Ten days ago Public Services minister Judy Foote praised the work of Shared Services Canada, the branch of her department that spends almost $2 billion a year operating, reducing and merging the government’s IT and telecommunications services into a more manageable core, as she tabled a report on its upcoming priorities.
“As SSC transitions and updates aging technology and legacy systems and makes progress towards more advanced IT infrastructure services, SSC’s enterprise cyber and IT security services will continue to provide essential safeguards and enhancements to protect network data and secure technology assets.” she wrote Parliament.
But today she faces allegations Shared Services has bungled its work for the RCMP after CBC news revealed behind the scenes complaints from the head of the force that the takeover of the Mounties’ IT support has been a costly disaster.
Things are so bad, according to documents CBC obtained through access to information, that RCMP Commissioner Bob Paulson at one point refused to give SSC any more control over the Mounties’ information technologies. It isn’t clear if that’s still the case.
Among the more serious complaints the documents say Paulson laid at the foot of SSC president Liseanne Forand at a meeting last September was that during the October 22, 2014 terrorist attack on Parliament Hill Shared Services shut down the forces’ disaster recovery site so the government could have more bandwidth to deal with the flood of public information coming in.
Also in 2014 a server failed at a data centre resulting in some corruption of data needed for disclosure package in a court case. SSC had been told two years earlier that the equipment was past the end of its life but did not replace it.
Shared Services Canada was created in 2011 to transform how most government departments deliver email, data centre, network and workplace technology device services. The Harper governments said the goal is to cut the number of federal data centres from 300 to 20, the number of email systems from 100 to one and chop the 3,000 overlapping networks. It hopes to save hundreds of millions of dollars.
In her report this month Foote wrote that “SSC is generating economies of scale to deliver more efficient, reliable and secure IT infrastructure services. SSC also provides certain optional technology services to other organizations on a cost-recovery basis.”
The RCMP isn’t the only one hard on SSC. A few days after Foote tabled her report Auditor-General Michael Ferguson told the Commons public accounts committee that his latest audit showed “there were weaknesses in Shared Services Canada’s implementation of government IT shared services to date, specifically in managing service expectations with its partners and in measuring and tracking progress on transformation initiatives and savings.
“For example, we found that Shared Services Canada did not set clear and concrete expectations with its partner departments in providing IT infrastructure service to support their services and applications. As a result, it could not show if and how it was maintaining or improving services. This finding is important because Shared Services Canada needs to understand whether its services meet its partners’ needs. As the recipients of these services, Shared Services Canada’s partner departments need to have confidence that the levels of IT service they receive from Shared Services Canada adequately support their ability to deliver services to Canadians.
“In addition, we found that Shared Services Canada rarely established expectations or provided sufficient information to partners on core elements of security. This is important because Shared Services Canada plays an important role in implementing Government of Canada security policies, directives, standards, and guidelines to ensure the security of government IT shared services. As the government’s IT infrastructure service provider, it is important that the Department collaborate with partners to manage security threats, risks, and incidents to help protect the government’s critical IT-related assets, information, and services.
“Finally, we found that Shared Services Canada did not have consistent financial practices to accurately demonstrate that it was generating savings. For example, there was no standard costing methodology in place to determine savings and there were incomplete baselines to measure total savings generated.”