Part 5: Co-ordinating Information Systems
- Key Findings
- Recommendation
- Introduction
- The Core Criminal Justice Information Systems
- The Justice Sector Information Strategy
- Integrating Information Technology Systems
- Sharing Data Across the Sector
Key Findings
5.1
Developed in 1996, the Justice Sector Information Strategy (JSIS) was due for review. An updated strategy was approved in 2003 for 2003- 2006.
5.2
Overall responsibility for the new Justice Sector Information Strategy rests with the Chief Executives Forum. This arrangement should help improve collaboration between the agencies, enhance monitoring of information technology development, and clarify accountabilities.
5.3
The Justice Sector Information Strategy is founded on a number of agreed standards and principles that provide a framework for the use and exchange of information. Arrangements are in place for sharing data within the sector – subject to the constraints of privacy legislation.
Recommendation
5.4
The justice sector Chief Executives Forum and the Ministry should work to give effect to their responsibilities under the Justice Information Strategy 2003-2006. A key role for the Ministry should be to oversee the status of information technology systems in the sector, and evaluate sector-wide impacts of any planned changes, ensuring that information systems meet both the purposes of individual agencies and the needs of other users of those systems.
Introduction
5.5
Knowledge is both a vital corporate asset for individual organisations, and a key ingredient for the success of those networks within which such organisations must operate. Knowledge management is about creating systems that enable organisations – and the networks or sectors to which they belong – to perform their business processes better and more efficiently by sharing information of value.
5.6
Any knowledge management strategy must focus on the quality of information and the timeliness of information delivery, and should have three key components:
- the right knowledge streams and sources feeding into the organisation;
- the right technology to store and communicate that knowledge; and
- the right workplace culture so staff make use of that knowledge.
5.7
Underpinning any effective knowledge management strategy is a well-organised information system (increasingly supported by modern technology) that provides the basis for informed decision-making, control and co-ordination, innovation, learning, and best practice.
5.8
Justice sector information comes in many forms and is used in different ways by many people and organisations. Timely, accurate and relevant information is essential for a well-co-ordinated criminal justice system. The effectiveness of the criminal justice system and the results it generates depend heavily on the exchange of appropriate information among the agencies.
5.9
In examining management of information technology collaboration across the criminal justice system, we referred to our report of April 2000 on the governance and oversight of large information technology projects in the public sector.9 In particular, we had regard to the requirements for:
- effective arrangements for monitoring and oversight, as a critical dimension of good governance; and
- project planning, focused on identifying system impacts and mitigating risks.
5.10
In this Part we:
- describe briefly the information systems used by each of the core criminal justice agencies;
- examine the justice sector’s information strategy;
- evaluate arrangements for leadership, co-ordination and integration of agency information technology systems, as part of good governance; and
- assess what arrangements have been established to enable agencies to share data.
The Core Criminal Justice Information Systems
5.11
For some twenty years the Law Enforcement System (LES) has been the main source of information for criminal justice agencies. However, this system is now outdated, increasingly inflexible, expensive to maintain, and unsuited to agency business requirements. For these reasons, most operational justice sector agencies have been progressively moving to more modern technology:
- The Department of Corrections built its Integrated Offender Management System (IOMS) and moved off LES in June 1999.
- The Department for Courts is progressively moving off LES. Its fines management system, COLLECT, was completed in 2002, and its Case Management System (CMS) is being piloted throughout 2003.
- The Police plan a phased, modular replacement of LES and its interfaces with other justice sector agencies over the period 2002 to 2005.
5.12
The basic data flows between the agencies are set out in Figure 4 below.
Figure 4
Data Flows Between Justice Sector Agencies
5.13
The Ministry is developing a “data warehouse” for the storage and analysis of justice sector data, designed to:
- provide the Ministry with the data it needs to support the research necessary for it to perform its strategic leadership role in the justice sector and wider social sector;
- store up-to-date information for use in developing policy and purchase advice for the sector;
- enable agencies to quickly and accurately measure the impact of policy changes;
- detect emerging trends in order to develop timely policy responses;
- produce efficient and accurate statistical tables, reports and forecasts; and
- serve as an information archive for the sector.
5.14
The data warehouse project has been divided into two stages. The first stage has been completed but stage two cannot be completed until CMS has been rolled out as the data warehouse is reliant upon that system for its data.
The Justice Sector Information Strategy
5.15
Although they are independent, each criminal justice agency must rely on the others to move offenders through the system. For this partnership to work, all agencies must gather, use and share information to meet not only their own needs but also those of other agencies with whom they are working. Agency systems need to be linked through an agreed sector strategy, facilitating timely and useful sharing of information.
5.16
The sector strategy is known as the Justice Sector Information Strategy (JSIS).10 This strategy was developed in 1996 to:
. . . enable information collected by one agency to be shared with others in a cost effective and efficient manner while at the same time respecting privacy and confidentiality.
5.17
The strategy is founded on a number of agreed standards and principles that provide a framework for the use and exchange of information. The JSIS was designed to enable departments to develop and operate computer systems and manage data to meet their own needs, while applying common data definitions and communication protocols to ensure that each agency system can communicate with other systems, and that data items are comparable.
Review of the Justice Sector Information Strategy
5.18
A review commissioned by the Ministry in 2000 found that the central elements of JSIS approved by Cabinet in July 1996 had been implemented and were broadly supported throughout the sector, but that the strategy needed to be revised to meet the changing needs of sector agencies. As a result of the review, the Justice Sector Information Committee recommended that the strategy be updated.
5.19
A revised strategy was released in 2003. The vision of the strategy is to:
Enhance safer communities and a fairer and more effective justice system through creating and sharing high quality criminal justice information.
5.20
This vision is supported by four goals that reflect the sector’s immediate needs and provide direction for future development:
- there will be an authoritative base of justice information;
- there will be information and knowledge sharing across the sector;
- there will be justice information available through a choice of channels; and
- there will be efficient processes for managing information and information-related initiatives.
5.21
These are further supported by a series of high-level project plans.
Good Governance: Leadership, Co-ordination and Integration
5.22
Clearly assigned roles and responsibilities, along with arrangements for oversight and monitoring, are critical to good governance of sector strategy development.
5.23
The Ministry has adopted the role of leading the development of the strategy but it has no formal mandate to do so. It has no authority to require agencies to share information about information technology projects that have impacts on the whole sector.
5.24
Because of its lead role, central agencies sometimes ask the Ministry to provide advice on interdependencies and information technology interfaces, and the implications of technology developments for agencies in the sector. These requests can put the Ministry in a difficult position, given that its formal role does not extend beyond providing independent advice on agency proposals for new information technology investment in association with specific policy or legislative initiatives. In its role as currently defined, the Ministry has a limited ability to evaluate sector-wide impacts of information technology developments, and provide an adequate level of advice and assurance to Ministers.
5.25
As part of the review of JSIS, a considerable amount of work was undertaken on the sector’s governance arrangements for information and technology. The governance structure for justice information and information technology is based on the recommendations of the Review of the Centre for a mandated network.
5.26
The purpose of the network is to:
- mitigate risk in the sector;
- ensure buy-in and clarity around accountabilities and responsibilities;
- facilitate cross-sector assessments of the costs and risks of information strategies for the sector as a whole, and the feasibility of proposals to mitigate the risks; and
- ensure transparent governance of the sector’s information strategy and information technology initiatives.
5.27
Overall responsibility for the strategy rests with the Chief Executives Forum.
5.28
The new governance arrangements require each agency to take collective responsibility for the implementation of JSIS. This is to be reflected in each agency’s strategic plan. The JSIC has been retained, with representation from at least one General Manager from each of the core criminal justice agencies.
Integrating Information Technology Systems
5.29
Systems integration is critical for a well-functioning sector. The criminal justice agencies rely on access to information held across the sector to carry out their many policy and operational activities. We expected that information systems across the sector would be integrated to reflect these relationships between the different agencies.
5.30
The decision to move from using LES to more modern technology has led agencies to build complex information technology systems that meet their own business needs, but also allow for the exchange of information across the sector. This development has given rise to a series of large information technology projects.
5.31
Other major influences on information technology development are government policy and legislative change. The policy development processes leading to the passing of the Sentencing and Parole legislation in May 2002 illustrated the importance of:
- governance arrangements which enable the stakeholders to carry out the necessary project planning and monitoring; and
- analysis and planning to manage the implications of policy change for information technology requirements in individual agencies and across the sector.
5.32
The case study (see Part Seven on pages 77-101) contains important messages about governance and project management, and about the relationship between policy development and the development of information technology systems needed to implement that policy development across the sector. Those messages are also relevant to all other agencies that may need to consider the impacts of policy changes on their own information systems and the interfaces with the systems of other agencies.
The Sentencing and Parole Legislation
5.33
The passage of the Sentencing Act 2002 and the Parole Act 2002 significantly reformed New Zealand’s criminal justice law in the area of sentencing and parole. The policy changes that led to the reform of these Acts had major operational impacts for a number of agencies that needed to be addressed within a tight timeframe.
It Was Some Time Before the Necessary Governance Arrangements Were Put In Place
5.34
The proposed legislation reflected changes to criminal justice policy that, in turn, demanded major modifications to information technology systems, so that offender and other information could be shared across the sector. These changes affected all three of the operational agencies to a lesser or greater extent, but the Department for Courts and the Department of Corrections in particular faced urgent deadlines to design fundamental changes to their information technology infrastructure. In-house systems in these two agencies were under development at the time, creating additional difficulties in adapting systems and interfaces.
5.35
Rather than being put in place from the outset, governance arrangements – such as groups to monitor and co-ordinate work programmes, manage risk, and provide senior management oversight through sector Chief Executives – were developed as the policy project progressed. It was some 18 months from the outset of the project early in 2000, for example, before the Implementation Overview Group – a key mechanism for co-ordinating inter-agency consultation on policy issues – was formed. A group co-ordinating inter-agency consideration of information technology issues associated with the proposed policy changes was established only late in 2001.
Project Planning Was Weak
5.36
Only one of the core criminal justice agencies carried out comprehensive project planning for their own tasks, and no project plan was drawn up for the work they had to carry out as a group. As a result, monitoring systems were not in place to provide all stakeholders with ongoing assurance that critical deadlines were being met. In particular, adequate time needed to be allowed for the completion of key tasks, such as changes to information technology infrastructure and interfaces for the sharing of data between agencies. And without agreed milestones, protocols for sharing information, monitoring progress and task completion, risk management strategies and contingency plans, the agencies were poorly prepared to respond quickly and effectively when circumstances changed.
5.37
There was also insufficient recognition that policy development and information technology were inextricably linked – putting at risk achievement of the Government’s legislative timeframe. The policy development process evolved as decisions were sought from Ministers over a number of months. Information technology developers had to keep pace with these evolving requirements. Moreover, the potential for changes to policy and the proposed legislation through decisionmaking processes in Government, drafting and Select Committee examination gave developers no certainty.
The Department for Courts’ Case Management System
5.38
The Sentencing and Parole legislation was enacted later than initially planned. One factor responsible for this delay was the requirement to complete the Department for Courts’ Case Management System (CMS), and design the necessary interfaces with other agency systems.
5.39
The difficulties in completing CMS illustrate the vital dependencies in information management within the sector, and the importance of managing those dependencies in the interests of an effective system.
5.40
CMS is designed to enable agencies to actively manage their cases. Work began on CMS in May 2001, with a scheduled completion date of July 2002. This date was revised to October 2002, with an independent review commissioned by the Chief Executive of the Department for Courts in August 2002. The review team recommended arrangements to improve project control, relationship management and quality assurance.
5.41
As a result of the review, a strengthened Project Control Group was established in September 2002. The group meets weekly, has three external members, and the central agencies are regularly kept informed of progress. In addition, the Ministry chairs a regular meeting to update justice sector agencies, and there are regular meetings between CMS project staff, and staff on relevant projects in each of the dependent justice sector agencies.
5.42
The Department for Courts took the view that it should ensure that concerns about the readiness of CMS were well founded before raising them with other agencies. Our assessment of the process suggests that it would have been more appropriate for the Department to have alerted the sector much earlier that CMS would not be ready to meet the 1 July 2002 deadline.
5.43
Analysis of the chain of events suggests that senior management within the Department for Courts was not aware of (or was not willing to accept and disclose outside the Department) the likely extent and impact of risks associated with the project. Such risks should have been disclosed to the other sector agencies much earlier.
5.44
In October 2002, the Police, the Ministry, and the Department of Corrections indicated that they expected to incur additional capital and operating costs totalling $0.764 million (GST-exclusive) as a direct result of delays in implementing CMS.11 These agencies were expected, in the first instance, to absorb these costs within their current baseline.
5.45
In November 2002, Cabinet agreed to an additional estimated capital cost to complete the CMS project of up to $13.477 million (GST-exclusive) in 2002-03 and 2003-04, to be funded through a combination of cash reserves and capital contribution.
5.46
At the time of writing, CMS was being rolled out in phases. This is now due to be completed by 6 October 2003.
Sharing Data Across the Sector
5.47
The justice sector requires shared access to data in order to deliver services in the most effective and efficient manner possible – having regard to considerations of privacy, confidentiality and sensitivity.
5.48
Such data must also be robust, accurate and consistent. These qualities are necessary to provide users with the confidence they need to make sound policy and business decisions.
5.49
We examined:
- arrangements for agencies to share data; and
- the use of common definitions and standards necessary for data to be useable and reliable.
5.50
Information about the activities of the criminal justice system is used for a variety of purposes, including day-to-day operations, research, and policy development. All agencies in the sector should be able to readily interpret and analyse this information on the basis of agreed assumptions, and common definitions and standards.
How is Data Shared?
5.51
Over the years Parliament has passed legislation governing the sharing of data between agencies. The Fifth Schedule to the Privacy Act 1993 specifies what information may be shared by government agencies. In relation to information about prison inmates and other law enforcement information, particular pieces of legislation – such as the Penal Institutions Act 1954 – authorise or prohibit the sharing of information subject to certain conditions.
5.52
Data sharing arrangements between criminal justice agencies are commonly contained in protocols or Memoranda of Understanding. For example, the Police and the Department of Corrections have signed a Memorandum of Understanding for the development of electronic interfaces. This document provides a useful framework for collaboration between the two agencies for the purpose of sharing data, recording the agreement of the two agencies to:
- principles, protocols and standards;
- methodology, and management of interface projects; and
- roles and responsibilities of key agency personnel.
5.53
Other protocols or Memoranda of Understanding exist between other sector agencies.
5.54
The criminal justice agencies face some constraints on their ability to gain access to data for operational purposes and for policy development, and are taking steps to address such problems where they arise. Operational requirements may include being able to enforce sentences or have access to the criminal histories of repeat offenders. The review of arrangements for sharing access to the data necessary to implement Government policy is an ongoing process, and is likely to involve detailed negotiation, consultation, and legislative change.
Common Definitions and Standards
5.55
Under the JSIS, four working groups have been established, based around the information goals of the strategy (see paragraph 5.20 on page 59):
- The information quality working group will ensure that there is an authoritative base of justice information to meet operational needs, inform policy, provide statistical information, and measure sector outcomes.
- The information and knowledge management working group will ensure that information and knowledge sharing occurs across the sector to meet operational needs and gain efficiencies through collaboration on specific initiatives and sharing information and learning.
- The information access working group will ensure that appropriate justice information is available through a choice of channels to allow improved information to members of the public and improved service delivery.
- The information technology working group will ensure that there are efficient processes for securely managing, accessing and exchanging information within the sector. It will also define the approach and standards for information systems related initiatives.
9: Governance and Oversight of Large Information Technology Projects, April 2000, Report of the Controller and Auditor-General, ISBN 0-477-02862-4.
10: The 1996 version was entitled Justice Sector Information Strategy, but the 2003 version title was Justice Information Strategy. In this report, we have used the longer title and the abbreviation JSIS to cover both, in line with usage by the criminal justice agencies.
11: These additional costs include only the costs of the delays from December 2002 until June 2003.
page top