Operating context and key risks in 2018-19
Operating context
The scale and scope of Shared Services Canada’s (SSC) mandate to modernize the government’s information technology (IT) infrastructure while simultaneously maintaining existing IT operations are ambitious compared to modernization initiatives in other public sector jurisdictions around the world. Success depends on several external and internal factors, including industry’s ability to supply the required solutions, SSC’s capacity to deliver services and projects, and the Department’s customers’ readiness to transition to the new infrastructure while still delivering on their own mandates and departmental priorities.
When SSC was created as a new department in 2011, it inherited IT assets and services with limited standardization and no asset baseline or inventory to serve as a basis for service‑level agreements. Furthermore, the quantity and complexity of IT assets to be transferred to SSC was underestimated. Consequently, SSC has not made as much progress as initially expected in consolidating and modernizing the government’s IT infrastructure.
Evergreening: The practice of replacing technology and computing devices on a scheduled plan to proactively maintain continuity of services.
Break-fix: The practice of using equipment until it breaks down at which time it is either repaired and returned or replaced.
In 2011, SSC received financial resources through a one‑time transfer from other departments. Costs associated with the evergreening of infrastructure were not completely accounted for and there was no mechanism to cover fluctuating costs and few incentives to control growth of demand. This circumstance resulted in SSC having limited funding to invest in modernization projects, department‑wide tools and processes, and staff training and recruitment. To fund its projects, SSC had to divert funds from the evergreening of aging IT assets (which usually require replacement every five to seven years) and allow maintenance contracts to lapse. In essence, SSC had to apply a “break-fix” approach to maintaining legacy infrastructure.
To help address some of these challenges, Budget 2016 provided the following investments to SSC:
- $383.8 million over two years to stabilize critical systems in data centres, networks and storage units
- $77.4 million over five years to strengthen cyber security and ensure better protection of government networks and systems against various threats
SSC implemented a comprehensive, multi-year Customer Satisfaction Feedback Initiative to better gauge service delivery through the eyes of its customers. The Department saw scores improve across all of the questions since the feedback initiative was created in 2015. This improvement is in part due to the creation of the new Service Delivery and Management branch as a focal point for implementing SSC’s “service-first” approach. The Department also established the Project Management and Delivery branch, a dedicated branch for project management that is responsible for the entire project management lifecycle of all projects. As well, SSC launched a new change initiative to implement a service excellence culture across all aspects of the Department’s work.
In 2017, SSC completed an extensive review to ensure its plan to consolidate and modernize federal government IT infrastructure is sustainable, practical and aligned with industry best practices and capacity. The review included broad‑based consultations with government employees, the IT industry, its customer organizations, Canadians, and an independent external review commissioned by the Treasury Board of Canada Secretariat, which reconfirmed the unprecedented scale, scope and complexity of the mandate SSC is working to deliver for the Government of Canada.
In February 2018, the Government of Canada announced an investment of approximately $2 billion in SSC over the next six years. In 2018–19, SSC devoted considerable effort into outlining SSC’s strategic agenda and explaining how the department will effectively align its priorities with the resources provided in Budget 2018. Demonstrating the value this work will have for Canadians has ensured applicable authority to spend is in place for the Department, and this foundational work has positioned SSC for long-term success in supporting the digital vision for the Government of Canada and for Canadians.
Despite recent increases in hiring, SSC will continue to face challenges in recruiting and retaining staff due to a very competitive labour market, especially in domains such as cyber and IT security, project management and cloud computing. In response to these challenges, SSC implemented a People Strategy with targeted initiatives and innovations in staffing, training, and employee engagement and feedback. SSC is employing a range of staffing mechanisms to seek needed IT skills, including targeted external recruitment, and use of the Office of the Chief Human Resources Officer policy flexibilities such as the Interchange Canada Program.
Key risks
In the fall of 2018, the key risks were updated in order to address the considerable changes in the Department’s operating environment and to improve the risk narrative. This included redefining the scope of the corporate risks and the reassessment resulted in identifying five new top risks. The following risks and response strategies resulted from the risk update. Due to this update of the risks, the assessment of certain risk strategies will be measured in the next DRR.
| Risks | Risk response strategy and effectiveness | Link to department’s Core Responsibilities | Link to mandate letter commitments and any government‑wide or departmental priorities (as applicable) |
|---|---|---|---|
|
Aging IT Systems There is a risk that IT systems and assets which have been in service beyond their normal useful life will fail to meet the current and emerging requirements for the delivery of timely and critical services and information to Canadians. |
IT Refresh:
Baseline Asset inventory:
Critical Application Maintenance:
Customer Business Requirements Documents:
|
|
GC IM/IT Modernization Priority:
SSC Departmental Priority:
|
|
Service Management There is a risk that SSC’s capacity and tools for service management are insufficient to support excellence in the delivery of services to partner organizations. |
Governance:
Organizational structure
Service Management Strategy:
|
|
Mandate Letter:
GC IM/IT Modernization Priority:
SSC Departmental Priority:
|
|
Human Resources Management There is a risk that SSC and customer organizations will not have the human resources capacity and necessary competencies to improve the delivery of IT infrastructure and services. |
Governance:
Consultations:
Internal Strategies and Initiatives:
Data Collection and Performance Tracking:
|
|
Mandate Letter:
|
|
IT Procurement There is a risk that any of the steps in the IT procurement process, from planning to vendor delivery will be unable to meet the pace, sequence and scale required by the GC Digital Strategic Plan, negatively impacting the ability of SSC and customer organizations to maintain and modernize IT services. |
Governance:
Organizational structure:
|
|
GC IM/IT Modernization Priority:
SSC Departmental Priority:
|
|
Availability and Quality of Information There is a risk that a lack of availability and integrity of internal and enterprise information will impede effective planning, reporting, and decision-making within SSC and customer organizations. |
Governance:
Business Analytics Council:
Data Collection:
|
|
Mandate Letter:
GC IM/IT Modernization Priority:
SSC Departmental Priority:
|
Page details
- Date modified: