COMMERCIAL-IN-CONFIDENCE
Party and Electoral Funding Database
Project - Review of Progress with
Recommendations
Actica/PB325D002-1.0
11 February 2011
COMMERCIAL-IN-CONFIDENCE
COMMERCIAL-IN-CONFIDENCE
List of Contents
1
Introduction
3
1.1
Overview
3
1.2
Approach
3
2
Review of progress with recommendations
5
2.1
Overview
5
2.2
Status of original recommendations
5
2.3
Project status
5
2.4
Comments on current project status
6
A
Review of progress with recommendations
7
Actica/PB325D002-1.0
COMMERCIAL-IN-CONFIDENCE
Page 1
COMMERCIAL-IN-CONFIDENCE
INTENTIONALLY BLANK
Page 2
COMMERCIAL-IN-CONFIDENCE
Actica/PB325D002-1.0
COMMERCIAL-IN-CONFIDENCE
1
Introduction
1.1
Overview
1.1.1
This document has been prepared by Actica Consulting Ltd at the request of the Electoral
Commission (EC) following Actica’s assurance review of the Party and Election Funding
Online (PEF) project carried out in November 2010. The assurance review highlighted a
number of recommendations requiring action; this document reviews the EC responses to the
recommendations and progress on their implementation.
1.2
Approach
1.2.1
Actica carried out a short follow up review in the week commencing 7 February 2011. The
updated project documentation was reviewed and a detailed analysis of the responses to all
recommendations was carried out with the PEF Project Manager on 9 February 2011.
1.2.2
The documentation on which our findings are based is as follows:
a.
Summary of recommendations from Gateway Review, with EC comments;
b.
PEF On-line Implementation Overview (V2);
c.
Rollout and implementation plan v2 (with progress recorded to date of review);
d.
PEF Online Benefits Realisation Plan – v1.6.
Actica/PB325D002-1.0
COMMERCIAL-IN-CONFIDENCE
Page 3
COMMERCIAL-IN-CONFIDENCE
INTENTIONALLY BLANK
Page 4
COMMERCIAL-IN-CONFIDENCE
Actica/PB325D002-1.0
COMMERCIAL-IN-CONFIDENCE
2
Review of progress with recommendations
2.1
Overview
2.1.1
Overall the PEF project have responded positively to all the recommendations made in the
readiness for service assurance review and are now in a good position to progress to successful
implementation. The project now has a clear, credible plan for phased go-live in March and
May 2011, with accountabilities for key tasks assigned to appropriate owners within the project,
its suppliers and the wider EC business areas impacted. Successful completion of these tasks
will require continued focus from senior management and all concerned with the project. This
focus must be maintained, not only the run up to the imminent internal go-live on 10 March and
the e-filing live on 19 May, but through into the initial live period, when political parties begin
to use the PEF Online service.
2.1.2
We are satisfied that the Project Manager and Board are closely managing progress, and there
are appropriate review processes in place to rapidly identify and respond to likely issues in a
timely manner.
2.2
Status of original recommendations
2.2.1
We have reviewed the extent to which the responses and actions taken by the project have
addressed the recommendations made in the original report. The responses appear well founded
and address the issues underlying the recommendations. There has been good progress in
moving forward the identified actions, although in some instances we noted that deliverables
still require management sign-off and tasks require to be completed once the interim resource is
in place from 1 March. These areas still require continued management focus to drive the
project to successful implementation
2.2.2
The Commission response to each of the recommendations in the assurance review, our
comments based on our analysis, and a revised status are shown in the table in Appendix A.
2.3
Project status
2.3.1
The definitions of project status used in OGC Gateway Reviews are as follows:
•
Red: To achieve success the project should take action immediately.
•
Amber: The project should go forward with actions on recommendations to be carried out
before further key decisions are taken that affect the potential success of the project.
•
Green: The project is on target to succeed but may benefit from the uptake of
recommendations.
2.3.2
On the basis of this update, the current status of all recommendations, and the project overall, is
considered to be Green: The project is on target to succeed, but may benefit from the uptake of
recommendations.
2.3.3
Given continued management focus, and successfully meeting the two remaining milestones
noted below, the 10 March initial internal go-live is on track.
Actica/PB325D002-1.0
COMMERCIAL-IN-CONFIDENCE
Page 5
COMMERCIAL-IN-CONFIDENCE
2.4
Comments on current project status
Initial internal release
2.4.1
We noted that there are two key milestone deliverables which need to be met successfully
before the go-live date for this release. In discussion with the Project Manager we are content
that both these deliveries are being actively managed and contingency plans are in place which,
should issues occur, will enable EC to take actions to hold to the current planned date.
2.4.2
The two milestones are:
2.4.3
Successful completion of data load: The final testing of the loading of three entities remains to
be completed. Of these, two are not critical (Loans and Emblems) and could be deferred.
Testing of the third entity (Addresses) is a focus for the team and the Project Manager is
confident of successful completion.
2.4.4
Final acceptance testing of software release for go live: Triad are due to deliver an updated
version of the software, resolving issues found in testing, on 11 February. Acceptance should be
limited to re-testing of the recorded issues and is due for completion by 17 February.
e-filing release
2.4.5
The proposed plan for go-live for this functionality in May appears achievable, but will be
dependent on successfully managing transition when the current Project Manager leaves the EC
at the end of March.
2.4.6
It will be important that the project team continues to hold to the agreed content of the software
release planned for this implementation. Any demands to add further, non-critical, changes
should be resisted.
Ongoing operations
2.4.7
The project has re-analysed the expected number of concurrent users of the query functionality.
Their view is that concurrency will not exceed the 100 user level at which performance begins
to degrade. Contingency arrangements have been discussed should numbers exceed this level
and options have been identified to respond, including:
a.
Changes to the “busy screen” implementation;
b.
Adding processors to the current servers;
c.
Mirroring servers.
2.4.8
The approach to post-implementation change control and releases has been set out, but the final
detail will be the responsibility of the new post holders/interim resource.
2.4.9
The detail of the phasing of the sign up of political parties to the new system of online filing
will need to be further developed. It is critical to successful take-on to manage the number of
new users per period to a level which can be effectively administered and supported by
available EC resource.
Page 6
COMMERCIAL-IN-CONFIDENCE
Actica/PB325D002-1.0
COMMERCIAL-IN-CONFIDENCE
A
Review of progress with recommendations
A.1
The recommendation status is defined as follows:
a.
Red – Take action immediately;
b.
Amber – Take action before further key decisions are taken; and
c.
Green – Take action as required.
Ref.
Recommendation
Original
EC Comments
Actica Review
Current
No.
Status
Status
1
Project Board and SRO review and Amber
Agreed.
Revised Benefits Realisation Plan is
Green
update benefits realisation plan and
comprehensive and appropriate. Each
allocate
specific
management
The project board discussed this on 21st benefit has an allocated owner for delivery.
responsibility for the delivery of each
January. A number of new benefits were
benefit. (Amber)
identified and management responsibility Document must now be signed off by
allocated to appropriate individuals. The Project Board and owners held to account
update of the benefits realisation document for benefit delivery through ongoing
will be completed by 11th February.
monitoring.
2
Use the updated benefits realisation Amber
Agreed.
Current phased delivery plan is consistent
Green
plan
to
drive
prioritisation
and
with benefits realisation approach.
implementation
planning
decisions.
The phased approach to benefits realisation
(Amber)
has been adopted as the fundamental driver Focus now should be on benefit ownership
and already included in our implementation and tracking to assess and control change
planning.
requests and other post-implementation
activities.
Actica/PB325D002-1.0
COMMERCIAL-IN-CONFIDENCE
Page 7
COMMERCIAL-IN-CONFIDENCE
Ref.
Recommendation
Original
EC Comments
Actica Review
Current
No.
Status
Status
3
All EC business areas involved in Red
Agreed.
Plan covers all work areas and is at suitable
Green
project implementation and operation
level to manage project to completion.
should produce detailed timetables and
There is a project plan in place which
resource plans for implementation
identifies the key work-streams and events Critical that all responsible parties work to
activities. The Project Manager should
for implementation. The plan includes the plan and deal with issues as they arise.
ensure all such internal stakeholders are
resources, timescales, and a means of
kept informed of progress on system
monitoring progress against them.
Communications activities are low key,
completion and remain prepared to
assuming a “soft launch” rather than major
proceed with their planned activities as
Arrangements are in place to update the publicity activities.
soon as final testing is completed. (Red)
project board on progress twice weekly.
We have identified the various work
processes affected by PEF Online and
addendums written to the relevant QMS
procedures. This will document the new
processes and act as an interim measure
prior to a comprehensive overhaul of the
QMS post launch.
Comms have been identified as a key
stakeholder and have been assigned actions
in the implementation plan regarding the
availability of the public search.
Progress against the implementation plan will
be provided to the Executive Team on a
weekly basis. All other internal stakeholders
have received daily updates on testing results
and as noted there are twice weekly updates
to project board members.
Page 8
COMMERCIAL-IN-CONFIDENCE
Actica/PB325D002-1.0
COMMERCIAL-IN-CONFIDENCE
Ref.
Recommendation
Original
EC Comments
Actica Review
Current
No.
Status
Status
4
For future projects consider using Green
Noted – to be raised with CPB / ET and For action post-implementation.
Green
professional testing resources to design
incorporated into Lessons section of project
and implement test processes and
closure report
scripts. (Green)
5
The SRO and project board should now Red
Agreed (See also 9a)
Firm definition of changes required for two
Green
give strong direction on the handling of
fixed “go live” releases have been agreed.
testing issues, and in particular monitor
This has now been completed and a review of
whether fixes or changes are critical
issues is included in the project board Criteria for go live are appropriate - defined
and must be implemented prior to going
meetings
for each phased implementation as “no
live with a particular function or group
critical or major issues”. (Issues affecting
of users. (Red)
large volumes of users or preventing a key
statutory process from being completed)
6
A clear release plan and schedule Amber
Agreed (see 5)
Changes required for each phase have been
Green
should
be
agreed
through
to
packaged into a single release for each
implementation and responses to issues
implementation, with appropriate allowance
from all testing allocated to a release
for responses to test failures to be delivered
and tested in a controlled manner.
and retested.
(Amber)
Final re-testing of fixes to 1st release to be
completed in next week.
Actica/PB325D002-1.0
COMMERCIAL-IN-CONFIDENCE
Page 9
COMMERCIAL-IN-CONFIDENCE
Ref.
Recommendation
Original
EC Comments
Actica Review
Current
No.
Status
Status
7
Consider implementing the database Green
Noted
Project’s re-analysis of potential usage and
Green
tier on a separate server to the
approach to managing load and user
application server if performance under
Second round of Load Testing completed.
experience appear sound basis for decision
load continues to be an issue.
not to introduce a separate server at this
No additional action identified as being point.
needed as a result of testing. The
performance under load is considered to be The project will monitor live operations and
sufficient to meet reasonable demand with a have contingency plans to implement
‘system busy’ message incorporated to technical upgrades etc. if required.
prevent degradation of service.
8
Ensure lessons learned from the issues Green
Noted
For action post-implementation.
Green
with the PEF project are captured
during the project closure process and
Already
planned
as
part
of
Capital
that actions are taken to embed these
Programme remit. NAO will also be
lessons in guidance and direction for
reviewing project.
future
projects
throughout
the
Commission. (Green)
9
The SRO and project board take the Red
Agreed.
Appropriate acceptance criteria have been
Green
lead in
moving
the
project
to
a. The project board have agreed the
defined as noted above.
completion by setting:
criteria for acceptance ( that there
should be no outstanding Critical or
a. clear acceptance criteria for
Major issues). Testing of the build
completion of testing and
making a go live decision. To
delivered 19 January (internal launch
be
owned
and
actively
build ) was completed by the end of
monitored by SRO/Board;
January and the outstanding issues
were categorised according to the
Page 10
COMMERCIAL-IN-CONFIDENCE
Actica/PB325D002-1.0
COMMERCIAL-IN-CONFIDENCE
Ref.
Recommendation
Original
EC Comments
Actica Review
Current
No.
Status
Status
criteria by 7th February. One final
b. responsibilities for ongoing
round of issue resolution will be
operational
management,
carried out and is expected to be
including identifying the role of
finished by 17th February.
Information Asset Owner;
New roles are being defined and recruited,
b. Operational management will be
c. a
timetable
for
passing
which is critical given Project Manager is
responsibility to senior system
jointly handled by ICT and key PEF
leaving at the end of March. This process
user and operational staff;
staff. Asset Owner will be a new
would ideally be further advanced, but
Senior IT Officer post within ICT
appointment of knowledgeable interim
d. clear operational management
team. The job description for this
resource (Triad PM) from 1 March is an
(e.g. Senior User) responsibility
post has been produced and a
appropriate response to practical position.
for managing the process of
business case has been submitted to
implementation and transition
Information Asset Owner needs to be a
to operations. (Red)
ET and was approved on 3rd
senior business manager – Project have
February. Anticipated date to have
agreed to assign this responsibility ot the
new Senior IT Officer in post is mid-
System Senior User.
May. An interim post-holder has
been identified and will be put in
post on 1st March for a 3 month
period to cover the transitional
period.
c. See Points 3 Implementation
Planning and workstreams identified
Actica/PB325D002-1.0
COMMERCIAL-IN-CONFIDENCE
Page 11
COMMERCIAL-IN-CONFIDENCE
Ref.
Recommendation
Original
EC Comments
Actica Review
Current
No.
Status
Status
d. The response to this is the outline
implementation Plan noted in point
3. The senior users have been
identified as John Franks and David
Aikin, with David taking the lead
role.
10
A
realistic
plan
detailing
all Red
Agreed.
Appropriately detailed plan is available and
Green
implementation
tasks
should
be
is being updated for actual progress on a
developed and used as the basis for all
Completed as set out in response to point 3.
regular basis.
parties to sign-up to a revised go-live
date. The plan must take into account
Project Plan recognises key external
other
business
activities
and
activities (referendums etc.) impacting the
dependencies
(for
example,
the
EC team and schedules releases in windows
imminent office move) and resource
of low activity to minimise risk.
availability. (Red)
Page 12
COMMERCIAL-IN-CONFIDENCE
Actica/PB325D002-1.0
COMMERCIAL-IN-CONFIDENCE
Ref.
Recommendation
Original
EC Comments
Actica Review
Current
No.
Status
Status
11
Phase go-live to internal and external Red
Agreed in principle.
Basis of proposed phasing is sound.
Green
user groups in order to deliver benefits
and gain experience and confidence in
In the body of the report the recommendation Risk has been mitigated by phased
live operation. (Red)
is to phase rollout to external Public Users implementation - limiting number of EC
separately, but this is not possible because it staff requiring training and readiness at 1st
would require maintenance of the old and go live date to 4 key PEF staff and the
new system. When the system is launched contact centre.
internally the public search must also be
launched. The only element which can be The project have considered the handling of
staggered is the party user / e-filing any potential problems with the search
functionality and this approach has been facilities going live as part of the initial
adopted.
release and have realistic contingency plans
in place.
Issues have been re-classified as necessary
for initial launch / launch of e-filing
functionality. Initial rollout will allow
internal users to familiarise themselves with
the system and enable a well-targeted
approach to the launch of the e-filing
component which will help ensure a greater
success rate with adoption.
Actica/PB325D002-1.0
COMMERCIAL-IN-CONFIDENCE
Page 13
COMMERCIAL-IN-CONFIDENCE
Ref.
Recommendation
Original
EC Comments
Actica Review
Current
No.
Status
Status
12
Confirm implementation of appropriate Amber
Noted and agreed.
Penetration test has been completed and all
Green
security controls and conduct a Privacy
recommendations actioned.
Impact Assessment Screening and Data
The appropriate security controls have been
Protection Compliance Check. (Amber)
implemented (SSL- Secure Socket Layer).
Project Manager also confirms all
recommendations from 2008 security
An impact assessment screening and data assessment report have also been
protection compliance check has been implemented.
arranged for 15th February 2011.
Small number of remaining http redirect
and DNS tasks to be completed.
13
Put in place a succession plan for Amber
Agreed.
See 9 above. The effective recruitment of
Green
project
manager/business
support
these roles is key to successful initial
manager role and manage knowledge
Two new posts are being created
operations. Appropriate handover and
transfer. (Amber)
a) Senior IT Officer (Systems
initial support (from the interim post
Management) – submitted to CE on
holder) will be required.
28/1, referenced above in response to
point 9(b).
b) PEF On-line Support Officer - to
submit to CE by 4th February
Handover documentation will be produced
after the initial launch, by the interim post-
holder for the Senior IT Officer role – this
will be completed by the 28th March.
Page 14
COMMERCIAL-IN-CONFIDENCE
Actica/PB325D002-1.0
COMMERCIAL-IN-CONFIDENCE
Ref.
Recommendation
Original
EC Comments
Actica Review
Current
No.
Status
Status
14
Implement
integrated
service Amber
Agreed
The basis of the responses is sound, but
Green
management
arrangements
across
a. To be carried out by the interim
limited progress to date. Whilst not critical
internal
and
external
suppliers,
Senior IT Officer (Systems
for day 1 go-live these tasks require early
including:
Management) once appointed
action in the coming weeks.
a.
implementing
additional
b. To be carried out by the Senior IT
Progress is the responsibility of new
service management activities, such as
appointees yet to be recruited, but activities
Officer (Systems Management) once
security, performance and capacity
are on project plan and are part of ToR to
appointed
monitoring;
be progressed by interim resource from 1
March.
c. Legal colleagues have redrafted the
b.
reviewing
the
existing
Commission
business
continuity
Support Agreement and Triad have
arrangements to ensure they are
provided comments. This should be
appropriate for PEF Online and
finalised by the 11th February.
updating as necessary; and
d. This is subject to the outcome of the
c.
ensuring
effective
support
e-filing launch planning process
arrangements;
d.
publishing
a
schedule
for
planned upgrades/non-critical fixes.
(Amber)
Actica/PB325D002-1.0
COMMERCIAL-IN-CONFIDENCE
Page 15
COMMERCIAL-IN-CONFIDENCE
Ref.
Recommendation
Original
EC Comments
Actica Review
Current
No.
Status
Status
15
Plan for enhanced support levels and Amber
Agreed
Appropriate response. Hand over of source
Green
increased levels of change/fix requests
code on implementation (10 March) is
over the initial implementation period.
Enhanced support during launch is included scheduled in project plan. (With later
Ensure that all source code and
in the support agreement (and has been update for e-filing release.)
associated design documentation is
budgeted for). The requirement to deliver the
delivered by the supplier. Allocate and
source code forms part of the contract with
manage a specific budget for these
Triad
activities. (Amber)
16
Introduce appropriate ongoing review Green
Agreed
Post go-live activity – will require
Green
and impact evaluation procedures to
communication and embedding across the
engage
PEF
System
Owner
in
The development of this will form part of the whole of the Commission.
development and planning of initiatives
Senior IT Officer (Systems Management)
which may affect the PEF Online
and PEF On-line Support Officer role prior to
service or system. (Green)
approval by the project board
Page 16
COMMERCIAL-IN-CONFIDENCE
Actica/PB325D002-1.0