 Saeth chi yw y cydnabod ddweud o'r Ffbolwyr y Gwylfaith SBCW, sydd bod fe wnaeth ymddylch gennym o'r tyfniadau cyntifol yw hyn sy'n gyntafol gyda gynnwysau gyda gyda Rhun Dran- bitr. Mae Gwylfaith Gwylfaith Gwylfaith Gwylfaith Gwylfaith Gwylfaith Gwylfaith Gwylfaith Gwylfaith in shocking members. Some people would say it's business as usual, but I couldn't possibly comment. That explains why, under standing orders that's the oldest member present, I'm chairing the meeting for the purpose of choosing a temporary convener. Could I therefore have nominations for a temporary convener, please? I think that you should just keep the chair. I'm very grateful for that. I think that we've only one nomination, then I shall temporarily convene the committee today. Could we move to item 1, please? This is a decision where the committee is agreeable to taking item 3 in private. Are we all agreed? Thank you for that. We've now to item 2 on the agenda, which is an evidence session on progress with development of the I6 programme. It's my pleasure to welcome Deputy Chief Constable Neif Neil Richardson, designated Deputy for the Chief Constable, Chief Superintendent Hamish MacPherson, Program Manager for I6 and, last but not least, Tom MacMacken, who is the director of strategy and performance at the Scottish Police Authority. Welcome, gentlemen. We've received a very comprehensive report from Police Scotland, which includes the most written update on the programme. Given that, can we go straight to questions from members? John Finch-Geffin. A question about the scope of I6—perhaps for Mr Richardson on this one—is covering 80 per cent of the current police operational activity. In your letter 2, as you talked about recent examples of that are the inclusion of national vehicle accidents, management solution and e-warrants. Is that adding to the 80 per cent, or would that have been in there anyway? Can you tell us what the 20 per cent is, please? Certainly, by all means. Those two examples are in addition to the initial scope of the programme. Throughout the entire journey, I was very cautious to guard the scope. Even around in this forum previously, I described that and the importance of making sure that you do not allow mission creep to distract from delivery. However, the passage of time between concept and delivery is, in this case, a number of years. The world moves on. It is important that we keep up with dynamic arrangements that take place within the policing environment. Both of those additions have gone on to reflect that. E-warrants is a really good example of the start of genuine digital exchange of documents that currently takes place beyond the boundaries of Police Scotland and the justice arena. It almost serves as a testing ground for further development in that space moving forward. Beyond the benefits that that brings, it also opens our thinking and opportunities for more such activity moving forward. The road collisions element is something that directly fits in to the spirit and the benefits that flow from I6. It was initially outwith the scope, but as we moved forward from an organisational point of view, it became apparent that this was something that was going to have to run in parallel. There was an opportunity in discussing various changes that were happening just by due process to incorporate that within it. With agreement that has now been included, I should say that both of those additions have taken place without further cost to Police Scotland, so it is included within the initial contract. That is very reassuring. In relation to the E-warrants, I think that you are right that there is a wider future agenda there. Can you give her the assurance that that is compatible with your criminal justice partners, Crown Office, Procurator, Fiscal Service, whoever? We heard before in another forum at the Justice Committee, rather than the committee, about the unique nature of communicating electronically reports on that. Is it all compatible? The simple answer to that is yes. I might invite Hamish to provide a little more technical detail, but in essence I have previously mentioned that we have now a cross-disciplinary group that has been brought into being. Colleagues and partners from a number of different disciplines are actively consulted with and involved in the development moving forward. That is done with the full visibility of that group. Hamish, do you want to extend that? Thank you, convener members. To add to that, the E-warrants functionality that we are putting in entirely is just compliant. The integration of Scottish criminal justice information systems data standards have been set with all the partnership groups through that criminal justice meeting, and that is purely us reflecting that in the I6 application. As Mr Hipman and the Dep described the last time, it was always described to be an extensible application, it was always described so that we could extend it to change in its years go by. That came up as an opportunity. Cymru, we are very keen to move towards an E-warrants. We are very keen and there are huge labour savings within it. We currently have an archaic paper system for warrants, where a paper warrant is sent to a station and then is manually routed to an officer who then deals with a warrant. That is an electronic system and will be routed automatically by the application. A log of all the activity for that warrant will be held within the application and, in due course, it will also be available to our criminal justice colleagues. Just to confirm with that, for instance, include the Scottish Prison Service. The Scottish Prison Service is part of that criminal justice group. I6, as it currently stands, is getting rolled out for police officers initially, but it was always intended to halff partner organisations. Apart from that, it is a savings for Police Scotland, so, for instance, when a warrant is executed or cannot be executed, I ask for an update regarding all the activities that have taken place. Currently, we manually produce that under I6. It will simply be able to go in and view the log that is held against that warrant. Mr Itcher, you said that this has come up in the course and that you wanted to contain the specification initially. Is there anything else on the horizon that is likely to come up, as matters outwith your control emanating from the building? Not. Effectively, because of the stage that we are at in terms of delivery, the design phase is now complete. In essence, we are beyond the part where adjustments to scope could be made. That said, there will be potential for subsequent, after-roll-out additions to be made. I think that there is a great deal of scope there to perhaps extend things that are currently done in a remote or independent fashion, incorporating that either into I6 or something that is compatible with I6. Those are all subsequent conversations. The trick there is to effectively just make sure that we stay focused on the delivery of I6 as a distinct entity, whilst we are developing strategic plans around ICT requirement and then consider at every stage how those are brought together. That is all on-going work. In one sort of overall question, a small question but a very big one, milestone not reached, no payment made. Has that stole the position? That has been the principle all the way through. It became a little more complicated on the last milestone where, again for convenience to some extent, I breached that principle and retained some money but made the bulk of the payment. That was for a number of reasons, but largely because, from our perspective, there were some elements that were more sitting in our space than it was the supplier's space. However, that has now been fully delivered and the payment has been made. In essence, it was just a slight breach to that principle, but I am reverting back to where I originally stood. Unless it is completely delivered, there will be no payments. I have been very remiss in not acknowledging the attendance of Hugh Henry, MSP and shadow justice spokesman of the committee today. In your letter to the sub-committee, you say quite clearly that, in terms of the contract variation, there has been no additional costs. Is that correct? Yes, that is correct. In terms of the contract arrangements, yes. In terms of the contract variation itself, which we discussed in some depth the last time we were here to discuss i6, what has been the changes in the timetabling to the delivery, the complete delivery of the i6 system? In summary, the stand-out fact that I am keen to stress is that the final roll-out has remained where it originally was. After the contract variation, I think that it was September 2016, when we expect it all to be delivered and us to have a complete national system rolled out fully, that has remained the case. There has been some adjustment and there has been some change, but those changes effectively have not altered that end point. In essence, there has been a delay to enable us to make sure that the design is absolutely accurate and that we are completely content that what we are asking to be built was exactly what is required. I still believe that that is necessary. If you do not get that right, you will pay a heavy price later when something is built that does not do exactly what you wanted it to do. That will come out during testing. To avoid that, we negotiated a period in which we allowed more time. However, that did not compromise the roll-out date and there are a couple of reasons for that. As we move forward in terms of the delivery and the detail construction, things become clear that were not perhaps clear when you were initially procuring something or bidding for it. That is just a product of, once you get right into the detail of it, you become clearer about what is required. As a consequence, we adjusted the way that the product was going to be built. For example, there was one element of that that we had made a significant time provision for, which was about data backloading data. I could go into technical details, but I suspect that you do not have much of a head to hear that technical description. I do have an interest because, at the end of the day, what you are saying is that the contract variation that has been put in place after your initial difficulties with the supplier, you are saying that that contract variation has had no additional cost. Beyond that, that will still be delivered on time. At the same time, you are saying that there have been time changes built in to ensure the delivery by September 2016. I am interested in how there can be the changes to that timescale from the original contract and still achieve the operational date of 2016. If you could explain that, it would be extremely useful. The two principal areas related to the one that I have just clumsily mentioned, which is around data migration. The original plan around that was quite complicated. As a consequence of things that came to light and some better understanding of the requirement, an alternative approach around a data store, which Hamish is largely the architect of, was put forward as a better option. That enabled us, if we progressed that particular option, to save around three months of time, without any detriment, just by taking a different approach. The second area related to that— Can you explain that different approach? Does that mean that that data store, does it mean that that data does not go into the I6 system at that particular point? It would be helpful for us in layman's terms, in some regards, to know what you mean by that. I shall endeavour to do it in layman's terms. The original application in the rotary application was predicated on each legacy force, having the data from its legacy systems migrated at a time of go live. What we have done is moved forward. Some months ago, we started migrating the data into a thing called the operational data store. All the data with an I6 anyway will end up within its operational data store. If you like, it is a data warehouse for all information held by Police Scotland. That information is then available to all I6 users through a legacy search button, which has been introduced as part of its functionality as well. We actually believe that it is a much, much better and stronger way of presenting legacy data, because it makes it not only available to I6, but when we move on to the 20 per cent, which is not within I6—for instance, command and control—it will equally make that legacy data available for command and control systems, etc. It is not about not doing it. It is about doing it in a different and, we actually believe, much stronger in a better way. That seems a lot more logical to me than your original proposal. Why was that not decided to move in that direction at the initial stages of the… I can very swiftly answer that, which is that it is just a massive matter of timing. When I6 was obviously first contracted for, etc., it was contracted as a national solution for eight legacy forces. What we now have obviously is one national force, so it makes much more sense to rationalise all the legacy data into one national data store, and that is the reason for it. Okay, thank you for that. In terms of the milestones, which we have had an interest in previously too, you have set out the milestones previously, and again we have some indication of the milestones and what we have in front of us today. However, I note from your letter to the committee DCC Richardson talk of milestone 5B. As I have said to you guys before, having had some experience previously of major IT projects, when the numbers start having letters added to them, which normally means a new milestone, that has indicated to me in the past that there may be some difficulties. Was it the case that previously there was no 5B? What was 5A? In terms of the other milestones, are we likely to see changes within those too? The answer to that is simply what I was alluding to in the answer to the previous question, which is that the principles so far have been, unless the milestones are met in their entirety, then there is no payment made. The milestones themselves usually contain a number of component parts, and this was an example of that. We were faced as a programme board with a situation where around 80 per cent of the milestone had been complete and completed to a good standard and on time, but a small element of it had not. As I said, there were elements of that that were within our area to resolve. Therefore, on this single instance, it seemed appropriate for that and some other additional reasons to allow payment for the elements of it that were complete, allowing a slightly extended time period for the finalisation of the last element. That was agreed, progressed and the final element of that milestone was delivered on time and on message into a high quality. In essence, it was a slight diversion, but the rationale and reasoning I think was sensible and again enabled a number of interests to be addressed by taking that approach rather than a very robust one to effectively penalise the supplier financially, having completed the vast majority of that milestone. It would be helpful if you could put some time frames on it. There has been a slight slippage, and when you are talking about milestones, as well as talking about the content, if you could put that in context with the dates, that helps to make it a wee bit more... I think that it would also be very useful for us to know what those elements actually were. I think that it is always useful for us to try and get this into some kind of context what those difficulties actually were. James has got the details in front of him, so I'm going to invite him. Before, wouldn't it that where the first slippage was? No, milestone 4 stood alone as the training mobilisation plan. Milestone 5 consisted of two main elements. The first element was the functional design complete element of it, and the second element of it was the detailed implementation plan. As Mr Richardson has attested to, the work for the functional design was complete. We were completely happy with it, and, therefore, we were happy to sign against it. However, we still felt at that point in time that we had some work to do with the detailed implementation plan for Police Scotland to feel confident regarding the testing programme, etc., to make sure that we got a robust product when we went live, so the decision was to separate the two. With regard to the date, the initial date of the functional design complete under the CVA was 8.8.14, and it was signed off at 16.10.14. Then, one month later, we were then happy with the next board to sign off against the detailed implementation plan, which was 28.11.14. That's the timing for two, but, as I said, there were two standard elements that just happened to initially be wrapped up within the same milestone. Finally, in terms of the future, to the point of the going live and the system becoming operational, do you foresee at this moment in time any difficulties that may lead to further contract variation or further changes to any of the milestones? What I would say firstly is that, where we are at the moment, I'm very pleased. We've now managed to complete the design, which is a major, major milestone in its own right, and we've completed that to a level of satisfaction from our perspective, which is directly in line with the principles of retaining the functions and, in terms of the contract, which was effectively to provide our requirements, so that has been completed. The reality, however, is that, in the delivery of any major programme that runs for a number of years and has the complexities that it does, it never follows a linear path. Effectively, what I can do is sit in front of you today and say that our principles have remained consistent. We've got an end date that has not altered since the contract variation. Our costs are remaining constant and, in fact, the functionality that we expect to have delivered and was contained within the business case is exactly what is now designed. That said, as you know, there have been some variations on the route. There have been some slippages, some things have changed in terms of the nature, and that is the reality of programme delivery. What we are embarking on now is that the design is complete and the elements of this, to use a mechanical metaphor, are the elements of the engine that have been constructed, and we are now at the stage of putting those elements together to see if the engine runs smoothly. In any such process, there will be issues, things that we did not expect and adjustments that will be required to be made. The confident proposition that I can put forward is that I will continue to hold true to the principles that I have up until now, but in all probability there will be things that we need to adapt to and adjust to. I have no reason to think that that will be problematic or will lead to another contract variation, but it would be wrong to give you a sense that, now that we are at this point, everything is going to be plain sailing all the way through. That is not the case. This is an incredibly difficult, challenging programme and I would imagine that it will continue to be that way, but at the moment we are in a good place. I would never expect anyone to deal with an IT contract to tell us that it would be plain sailing, because having dealt with a number in the past, they never are. One of the things that the committee had concerns about, and I think that it would be concerned about again, is that contract variation. You had a contract variation quite early on in a programme. It did not cost the public purse any more money. Thank God for that. What I am keen to know, and others would be similar, is if there is likely to be any other contract variation. In those circumstances, I always get rather perplexed at the fact that the original tenders, sometimes in IT situations, do not seem to take account or allow for the flexibility that is likely to take during the construct of that particular programme. Do you foresee at this moment in time any contract variation taking place in the near future? I am not planning for it and I do not envisage any contract variation imminent in terms of that. I would also go on to say that what you are describing is right, and it was an incredibly difficult part of this delivery. We have rehearsed some of the detail before, so I will not do it again, but it is reasonable to say that the arrangements, the working arrangements with the supplier are in a far better place as we sit here today than they were earlier on. It is also fair to say that the Accenture has been working very purposefully with our team to overcome some fairly significant challenges. In fact, even into the testing phase, the early point that we have had so far has indicated that we have had slightly more niggles, or however you want to describe them, issues raised than perhaps we might have planned for, but we have also had a higher number of those resolved more rapidly than we would have planned for. That underlines the fact that the working relationship between ourselves and the supplier is in a pretty good place right now. As you know, I am always very guarded in terms of giving predictions for the future. Those things are incredibly difficult, but as we stand here right now, we are in a reasonable place and I do not anticipate any changes that will lead to contract variation. I certainly do not have a crystal ball. I hope that the committee's crew and I, when we were having the problems and the interests that we took, probably helped to foster those good relations. Clearly, the full business requirements have been built in by working together, so hopefully, if anything else came up in the future, it would be the same arrangement and relationship that we would materialise. Good afternoon, D.C.C. Richardson. You have said that you have successfully designed and built the system, and you have already entered the six-month testing phase. That will be followed by a user acceptance test phase before you go live. Can you give us a bit more detail about exactly what those two phases entail, particularly around the user acceptance phase? Do you intend to run it in parallel or have a pilot group using it? How do you process it? That is one that I will probably hand over to the technical expert who can give you more detail. It is also an area that has slightly changed as a consequence of the adjustments that I will maybe ask Hamish to answer that. Thanks. I will try not to get technical. Testing has gone on for some time with regard to as soon as we started building the product that immediately goes into testing. Most of those test phases at that time sit with the supplier. It starts off with unit testing, which is testing the individual components, then assembling those components together, which is assembly testing, and we are through most parts of assembly testing already, and then goes into product testing. Product testing again sits with the supplier and is an end-to-end test of the application by the supplier. The changes that we have made here is that we are involved fully in that product testing. Again, I will not get technical with that, because that is broken down into several tranches of it, but we will certainly be very heavily involved in what we describe as type 3 product testing, where we will do end-to-end scenario testing across the whole product. Having done that, the reason for us doing that earlier is that by the time we get to user acceptance testing, we should have already flattened out most of the bugs in the system, because there will be bugs in any system at that point in time. Then we begin to user acceptance testing. That is a customer activity, so that is actually dealt with by us. For the past many months, we have been writing lots of scenarios that are based on real-life policing scenarios, such as missing people, vulnerable people, crime events, et cetera, custody events. When we get to user acceptance testing, we will simply run those right through over to user acceptance testing piece. As a result of that, we should hopefully have a completely robust product by the time we go live with it, and with the times that we have set aside for them, I am absolutely confident that that will be the case. Let me be clear that the user acceptance test are fake scenarios that you are using. It is not actual police on the ground using the system at that point. No. User acceptance testing is always done with, if you like, dummy data. That is the way it is done. It will get done in the full live environment, so it is a complete mirror of the live environment, but not with live data. We then go into our pilot area, which is when we start rolling out across Scotland, so the first roll-out is a longer period than for the rest of the divisions, and that is also a pilot area to ensure that we have no problems. By that time, we should have very, very few. Significant to that is the training needs. Can you talk to us a little bit more about the training strategy and your training needs analysis that you have done? Yes. The training strategy has gone on for some significant time alongside with the censure, and again, it is based on scenario-based. Rather than training the functionality of the application, we train it as if it is a day in the life of a police officer. The way it will come in is that it will come in and deal with it as if it would be using the application on the ground. The training needs analysis has been done against each of the legacy forces, to be honest with you, because each person currently has a different IT infrastructure and a different knowledge of IT systems. Some had some corporate systems already, some had standalone systems, so it will be tailored to their own individual needs. There is bespoke training for police officers, for police supervisors, and expert training for people who are working in areas such as custody, crime management, case management, etc. People who are testing it, even at the user testing stage, are people who are very familiar with the system, the people who have designed the system and your project team that have been working with it. Surely the risky area is when it actually goes live and the real officers start to use it. What happens? What contingency have you there if the real users identify problems in the system? When we get into product testing, that will be design and work leads for the system. The people who designed the system to test what they have tested is what we are getting delivered. When we get to user acceptance testing, it is absolutely not those people. It is subject matter experts from the force across each of the areas that are testing. When we test custody, it will be custody officers who do a live custody job. When we test criminal justice, it will be people who are working in the criminal justice scenario. User acceptance testing is tested against dummy data, but it is tested with the real subject matter experts testing it. In terms of, we have talked before about i6 and the significance of it, but in truth it is transformational change in action. Once we move into the training environment, going beyond just how you use a new computer system, it is actually changing the way that they do their business. Our investment around that capability to ensure that people understand how they need to operate in this new environment is absolutely key. It is based on three days classroom training, pre-work and post-work, and there will be on-going support for those officers. It is a big commitment. It will have a major impact on the organisation. There is no getting away from that, but it is fundamentally important if we are going to transition into a new way of working with all the benefits that we know that that will deliver. I could just clarify something, DC Richardson. In your letter, page 2, you talked about milestone 7, a detailed approach to build a phase in wider technical architecture was approved, and that was December 10. A six-month detailed project test phase has commenced and will be followed by regular user acceptance. Later on, in your paper, which is more detailed, paragraph 7, you referred to, it now follows eight months of detailed and diligent testing by Accenture and Police Scotland for milestone 7. Am I reading that properly? Is that a discrepancy, or is it...? What that is is the difference between unit testing, assembly testing, product testing and user acceptance testing. The first one relates specifically to product testing, and the other relates to the cycle, if that makes sense. There are different testings? Yes, there are all sorts of product and inverted commas testing, but product testing itself is a specific activity. They are both in milestone 7, but just different testing times for... Milestone 7 is a cycle, so you go through unit testing, assembly testing and product testing, and Milestone 7 is a successful conclusion of product testing, if that makes sense. That's very helpful. Governance has clearly been a huge issue with other public sector contracts, so can I ask you about the... Just to update on the position of governance going forward more generally, because having overcome quite a significant problem and overcome it seems quite successful, we wouldn't want in any way the eye to be off the ball. I'm happy to do that. In essence, I'm not sure that we were ever in an atrociously weak position around governance, but it's true that effectively we went through a major change to policing arrangements midway through the delivery of I6. That's the reality of that, and so we were asking a brand-newly appointed police authority to get their heads round not just the policing environment but the technical complexity of a business case, which is, if it were to say, not an easy read. So there were some challenges there. The programme governance arrangements were very robust in my view, and again we have initiated gateway health checks all the way through this. Again, the comfort around those governance arrangements were articulated very clearly in the reports that we received. Around and about the time that we were developing the arrangements with the police authority—Tom might perhaps comment on this himself in a second—we did initiate a specific, almost thematic gateway looking at governance, and again they fed back some recommendations that we were able to consider and look at to make the arrangements more robust. Where we currently stand is significantly advanced from where we were, and that's right for the stage of the programme that we're at. We have a programme board that has a number of interested parties and a number of executive colleagues from Police Scotland. We also have a representative who has specialist knowledge from the Scottish Government, and Tom now sits on the board. Prior to him, John Foley, the accountable officer, sat on the board directly as well. There are a number of areas that the police authority invites papers and we provide updates to, including the Finance and Investment Committee and others that I'm sure Tom might wish to comment on. Collectively, we've got a fairly robust opportunity to deal with the detailed programme elements and to make sure that they are fed up and deal with the more strategic issues and decisions through the police authority up to and including a regular input that's provided by me to the full authority on a quarterly basis. You've mentioned a key person to leave or not be available for any reason. Is there a contingency plan to ensure that that wouldn't be a real problem or obstacle in the governance and the timeframes? Absolutley. We've had that clearly, as you would expect. There are occasions that individuals are not available. The point of the delivery now is that we did not have the director of HR, for example, as a routine member, but with the development of the training requirement and the change activities that will be by necessity involved in the delivery of the next stage of that. John Gillis became a member before the tail end of last year, and he was very active on the board in assisting us with that. Again, there are opportunities that, if they are not available, their deputy can sit on the board. I'm not uncomfortable at all with regard to our resilience, really, from that point of view. Anything to add, Mr Whitman? I really just endorse what the DCC has said. I sit on the programme board, so we're well integrated in terms of the internal governance within Police Scotland. Our Finance and Investment Committee receives a report at each meeting on the profile of the spend around I6. The Audit and Risk Committee is monitoring those risks. The full board is receiving updates on I6-related risks. Most recently, the development of our ICT governance and scrutiny forum, which is chaired by the chief executive of the SPA, involves DCC Richards and members of his team, as well as the chair of the authority and the chairs of both the finance and audit committees. I think that that's very reassuring. I thank the panellists for coming. We had a much better session today and a much more upbeat session than the last time we met, so hopefully that's how it's going to continue in the future. Can we now move into private sessions?