Public sector IT is all plans, no progress, says ex-DWP CDIO

Short-term planning leads to long-term pain

Public sector IT knows it needs to change, but something always seems to get in the way.

The government is on a mission to revolutionise the public sector’s approach to digital and AI, but change at that scale is no easy process.

“The organisations across [the] public sector all understand that they need to change,” says ex-DWP boss Richard Corbridge, “but something always seems to get in the way when you're nearly there.”

Richard has plenty of experience across the public and private sectors. He’s held C-level positions across the NHS and Irish health service, led IT at Boots and was CDIO at the Department for Work and Pensions until December last year. He now works as CIO at a FTSE30 firm.

The public sector IT conundrum – accepting the need for change versus actually accomplishing it – isn’t about appetite, but understanding; specifically, “[the understanding of] how do you go from a great idea with lots of people talking eloquently about it, to actually making the difference on the front line?”

The necessity of risk

Big government departments “have struggled to make digital change at pace,” because they’re forced into short-termism.

“They think, ‘If I go down the digital route, it's going to take me until 12 months from now before it lands; but actually, I can go and start recruiting a few thousand people to come and help me solve that problem [now]...

“They often use the Daily Mail front page test - that gets wheeled out, and it can be quite frustrating to hear. It's like, ‘OK, but we're in trouble, we've got a burning platform, we can't deliver at the speed we need to.’”

Risk appetite is minimal in the public sector, for obvious reasons, but this approach means many departments are “struggling an awful lot.”

While a private business might not suffer much from its servers being down for an hour or two, the NHS or DWP are a completely different story. Still, Richard believes the public sector needs a controlled approach to risk to break the cycle.

“There are ways to guard against catastrophic risk through testing and learning carefully, business engagement, product mindset-type stuff - means you can try and test.”

Lack of agility is increasing risk

Building in small, consumable increments instead of a single big launch is a key practice for modern IT teams – in the private sector. But agility is still seen as "really difficult” in the public sector.

“I remember being in the Republic of Ireland and the Minister of Health turning to me and saying ‘Right, we’ve started the transformation of the Health Service now, when will it be finished?’ And I turned around to him and said, ‘No, once you've started it, it doesn't finish.’”

That attitude is “endemic” across the sector, where non-IT staff think a project is finished for good when it’s signed off. That opens up its own risks, though.

"It's not a ‘done once and come back in 30 years’ - if you do it like that then you bring a load of legacy risk into the systems that are there and deployed, and it becomes very, very expensive when you start again further down the line.”

That’s not the fault of the people working in the sector, but of heavy restrictions on their spending. As Richard says, “If you're in an organisation that requires two years' worth of business case writing to be able to invest...then the world is going to be slow.”

The power of partnerships

Public sector leaders are fully aware of their weaknesses like the lack of agility, and continue to take steps to compensate. The space, says Richard, is “becoming more mature in how it partners [with the private sector].”

“Some of that's down to the professionalisation of the actual roles themselves; and partners have got better at working out how to be with public sector.”

The other part is that public sector CIOs and other leaders are improving their networking capability and now find it easier to win the time to attend external events (like Computing’s upcoming Cybersecurity Festival), where they can meet and learn from their peers in private industry.

“There's a lot to be said for sharing experiences and lessons learnt across the two types of organisations,” says Richard.

The public sector has long been an IT behemoth, but that inertia is down to a combination of a low risk appetite and complex legacy systems, rather than a lack of ambition. If leaders can embrace managed risk and continue to learn from partners and private sector colleagues, they stand a good chance of closing that gap.

Click here to find out more about Computing’s Cybersecurity Festival in May, or here to learn about the IT Leaders Summit in September.

Are you a standout in UK IT? Computing’s IT Leaders 100 names, recognises and honours the most influential and inspiring people shaping the sector, and it’s open for entries from all end-user IT leaders now.

Whether you’ve spearheaded major change, tackled complex security threats or built a team that delivers real results, we want to hear your story. Click here to enter before 30th April – for free.