Digital
Technology Assurance Framework – what we learned from Digital Scotland Service Standard Assessments in 2023-24
July 16, 2024 by Stewart Hamilton No Comments | Category Digital Assurance Office, Digital Scotland, Technology Assurance Framework
Guest blog by Laura Johnstone, Continuous Improvement team, Digital Assurance Office
The Digital Assurance Office, who administer the Technology Assurance Framework (TAF), share the lessons learned from their assurance reviews to support others to deliver more successful projects and programmes.
This blog shares what we learned from the 28 Digital Scotland Service Standard (DSSS) assessments carried out in 2023-24. You can catch up on previous assurance insights on our blog.
DSSS assessments
New and transformed services are assessed against the Digital Scotland Service Standard criteria. The criteria that were most challenging for service teams to meet in 2023-24 are described below alongside recommendations made as part of the assessment for improvement.
Areas for improvement
Criterion 5: Make sure everyone can use the service
- test the accessibility and inclusivity of the service by undertaking accessibility testing and accessibility audits
- prepare an accessibility statement which sets out compliance (and non compliance) with accessibility requirements and provides detail about plans to improve accessibility where relevant
- have targets to measure the accessibility of the service
- include diverse perspectives by engaging with a broad range of people
- ensure the service is inclusive and supports those with assisted digital needs and uses simple language
Criterion 7: Iterate and improve frequently
- ensure that the live service is free of major technical debt/unfixed bugs
- ensure that the service is designed in a way that can implement change frequently and that improvements are identified and prioritised based on good data
Criterion 9: Define what success looks like and publish performance data
- understand what success for the service looks like with clear, measurable metrics to show whether success has been achieved
- define the approach to publishing data to help inform and improve future government services
Criterion 13: Operate a reliable service
- put in place effective end to end testing
- plan for major events
- have in place the processes and tools to operate the service
Criterion 14: Ensure sponsor acceptance
- have in place robust governance structures with routes for escalation and decision making and good risk management
- ensure operational organisations are included in the development of the service
- be open and transparent, with evidence of stakeholder mapping and communication plans
14 of the 28 DSSS assessments were for medium to high risk/cost services. The criteria that were the most challenging for those 14 Service Teams to meet included those set out above, as well as:
Criterion 1: Understand users and their needs
- do research with a wide range of people
- test and learn as early as possible
- ensure research is done legally
Check out our case study with Transport Scotland to hear about their approach to user centred design.
Criterion 6: Have a multidisciplinary team
- make sure the team has a resource plan identifying the right mix of skills to deliver the whole service
- keep the resource plan up to date and plan for meeting the resource requirements for the next stage
- create a sustainable team to manage the service
Check out our case study with Transport Scotland to see how they put in place a multidisciplinary team.
Criterion 8: Create a secure service which protects users’ privacy
- protect users’ personal information
- test the system
- ensure appropriate security assurance is conducted during development
- approach security risk in a proportionate way with clear approaches to risk identification, evaluation and management
To help others improve the delivery of digital projects, the Digital Assurance Office are sharing insights from assurance and working with organisations who have had assurance to share their experiences from delivery.
If you want to get involved – or have thoughts on what insights would be helpful to share – contact us at DigitalAssurance@gov.scot.
Over the last year, we have shared insights and case studies via our blog. We have case studies with National Records of Scotland and Transport Scotland on how they matured their approach working with the Digital Standard. Have a look for tips from teams who have been through assessments.
For further information and signposting to advice and support on programme and project management contact the Programme and Project Management Centre for Expertise.
The Scottish Government programme and project management principles are available and apply to any project of any size.
The Scottish Digital Academy is the public sector centre of expertise for digital capability and can provide information, advice and guidance on developing digital, data and technology skills to support transformation.
They run two courses specifically on the Digital Scotland Service Standard:
Digital Scotland Service Standard Awareness – Scottish Digital Academy
For expert guidance on delivering a digital project visit the Digital Scotland Service Manual.
The Social Security Programme: Our Story Team are part of a wider legacy portfolio, whose goal is to capture and disseminate eight years of acquired knowledge, capabilities and lessons learned to demonstrate that irrespective of the size, nature or maturity of your Programme, your profession or career pathway, ‘Our Story’ has the potential to build individual and team skills and capabilities whilst improving the effectiveness and quality of your delivery. They do this through a variety of means from building case studies, interviews and blogs to facilitating workshops and resource loans, for the benefit of Social Security Scotland, the wider Scottish Government and public sector. You can access their resources on Pathways or contact the team: socialsecurity.ourstoryteam@gov.scot.
Tags: Continuous Improvement, Digital Assurance Office, Digital Scotland Service Standard, Technology Assurance Framework
Leave a comment