these should include mobility tools and services; more effective and responsive human resource business processes; tools to facilitate collaborative work processes; and departmental standards for contact management, project management and workflow.

Top of page

Response to ZIE

We agree that senior management must approve strategies to address key capabilities driven by the International Policy Statement (IPS) and other policy, operational and technology drivers. the Chief Information Officer (CIO) will develop an IM/IT planning framework, integrated with the FAC/ITCan strategic business planning process, to maintain an "evergreen" Information Management Strategic Plan (IMSP). the framework will support senior management in discussing strategic directions and deciding on priorities. Decisions can then be communicated and tracked through the new governance structure.

the planning framework is an example of the new strategic leadership role of the CIO, because it is designed to support agreement on enterprise-wide directions that are focussed on business but informed by IM/IT.

the four "key capabilities" identified by the Needs Analysis are obvious starting points for strategic planning for the immediate future. they also provide a further example of the changing role of the CIO. At present, the Information Management and Technology Bureau (SXD) is investigating promising technologies that could open new opportunities in these areas.

  • Mobility tools and services - SXD is piloting "SIGNET Web", wireless access to SIGNET, and BlackBerry attachments which will substantially contribute to employee mobility and productivity.
  • More effective and responsive human resource business processes - the CIO is partnering with the Corporate Finance, Planning and Systems Bureau (SMD) and the Assistant Deputy-Minister for Human Resources to review and improve the HRMS application. the CIO is also collaborating with SMD and HCM to improve the governance of Departmental corporate applications.
  • Tools to facilitate collaborative work processes - the revised approach to InfoBank roll-out includes the creation of an "information map" for each business unit to help manage and share information. there is also a pilot implementation of collaborative software (communities of practice) to support improved knowledge sharing.
  • Departmental standards for software for contact management, project management and workflow - SXD has tested and certified a limited number of software packages for these functions; funding levels and ownership must be determined.

As part of a strategic leadership role, the CIO will develop proposals to integrate these technological developments into a more coherent strategy that will ensure that they deliver expected benefits to business lines, and align with departmental business priorities.

With these proposals and the planning framework, senior management will have the necessary information in a business context to evaluate the value of each initiative and determine its relative priority. this type of decision is essential to effective enterprise governance and management of IM/IT.


Recommendation 7: Senior management should require, approve and fund a formal business continuity plan that identifies mission-critical IM/IT services and sets achievable timeframes for their resumption. Such a plan will require an alternate site for SIGNET and application servers.

Response to ZIE

We agree with the importance assigned to business continuity planning.

Senior management must complete their current review of business continuity planning, assign a senior business manager oversight and accountability for business continuity planning, and fund the development and implementation of a formal business continuity plan for the Departments, one that is integrated with the Departments' risk management program. the plan will identify critical business processes, acceptable timeframes and levels of service, and how these will be maintained during a crisis or disaster, and the required funding.

Within business continuity planning, disaster recovery planning ensures that the required IM/IT services can be sustained. the Chief Information Officer (CIO) will manage disaster recovery, and is developing a disaster recovery plan. Major elements of the plan include:

  • creation of a second SIGNET data centre;
  • extension of the current emergency IT services plan to support disaster recovery; and
  • working with the Departmental Security Officer (DSO) to determine the optimal level and location of IM/IT support personnel abroad, based on security and business resumption considerations.

Critical issues for success include completion of the business continuity plan, engagement of business line managers in its design and operation, ranking by senior management of business continuity planning against other business and IM/IT priorities, and funding, as there are major resource implications for both business and IM/IT operations.

Office of the Inspector General

* If you require a plug-in or a third-party software to view this file, please visit the alternative formats section of our help page.

Footer

Date Modified:
2012-10-09