A framework designed to improve the delivery of programmes and projects developing IT and digital solutions.
Who does it apply to?
The Technology Assurance Framework applies to central government organisations, including the Scottish Government, who need to provide the Office of the Chief Information Officer (OCIO) with:
- a named assurance co-ordinator to facilitate adoption of the framework within the organisation and to support reporting arrangements
- information about their IT and digitally enabled projects - it is helpful to let us know about these as early as possible
This information should be supplied to the Office of the Chief Information Officer (OCIO) within the Scottish Government, which is responsible for implementing and managing the Technology Assurance Framework.
What does it apply to?
The Technology Assurance Framework applies to new digital public services and new investments in technology. Business as usual activity is not covered by the Framework.
New digital services should comply with the Digital First Service Standard.
For major projects with a whole life cost of £5 million or more, or which carry significant risk stop/go assurance gates apply at key stages.
For each major project you should provide the Office of the Chief Information Officer (OCIO) with:
- a named project contact to co-ordinate assurance activity and provide regular status update reports
- a completed ICT investment plans checklist
- an integrated assurance and approval plan and timeline
- copies of any risk potential assessment forms prepared as part of assurance obligations set out in the Scottish Public Finance Manual
This information should be emailed to OCIOAssurance@gov.scot
The OCIO is currently engaging with projects in scope to:
- establish points of contact and agree reporting arrangements
- support the development of integrated assurance and approval plan and timeline
- conduct stop/go assurance reviews
- assess compliance with the Digital First Service Standard
We are also working with other corporate assurance providers within the Scottish Government to jointly plan our respective assurance activities and explore opportunities to align project reporting.
The key stages for technology assurance set out in the framework cover the following project stages:
- business justification - to ensure the basis for starting the project is sound, it is addressing user needs, and has a robust outline business case
- pre-procurement - to test the contracting and procurement strategy and ensure the contractual and commercial risks are understood
- during delivery - to ensure that the project addresses any significant issues, including cost or time slippage or significant issues expressed in an independent review
- ‘go live’ - to ensure that systems and business processes are ready for service and capable of delivering
If a project is also subject to Digital First Service Standard assessments, these will be aligned as appropriate to the stages listed above.
The Framework is intended to improve delivery and ensure that the lessons learned from previous experience are reflected and embedded in future practice.
In the event of a negative assessment during an assurance gate, recommendations for remedial action can be made to address the issues identified. Where there are significant concerns about delivery or value for money a “stop” recommendation can be made to the Scottish Government’s Chief Information Officer.
Where the Chief Information Officer endorses the recommendation to stop a project, the project’s Accountable Officer could only proceed with the project where approval to continue is given by the lead Minister and the Cabinet Secretary for Finance and the Constitution.
Contact the Office of the Chief Information Officer (OCIO) at OCIOAssurance@gov.scot for more information about applying the technology assurance framework within your project.