February 2016
Introduction to the ABS ICT Environment
Introduction
About the ABS
3
About our Technology Services Division
3
Overview of our ICT environment
4
Desktop and mobile environment
4
Network environment
4
Voice and Video Collaboration
5
Server, Storage Processing Environment
5
Data, Middleware, Analytics and Collaboration Environment
6
Identity and Access Management
7
Applications environment
7
Internal Performance and Load Testing
8
What we’re working towards
8
Flexible ICT
8
Productive ICT
8
Innovative ICT
9
Optimise ICT services
9
Key Projects
10
Building ICT Capability for the Transformation Program
10
ABS ‘Big Data' Directions
10
Cloud Applications
11
Census 2016
11
Enterprise Architecture
11
Information management
12
Carbon Farming Initiative Program
12
Security Projects
12
Statistical Business Transformation Project
13
Foundation Infrastructure
14
Security and Identity & Access Management
14
Procurement of IT Equipment and Services
15
2
Introduction to the ABS ICT Environment
Introduction
This document is a basic guide to the ABS and how information and communication technology (ICT)
supports the organisation. It briefly describes the ABS mission and structure, and then goes into
more detail about the ICT environment and current strategic projects.
About the ABS
The ABS’ vision is: Unleashing the power of statistics for a better Australia.
We employed 2824 people at the end of June 2015. There were 1,340 positioned in the Canberra
Office, with the remainder in the following state and territory offices: Melbourne 334, Sydney 322,
Brisbane 236, Adelaide 214, Perth 200, Hobart 133 and Darwin 45. (Figures as at 30 June 2015, ABS
Annual Report 2014-15).
The organisation is divided into three groups:
 Statistical Services Group
 Statistical Business Transformation Group
 Enabling Services Group
You can find more information about the ABS on our website: www.abs.gov.au
About our Technology Services Division
Technology Services Division (TSD) is an integral part of the ABS, providing innovative technology
solutions and services. It leads the technology agenda to achieve the ABS mission and support
transformation via the ABS Transformation Program.
TSD has three branches:

Technology Application (TA) Branch works in partnership with our ABS Business units to
provide critical support for business as usual activities. TA focusses on building future
capability for the ABS through the delivery and implementation of enterprise solutions to
assist in the business transformation goals of the ABS. TA is responsible for the
development, delivery, support and management of the critical statistical and corporate
applications portfolio. The ICT Census team is within the Technology Capability (TC) Branch
working towards a Digital Census in 2016.

Technology Infrastructure (TI) Branch is comprised of ICT professionals who source,
integrate, lead and support technology services for the ABS network infrastructure across
Australia. IT Security and Protective Security Sections are also a part of TI Branch. They
ensure the security of ABS information and staff through the provision of Protective and ICT
security advice and services.

Technology Capability (TC) Branch works and engages with our ABS Business units and
Resource Areas with a focus on the planning, development and delivery of Transformation
Program capabilities. TC has direct responsibility for and accountability of, foundation
statistical infrastructure such as the Metadata Registry and Repository, Statistical Workflow
Management, External IAM and the Enterprise Data Management Environment.
3
Introduction to the ABS ICT Environment
Overview of our ICT environment
This section outlines the general technical and operating characteristics of the ABS computing
environment.
Desktop and mobile environment
The ABS desktop and mobile environment is being transformed to facilitate a Flexible Working
Arrangement (FWA) including Activity Based Working (ABW) and teleworking. This new environment
is being rolled out during the 2015-16 financial year and will provide each staff member with a
laptop rather than a traditional desktop. Workpoints will be fitted out using a standard configuration
of peripherals (monitors, docking station, keyboard and mouse) that allows mobility within the office
environment. The FWA strategy will facilitate the use of ‘bring your own device' (BYOD) for both
laptops and mobile devices for those staff wanting to adopt that model.
The ABS currently has a fleet of iPads for executive officers and we expect to expand this service
with the proposed BYOD strategy in the near future. Our iPad fleet is secured via XenMobile and
uses Citrix technologies to deliver corporate applications. Initiatives are underway to enhance
mobility services and improve and expand support for teleworking for ABS staff.
The ABS has almost completed its transition from a conventional thick client environment with
automated software installation and patching, to a virtual desktop environment using Citrix
XenDesktop technologies. Virtual hosted desktops are accessed using lightly managed notebooks
either from an external network or the internal Network Access Controlled network.
Desktop software within the ABS has been heavily virtualised and App-V is now the preferred model
of software delivery within the ABS desktop environment.
The ABS has a “virtualisation first” policy with VMware enterprise virtualisation software (vSphere)
used extensively. As such our virtual data centre environments consists of over 2000 windows and
Linux virtual servers. With approximately 99 per cent virtualisation, all of the mission-critical
database and analytical processing environments including Domino, Oracle, SAS, JBoss, .Net and Java
executables, and Website/Internet Gateway, operate in the virtual environment.
The Citrix XenDesktop environment is hosted on Microsoft’s Hyper-V platform and managed by
System Centre Virtual Machine Manager. The Hyper-V platform within the ABS hosts approximately
2500 Windows 7 desktops on over 30 hosts.
The ABS has around 3,500 PCs and notebooks running Windows 7. The standard desktop
environment comprises IBM Notes 8.5, Microsoft Office 2010 and McAfee desktop security. A small
group of users still use Symantec Endpoint Protection. The ABS also uses numerous in-house
developed and commercial off-the-shelf (COTS) software products.
Network environment
The ABS network infrastructure currently uses a range of Cisco switches and routers for OSI Layer 2
and Layer 3 connectivity.
ABS offices are connected via an Optus managed WAN service at between 40 Mbps and 80 Mbps
depending on the size of the office. All offices connect to our Canberra office which has 1Gbps
connection for internet with a 100Mbps fail-over which is DDOS managed
4
Introduction to the ABS ICT Environment
The voice and video services are converged onto the data network and the traffic is QoS marked and
processed to guarantee real time delivery.
Using Cisco technologies and F5 Application Delivery Controller, the ABS currently manages its own
IPv4/IPv6 dual-stack Internet gateway, providing multiple websites and associated services including
primary and fail-over connections, load balancing and security.
ABS uses Cisco for Network Access Control within our offices and provides secure services to field
and home-based workers using Cisco and Citrix.
Voice and Video Collaboration
Multimedia is used extensively to deliver corporate information and online training. Polycom
equipment provides the core video conferencing infrastructure and we use a combination of
Polycom endpoints in video-enabled meeting rooms and IBM Sametime at the desktop to conduct
virtual meetings across the wide area network (WAN). The Bureau is moving to Microsoft Skype for
Business as a replacement for IBM Sametime within the 2015-16 financial year. Cisco Unified
Communications Manager is used for voice services.
Recording, live broadcasting, on-demand delivery and asset management for conference and lecture
style presentations is provided by Sonic Foundry site, utilising Microsoft IIS Media Services.
Server and Storage Processing Environment
ABS processing is located in a primary data centre in Canberra and seven state and territory office
telecommunications equipment rooms. The server environment consists primarily of Cisco Intel
blade and rack-mount servers running:
 Microsoft Windows Server 2008 R2 Datacentre/2012 R2 Datacentre Edition; or
 Red Hat Enterprise Linux 5 and 6.
We prefer 64-bit operating versions however some 32-bit implementations remain to support the
application software stack operating on those servers.
We also use three Oracle/Solaris V440/5 servers which host some legacy ABS services which are in
the process of being migrated to other platforms.
The ABS has a ‘virtualisation first’ policy with VMware enterprise virtualisation software (vSphere)
used extensively. As such our virtual data centre environment consists of over 2000 Windows and
Linux virtual servers. With approximately 99 per cent virtualisation, all of the mission-critical
database and analytical processing environments including Domino, Oracle, SAS, JBoss, .Net and Java
executables, and Web site/Internet Gateway, operate in the virtual environment.
The ABS storage environment has 2.5 PBs of online disk, comprised primarily of:
 EMC VNX5200, 7500 and 7600 disk arrays.
 EMC Extreme IO
The Backup and Recovery environment utilises IBM Tivoli Storage Manager (TSM), using Tivoli Data
Protection agents across all servers. Total backup tape holdings consist of 2PBs onsite which are
replicated in an offsite archive.
5
Introduction to the ABS ICT Environment
Data, Middleware, Analytics and Collaboration Environment
The ABS has a broad range of infrastructure software with access via the LAN and WAN. The
software service is divided into four main groups – Data, Middleware, Analytics and Collaboration.
The Database Platform provides for primary ABS data processing using a variety of software
including:
 Oracle 11g and 12c
 Microsoft SQL Server 2008 R2 and 2012
 MySQL Enterprise 5.6
 ESRI GIS Mapping - ArcGIS 9 and 10
 MAPINFO Pro.
Our web applications servers and middleware service predominantly comprises:
 RedHat JBoss EAP 5.1 and 6.x
 IBM WebSphere 7, 8 and IBM HTTP Server
 Microsoft IIS 7.5
 Apache/Tomcat.
 Oracle EBusiness Suite 11.5 (Financials)
 Oracle EBusiness Suite 12.1 (HR)
 Business Process Management System(BPMS) Informatica ActiveVos
 Statistics Netherlands Blaise IS 4.8 & 5
 OECD.Stat
 F5 Big IP – LTM, ASM, APM
 Drupal
 Symantec Management Platform 7.1 and 7.6
 Symantec Workflow Solution 7.6
 CA Service Desk Manager 14.1
 CA Service Catalog 12.9
 Java
 PHP
The Analytics and Business Intelligence service is critical to the ABS business. This service is provided
by:
 SAS 9.4
 SAS Enterprise Business Intelligence 9.4
 SAS Enterprise Data Integration 9.4
 R 2.14 on Linux and R 2.13 on Windows
 Oracle Discoverer 10
 SuperSTAR SuperServer 7.1 and 8
 SuperSTAR SuperWeb 7.1 and 8
 SuperSTAR SuperCross 8
 SPSS 23
 STATA 12
6
Introduction to the ABS ICT Environment
We are committed to an extensive knowledge management environment and the facilitation of
collaboration between the state and territory offices and external associates. To enable this
collaborative environment we use:
 IBM Notes 8.5.3 Mail and Calendar
 IBM Sametime realtime collaboration and Skype for Business (chat, presence, online
meetings, desktop video conferencing.)
 IBM Connections social/business networking.
 ABS-developed Notes Work Group Databases (WDB) for collaboration and knowledge
management.
 IBM Smartcloud for Social Business external collaboration.
 IBM iNotes and Notes Traveler Mail and Calendar via web.
 IBM Notes Traveler Active sync of Mail and Calendar to mobile devices.
 IBM Domino for website and publishing.
Identity and Access Management
The ABS has implemented Oracle Identity Manager to manage user accounts over our internal
Microsoft Active Directory, IBM Domino Directory, Oracle HR and Oracle Internet Directory systems.
We use this combination of directories to provide authentication and access management across our
internal environment. F5 Access Policy Manager and Microsoft Active Directory Federation Services
2.0 (SAML provider for web services) are used to enable ABS staff to transparently authenticate with
external cloud and SaaS solutions.
The ABS has also implemented external user registration and authentication services to support
interactions with survey respondents and consumers of statistical products. These services are built
upon F5 Access Policy Manager and Microsoft Active Directory.
Applications environment
The ABS has hundreds of applications, which are a mixture of bespoke (in-house), Commercial offthe-shelf (COTS) and Government off-the-shelf (GOTS) applications. The applications meet a wide
range of statistical and business needs, with a significant amount of specialisation to meet client
requirements.
ABS applications cover a wide range of capabilities, including:
 time series analysis
 statistical estimation
 geospatial and occupation coding
 communication and collaboration
 client and provider relationship management
 data and transactional processing
 data management and visualisation
 knowledge and content management
 HR, finance and other corporate support systems
As the applications portfolio covers such a wide range of business needs, a variety of technologies
have been used to implement solutions. They range from a web-based data capture system on a
Java platform to .NET solutions on handhelds, an IBM Notes 8.5 collaborative working environment,
database queries and processing in SQL and XML, statistical processing programs developed in
7
Introduction to the ABS ICT Environment
statistical languages such as SAS, and a growing Software as a Service (SaaS/Cloud) portfolio to
enable corporate and business capabilities.
The ABS has also adopted SOA for the development of Statistical Services and Capabilities.
Internal Performance and Load Testing
The ABS uses HP Performance Centre software to conduct load and performance testing of its
applications internally.
What we’re working towards
TSD is continually building the capability of its staff to ensure the timely delivery of ICT services,
systems and components for the Statistical Business Transformation Program as well as
effectively supporting the business as usual operations of the ABS.
Over the next four years the ABS will substantially enrich the ICT Experience of end users.
Specifically, we will deliver:
Flexible ICT
A more flexible ICT experience that supports a 21st century working environment, including
flexible office spaces, teleworking, virtual teams & external collaboration.
Outcome
Increased
Flexibility
From the Present
To the Future
Rigid enterprise devices to suit all
User chooses fit for purpose
One main work location per person
Rich work anywhere, anytime
Virtual teams supported
Teams are just teams, virtual or not
Productive ICT
A more productive ICT experience that will support ABS staff and our external partners working
together efficiently and effectively.
Outcome
Improved
Productivity
From the Present
To the Future
Good deeds done in secret
Open & rich co-creation
Siloed knowledge in disparate tools
One cohesive knowledge
management environment
Work focus is internal, local &
directed
Discoverable, social & spontaneous
online workspaces
Reading international papers to find
best practice
Day to day project collaboration
with external partners
8
Introduction to the ABS ICT Environment
Inefficient processes for new roles
Access automated based on role
Performance depends on location
Performance everywhere
Innovative ICT
A more innovative ICT experience for those developing the next generation of ABS statistical
information systems.
Outcome
More
Innovative
From the Present
To the Future
Support for Production by design and
R&D by best effort
Purpose designed R&D facilities
Environmental complexity slows
solutions deployment
DevOps delivers agility and efficiency
Optimise ICT services
A more cost effective ICT experience to support organisational sustainability
Outcome
More Cost
Effective
From the Present
To the Future
Management at the network edge
Management at the network core
Dedicated desks for office employees
Flexible, activity-based workspaces
9
Introduction to the ABS ICT Environment
Key Projects
The following are some of the current strategic projects we are undertaking.
Building ICT Capability
TSD uses the government mandated SFIA (Skills Framework for the Information Age) to map current
and future capability needs required to support both Business Delivery (BD) systems, and the
integration and deployment of IT solutions for the transformational work program. This information
is used for making optimal decisions to ensure the ABS has a capable and future ICT ready
workforce. This includes developing staff to ensure that TSD has the necessary capabilities to
support and take forward the ABS, identifies areas at risk and making informed decisions as to the
allocation of resources such as training. This assists us to:
 Support our existing business systems
 Deliver on our current and future transformation programs
The development of our people is part of much broader capability Improvements within TSD to build
both the ICT capacity and capability to enable and deliver IT solutions. This includes sourcing
strategies, review and development of tools, frameworks, processes and methodologies, as well as
the review and development of enterprise architecture artefacts and standards.
ABS ‘Big Data' Directions
The ABS is actively researching 'big data' statistical information sources, analysis techniques,
processes and technologies. A key focus of many projects is to enable new information products to
supplement or replace survey software whilst gaining greater efficiency and preserving data
confidentiality. ABS is a national leader in statistical data integration and an accredited Integrating
Authority under the interim Commonwealth Data Integration Arrangement.
Current examples being examined to improve official statistics by using ‘big data’ sources,
technologies and methods include: sample frame or register creation, partial data substitution for a
subgroup of a population, partial data substitution for some required data items, imputation of
missing data items, data editing, linking to other data, data confrontation and generating new
analytical insights. Whilst the primary focus is exploiting big data for statistical value, the application
of commercial use cases to ABS are also of value. These include: improving ABS data provider and
data consumer experiences, improving ABS operational business efficiencies; and monitoring our
web and network security and end-user network experiences.
Collaboration and partnering with external organisations such as universities, research
organisations, government agencies and businesses is central to ABS efforts in exploitation of
'big data' approaches.
There are a number of technology directions in industry that the ABS is exploring with a view to their
appropriate application to existing processes or the capacity of the technology to support new
approaches. The technology spaces of current interest include, but are not limited to:
 Semantic web technologies – OWL, RDF, Graph Databases
 Scalable distributed processing – HDFS, Spark,MapReduce, Column-Family Databases
 Data visualisation tools to connect to both traditional Data Warehouses and newer NoSQL
databases
10
Introduction to the ABS ICT Environment
Cloud Applications
ABS implements a number of cloud-based applications where our requirements can be economically
satisfied. Cloud services for e-recruitment have been adopted for prospective job applicants both
inside and external to the organisation, while the whole of government travel booking services are
used seamlessly from employee devices across the ABS. The ABS uses a cloud service to manage IT
learning and training content, and is also an early adopter of a cloud-based parliamentary workflow
application.
ABS also uses cloud services provided by other government agencies, including a common cloud
based service for booking travel arrangements. The ABS is also currently committed to a partnership
with Treasury to implement the financial components of a cloud based ERP.
Census 2016
The Census is one of Australia's largest ICT projects. The 2016 Census of Population and Housing will
have an increased focus on long-term sustainability of the program. The ABS is, for the first time in
100 years, re-engineering the Census Enumeration model. The core of this change is maximising selfresponse allowing the ABS to concentrate effort on non-respondents who are increasingly difficult to
reach. This work will involve a range of innovation for both process and technology that will provide
a considerable efficiency saving and build new infrastructure for 2016 and future Censuses. The scale
of change proposed, which is much greater than that considered for any previous Census, will also
overcome the challenges in recruiting, training and retaining field staff and make it easier than
before for the population to respond.
The 2016 Census will move to a partially frame based, multi-modal approach that is eCensus
focussed. This change requires the establishment of a high-quality residential address register to use
as the source of addresses for a percentage of the country for mailing eCensus codes to dwellings,
replacing the traditional model of using Census collectors to deliver and collect eCensus codes and
Census forms. It will be supported by new, more flexible and smarter workload management
processes and systems to optimise response rates efficiently. It will utilise mobile technology in the
hands of field staff that will reduce errors and improve responsiveness of their work. By moving to
an increased digital data collection it will also be possible to significantly reduce the amount of paper
form printing and processing, change the risk profile and mitigation options, as well as reduce the
number of field staff compared to previous censuses.
It should be noted that there are many elements of the Census programme that will not change as
significantly in 2016, but will still require considerable ICT involvement. Marking in and scanning 4
million paper forms is still a large exercise, as is coding responses irrespective of the way they have
been received and then preparing the data for dissemination through products such as Tablebuilder,
Quickstats, Community Profiles and Datapacks.
Enterprise Architecture
The ABS has a business-led Enterprise Architecture with TSD owning the Applications and Technical
Architectures and the business owning the Business and Information Architectures. The
architectures collectively inform the technology investments we make by ensuring they are business
aligned, strategic, provide a high functional fit and in turn, provide the ABS the maximum return on
investment. The architectures also give our technologists specific guidance in the form of policies,
instructions, models, and exemplars on how to compose new ICT systems so that they satisfy
enterprise level business and technical requirements. The Architecture is being developed and
implemented consistent with industry and whole of government frameworks (examples include
11
Introduction to the ABS ICT Environment
TOGAF and AGAF). The ABS is progressively moving towards a Service Orient Architecture (SOA)
driven by ABS business directions and needs. The ABS business directions are focusing on modular
construction, solution integration, reuse of data, methods and services and sourcing component
solutions from other organisations, both government and private sector.
Information management
Our information management activities have always supported productivity at the enterprise level,
enhancing organisational performance through productivity practices, systems and technologies.
We focus on:
 Helping knowledge workers become more efficient by managing the desktop
 Supporting collaboration, using shared documents and data
 Managing business processes
 Actively managing information and knowledge produced as corporate assets.
Digital record keeping processes across the organisation are largely automated and any new system
will be able to meet ABS’s record keeping obligations under the Archive Act 1983 and be in line with
AS ISO 15489.
Carbon Farming Initiative (CFI) Program
The CFI Program is a $30 million program of work being undertaken by the ABS and funded through
the Department of Agriculture and Water Resources. The Program commenced in 2011 and will run
over six years. It has a number of focuses including:
 A biennial land management practises survey (LaMPS) which collects information on current
on-farm land management practises.
 Supporting the ABS’ transformation program through enhancements to infrastructure (for
example improvements to ABS’ geospatial capability, web data capture, data confrontation,
analysis, confidentialisation and dissemination).
The final LaMPS will be run in 2015-16 with data published in June 2017.
Security Projects
The ABS continues to focus on security as a key component in its approach to projects and
operations. A program of security projects focusses on ensuring the security of data and systems by
reducing security risks and increasing compliance with Government information security policies
outlined in the Australian Signals Directorate (ASD) Information Security Manual (ISM).
New systems are designed with security considered from the outset. They are subjected to stringent
accreditation processes which analyse potential risk exposures and test implemented security
controls. Where commercial software products or services are used, vendors are asked to provide
details of security accreditations and risk management. At a minimum, system documentation must
include a System Security Plan (SSP) and System Risk Management Plan (SRMP).
The ABS has implemented Splunk as a SIEM (Security Incident & Event Management) tool to
enhance capabilities for security logging, auditing and analytics. This work will provide the SOC
(Security Operations Centre) with increased abilities to detect and respond to security incidents
occurring anywhere in the ABS ICT environment.
12
Introduction to the ABS ICT Environment
Statistical Business Transformation Program
In order to stay relevant to the modern world, ABS and other National Statistical Organisations
(NSOs) need enhanced and more agile statistical infrastructures that facilitate the production and indepth analysis of coherent statistical information from multiple sources.
The ABS aspires to ensure that it remains both relevant and trusted; and that it provides better
support for policy formulation, development, evaluation and research through leveraging more
value from national statistics.
In response to these challenges, the ABS has launched a major transformation program, the
Statistical Business Transformation Program (SBTP) to re-engineer its business processes to focus on
providing services and information solutions through assembly of data and data processes, rather
than focussing on ‘made to order’ processes and products.
SBTP will deliver this through:
(a)
Industrialisation and standardisation of processes, methodologies and tools;
(b)
Modernisation of infrastructure to provide greater functionality, performance and
flexibility; and
(c)
Transformation of the ABS service model to facilitate greater innovation, more data
analysis and tailored service delivery.
As part of the SBTP program we will pursue ways of reducing costs and the burden on respondents
and minimising collection costs, while managing risk as detailed in our Corporate Plan.
ABS has an explicit preference for electronic data collection, through internet-based selfenumeration or machine-to-machine collection of administrative data.
13
Introduction to the ABS ICT Environment
Foundation Infrastructure
Core to the delivery of SBTP is the Foundation Infrastructure that provides cross cutting capability.
This includes:
•
Statistician’s Workbench (SWB)
•
Statistical Workflow Management System (SWMS)
•
Metadata Registry and Repository (MRR)
•
Enterprise Data Management Environment (EDME)
Diagram 1 shows these foundation pieces and how they relate to each other.
Diagram 1 – Foundation Infrastructure
Security and Identity & Access Management
The Security and Identity & Access Management (SIAM) project will provide new security services to
enable the delivery of new business systems under SBTP. The key project outputs are:
 Role management to provide access to data and systems via business roles that are
supported by access life cycle management processes
 Application authorisation services to externalise access management from new business
applications through services that determine privileges according to access policies
 External identity federation to enable external stakeholders to authenticate with ABS
services using their MyGov or AUSKey credentials
These new services will ensure all new systems are secure, and that security can be efficiently
implemented and maintained.
14
Introduction to the ABS ICT Environment
Procurement of IT Equipment and Services
The ABS procures a significant amount of IT equipment and services. Full details of the goods and
services purchased are available on AusTender.
The ABS, like other government agencies, is interested in ensuring it realises value for money
through its contracted arrangements. ABS IT procurement activities comply with the various policies
outlined on the Department of Finance website. Existing and potential suppliers are encouraged to
become familiar with the relevant policies that are likely to impact on the goods and services they
can provide.
ABS is interested in receiving offers for innovation or new technologies, and will seek offers using
the various channels available to the ABS, including public requests for offers under existing
Commonwealth panel arrangements, requests for quotes or through Whole of Government
arrangements.
When seeking offers the ABS’s approach is to seek the best and final offers in the first instance and
will not necessarily undertake additional negotiations to refine offers. ABS also uses a range of
contractual forms for IT related procurements which are similar to the Source IT contracts published
by the Department of Finance on its website. The form of contract used will ultimately depend on
the services being offered.
15