ICT 2270

ClearPseudonym made this Freedom of Information request to Department of Defence

Currently waiting for a response from Department of Defence, they must respond promptly and normally no later than (details).

From: ClearPseudonym

Delivered

Dear Department of Defence,

Please forward this request to the appropriate FOI officer for the Australian Government Security Vetting Agency.

* The request (summary):

I am seeking technical/architectural/service & system design documentation and status reports to executives the Department holds about a project known as "ICT 2270 - 21st Century Security Vetting" for the Australian Government Security Vetting Agency.

* Limiting the scope of the request:

In particular, I am seeking:
[Item 1] Requirements documents provided to external systems integrators on the provisioning of the ICT 2270 system

[Item 2] Approved (i.e. signed off by a DoD executive) overarching “System Design” and/or “Enterprise Architecture” document for ICT 2270

[Item 3] Documentation/results of user research and Service Design consultations especially for the externally-facing ePack component.
This document must exist, as for the project to meet Criterion 1 of the Digital Service Standard as mandated by cabinet (see MT15/0199/DTC)
If this document does not exist, the exemption signoff will suffice.

[Item 4] Any interim formal or self-assessments against the Digital Service Standard

[Item 5] The most recent report provided to AGSVA executives and the AGSVA Governance Board regarding the progress of ICT 2270

* Helping you administer this request:

I imagine this request sits with COIG, you will have to contact a suitably informed director or enterprise architect.

Item 2
- this document might be prepared internally or by the external systems integrator, I'm unsure
- it would normally include all the systems an end-to-end vetting process would touch

EA/system design documents are often long and often contain sensitive security information.

I am keenly aware of the need to comply with s 33(a)(i) and s 24AA(1)(a)(i) and want to ensure my request does not fall foul of these FOI exemptions. A significant proportion of the documents requested should relate to frontend (i.e. public-facing) or describing logical links between systems that are not sensitive (i.e. Item 4 and Item 3)

If you could assist me, that would be greatly appreciated. I am more than happy to call - or take a call from - someone in CTOD or ICTSDRD to help narrow the scope, particularly around sensitive areas.

Given the complexity and sensitivity, I'm also willing to give an extension right off the bat, if you require and ask.

* Background information (why I'm requesting this information):

I noticed a reference to ICT 2270 in a Defence submission to the "Inquiry into the Impact of Changes to Service Delivery Models on the Administration and Running of Government Programs".

My understanding is that this is a rebuild of the PSAMS and ePack systems which has publicly been outed as an underperforming multimillion-dollar program by the ANAO.

As this is a new project and a component of the ePack system is public-facing, it comes under the scope of the Digital Service Standard, as mandated by Cabinet, MT15/0199/DTC unless an exemption has been given. Thus, I am requesting that information in Item 3 and 4.

The administration of security vetting is an expensive affair. As ANAO noted: "The ePack system remains a frustrating and difficult system for individual users to navigate, raising efficiency and productivity issues in the vetting process."

The audit identified “shortcomings in project planning, insufficient application of ICT expertise and major changes in project scope”. I want to see evidence of AGSVA working towards a system that rectifies this and acknowledgement from the AGSVA Governance Board.

Keep COVID safe! Yours faithfully,
ClearPsedudonym

Link to this

From: FOI
Department of Defence

OFFICIAL

Good afternoon,

Thank you for contacting Freedom of Information at the Department of Defence.

We have received your email and you will be advised of the status of your inquiry by a FOI team member.

Chris Simon | Freedom of Information
Enterprise Reform Branch | Governance and Reform Division | Department of Defence
a CP1-6-005 Campbell Park Offices ACT 2600
t (02) 6266 2200| e [email address]

IMPORTANT: This email remains the property of the Department of Defence. Unauthorised communication and dealing with the information in the email may be a serious criminal offence. If you have received this email in error, you are requested to contact the sender and delete the email immediately.

show quoted sections

Link to this

From: FOI Case Management
Department of Defence

OFFICIAL

Dear Sir/Madam

 

I refer to your correspondence of 11 September 2020 seeking access under
the Freedom of Information Act 1982 (FOI Act) to documents held by the
Department of Defence (Defence). This email is to advise you that your
request has been received and allocated to a Case Manager.

 

The scope of your request is:

 

I am seeking technical/architectural/service & system design documentation
and status reports to executives the Department holds about a project
known as "ICT 2270 - 21st Century Security Vetting" for the Australian
Government Security Vetting Agency.

 

In particular, I am seeking:

 

[Item 1] Requirements documents provided to external systems integrators
on the provisioning of the ICT 2270 system

 

[Item 2] Approved (i.e. signed off by a DoD executive) overarching “System
Design” and/or “Enterprise Architecture” document for ICT 2270

 

[Item 3] Documentation/results of user research and Service Design
consultations especially for the externally-facing ePack component. This
document must exist, as for the project to meet Criterion 1 of the Digital
Service Standard as mandated by cabinet (see MT15/0199/DTC) If this
document does not exist, the exemption signoff will suffice.

 

[Item 4] Any interim formal or self-assessments against the Digital
Service Standard

 

[Item 5] The most recent report provided to AGSVA executives and the AGSVA
Governance Board regarding the progress of ICT 2270.”

 

Please note that Defence does not release information that is considered
‘personal information’ of individuals other than the applicant; this
includes private email addresses, signatures, personnel (PMKeyS) numbers
and mobile telephone numbers, unless you specifically request such
details. Defence excludes duplicates of documents and any documents sent
to or from you. Furthermore, Defence only considers final versions of
documents.

 

If you are seeking personal details of other individuals, please advise
this office by 18 September 2020 so that the decision maker can consider
your request.

 

Defence may impose a charge for the work involved in providing access to
the documents in accordance with the Freedom of Information (Charges)
Regulations. You will be notified separately if your request attracts a
charge. Please note that there is no charge for documents that contain the
personal information of the applicant.

 

The statutory deadline for you to receive a response to your request is 11
October 2020. Please note that where the due date falls on a Saturday,
Sunday or public holiday, the timeframe will expire on the next working
day – Monday 12 October 2020.  This is in accordance with the FOI
Guidelines issued by the Office of the Australian Information
Commissioner.

 

I am the Case Manager for this request. Should you have any questions
relating to your request, please do not hesitate to contact me via email
to [1][email address].

 

Regards

 

 

Rose

FOI Case Management

Department of Defence

[2][email address]

 

IMPORTANT: This email remains the property of the Department of Defence.
Unauthorised communication and dealing with the information in the email
may be a serious criminal offence. If you have received this email in
error, you are requested to contact the sender and delete the email
immediately.

 

 

References

Visible links
1. mailto:[email address]
2. mailto:[email address]

Link to this

Things to do with this request

Anyone:
Department of Defence only: