Note: Where available, the PDF/Word icon below is provided to view the complete and fully formatted document
Finance and Public Administration References Committee
07/05/2018
Digital delivery of government services

ALEXANDER, Mr Peter, Chief Digital Officer, Digital Transformation Agency

BRUGEAUD, Mr Randall, Acting Chief Executive Officer, Digital Transformation Agency

SEEBECK, Dr Lesley, Chief Investment Advisory Officer, Digital Transformation Agency

VLASIC, Dr Anthony, Chief Procurement Officer, Digital Transformation Agency

Committee met at 15:11

CHAIR ( Senator McAllister ): I declare open this public hearing of the Senate Finance and Public Administration References Committee in its inquiry into the digital delivery of government services. This is a public hearing and a Hansard transcript of the proceedings is being made. We are also streaming live by the web, which can be found at www.aph.gov.au. Before the committee starts taking evidence I remind all witnesses that in giving evidence to the committee they are protected by parliamentary privilege. It unlawful to threaten or disadvantage of witness on account of evidence given to a committee, and such action may be treated by the Senate as a contempt of the Senate. It is also a contempt to give false or misleading evidence to a committee. In addition, if the committee has reason to believe that evidence about to be given may reflect adversely on a person, the committee may direct that the evidence be heard in private session. The committee prefers all evidence to be given in public, but under the Senate's resolutions witnesses have the right to request to be heard in private session. It is important that witnesses give the committee notice if they intend to ask to give evidence in camera. If a witness objects to answering a question the witness should state the ground on which the objection is taken, and the committee will determine whether it will insist on an answer to the question having regard to the ground which is claimed. If the committee determines to insist on an answer, the witness may request that the answer be given in camera. Such a request may, of course, also be made at any other time.

I thank all witnesses appearing today for your cooperation with this inquiry. I welcome officers from the Digital Transformation Agency. Information on parliamentary privilege and the protection of witnesses in giving evidence to Senate committees has been provided to you. DTA lodged submission 10 with the committee. Would you like to make any amendments or additions to the submission?

Mr Brugeaud : No.

CHAIR: I remind senators that the Senate has resolved that an officer of the Commonwealth or a state shall not be asked to give opinions on matters of policy and shall be given reasonable opportunity to refer questions asked of the officer to superior officers or to a minister. This resolution prohibits only questions asking for opinions on matters of policy and does not preclude questions asking for explanations of policies or factual questions about when and how policies were adopted. Officers of the department are also reminded that any claim that it would be contrary to the public interest to answer a question must be made by a minister and should be accompanied by a statement setting out the basis of the claim. I now invite you to make a short opening statement and at the conclusion of your remarks I will invite members of the committee to ask questions.

Mr Brugeaud : Thank you, Chair. Although I don't have an opening statement, I might just very briefly introduce myself. I am Randall Brugeaud. I'm in week 6 of seven as acting CEO of the Digital Transformation Agency. My permanent position is Deputy Australian Statistician at the Australian Bureau of Statistics. I've spent most of my career working in transformation roles, both as a government employee and as a consultant. I look forward to being able to provide evidence today.

CHAIR: Before we get into the detail of the inquiry, may I ask whether we expect Mr Slater to return to the DTA and when?

Mr Brugeaud : Mr Slater is currently studying and will be back working as CEO of the DTA on 21 May.

CHAIR: He has obviously been away at a time which is usually quite important for agencies of government, in the lead up to the budget, and there has been some public commentary about the significance of his absence. What impact has Mr Slater's absence had on budget preparation from the perspective of the DTA and how has that impact been managed?

Mr Brugeaud : Mr Slater's absence has had no impact on budget preparations. He was very detailed in his handover to me in the CEO role and provided an outline of all the different aspects of the work program that needed to be delivered while he was on his sabbatical. The budget preparations were well under way when he went off on leave and we have finalised those budget preparations in line with his requirements.

CHAIR: The media reporting about Mr Slater's absence suggested that the DTA, at the time the inquiries were made by the media organisation, wasn't able to say how long Mr Slater would be away or when he would be returning or if he would be returning. Why was that?

Mr Brugeaud : That was simply reporting from that particular media outlet. They didn't seek detailed advice when it came to Mr Slater's return. It was always intended that Mr Slater would return to the role on completion of his studies.

CHAIR: How did it come about that they reported that the DTA was unable to advise whether or not he would be returning?

Mr Brugeaud : I'm unsure how they came to that conclusion.

CHAIR: Can anyone else assist?

Mr Brugeaud : No.

Senator SINGH: Has Mr Slater made any public statement in relation to his absence?

Mr Brugeaud : Mr Slater advised that he would be studying in the US for a period of seven weeks. It was a pre-agreed arrangement. He was self-funding this piece of work. That information had been provided in the public domain.

CHAIR: Has there not been any thought given to clarifying that situation? The report in InnovationAus—I'm not quite sure when it was published, as my printed copy doesn't point that out—I think it was back in March that these reports were public that Mr Slater may not be returning. Is there a reason why no public clarification about the situation has been issued?

Mr Brugeaud : It wasn't fuelled, so no further follow-up was undertaken, and it came to a conclusion without the need for us to intervene.

CHAIR: Has there been any internal communication about the status of Mr Slater's employment?

Mr Brugeaud : There was an all staff communication sent prior to Mr Slater taking his leave, which clearly outlined his intentions to study and to return to the role.

CHAIR: So nothing subsequent to that published article suggesting that he wasn't returning?

Mr Brugeaud : Not as far as I'm aware.

CHAIR: And no staff have asked a question about what's happening?

Mr Brugeaud : Staff read the original communication, which said that Mr Slater was going to be returning to the role.

Senator SINGH: Where was that made publicly available, as you said previously?

Mr Brugeaud : I'll need to check exactly where that was made available.

CHAIR: I recognise that anonymous sources are not always the most helpful sources of commentary, but the anonymous source in this case expressed dismay at the timing of the leave on the eve of the budget, saying it demonstrated an unwillingness to engage with the government processes to drive the DTA agenda. Are you absolutely confident that the absence of the CEO has had no impact on DTA's ability to assert its place at the table in the budget discussion?

Mr Brugeaud : Yes.

CHAIR: The terms of reference of this inquiry ask us to look at the digital transformation agenda broadly. Obviously DTA is central to that. I was look at your purpose statement published in your corporate plan. It speaks about encouraging investment in digital services, transforming the user experience and improving the return on ICT and digital investments. A number of the witnesses at this inquiry have spoken about the limitations in government thinking here and elsewhere in relation to digital transformation. A point that they have made particularly is that turning analogue services digital is not transformation. Do you think your purpose statement, as presently constructed, captures all of the opportunities and possibilities that digital presents to government?

Mr Brugeaud : I think there's always an opportunity to provide more detail. The intention was for that to be quite a short, sharp description of what the DTA intends to achieve at the highest level. Having read a lot of the previous evidence and commentary, I would agree with a range of the views when it came to the level of ambition in digital transformation within government. It's not simply sufficient for us to turn paper forms into electronic forms. In order for us to actually have a significant impact on the way government delivers services we need to think quite differently about how those services are delivered.

CHAIR: The point made by Mr Waller, who was one of the submitters from the UK, was that one ought to think of government not only as a service delivery organisation but as a policy delivery organisation. Part of that involves delivering services, but it also involves revenue functions and regulatory functions including constraining or otherwise managing demand on publicly funded services. Do you see any of those kinds of activities reflected in present activities being undertaken by government?

Mr Brugeaud : I think a good example is the capability-building initiative that is being coordinated through the DTA working with a number of agencies in government looking to engage more broadly with government executives in thinking about transformation. That involves not just technical folks, but policy as well. It is thinking about how we work in providing education to the most senior executive in government. That is something that is being done now that will support that initiative.

CHAIR: Perhaps I can test this with you: I think what you're saying goes to the maturity of the Australian public service in being able to integrate digital thinking into its approach to all aspects of government activity, not just service delivery. Is that correct? Is it partly a strategy of walking before we can run, so that capability building, in your mind, comes before the doing and the implementation?

Mr Brugeaud : Yes. There is a degree of parallel effort that we need to go to here. It is not sufficient for us to wait until everybody is culturally aligned before we go about doing those incremental transformation efforts. I think it's a matter of us doing those two things at once when we look at the structural culture of the APS and the awareness of how digital transformation might run. Also, there are immediate issues that we are attempting to deal with in delivery while we're doing that.

CHAIR: You've been involved in this kind of work within the Australian public sector for quite a long time. You didn't specify how many years but it's quite a number of years, and I think you'll know that in 2008 Sir Peter Gershon undertook a review of ICT in the Australian Public Service. One of his key headline recommendations was around capability. It strikes me that it's 2018, 10 years exactly after Gershon's report. He's recommending that we build capability so that we can take these next steps. Yet capability for the senior executive service is still an impediment to embedding digital thinking into the way that we're doing policy. Does that seem like a problem to you? Do you think we're making adequate progress?

Mr Brugeaud : I can't comment on the broad senior executive, but what I can say from a digital perspective is that the environment is moving all the time and there hasn't been a situation where we've been sitting idle within government for the last 10 years. There have been improvements in capability and, I think, digital is a more recent capability area that government is looking to improve more broadly. But I would argue that there have been significant capability improvements across the APS since Sir Peter Gershon released his recommendations.

CHAIR: It's just slightly frustrating, I suppose, that most of these recommendations—if you look at the executive summary in Sir Peter's report—would still be relevant. They go to skills, they go to the use of external contractors, they go to capability and they go to governance. Perhaps you're right; perhaps you can't comment on the pace of change, but it does seem to me to be a rather dispiriting thing to reflect on, that recommendations that were relevant 10 years ago are still relevant to the APS now. Anyway, moving on.

Senator SINGH: Are you aware of those recommendations in the Sir Peter Gershon report?

Mr Brugeaud : Indeed.

Senator SINGH: Do you think they remain outstanding as areas, that Senator McAllister referred to, that need to be addressed by DTA?

Mr Brugeaud : I suspect the recommendations that were made by Sir Peter Gershon will still be relevant in 10 or 20 years time, I just don't think it's ever necessarily fixed. I think there are always going to be challenges in relation to skills. I think there are always going to be challenges that government faces in the range of areas that Sir Peter outlined in his recommendations. If I think back to change programs that I've been involved in, over many years, the recommendations or aspirations of those programs to bring together client information in an integrated way, such that we have single identities and so on, are current and probably there will still be challenges in years to come.

CHAIR: I suppose there are some quite specific recommendations there and it seems a shame that they weren't responded to in the last 10 years. I would be disappointed if they were still relevant in 10 years time. for example, Sir Peter says we ought to:

Reduce the total number of ICT contractors in use … by 50% over a 2-year period and increase the number of APS ICT staff.

If anything, the use of contractors has probably intensified in the intervening years.

Senator SINGH: Has it?

Mr Brugeaud : I don't know the overall numbers for the APS, I'm sorry. That would be a matter for the APSC.

Senator SINGH: What about ICT contractors?

Mr Brugeaud : I don't have—

Senator SINGH: Have they increased over the last 10 years? I don't—

Mr Brugeaud : I just don't know, I'm sorry.

Senator PATERSON: Witnesses shouldn't be without that, should they, Senator!

Senator SINGH: I'm happy for Mr Brugeaud to take it on notice.

CHAIR: I want to ask you about the overall purpose of DTA and how that interfaces with other ICT related activities within government. I'm particularly interested in it because DTO to DTA has seen, I think, a shift in purpose and direction. I think there was a period when role clarity for the DTA was quite confusing. I am interested to understand how the ever-growing number of other parts of government that are dealing with digital interact with you. The Cyber Security Strategy has had a significant amount of money applied to it. What is your relationship with the Cyber Security Strategy and the Cyber Security Special Adviser? How does that work?

Dr Seebeck : We work very closely with the Cyber Security Special Adviser at a fairly strategic level. In my area I have the Cyber Security Unit, which emerged out of the review of the ABS census event. That unit will be moving across, as a result of the machinery of government changes, through the Cyber Security Strategy, into the ACSC. They are a great team, they are very technically capable, but they are not quite what I need in my particular area and it was decided that the best fit was actually with the ACSC. That doesn't mean that we are cutting those links at all; it means we will continue to work very closely; we know people in that area. I should also note that my team contributed to the cybersecurity work that was being undertaken by the ACSC in that period of time.

CHAIR: But these personnel who made that contribution are moving to the ACSC?

Dr Seebeck : Yes.

CHAIR: When is that going to happen?

Dr Seebeck : That will become effective on 1 July 2018.

CHAIR: And what will be your residual responsibilities in relation to cybersecurity once that move has happened?

Dr Seebeck : The thing that interests me is making sure that agencies, when they bring proposals forward, take account of good cybersecurity practices in those proposals. So I am really interested in making sure that we have security by design, when they bring it in.

CHAIR: So it will be limited to ensuring that best practice in relation to security is observed when projects are being implemented in government? There is no policy function?

Dr Seebeck : No.

CHAIR: That policy function is transferring to the ACSC?

Dr Seebeck : They never really did a policy function per se. The policy area in the ACSC, as a result of the MOG changes, is moving to Home Affairs; it was in the Department of the Prime Minister and Cabinet. Again, it was very much an advisory capacity rather than a strictly policy function.

CHAIR: I see. And the Office of the Information Commissioner is another important interface for you all? Is that a question for you, Doctor Seebeck? How does that work?

Dr Seebeck : I haven't had much interaction with that particular office as yet. I would expect that, as time goes by, as issues arise, I will be interacting across a range of areas in government to make sure issues of concern are recognised.

CHAIR: The reporting scheme under that legislation has now commenced. In March, there were 55 reports and in February there were eight. Were any of those notifications from Australian Public Service entities?

Dr Seebeck : I don't know. I haven't kept up with that aspect. That does not fall within our remit.

Mr Brugeaud : That would be a question for the Information Commissioner.

CHAIR: Okay. But surely it ought to fall within your remit? If your job is to keep track on agency performance in relation to digital, and agencies are reporting to the Information Commissioner that they have had data breaches, at a minimum you ought to know whether they are reporting breaches of this kind so that you can make an assessment about whether there is a structural problem that needs to be tackled?

Dr Seebeck : My interest lies in the development proposals and their implementation and delivery. If it is an operational matter I might have general situational awareness of it but I don't look at those things specifically.

CHAIR: Does anyone in the DTA look at it?

Dr Seebeck : No.

CHAIR: So agency performance in relation to security is not in your brief?

Dr Seebeck : No.

CHAIR: Can I ask you about government approaches to data. I note that your strategy does talk about data. But the government has now accepted a recommendation from the Productivity Commission that a data commissioner be created. How does that impact on your role?

Dr Seebeck : My role specifically—

CHAIR: The DTA's role.

Dr Seebeck : I am interested in data in that a lot of digital is about the movement and use of data. I will let Mr Alexander speak about his area in a moment. We work very closely with the Department of the Prime Minister and Cabinet, who have carriage of a lot of that work. And as part of our proposals coming forward we work with agencies, who also have a lot to do with data—making sure data has the right provenance, security and so on.

CHAIR: But that is not within the remit of the DTA?

Dr Seebeck : Not in data policy terms and not in terms of the national data commissioner at the moment.

Mr Alexander : We work in two areas of data. But the policy responsibility and that response to the Productivity Commission was driven by the Department of the Prime Minister and Cabinet. We look after data.gov.au, the government's data-sharing website, where we have many datasets available. Also, in our platform delivery space, we are looking at how we use data to better serve the people and businesses of Australia. So we are doing work in those spaces but data policy is with the Department of the Prime Minister and Cabinet.

CHAIR: The title of your organisation, the Digital Transformation Agency, evokes the idea of a grand project, of something transformative. So when you talk about cyber policy living elsewhere, data policy living elsewhere, limited interactions with the Office of the Information Commissioner, limited interactions around agency compliance with privacy requirements and notification requirements for privacy breaches, I worry that your mandate is shrinking from the original mandate that was provided around digital transformation. Is it correct to say that the range of things the DTO was once tasked with has been significantly narrowed as the DTA's mission has been clarified?

Mr Brugeaud : I would say that the accountabilities of the DTA are actually broader than those of the original DTO. Given the recent machinery of government changes, the DTA now has accountability for a range of capability programs, entry level programs and mentoring. It also now has accountability for whole of government coordinated procurement—administration of existing panel arrangements to move to a more strategic and consolidated footing. Investment management and providing advice on these major programs is also an important role for the DTA. The traditional digital delivery, the platforms, and doing common things in common ways and providing those central platforms for government, are still within the set of accountabilities that sit with the DTA. So I would argue that the scope of the DTA is even broader than what it was under the DTO.

CHAIR: Perhaps the question is this: is the vision part of the piece anymore, or has that migrated elsewhere?

Mr Brugeaud : Sorry, I don't understand the question.

CHAIR: Fair enough. I'm trying to understand which part of government is doing the big thinking about a digital future. The scope of responsibilities you've described around procurement, recruitment, developing capability tools and mentoring arrangements are all practical responses to the vision for transformation, but I struggle to understand who is actually setting the vision now. We have a cyber centre and there is soon to be a data commissioner. We have an Information Commissioner and we have PM&C driving policy around data and Home Affairs driving policy around cyber. I just wonder whether these organisational arrangements can deliver a coordinated vision for digital transformation.

Dr Seebeck : One of the key elements of digital transformation as it was envisaged—and you can track this through the DTO to the DTA—is that focus on user centredness, which is traditionally not the way government has tended to operate. Making sure that the user is absolutely dead centre in terms of any work of any government department, of any proposal that comes forward, is part of that process. So one of the things that the DTA has been doing is developing roadmaps and user journeys. The idea behind that is to make sure that when a proposal comes forward, and when we track whether something has been successful, that occurs.

CHAIR: That sounds like one piece in a transformative agenda, though; it is about dealing with the service function of government, which is only one part of government's overall function, and it is about dealing with it in one particular way. Admittedly, it is a skill set that isn't prominent in government at the moment, but by its nature it doesn't seem to be a transformative contribution.

Dr Seebeck : I would tend to argue that it is actually quite a different mindset and it has actually driven that. If you go back to Sir Peter Gershon's work, a lot of that was about just project delivery and making sure that was done very well, efficiently and reliably. This is actually quite different inasmuch as it encourages and actually harnesses these of things that we have developed skill sets in, such as Agile, that design thinking. It has helped break projects down into sizeable chunks. It focuses on making sure you get value for money in the short term and you are not waiting six to 10 years for those outcomes to be realised. So I think in that sense it is actually changing the way government is doing ICT. By the time we add up saying 'Are you doing security by design, are you thinking of your people centredness, is it digital by design, cloud first and those sorts of things', you are starting to see those changes in how government is delivering services and doing that ICT function.

Mr Brugeaud : I might get Mr Alexander to briefly talk about some of these more strategic elements that the DTA is either delivering or coordinating.

Mr Alexander : Going to your question, and building on Dr Seebeck's point, we are absolutely focused on users of government services; that is kind of the mission of the Digital Transformation Agency. And it really is the mission of digital transformation to think about the end user of a particular service. That is the purpose of government—to serve the people of Australia, to serve the businesses of Australia, to defend Australia, to protect our borders or whatever it might be. I think we are bringing a way of thinking, in terms of the way we deliver, to solve those problems in the most effective way we can rather than the traditional way of solving them in a more efficient way—taking paper processes, making them electronic and building on those. So our strategic input and our engagement with agencies is to have them think about the way they are doing their business and to guide them, build their skills and partner with them. We are working on 15 initiatives across government at the moment—major reform programs, where we are helping agencies to do the way they do their business differently. And we are seeing significant transformation programs happening.

To build on Randall's earlier point about platforms: we are thinking about the way we deliver, duplication across agencies and how we make space for better transformative thinking by taking away some of the more operational business of government. Platforms around identity, around notifications—things we do in our service delivery space. Payments—regularly. How do we build those into a common platform so that agencies then can build excellence in their services and transform them to solve the problems of their users rather the problems of the structure of government? We are doing a lot of work in that space with all the big service delivery agencies and exemplars with lots of smaller agencies as well. So we're absolutely in that strategic space. That guides the work we do. We apply security as built-in practice. The way we use data and the way we apply privacy principles is absolutely core to that.

Senator PATERSON: Since it has been the topic of discussion, I want to focus briefly on the Gershon review before I move to other questions. What did the Gershon review have to say about cloud computing?

Mr Alexander : I can give you a view on that. I don't think the Gershon review had anything in particular to say about cloud computing. In 2007 and 2008, when it was done, cloud computing was absolutely in its infancy. What it talked about was efficiency. The concept of cloud computing is no different from the kinds of things Sir Peter Gershon was talking about: efficiency in operation and reducing duplication, and he talked a lot about common data centres.

Finance would tell you that the aim was to pull a billion dollars, I think was the number they used, out of the potential cost—cost avoided, I think was the term they used—to data centre spend by consolidating data centres. They brought in the data centre panel, which reduced the number of data centre suppliers, and aggregated demand to get a better deal for government. It had great success.

Senator PATERSON: Sure. I don't want to be unfair to Sir Peter, because it's a very fast-moving space and it's very hard to anticipate future changes. Perhaps that is a bit of a lesson, though—that as valuable an insight as it may have been, and I'm sure there are still some lessons that are broad to draw from it, the world's changed a lot since that report was handed down. Is that a fair statement?

Mr Alexander : It is a fair statement. I think that report, at the time, was focused on IT efficiency. I would say there's a really significant shift into where we are today. We're focused on digital, which is about solving the problems of users. Technology is absolutely an enabler for that and very important, but so is culture and process.

Senator PATERSON: Indeed.

Mr Alexander : I think those things are as important, if not more, in getting that effective and efficient service delivery and better outcomes. The challenge in any technology-led review is about principles and the market moving on and shifts and changes in the markets. I think that is the challenge. For it's time, it was a very significant and important report, but the world has moved on.

Senator PATERSON: I want to move onto the ICT procurement task force and the recommendations. Could someone give me an update of how DTA's going in ensuring those recommendations are implemented?

Dr Vlasic : Sure; it's my responsibility. We're eight months into the implementation of those recommendations. This financial year has been all about two things in particular. One is building the framework that will be enduring. That's gone out for public consultation and we're currently reviewing the feedback on it. We've had 30 responses on it. It talks about policies we want to put in place, guidelines, what sort of reporting you want and that sort of stuff. The second component was all about the quick wins, what we could do over the short term to get the ball rolling, for want of a better word. We introduced a new capped policy and implemented a couple of whole-of-government agreements with some suppliers and we're continuing to negotiate with some more. We're close to releasing an updated view on sourcing contracts, and the Ts and Cs and things, and what customers need to negotiate on and the like.

I'm really happy with the progress to date. The real trick over the next 12 months is to work out how, having booked the framework, to get really crunchy about the big things we need to change or the capabilities we're looking to develop.

Senator PATERSON: I'm particularly interested in how government is to deal with as a purchaser, from the perspective of a small business or a medium sized business. It's something we hear about a lot in our lives as senators. Can you give me a sense of whether these changes are going to improve that?

Dr Vlasic : Yes, we're hoping for it in a big way. I'll give you an example. The framework that's been put in place has a number of policies underneath it. One, in particular, is called the Fair Criteria Policy, which we're running an exemplar on at the moment. The intent of that is to exactly hit at the heart of how you make it fair. Take current panels, for example. They're large, they're hard to get on and they're hard to get off, so you've got to work out a way of addressing that.

Our view is that a combination of the Fair Criteria Policy, the Consider First Policy, which we're also thinking about, the Portfolio Panels Policy, which we're doing a review of, along with things like the digital marketplace, reviewing how we do panels, will make a big difference to the SME market.

Senator PATERSON: One piece of feedback I've had from an ICT provider to government—who I won't name because it's not necessary, nor to the department, but it's an illustrative example—is, he told me, that the tender process is often a pretty resource-intensive process; a lot has to go in. Government's a pretty demanding customer, from that point of view, which is fair enough—it's taxpayers' money—but often the decisions are made quite late for those services. For him, with his small business, he puts a lot of effort into a tender, he's gets the resources on the sidelines, waiting to be put in, and very late in the process he hears whether he's successful or not. And if he's not successful, it's quite a cost to his business. Is there a way in which this program's going to impact on those kinds of experiences?

Dr Vlasic : Yes. The way I would describe it is the marketplace is the opposite of that. It's something you'll find out about quickly et cetera. Panels is the opposite. So the challenge for the government is that you've got one solution, they've got the other, and you've got to work out how to do the stuff in between. That would make it a little easier in the middle. So what we've done is start to articulate it. We've got a list of 15 capabilities we think the Commonwealth needs for procurement. One of them is about simpler supplier engagement. This hits at the heart of it.

Senator PATERSON: Great. You mentioned the next steps on the capabilities that we're going to need. What are they, just briefly?

Dr Vlasic : The best way to describe it is there are five categories. There's one for the suppliers, one for the buyers, one for the contracts per se, one for process and one for people. You need to do all these things at the same time to make some real progress.

Senator PATERSON: Chair's gone quite strategic. I want to come down to some of the nuts and bolts, noting that the terms of reference of the committee include things like quality, reliability, value for money, project governance, and design and build of platforms, those sorts of topics. These overlay with some of the roles that you describe in your submission: oversee and advice on ICT and digital investment, transform ICT procurement, build Australian Public Service ICT and digital capability. It's in that context that I'll ask a few questions. In the road map that you're developing, is that where you'll place some of your views about procurement and management of the projects that various government departments are implementing or pursuing?

Dr Seebeck : The road maps, again, have that focus on users and user outcomes and so on. The idea, as mentioned before, is that they will generate a number of life journeys that people will go through and the touchpoints they have for government. The idea is to make those as lightweight as possible, and seamless and integrated as possible. The next layer down is when we start seeing the proposals coming through. We'll start looking at things like, in my area, whether the proposals are touching on all of these things, whether they're delivering on what we expect them to do, whether they're aligning with the digital transformation agenda and whether they're secure et cetera. Then an assurance officer goes in and says, 'How can we make sure that this is actually delivered in the best way it possibly can be to get those outcomes and to ensure that government gets value for money and that those benefits are realised?'

Typically, when the projects come forward, we encourage them to be tranched every one or two years or whatever it is, depending on the size of the project and the nature of the work. We would expect to see outcomes, benefits, realised at those particular points.

Senator PATRICK: But will you have a policy document that describes some of the lower level details of the expectations across government?

Dr Seebeck : Because we engage closely with a range of agencies, there is best practice across a number of different agencies. We encourage people to get together and share those lessons. Is there one standard way of doing things? Yes, there are agile methodologies and we have people in Mr Alexander's area who are able to assist departments do user design, user research and deliver projects in an agile manner. In terms of the standards and so on, we don't actually have a policy document as you are describing. Part of the reason, I find, is that if you get too specific about how people are going to do things—bearing in mind the field moves on, the technology is different and agencies are at different levels of capability—you end up with a compliance mentality. Once you hit that compliance mentality you run into the danger of it being a check-point exercise.

Mr Alexander : We do have one artefact that is very important in this space, which is our digital service standard. It is a set of 13 principles about how agencies deliver digital. It is from putting users first, thinking about users, to using open-standard software right through to being multichannelled. It's not just about online services and digital services. There are always other channels to consider, to reviewing what you've done, and a gamut of things in between about best practice in digital implementation. We have that but, to Dr Seebeck's point, it is not prescriptive in how you would implement it; it is principle based in the things you need to do. We absolutely assess agencies on that and engage with them and help them to deliver in that framework.

Senator PATRICK: So, for example, across a number of projects, you won't define what operating system the government might prefer across multiple systems. I'm talking about, perhaps, a large mainframe system or a large, not a desktop system but a—

Mr Alexander : That is a slightly different take. We are doing a platform strategy. We are working on a platform strategy, and the platform strategy absolutely will set out some whole-of-government platforms and capabilities which agencies would use for delivering a number of services. For example, with identity, there is the Tell Us Once capability—if someone changes address or someone dies and we want to share a notification. They tell the government once that that has happened and we share a notification—or payments. There'll be platforms where we do that. If your question is: if an agency is running a mainframe to deliver a particular type of service, and another agency that interacts with them is running another type of technology—x86 or a different type of infrastructure—do we say that they have to run the same? No, but what we say is they have to interoperate, and there has to be standardisation. We build to open standards so we can interoperate—share data in the systems. Could one agency run a mainframe for all agencies? That's something that would be explored in that platform strategy.

Senator PATRICK: For example, you might define an operating system, or you might simply say, 'You can use whatever operating system you like, but I want an extraction layer'—some middleware that isolates the operating system from the hardware. Sorry, normally the operating system is closely tied to the hardware—the operating system and the application software. So you would end up giving guidance at that sort of level. Where this comes to is that one of your responsibilities talks about building capability across the Public Service. You would understand, at an application level, if you can program without knowledge of the hardware platform, that means you can actually build that capability across the Public Service.

Mr Alexander : Absolutely.

Senator PATRICK: Do you have something that defines that they shall use middleware on major projects but they are free to do what they like on the hardware and from a software perspective?

Mr Alexander : We're actually doing work on that at the moment with an intent to deliver what we call a hosting strategy later this year. That strategy will set out a number of recommendations for government in exactly that space—hardware, middleware, infrastructure, comms.

CHAIR: May I clarify that that is different to the platform strategy?

Mr Alexander : Yes.

CHAIR: The timing target for the platform strategy is when?

Mr Alexander : The platform strategy is to be delivered later this year. The hosting strategy will also be delivered this year. One is about infrastructure and operation of infrastructure, network and comms, and the way they interoperate with applications, and the other is about whole-of-government services and duplicative technology practices.

Senator SINGH: Do you mean for this financial year?

Mr Alexander : This calendar year.

CHAIR: So anytime between now and Christmas?

Mr Alexander : The aim for the hosting strategy is for October. The aim for the platform strategy is set for November.

Senator PATRICK: That's good. I love getting dates from people of when to expect policy—and guidance notes to come. What about things like intellectual property? If you're subcontracting a provider to provide a service, I presume that the Commonwealth seeks to, in all circumstances, obtain the intellectual property and, indeed, the source code.

Mr Alexander : I can give you—this is really Anthony. That policy changed several years ago. There was a requirement for government to own intellectual property and source code. This is just a recollection—at least 10 years ago that changed so that government was not always required to own intellectual property, but it was part of a negotiation with contracts.

Senator PATRICK: You understand—the reason I say that is if you go to a vendor and they provide you with a capability, and you don't own the software and it's a long-term project, you are then bound to that particular user for upgrade and maintenance services.

Mr Alexander : The way we approach that is with the Digital Service Standard. Open standard is the key. We don't always insist on open-source software. There are examples of fantastic commercial software, but open standards that give you interoperability and the ability to shift are key.

Senator PATRICK: There is a difference between open standards and actually having the source code that you can then compile.

Mr Alexander : Absolutely.

Senator PATRICK: Internally, you would understand that if you have the source code—let's say Human Services are developing something internally. They'll have the source code. They'll have the compilers. They'll have the libraries. They'll have everything they require to change the software, compile it, develop and execute it, and, indeed, test it properly. I imagine across government a whole bunch of developments are taking place, and I wonder whether some departments are taking that sort of approach to develop that capability internally, and some are simply contracting out and obtaining no rights, intellectually, to the source code.

Dr Vlasic : I'm new to government, so I'm still going to struggle to talk about the details of government contracts. What I can tell you, though, having spent years in procurement, is that specifically in your situation—the big banks and the telcos have the same challenge and all own rights to their own software. What needs to be asked is whether they own the rights to the actual code—whether not the government's version of it but some generic version can effectively be sold on by the supplier, but you'll find there are always protections in a contract that allow continuity of service.

Senator PATRICK: There's always background IP, where someone may have some software, but in the case where the Commonwealth is developing its own service, one would expect that's all foreground IP and ought to be part of—the Commonwealth is paying for that software to be developed and would expect ownership. I think you worked for the ABS, whose census software was indeed developed by the Commonwealth. There were questions about royalties, for example, where the company was going to take that software, paid for by the taxpayer, potentially sell it overseas and hopefully get a royalty coming back, where there's a commonality across services.

Mr Alexander : In my experience of software that has been built either by or for the government, with a vendor, the government owns either the IP or, at worst, a right to the IP. We don't own IP for software where we are just a user, as any organisation would use it—email systems, for example. Even in some cases if we do small modifications in those utility systems, we probably don't own it. The data is the most important part in that. Where we can utility swap an email service for another one, the IP doesn't matter, but where government paid for and billed systems that do specific government services, we absolutely would own the IP.

Senator PATRICK: I might put some more questions on notice about that.

Senator SINGH: Your own report that goes into deliverables and performance measurements has in some of its targets—2.3.1 in particular suggests in this financial year a target to increase the number of Australian government entities providing services through or interfacing with myGov. Has that actually happened?

Mr Alexander : Yes, we've added member services to myGov this calendar year. The usage of myGov has grown this year. We have now 12.5 million active accounts on myGov. I think we have 13 services at the moment, and we're looking to build additional services and features. MyGov is also in a transition from the technology that's running it today to its integration with the new platform strategy. We're looking to change the way you authenticate yourself on myGov. We're looking to build in this 'Tell us once' service, and payment and notification utilities. We are looking to enhance and expand that service, but fundamentally myGov at its core is delivered by the Department of Human Services. We're the product owner; they deliver, and then a number of member services are provided by various agencies.

Senator SINGH: What are those increased member services?

Mr Alexander : Victorian government and Centrelink are the major member services we've added this year. The Commonwealth redress scheme is being added.

Senator SINGH: You also suggest in target 2.1.2 private and public beta phases for the digital identity platform and the Trusted Digital Identity Framework to be completed. Has that happened?

Mr Alexander : A private beta for the identity framework has been delivered. The Trusted Digital Identity Framework is in three phases. The first phase has been delivered, the second phase is at public consultation at the moment and the third phase will be delivered by the end of June.

CHAIR: When you say 'delivered', do you mean a public beta?

Mr Alexander : Delivered—they will be iterative frameworks that will evolve and grow. Release 1, which was the use of identity for digital services, is out and in operation. Release 2, which is the use of non-digital identities in a digital world, so to speak—how people who can't get a digital identity interact with government digitally and operate in this environment—is at public consultation, which is closing soon. We will take on board those comments and release that. The third iteration of that is 'acting on behalf of others', so authorisation—how does identity work with an individual acting on behalf of a business or another individual?—a common framework across government, because that works in a lot of disparate ways today. They are all being delivered.

Senator SINGH: One of your other targets is about developing a performance framework to measure whether myGov is delivering expected outcomes for users and member services. Are you on track to do that?

Mr Alexander : That has been delivered and done in cooperation with DHS and member services.

Senator SINGH: In the Sir Gershon report the chair started discussing the very first key finding was that there is weak governance of pan-governmental issues related to ICT. Is that currently the case?

Mr Alexander : My view is the governance of whole-of-government programs is generally good. The governance of the programs we work on across government—the platforms work, myGov, the hosting work—is strong. We have governance committees which oversee the general operation of the DTA, and we have subject- and program-specific governance. I would say the governance is generally strong. Delivering cultural and other change is still a challenge, but I think the governance is sound.

Senator SINGH: Mr Brugeaud?

Mr Brugeaud : I would agree.

CHAIR: We were really talking about project-level governance there. What are we governing? Are we governing a policy agenda, an agenda for transformation through changes to public sector behaviours, or are we talking about delivering technical projects?

Mr Alexander : They are programs and projects, and the transformation across those horizontal—identity, for example, has a multiagency governance looking at transforming the way individuals and business interact with government. That is a transformation agenda, but is it transforming the culture of the APS and the way we deliver? Absolutely not, but is it transforming that particular piece of work and the way the APS interacts with, authenticates, authorises and verifies individuals and businesses for services? Absolutely.

CHAIR: On that, are you doing any work with the APSC?

Mr Alexander : Yes. We have a particular program called Building Digital Capability, where we are working with the APSC on establishing primarily two things: (1) a set of learning design standards for the digital transformation of government, which will then be shared, published and available to service providers to assist government and sell training and development services to agencies to meet their needs; (2) leadership transformation, building educative material for senior executives through the various cohorts the APSC train, from secretaries down, as to the various digital skills they need to operate in this world.

Senator SINGH: The second finding he outlined, going on from that weak governance finding, was that agency governance mechanisms were weak in respect of their focus on ICT efficiency. He went on to talk about their understanding of organisational capability to commission, manage and realise benefits from ICT enabled projects. How would you outline agency governance mechanisms at the moment?

Dr Seebeck : This is one of the things I look at in each of these projects. As a result of the Gershon report, with the implementation of things like the P3M3 mechanisms and so on that he recommended, we have seen a major uplift in governance at the agency level since that time. A number of them have quite strong mechanisms. They're reporting, in many cases, up to the executive senior level boards, particularly for the major projects. In some cases—again, picking up on the chair's earlier comment about transformation—they're often using the transformative effect of these projects on their own agencies as well and putting in governance mechanisms around that to pick up capabilities, culture and so on.

Mr Brugeaud : It created some discipline where agencies across government were reporting as part of the Gershon recommendation to capture information and then benchmark, and allowed them to understand where they sat for a given expenditure line item with their peers, which was very instructive for agencies in reducing cost.

CHAIR: I have a hard deadline, which means we need to conclude on time. Thank you very much for spending time with us this afternoon. Thank you also to fellow senators and to Hansard.

Committee adjourned at 16 : 11