By Stephen Moore, CIO & CISO, Australian Government Department of Employment
Every organisation and their constituents have awoken to the potential of how digital technology can transform the entire landscape. As a result, responsibilities of a CIO have grown rapidly in the past few years. Some CIOs have also been tasked as the Chief Data Officer, Chief Digital Officer, and in my case, as the Chief Information Security Officer. Roles aside, every CIO needs to deliver on an ever-increasing range of tangents to be successful in the digital era.
An Agile Culture
Agile has taken the world by storm: many organisations are actively adopting agile development frameworks such as Scaled Agile Framework (SAFe), Kanban, or Large Scale Scrum (LeSS). As important as the framework itself, I would argue that it is equally (if not more) important for the CIO to be the primary changing agent in implementing a Continuous Improvement culture. This requires all teams to work together, to question existing processes and tools, identify possible improvements, and make them better for clients. Existing organisational structure and funding models sometimes results in hard fragmentation along functional lines and makes it difficult for teams to align with common goals. The CIO is best positioned to create a permissive culture that rewards cultural change towards continuous improvement. The Department of Employment has been working through this change since 2016 when agile frameworks were initially trialed in some development teams, and are about to be adopted in larger scale as release trains. There is always a challenge in transforming while delivering government commitments with tight deadlines, so we encourage teams to experiment - test and adopt agile practices that are suitable to them. Not every team, or the approach to work on every system, can change at the same rate – but every team might be able to adopt particular aspect(s) of the new approach.
Cyber-security risks have exploded in recent times with many iconic private and public organisations being victim to data leaks, cyber intrusion, and denial of service attacks
At some point in the future, we will gather this knowledge together and re-solidify our approach into an agreed methodology.
Transparency in Cyber-Security
Cyber-security risks have exploded in recent times with many iconic private and public organisations being victim to data leaks, cyber intrusion, and denial of service attacks. With the ever-increasing funding required to bolster cyber-security, many may be tempted to do just the bare minimum possible and wish for the best. In my opinion, the CIO has the best seat in the house to heighten transparency on cyber-security risks for the CEO and the Executive Board. The CIO must be alive to serve the potential of different levels of protection required by clients so that cyber-security becomes an enabler rather than a hindrance. The Department is leading the employment services industry in Australia by asking our delivery partners to assess their cyber-security risks against the Australian Government Information Security Manual (ISM). Many partners, especially those with small to medium footprints, unsurprisingly see this initiative as an unnecessary red tape. However, by creating a tiered compliance level in accordance with their demographics and our risk exposure, we are improving the cyber-security understanding and readiness of our partners.
Democratizing Self-Service Analytics
Most would agree that good analytics can drive improved performance. Our outsourced employment services model has, for almost 20 years, relied on a strong data underpinning to allow objective performance comparison across providers. Recently, we have taken this approach further by deploying self-service analytics visualization to our private sector partners. The Department made significant investments to deploy a platform for more than 40 service delivery organisations that allows inferences to be drawn through interactive and visual analysis of the data provided. Having democratized data and analytics means that the Department is no longer the sole provider of data and insights, and we have established an active economy where our partners are in equal footing to derive useful insights for their business and operations. The next step is to trial in a way, so that our providers can bring their own data onto the platform to combine it with our data and drive new insights for better performance.
These are some of the foremost priorities in our organisation today. We are also actively working on digitalizing our service delivery, exploring gamification through mobile apps, and further exploring the costs and benefits of cloud computing. Some innovative proofs of concepts for the Department next year include the use of chatbots to improve our service efficiency and building APIs that allow our partners to establish system-to-system connections. Continuous improvement means that the goal is never truly achieved; we simply aim to be further along in the journey to deliver the best digital government services possible.