Offender Management System Modernization (OMS-M)

Phase 1 Findings
Correctional Service Canada: Internal Audit and Evaluation Sector
July 7, 2022

Section I Executive Summary

Overall Audit Objective

The objective of this multi-phased audit approach is to provide assurance that the management control framework in place for the Offender Management System Modernization (OMS-M) Project ensures successful achievement of its planned outputs and intended outcomes, while completing the project on time, on budget, and in accordance with specifications. The audit is further broken down into three sub-objectives related to the following topics:

  1. Project Governance and Planning
  2. Project Management
  3. System Development Life Cycle (SDLC)

Audit Conclusion for Phase 1

OMS-M is CSC’s largest initiative designed to transform all facets of CSC’s offender management practices for decades to come. The audit team found that CSC partially met the objective for this audit phase. A solid foundation is in place to deliver the project, but areas of improvement remain to improve governance and planning and ensure the project can be delivered on time.

Key strengths noted in the delivery approach so far included:

  • An agile procurement approach to work collaboratively with industry to determine how best to implement required OMS-M business capabilities
  • A clear focus on data governance and data integrity through the Data Foundations project to support OMS-M
  • A governance structure with clear roles and responsibilities
  • An approach to engage stakeholders and manage the significant organizational changes that will come with OMS-M
  • A clear focus on benefits realization through the planned creation of a Value Management Office (VMO)
  • A project team that is working diligently to meet objectives despite staffing challenges.

No major deficiencies were found based on where the project is at in its lifecycle. The following slides provides conclusions by audit criteria, as well as recommendations to address areas for improvement.

Summary of Conclusion by Criteria

  1. Project Governance and Planning
    1. Governance: results partially met. CSC has governance bodies in place, but improvements are needed to ensure adequate focus and attention on OMS-M, and that all stakeholders are formally included.
    2. Organizational Change Management: criterion met. CSC has commenced change management planning and activities and engaged stakeholders through committees and working groups. More activities are planned in 2021-22 during the prototyping stage.
    3. Planning: results partially met. OMS-M is well aligned to departmental goals but reporting of dependencies with other projects could be improved.
    4. Performance Measurement: criterion met. CSC has developed expected outcomes for the project and preliminary performance measures. More comprehensive planning for how benefits will be realized and tracked will be done in the upcoming phases of the project. CSC plans to set up a VMO to lead this work.
  2. Project Management
    1. PM Processes: results partially met. Key project management mechanisms are in place; however, improvements can be made to update project artefacts and ensure alignment between departmental Project Management (PM) methodology and the agile direction taken by CSC for the OMS-M procurement.
    2. Project Human Resources: results partially met. CSC is operating within a fixed budget for OMS-M, and the project has experienced staffing and resourcing challenges to date. Some key positions have yet to be filled.
    3. Risks and Issues Management: results partially met. Risks and issues are tracked, managed, and reported to committees. More consistent and formal risk reporting and greater oversight committee involvement in the approval of risk responses would be beneficial.
    4. Procurement: results partially met. CSC has adopted an agile procurement approach which is appropriate for OMS-M and consistent with best practices in digital procurement. CSC should develop a comprehensive procurement plan, validate the plan with Public Services and Procurement Canada (PSPC), and present the plan to oversight committees for endorsement.
  3. System Development Lifecycle (SDLC)
    1. Business requirements: criterion met. Initial business requirements have been collected; CSC should formalize a plan for SDLC activities and deliverables going forward.

Summary of Recommendations

Audit Objective: Project Governance and Planning

To provide assurance that CSC has implemented an effective project governance framework that includes accountability, roles, responsibilities, change management, strategic planning, alignment with interdependent projects (e.g. Data Foundation Project), and performance measurement.

Recommendations:

  1. Meetings dedicated to OMS-M should be implemented so that issues and risks that need executive input can get the attention needed
  2. Provide an information session to committee members highlighting the lessons learned from other similar transformation initiatives across government
  3. CSC should ensure that the OMS-M governance structure has clear visibility of OMS-M dependencies on other projects and related risks and issues

Audit Objective: Project Management

To provide assurance that CSC has implemented effective project management practices that includes project management monitoring & reporting (i.e. scope, time, budget, and quality management), project human resources, risks & issues management, and procurement management.

Recommendations:

  1. CSC should review its Project Management Framework (PMF) to ensure it is flexible and aligned with agile development practices if those practices are to be adopted by OMS-M. This activity should be completed prior to the development and execution phase of the project
  2. CSC should evaluate its ability to meet its staffing needs within the existing budget in the event of minor to moderate additional delays in the project schedule; and given the activities of the team are expected to intensify in 2021-22, preparatory steps should be taken to avoid a staffing crunch during the critical phases of the procurement leading up to Gate 3 and the selection of a preferred vendor.
  3. Reporting  of significant risks and issues should be a regular standing item to governance committees, with mitigation options presented for discussion and approval purposes
  4. CSC should consult with PSPC in the development of its procurement plan and ensure that there is alignment between the procurement plans of both departments before the CSC plan is submitted for approval by Information Management/Information Technology Transformation Committee (IMIT TCOM).

Audit Objective: System Development Lifecycle (SDLC)

To provide assurance that CSC has implement effective system development lifecycle methodology that includes business requirements, design, development, testing, implementation and rollout, transition to operations, and security/privacy/internal controls.

No recommendations.

Section II Background

  • The current Offender Management System (OMS) is a mission critical system used to manage information on over 100,000 past and current offenders and has over 15,000 user accounts
  • Current OMS is an aging legacy solution that is unable to support modern offender management practices and the evolution of business intelligence and predictive analytics to support better management decision making
  • The goal of modernization is to transform all existing OMS functionality to a newer more cost effective and agile technology platform
  • The OMS Modernization (OMS-M) Project is currently expected to be completed in 2027 [REDACTED]
  • The OMS-M project is using a hybrid (waterfall / agile) system development approach to implement 18 business capabilities over 4stages.  This includes using a 5-stage agile procurement process to enable close consultation with industry during the contracting process
    • CSC to date has engaged potential solution providers through a Request for Information process followed by a series of one-on-one sessions to better understand the capabilities in the marketplace
    • Currently a Request for Proposals (RFP) is being finalized to solicit bids and select top ranked solution providers for the prototype stage
    • The main goal of the prototype stage is to confirm the  alignment of product capabilities with CSC needs and minimize the customization required by focusing on capabilities that are a strong fit for solution provider products
  • The Data Foundations Project has been identified by CSC as a key dependency and needs to be substantively completed by the time OMS-M enters Stage 2 in mid-2022
    • The Data Foundations project will establish a national, highly available data architecture to allow the legacy systems to co-exist alongside new components of the OMS-M project during the implementation stages
    • Initially the Data Foundations project was to be completed by March 2021.  It is currently expected to be completed  in March 2023

Section III Purpose, Approach and Scope

  • The purpose of this project is to conduct an audit of the areas identified in the work plan for the multiphase System Under Development (SUD) Audit of the OMS-M Project.
  • The Audit Execution phase was conducted up to August 31, 2021
  • The scope of the audit for phase 1 includes a review of 9 areas broken down as follows:
    • Project Governance –4 areas (Governance; Organizational Change Management; Planning (which also includes how dependencies with the Data Foundations Project are Managed); Performance Measurement)
    • Project Management –4 areas (Project Management Processes; Project Human Resources; Risks and Issues; Procurement)
    • System Development Lifecycle –1 area (Business Requirements) 
  • The audit included updating the risk assessment that was performed in November 2020 for the work plan, review of key documentation (e.g. status reports, dashboards, latest OMS-M artefacts), and interviews with the OMS-M team, contracted support,  OMS-M business lead, IMS leadership, and executive members involved in the governance of OMS-M
  • The work and findings from independent reviews were leveraged to maximize the benefits of the audit

Section IV Current Oversight Activities

Gartner Risk Report and Benchmark –May 2021

The purpose of Gartner Report was to identify and report on risks associated with the OMS-M initiative and recommend risk mitigation activities.  The risk assessment considered program management controls and performance against industry standards and best practices.

Comparison of Gartner and Samson Assessment Areas

Gartner Assessment Areas Related Samson Assessment Areas

Strategy and Leadership
Project Controls
Solution Development & Implementation
Foundational
Data Management
Business Change

Project Governance and Planning
Project Management
System Development Lifecycle (SDLC)
Project Management
System Development Lifecycle (SDLC)
Project Governance and Planning

Section V Findings and Recommendations

Findings: Governance

1.1 Criterion -Effective and adequate governance structures are in place to provide oversight of the project

Strengths Noted

  • Formal governance structures exists with clear roles and responsibilities, and representation from all key areas of the department
  • Currently two senior executives are responsible for OMS-M.  The Executive Project Sponsor is the Senior Deputy Commissioner (SDC), and the Project Authority is the Assistant Commissioner Correctional Operations and Programs (ACCOP)

Challenges and opportunities for improvement

  • It is unclear how issues discussed at bilateral meetings between the DG OMS-M, the SDC and ACCOP are brought forward through TCOM which is the main decision-making committee for OMS-M
  • [REDACTED]
  • There are some concerns expressed at the executive level that not enough time and focus is placed on OMS-M given the importance of OMS-M, and that existing committees have department wide project responsibilities
  • Orientation and Training has not been provided to Committee Members on lessons learned from other large Government Transformation initiatives and underlying risks

Impact

  • Not having a committee dedicated to OMS-M could impact speed and quality of project decisions
  • As a result of the bilateral meetings, not all members of TCOM have the same level of knowledge and understanding of OMS-M discussions.  This can lead to a lack of engagement by the less informed members of the committee
  • If committee members are not briefed on risks related to large transformation initiatives, there is an increased risk that they will not be able to fully play their oversight and challenge role considering that most would not have been exposed to a transformation initiative of the magnitude and complexity as OMS-M

Recommendations

  1. Meetings dedicated to OMS-M should be implemented so that issues and risks that need executive input can get the attention needed
  2. Provide an information session to committee members highlighting the lessons learned from other similarities transformation initiatives across government

Findings: Organizational Change Management

1.2 Criterion –CSC is appropriately managing organizational readiness

Strengths noted

  • In spring 2021 a high-level Modernization Engagement Approach was presented to ACCOP.  It includes the creation of a Leadership Technology Network made up of regional and NHQ representatives to help guide how OMS-M improves existing business requirements
  • More detailed Organizational Change Management plans are intended to be developed and formally approved in 2021-22  along with the Overall Change Management plan due to be completed in December 2021
  • CSC has recently set up a Regional Offender Management Engagement Team (ROME) to provide input from operational subject matter experts from across the department

Other Considerations

  • The scope and level of change required for the transformation is still to be determined and the degree and nature of change could vary considerably depending on the sourcing and development approach chosen
  • No recommendations are issued at this point.  Change management activities were adequate for this stage of the OMS-M project. As the various plans continue to evolve, CSC should continue to focus on fostering buy-in across the department through regular communication about the initiative and through stakeholder involvement in OMS-M working groups and committees

Findings: Planning

1.3 Criterion –Project planning is well aligned with CSC’s strategic priorities and provides adequate alignment with interdependent projects (e.g. Data Foundation Project)

Strength noted

  • OMS-M is managed as a project through oversight from CSC Committees and Treasury Board’s Enterprise Project Oversight Committee. OMS-M is aligned with CSC’s departmental plans and priorities and was endorsed by the GC Enterprise Architecture Review Board. The current OMS-M project manager has a role in the Data Foundations project which enhances coordination and management of dependencies

Challenges and opportunities for improvement

  • There are a number of projects that have dependencies with OMS-M of which the most significant one is the Data Foundations project; however, there have been no presentations on the status of the Data Foundations project to various oversight committees in the last six months
  • [REDACTED]

Impacts

  • Not giving governance committees clear visibility of the state of dependencies on other projects could lead to misalignment of capabilities and impact the realization of business outcomes and process improvements

Recommendation

  1. CSC should ensure that the OMS-M governance structure has clear visibility of OMS-M dependencies on other projects and related risks and issues

Findings: Performance Management

1.4 Criterion –Clear and relevant performance indicators are defined to allow CSC to effectively assess the performance of the project and related risks

Strengths noted

  • CSC plans to procure external resources to form a Value Management Office (VMO) tasked with defining specific metrics for benefits realization and integrating measurement into all aspects of the initiative
  • At the time of assessment, CSC was preparing an RFP for OMS-M, but procurement documentation was not yet ready for review. Best practices for agile procurement is to design contracts which are outcome-focused and designed to encourage the suppliers to deliver products which realise business outcomes

Challenges and opportunities for improvement

  • [REDACTED]
  • Even though CSC may outsource expertise on outcomes measurement, CSC will retain accountability for the successful outcomes' measurement throughout the life of the project and will need to dedicate and train internal resources capable of fulfilling key functions
  • No recommendations are issued at this point, as it is expected that the RFP will integrate outcomes-based measures as goals to be met by vendors, and that once established, the VMO will be integrated into procurement activities where possible

Findings: Project Management Processes

2.1 Criterion –Adequate processes are in place to manage the project schedule, scope, budget, and quality of the project

Strength noted

  • CSC has defined project gating, project management and system development approaches for OMS-M. CSC has opted to adopt an agile procurement process for OMS-M and in doing so, CSC has the opportunity to also adopt a more iterative or agile project delivery approach for OMS-M

Challenges and opportunities for improvement

  • The recently updated OMS-M Project Management Plan outlines a waterfall-based approach to the project and does not provide significant detail how system development activities will be managed throughout the project, or how the project management approach will be tailored to align with an agile procurement approach. Little detail is provided on how the prototyping, design, or execution phase will be managed and controlled. The plan does not articulate the adoption of any agile or iterative development practices
  • Many key project artefacts (business case, benefits realization plan, project charter, etc.) and SLDC artefacts are either out-of-date or have yet to be developed. A significant number of project management and SDLC artefacts will need to be developed or updated to meet the Gate 3 requirements of CSC’s project management framework
  • Currently the Project Manager time is split 75% on OMS-M and 25% on the Data Foundations project. Insufficient resources dedicated to project management can lead to delays in project decision-making and gaps in maintaining up-to-date project documentation

Impact

  • Gaps between the current CSC Project Management Framework and the Agile methodology being adopted for OMS-M may lead to inefficient project reporting and oversight activities, and may lead to delays in meeting project gating requirements

Recommendation

  1. CSC should review its Project Management Framework (PMF) to ensure it is flexible and aligned with agile development practices if those practices are to be adopted by OMS-M. This activity should be completed prior to the development and execution phase of the project

Findings: Project Human Resources

2.2 Criterion –Adequate human resources management practices have been planned and implemented for the project

Strength noted

  • The timelines for OMS-M has been pushed out with no increase in expenditure authorities, which means the OMS-M project team is currently completing the work within its current FTE allotment. The OMS-M team has conducted some preliminary skills and staffing analysis, and a formal OMS-M HR Strategy is planned to be completed in December 2021

Challenges and opportunities for improvement

  • Currently, the OMS-M project team has limited expertise in the delivery of IT initiatives supported by an agile procurement or in agile development practices
  • The OMS-M project team has identified staffing a challenge with difficulty recruiting and retaining staff. An updated organizational chart was approved in August 2021, however key positions like a Project Director have yet to be filled. Resource constraints have been identified as one of the most significant risks for the project

Impact

  • Gaps in project resources can lead to delays and reduction in the quality of work performed. Additional delays in the OMS-M procurement schedule will further hamper staffing as the existing budget will need to accommodate the longer project schedule

Recommendation

  1. CSC should evaluate its ability to meet its staffing needs within the existing budget in the event of minor to moderate additional delays in the project schedule; and given the activities of the team are expected to intensify in 2021-22, preparatory steps should be taken to avoid a staffing crunch during the critical phases of the procurement leading up to Gate 3 and the selection of a preferred vendor

Findings: Risk and Issues

2.3 Criterion –A risk and issues management process has been implemented to appropriately monitor and report on project risks and issues in a timely manner

Strength noted
  • The OMS-M Risk and Issue Management Plan is detailed in the April 2021 OMS-M Project Management Plan.  According to the Plan, risks are reviewed every second week by the OMS-M Project Team

Challenges and opportunities for improvement

  • The top 3 risks are reported through project dashboards; however, greater detail of risk and issues is not presented as a regular item on updates to governance committees, such as the Information Management/Information Technology Director General Committee (IMIT DGCOM) and TCOM. Currently, risks and issues are elevated to governance committees at the discretion of the individual providing the update (project manager or director)
  • It is unclear how the procurement risks identified by PSPC have been incorporated into the CSC risk register, ranked and mitigated

Impact

  • If risks and issues are not managed consistently, they may not be resolved in a timely manner

Recommendation

  1. Reporting  of significant risks and issues should be a regular standing item to governance committees, with mitigation options presented for discussion and approval purposes

Findings: Procurement

2.4 Criterion –Adequate procurement vehicles are available in a timely manner to support the project

Strengths noted

  • OMS-M, at the advice of PSPC, is following a phased agile procurement approach which appears to be well suited to OMS-M and aligns with leading practices across government for major IT procurement
  • As a result of the evolution in the approach, the procurement and project schedule for OMS-M has been pushed back.  CSC performed a rebaseline of the project and updated its project schedule
  • There are regular weekly meetings between PSPC and CSC where ongoing procurement issues, risks  and deliverables are discussed and tracked

Challenges and opportunities for improvement

  • CSC has experienced repeated delays in developing and finalizing the solicitation materials for the RFP
  • CSC has an ambitious procurement timeline to complete by the Fall of 2022 that includes a prototyping phase, a process to selected the preferred solution vendor, an RFP for a Systems Integrator (SI), and an RFP for creation of a  Value Management Office (VMO)
  • CSC recently updated a draft Procurement Plan which outlines the procurement approach and timelines for the procurement of the product vendor.  This plan was developed independently of PSPC, and it is not clear if it fully aligns with the PSPC Procurement Plan. CSC’s procurement plan has not yet been presented to and endorsed by OMS-M project oversight committees

Impact

  • Although the project team believes that the current procurement timeline is feasible, based on discussions with key stakeholders there is a reasonable risk that this procurement timeline may be delayed into spring 2023 A key factor in the feasibility of the timeline is the sourcing strategy and build vs buy decision adopted by CSC following the receipt of proposals from industry
  • Without a clear procurement plan endorsed by both CSC oversight committees and PSPC management, timelines for accomplishment of procurement milestones may not be realistic, aligned, and adequately managed to ensure they are on schedule This increases the risk that committee members are making decisions without a complete picture of the impact on the project and procurement

Recommendation

  1. CSC should consult with PSPC in the development of its procurement plan and ensure that there is alignment between the procurement plans of both departments before the CSC plan is submitted for approval by TCOM

Findings: Business Requirements

3.1 Criterion –Business requirements have been formally documented, prioritized, and approved for the project, and processes are in place throughout the project

Strengths noted

  • CSC conducted two Requests for Interest (RFI) with vendors, one-on-one sessions following the second RFI, and has developed preliminary business requirements to fulfill 18 categories of business capabilities
  • CSC is developing a Statement of Work based on the 18 business capabilities and will leverage a prototyping phase to gauge the vendors ability to meet the capabilities
  • CSC is beginning to engage business users across the department for further refinement of the requirements through the establishment of working groups of operational subject matter experts

Challenges and opportunities for improvement

  • CSC has yet to document a plan for the SDLC artefacts to be developed during the project
  • CSC has yet to formalize specific plans for the prototyping phase of OMS-M with vendors, and how subject matter experts from across the department will participate in the elaboration of business requirements, and what artefacts and deliverables will be produced from the prototyping phase
  • No specific recommendations were identified for criterion 3.1

Section VI Workplan and next steps

Work Completed

This current audit phase covered all the audit sub-criteria from objectives 1 and 2 governance and project management) and the first sub-criteria from the SDLC audit objective

Proposed Next Audit Phase

Based on current project timelines, it is proposed to conduct the next audit phase in summer 2022 (June-August). This next audit phase will be conducted after the OMS-M project has completed the initial RFP in 2021 and the prototyping phase with the 3 vendors in spring 2022

The next audit phase will cover more details on system development following the results of the prototyping phase, and will provide ongoing assurance and an update on the progress in key areas related to governance and organizational change management. The audit will also provide input on the procurement process to select a single preferred vendor and the adoption of a system integrator

 
Proposed Next Audit Phase
  1. Project Governance
    1. Governance:
      • Planning and Elaboration - phase one (May – September 2021) – OMS-M Governance Planning Data Foundation - Partially Met
      • Executing and Construction – OMS-M Project Management and System Development Lifecycle (SDLC) – Phase 2 (Summer 2022) – Included
        1. Rationale for inclusion in Phase 2 – Ensure new governance structure in effective
    1. Organizational Change Management
      1. Planning and Elaboration - phase one (May – September 2021) – OMS-M Governance Planning Data Foundation - Criterion Met
      2. Executing and Construction – OMS-M Project Management and System Development Lifecycle (SDLC) – Phase 2 (Summer 2022) – included
        1. Rationale for inclusion in Phase 2 – Ensure Stakeholder engaged in design phase
    2. Planning
      • Planning and Elaboration - phase one (May – September 2021) – OMS-M Governance Planning Data Foundation - Partially Met
      • Executing and Construction – OMS-M Project Management and System Development Lifecycle (SDLC) – Phase 2 (Summer 2022) – Not included
        1. Rationale for inclusion in Phase 2 – Minimal changes expected during audit period
    3. Performance Measurement
      • Planning and Elaboration - phase one (May – September 2021) – OMS-M Governance Planning Data Foundation - Criterion Met
      • Executing and Construction – OMS-M Project Management and System Development Lifecycle (SDLC) – Phase 2 (Summer 2022) – Not included
        1. Rationale for inclusion in Phase 2 – Minimal changes expected during audit period
  1. Project Management
    1. Project Management Process
      • Planning and Elaboration - phase one (May – September 2021) – OMS-M Governance Planning Data Foundation - Partially Met
      • Executing and Construction – OMS-M Project Management and System Development Lifecycle (SDLC) – Phase 2 (Summer 2022) – Not included
        1. Rationale for inclusion in Phase 2 – Expected to be a main focus of the independent review
    2. Project Human Resources
      • Planning and Elaboration - phase one (May – September 2021) – OMS-M Governance Planning Data Foundation - Partially Met
      • Executing and Construction – OMS-M Project Management and System Development Lifecycle (SDLC) – Phase 2 (Summer 2022) – Not included
        1. Rationale for inclusion in Phase 2 - Expected to be a main focus of the independent review
    3. Risks and Issues Management
      • Planning and Elaboration - phase one (May – September 2021) – OMS-M Governance Planning Data Foundation - Partially met
      • Executing and Construction – OMS-M Project Management and System Development Lifecycle (SDLC) – Phase 2 (Summer 2022) – Not included
        1. Rationale for inclusion in Phase 2 - Expected to be a main focus of the independent review
    4. Procurement
      • Planning and Elaboration - phase one (May – September 2021) – OMS-M Governance Planning Data Foundation - Partially Met
      • Executing and Construction – OMS-M Project Management and System Development Lifecycle (SDLC) – Phase 2 (Summer 2022) – Included
        1. Rationale for inclusion in Phase 2 – Ensure prototyping phase is successful and procurement to select single vendor is well designed
 
Proposed Next Audit Phase
  1. System Development Lifecycle (SDLC)
    1. Business Requirements
      • Planning and Elaboration - phase one (May – September 2021) – OMS-M Governance Planning Data Foundation - Criterion Met
      • Executing and Construction – OMS-M Project Management and System Development Lifecycle (SDLC) – Phase 2 (Summer 2022) – Included
        1. Rationale for inclusion in Phase 2 – Ensure requirements defined in a key project and procurement materials and users are engaged
    1. Design
      1. Planning and Elaboration - phase one (May – September 2021) – OMS-M Governance Planning Data Foundation - Not included
      2. Executing and Construction – OMS-M Project Management and System Development Lifecycle (SDLC) – Phase 2 (Summer 2022) – Included
        1. Rationale for inclusion in Phase 2 – Ensure user centered design and that project aligned with digital standards
    2. Development
      • Planning and Elaboration - phase one (May – September 2021) – OMS-M Governance Planning Data Foundation - Not Included
      • Executing and Construction – OMS-M Project Management and System Development Lifecycle (SDLC) – Phase 2 (Summer 2022) – Included
        1. Rationale for inclusion in Phase 2 – Ensure system development approach defined
    3. Testing
      1. Planning and Elaboration - phase one (May – September 2021) – OMS-M Governance Planning Data Foundation - Not included
      2. Executing and Construction – OMS-M Project Management and System Development Lifecycle (SDLC) – Phase 2 (Summer 2022) – Not Included
        1. Rationale for inclusion in Phase 2 – Too early to test
    4. Implementation and Rollout
      • Planning and Elaboration - phase one (May – September 2021) – OMS-M Governance Planning Data Foundation - Not Included
      • Executing and Construction – OMS-M Project Management and System Development Lifecycle (SDLC) – Phase 2 (Summer 2022) – Not Included
        1. Rationale for inclusion in Phase 2 – Too early to test
    5. Transition to operations
      1. Planning and Elaboration - phase one (May – September 2021) – OMS-M Governance Planning Data Foundation - Not Included
      2. Executing and Construction – OMS-M Project Management and System Development Lifecycle (SDLC) – Phase 2 (Summer 2022) – Not Included
        1. Rationale for inclusion in Phase 2 – Too early to test
    6. Security, Privacy, Internal Controls
      1. Planning and Elaboration - phase one (May – September 2021) – OMS-M Governance Planning Data Foundation - Not Included
      2. Executing and Construction – OMS-M Project Management and System Development Lifecycle (SDLC) – Phase 2 (Summer 2022) – Included
        1. Rationale for inclusion in Phase 2 – Ensure security and privacy is embedded into project procurement

Appendix A: Gartner and Samson Recommendations

Comparison of Gartner High Risks and Samson Recommendations

Gartner Report High Risks and Recommendations Samson Recommendations
1. Sourcing and Procurement – Plan to apply the learning from prototyping to further iterate the requirements prior to finalizing the contract Project Management – recommendation 7. Recommendation focuses more on aligning the CSC procurement plan with PSPC
2. Sourcing and Procurement – CSC should finalize key sourcing related decisions and ensure that the planned schedule accommodates remaining actions Project Management - recommendation 7. Recommendation focuses more on aligning the CSC procurement plan with PSPC. This aligns with Gartner recommendations.
3. Resources - Develop resourcing plan to address current and long-term resource needs, invest in vendor management capability and develop value management capability. Project Management recommendation 5. Aligns on resourcing plan. Project Governance and Planning - The need for value management is also identified and acknowledged that CSC will be implementing a VMO.
4. Schedule - Focused on PMO and the need to keep the project schedule up to date. Project Management - recommendation 4. Focuses on ensuring the CSC PMF reflects the Agile approach being implemented for this project.
5. Risks and Issues – Risk register should be kept up to date, risk review meetings should be regularly schedules and risks should continue to e escaladed as required Project Governance and Planning - recommendation 1. This aligns with Gartner recommendation. Project Management - recommendation 6. This aligns with Gartner recommendation.
6. Architecture and Design – Review proposed solution architecture, leverage agile procurement to refine architecture requirements and undertake prototype validations Project Governance and Planning – recommendation 3. Focus is on oversight on dependent projects that includes Data Foundations.
7. Organizational Change – Operational Leadership should endorse, champion and communicate change, expand focus on other projects (VCDP, LTE, etc.) and extend Agile approach to Organizational Change Management Project Governance and Planning – recommendation 1 to 3. Touch on the same elements.

Appendix B: Agile vs Waterfall development

Agile has become increasingly popular, particularly in the private sector, as an evolution away from more traditional waterfall development models which subdivide projects into linear sequential phases and focus on detailed planning early on. Waterfall projects involve extensive and detailed definition of the requirements and technical details up front, and the execution of the project focuses on delivering the solution according to plan. Waterfall is best suited to projects where the requirements and solution can be well defined at the start.

Agile development is a set of practices intended to improve the effectiveness of software development and organizational change by developing IT systems iteratively through smaller pieces that are sequentially refined and improved. Agile development reduces the amount of requirements that are defined in detail at the beginning of a project and focuses on developing working solutions which are refined as the project progresses. Agile development also emphasizes a number of principles for how to conduct the development effort, including: close consultation with end users, cross-functional teams, continuous learning, prototyping, and adaptiveness to changes. Agile development is best suited to complex IT projects where the specific solution is not yet known.

 
Agile vs Waterfall development

This flow chart compares a waterfall development process with an agile development process. Each process contains the following phases: Analyse, Plan, Design, Build, Test, and Deploy.

In a waterfall development approach each phase would be conducted once and in sequential order over the lifecycle of the project. In an agile development approach, each phase may be conducted more than once over the lifecycle of the project. In particular, the design, build, and test phases may be conducted concurrently to each other and repeated on multiple occasions.

Appendix B: Agile vs Waterfall (traditional) procurement

  • Beginning in 2017 PSPC introduced a new approach to IT procurement referred to as agile procurement which adopts agile development principles into the solicitation and contracting process for complex IT projects
  • Agile procurement typically involves dividing procurements into smaller phases, employing prototyping in the evaluation and development process, engaging multiple vendors capable of delivering the solution simultaneously, and designing shorter contracts focused on outcomes and the delivery of working solutions
  • Agile procurement is an evolution from PSPC’s previous traditional procurement methodology
 
Agile vs Waterfall (traditional) procurement

This flow chart compares federal government examples of a traditional procurement process and an agile procurement process.

In a traditional procurement process, federal government organizations conduct an industry day, which private sector suppliers attend. Organizations invite suppliers to qualify in the process, and suppliers apply to the process. Organizations develop detailed requirements and a plan, and suppliers provide feedback on the requirements and plan. Organizations issue requests for proposal, and suppliers submit proposals with planned work and cost. Organizations evaluate suppliers according to proposals and award a contract for the entirety of the project. Suppliers conduct work according to the statement of work, and organizations manage the contract according to the statement of work and plan.

In an agile procurement process, organizations and suppliers collaborate throughout. Organizations conduct an industry day with the private sector and invite multiple suppliers to qualify in the process. Suppliers apply to the process. Both organizations and qualified suppliers consult on the process, and then organizations issue a second invitation to qualify with more stringent requirements. Suppliers apply to the process, and organizations develop a shortlist of qualified suppliers. Organizations consult with the shortlisted suppliers and then issue a request for proposal for the small pilot contract. Suppliers submit proposals, and organizations award a small pilot contract. Throughout the pilot, both the organizations and the suppliers collect requirements and develop prototypes. Organizations re-evaluate the suppliers’ performances and issue future requests for proposal and contracts according to the lessons learned.

For our selected procurements, we evaluated the agile procurement steps from the industry day to the awarding of the small pilot contract.

Appendix B: Agile vs Waterfall Development

PSPC Comparison of traditional and agile procurement:

 
PSPC Comparison of traditional and agile procurement

Agile:

  • Smaller, faster sprints
  • Gated approach
  • Course corrections as needed throughout the process
  • Scope is flexible and adaptable
  • Interactions with vendors and users is ongoing
  • Enables industry feedback, best practices

Traditional Waterfall

  • Process runs in its entirety
  • Long Contractual periods
  • Course correction only available at the end of the process
  • Scope is determined and set
  • Limited interactions with vendors and users
  • All requirements need to be known and documents up front
Date modified:

Page details

Date modified: