Thank you. I welcome the opportunity to give evidence on this Audit Scotland report. The convener has already introduced my colleagues, and we hope to be able to assist the committee this morning in its consideration of the Auditor General for Scotland’s findings.
I should say at the outset that the Scottish Government welcomes the report, and accepts the recommendations that are addressed to us. I am here today to talk about those that relate to the Scottish Government and not about the specifics of individual cases, where there is a separate line of accountability. My comments will therefore relate primarily to the first two sections of the report, on strategic oversight and skills.
The issues are complex and interrelated and, as the report indicates, our approach to each has been to put in place new arrangements, and then to review and improve upon them in light of experience. Indeed, in the five months since the audit work was completed, we have made more progress with the process of continuous improvement. I will update the committee on that in my brief remarks.
Dealing first with the strategic oversight, it is important to be clear about what the assurance framework is intended to achieve and, crucially, what it cannot achieve. Clearly, the central Government sector is taking forward a wide range of information technology-dependent business change projects, and the IT assurance framework cannot provide specific assurance on each project; rather, it is intended to ensure that appropriate assurance arrangements are in place and being used for each project. The crucial point is that responsibility for the effective governance and delivery of individual projects lies with the senior responsible owner and accountable officer, and it is essential that the oversight arrangements do not cut across the clarity of that responsibility. Nonetheless, we absolutely accept the leadership and support role of central Government, and wish to ensure that it adds the maximum possible value to our sector colleagues in their planning and delivery of programmes and projects.
As the report confirms, we responded directly to the recommendations of the original report in 2012 to introduce new assurance and oversight arrangements and we have already made significant improvements to them in light of experience, including creating the office of the chief information officer, which reflects the need to devote more resources to the implementation of the framework. At the heart of that development is a more proactive, relationship-based approach, and feedback from colleagues suggests that, along with the simplification of guidance, structured sharing of lessons learned and investment in networks, that has been welcomed.
It is important, however, that we continue to monitor the effectiveness of the enhanced arrangements. As chair of the strategic corporate services board, I have asked the chief information officer to provide the board with an update report in the spring that includes an assessment of the quality of relationships across the sector. That will be informed and supplemented by some random checking of individual projects that have not otherwise come to our attention via gateway reviews. We will also conduct a gateway review of the assurance framework itself during the next year.
Part 2 of the report deals with digital skills, which, as the committee knows, is a big and complex issue that involves a range of players across all sectors. We know that a lack of relevant skills is a recurring and major issue for public bodies and for Scotland’s businesses, and the market for those scarce skills is highly competitive. The digital skills investment plan produced by Skills Development Scotland is tackling that for Scotland as a whole. Key priorities include the establishment of a digital skills academy called CodeClan to rapidly increase available skills and a multichannel marketing campaign to target school pupils, among others, to create a more positive perception of technology as a career choice.
Our work on public sector skills sits in that Scotland-wide context and we are taking a number of actions, including more creative approaches to recruitment, to meet our own skills needs.
In light of our work on a public sector skills bank and the intelligence gleaned from our skills gap survey, we have established the central Government digital transformation service. It was formally launched last month to provide a source of digital skills to support information and communications technology and digital projects, particularly in the crucial scoping phase. Good progress has been made in establishing that team, with 13 of 25 posts already filled and a pipeline of work identified, and we are just about to invoice for our first chargeable item of work. We agree with the Auditor General that it is an ambitious bit of work, but we are not deterred by that. The central Government sector has strongly welcomed the development, and we will keep a close eye on the extent to which it meets need as it grows.
Bringing those two strategic issues back together, we have revised our governance arrangements since the Auditor General’s report was published, and the central Government digital transformation and assurance board is now responsible for strategic oversight of central Government ICT programmes and for the digital transformation service. That brings together responsibility for assurance and support. In other words, the assurance role of the information systems investment board—ISIB, which is referred to in the report—has now been vested in the new body.
I hope that my comments serve to underscore the extent to which we are actively committed to the process of continuous improvement. I assure the committee that we will continue to iterate in light of feedback, including any advice that comes out of our discussions today.