Item 6 - Appendix D - Joint ICT Infrastructure Risk Register

advertisement

Joint ICT Infrastructure Risk Register

Ref. Risk description

Staffing

1. Insufficient resources to manage normal operations

Consequence Likelihood Impact

Deterioration in response time – service failure / Missed opportunities /

Increased cost

L H

2. Skills gap

3. Resistance to change

Insufficient skills to deliver services

– service failure / Missed opportunities

L

New structure not embraced by single team / Fractions between two existing teams / Staff performance issues – service failure

M

4. Differences in Salary / Terms and

Conditions

New structure not embraced by single team / Fractions between two existing teams / Staff performance issues – service failure

M

M

M

L

APPENDIX D

Risk Manager Mitigating action

Development of joint ICT annual work programme monitored by Head of

Service and respective Portfolio

Holders.

Regular review of helpdesk response times

Regular service reviews with SMT

ICT Forums with services

If additional resources are required this will generate options appraisal and request to SMT

Skills gap analysis to be undertaken by Internal Audit

Appropriate training arranged for appropriate staff

Greater reliance placed on external suppliers / vendors

Full consultation with staff on changes

Regular team meetings / 1to 1 meetings

Single management team introduced at the earliest opportunity

Joint training / skills sharing opportunities

Standardised HR procedures

Full consultation with staff on changes

All roles job evaluated – HR procedures followed

Effective use of the HR teams where appropriate

Regular team meetings / 1 to 1 meetings

Single management team introduced at the earliest opportunity to instigate any required changes

Head of Service

Head of Service

Head of Service

Head of Service /

ICT Operations

Manager

98

5. Key personnel leave

Joint ICT Infrastructure Risk Register

Loss of key skills – service reduction L

Technology

6. Changes in future technologies Inappropriate investment in current technologies / skills development requirement /

Missed opportunities

M

7. Failure of existing technology Inability to provide IT services M

Regulatory

8. Do not meet data security / other legislative requirement (e.g.

Government Connect)

Loss of data – potential prosecution / failure to provide services / reputational impact / loss of customer confidence

– increased costs

L

M

L

H

H

Joint training / skills sharing opportunities

Greater reliance placed on external suppliers / vendors

Regular appraisals

Head of Service /

ICT Operations

Manager

Defined requirement within all ICT

Management roles of assessing emerging technologies

Obtain external advice / support where appropriate

Work closely with other public sector organisations to review future opportunities

Membership of SOCITM / access to other external professional bodies to review technology trends

Regular monitoring of equipment / applications

Greater reliance placed on external suppliers / vendors – appropriate service level agreements

Timely replacement of ageing / failing equipment

Effective disaster recovery plans implemented

ICT Management

Team

ICT Management

Team

Systems reviewed to ensure they meet legislative requirements

Regular internal audit reviews of key systems

Obtain Government Connect certification

Adopt and implement standardised

ICT Security policy and related procedures

Head of Service

99

Joint ICT Infrastructure Risk Register

Financial / Procurement

9. Insufficient funding to cover service

Unable to provide elements of the service / contractual disputes

L

10. Issues with single / joint procurement / licensing arrangements

Unable to obtain all the benefits of shared working / delays in the programme delivery / additional costs

M

Other

11. External organisational changes – work with other Public Sector

Bodies / changes of Government approach / broader changes to local government

Programme specific

12. ICT operational performance dips during delivery of the Joint ICT programme

Delays in programme delivery / additional costs / unrequired costs

Deterioration in response time service failure / Missed opportunities /

Increased cost

M

M

L

M

M

M

13. Delays in programme delivery Failure to obtain service / financial benefits as per plan / Delays in phase

2

– reducing potential for improved service delivery and reduction in organisational costs

L H

Regular review of budgets

Standard annual budgetary process

Formal request / approval for additional funding through normal channels

Regular discussions with the

Procurement / Legal teams

Early discussions with suppliers

Review joint ICT implementations / approaches elsewhere – lessons learnt

Head of Service

Head of Service

Continual monitoring of Government announcements

Continued cross working with other local authorities / public sector bodies

Corporate

Management

Team

Development of joint ICT annual work programme monitored by Head of

Service and respective Portfolio

Holders.

Regular review of helpdesk response times

Establishment of Programme Board -

Agreed rescheduling of programme plan if deemed appropriate by the

Project Board

Development of joint ICT annual work programme monitored by Head of

Service and respective Portfolio

Holders.

Establishment of Programme Board to monitor progress and to initiate remedial action

Regular reporting to the Joint

Partnership Board

Head of Service

Head of Service

100

Joint ICT Infrastructure Risk Register

14. Insufficient resources to deliver the programme

Delays in programme delivery / staff morale impacted

L H

15. Under-estimation of required budgets / overspend

16. Insufficient development of Phase

2 requirements

Delays in phase 2

– improved service delivery and reduction in organisational costs

17. Proposed technical solution proves inadequate / lacks resilience

Delays in programme delivery / additional costs or reduced programme of work – reduced benefits

Delays in programme delivery / additional costs / service failure

M

L

M

H

H

H

Development of joint ICT annual work programme monitored by Head of

Service and respective Portfolio

Holders.

Establishment of Programme Board to monitor progress and to initiate remedial action

Regular team meetings to review progress / keep team informed

Establishment of Programme Board to monitor progress and to initiate remedial action

Technical business cases approved by Portfolio Holders

Effective budget estimation within outline Business Case

Service Plans developed by Heads of

Service

Role instigated to develop Phase 2 programme plan

Regular discussion at Corporate

Management Team

Establishment of Programme Board -

Agreed rescheduling of programme plan if deemed appropriate by the

Project Board

Technical infrastructure reviewed externally

Continual reviews by the project team

Revision of plans / solutions / expenditure where appropriate and with the appropriate approval

Head of Service

Head of Service

Head of Service

Head of Service

101

Download