Government spending watchdog voices concern over coalition IT strategy

Public Accounts Committee says IT strategy neglects cyber security and lacks success indicators

The government's new IT strategy is under attack for failing to set a baseline to enable its success to be judged and largely ignoring cyber security.

The criticism is from from the Commons Public Accounts Committee whose chair Margaret Hodge warned: "Simply listing actions to be achieved within two years is not good enough."

She said that the implementation plan, to be published later this summer, "must include clear indicators that can be used by this Committee to evaluate the success of the strategy and whether it is delivering good value for money".

She spoke out following publication of her committee's report which welcomed "the direction and principles" of the IT strategy but warned this was not the first time a government has set out to deliver better IT outcomes for citizens and businesses and promised large-scale reductions in operating costs from using IT.

The report said: "Success will depend on greater rates of adoption of technology, and a cultural shift to encourage genuinely different ways of working in the civil service that will stimulate behaviour change by suppliers."

MPs, with an eye on the hundreds of millions of pounds spent on the NHS computer system, FiReControl – the project to replace 46 fire and rescue services' local control rooms with nine purpose-built regional control rooms – and the farmers' Single Payments System, regard the strategy, with some 30 actions required within two years, as "ambitious", adding: "It lacks quantitative targets, or a baseline of current performance, which will make it difficult to measure success.

"We look forward to the publication of the implementation plan in August 2011, which we expect will include milestones on which we can hold government to account."

The government's intention is to increase the powers of the Efficiency and Reform Group (ERG) to insist on shorter, more iterative projects that take no more than three years to complete.

It will be able to step in and micro-manage a department's project if required, promote greater input from smaller business suppliers, and require a focus on designing services around the customer.

The report also warns of MPs' "serious concerns" about lack of detail about cyber security consequent on greater use of the internet to access government services.

MPs are worried ERG has "only a small team of experts to keep on top of 50 major projects" and lacks information about IT and cyber security expertise within the Civil Service.

Only four chief information officers are on departmental boards, at Work and Pensions, HM Revenue & Customs, the Office for National Statistics and the Driver Vehicle Licensing Agency.