Scotland's Digital Future: High Level Operating Framework
Guidance and information for public sector organisations on the design principles, standards and specifications of the Scotland’s Digital Future: Delivery of Public Services strategy.
2 Architecture Principles
2.1 Introduction
The principles are founded on the four strategic principles set out in the paper Scotland's Digital Future - Delivery of Public Services. Each of those strategic principles is used to group together the Architecture Principles.
The architecture principles define the rules and guidelines that inform and support the way in which the architecture and design for services and systems in scope of this ICT Framework are delivered. They are intended to reflect a level of consensus across National, Sector and Local levels and should be used to assess the compliance of any new ICT initiative at each of those levels.
Architecture Principles are intended to be enduring and stable and are therefore defined at a high level. However, it is expected that the principles will be updated/extended over time where this is found to be appropriate. The principles are interrelated and should be applied as a set. In some cases, principles will compete; a governance process for their management should therefore be established to include a resolution process to manage these conflicts.
Each architecture principle defined in this paper is described using the following format (based on the TOGAF Enterprise Architecture [2] ).
| Reference | A unique reference identifier for the architecture principle |
|---|---|
| Name | An easy to remember name that represents the principle's objectives. |
| Statement | An unambiguous statement that describes the principle. |
| Rationale | A statement or list of statements that describe the benefits of following the principle. |
| Implications | A statement or list of statements that describe the consequences of adhering to the principle. |
This paper is intended to be a living document, reviewed and updated as warranted by changing business and technical circumstances. The principles are provided in this section as a starting point for the formulation of a more complete set under each strategic principle pillar.
2.2 Citizen/Customer Focus
| Ref. No. | OFP-CC1 |
|---|---|
| Name | Digital Standards |
| Statement | The design of applications and services (information and transactions) will be user focused and with a presumption of alignment with the technical standards and design principles of the full (not prototype) version of MyGovScot. |
| Rationale | A common approach will facilitate effective user journeys. |
| Implications | Service providers will design digital services as part of a wider public sector approach and not in isolation. |
| Ref. No. | OFP-CC2 |
|---|---|
| Name | Multi-Channel |
| Statement | The design of new applications and services shall not restrict service consumers from accessing the new functionality from currently known or defined access devices. |
| Rationale | Applications and services have a potentially large and diverse client-base that may choose or need to employ a variety of access channels e.g. PC/Mac/Linux devices, secure kiosk, thin client, smartphone or other mobile device. The way in which citizens consume services will change over the life of a solution/service and should not be constrained by the current technology available. |
| Implications | The solution architecture must be adaptable and provide the capability to support these changes at the appropriate points and in a cost-effective manner. |
| Ref. No. | OFP-CC3 |
|---|---|
| Name | Identity and Access Management |
| Statement | Where possible, the solution architecture and design shall leverage existing central security services (rather than creating application-specific security). Access will be granted once the requester (human or computer) has been authenticated and authorised. The requester shall only be given enough privileges to execute those tasks needed to perform a specified job activity or function; no more and no less. |
| Rationale | The information held within the solution or service is deemed to warrant sufficient protection to make the need for access to it controlled to an appropriate level. |
| Implications | Managing access and authentication to public services across multiple bodies from a single point limits required level of resource overhead. Organisations with additional security requirements (e.g. HMG protective marking schemes of IL3 and above) will require a federated authentication mechanism. Where the use of existing central security services is impossible, the solution should comply with standards-based federation. |
2.3 Privacy & Openness
| Ref. No. | OFP-PO1 |
|---|---|
| Name | Data Management - Open Data |
| Statement | The Scottish public sector produces huge amounts of data. There is, however, relatively little open publishing of that data. By making non-personal information more accessible and encouraging its publication and reuse, opportunities exist to maximise its economic and social value. |
| Rationale | Publishing of open data for public use supports opportunities to improve efficiency in public services and promotes economic activity and innovative use. |
| Implications | A cohesive overview of data is required to ensure a consistent approach is taken. Common standards for data will need to be considered. |
| Ref. No. | OFP-PO2 |
|---|---|
| Name | Data Management - Data Sharing |
| Statement | The Scottish public sector produces huge amounts of data. There is , however, relatively little sharing of that data. Opportunities exist to benefit from and/or improve services via better use of the data, whilst complying with privacy requirements. |
| Rationale | Better use of data provides the opportunity for organisations to target delivery of services, provide better integrated services and to become more efficient in their working, separately and together. |
| Implications | A cohesive overview of data is required to ensure a consistent approach is taken and common standards for data will need to be considered. All work in this area must comply with the legal framework for data sharing, respect for individuals' rights to privacy and confidentiality and consider public confidence about when and how personal information is shared. |
2.4 Skilled & Empowered Workforce
| Ref. No. | OFP-SW1 |
|---|---|
| Name | ICT work force Capability |
| Statement | To increase the capability of ICT professionals at all levels in the public sector to support digital public service delivery. |
| Rationale | In order to deliver and support digital public services, a professional and appropriately skilled ICT workforce is essential. |
| Implications | A common approach to skills identification and development of the ICT workforce, such as SFIA, and collaboration in their deployment in order to maximise the impact of their skills. |
2.5 Collaboration & Value for Money
| Ref. No. | OFP-CV1 |
|---|---|
| Name | Reuse, Before Buy, Before Build |
| Statement | The design of solutions must seek to maximise reuse of existing services across the Scottish Public Sector. If existing services do not meet the business requirements and cannot be extended cost-effectively, then a supplier will be sought to provide that product or service and make it available for reuse across the sector. If there are no existing services to reuse or suitable COTS packages that can be obtained cost-effectively, then bespoke solutions that strictly conform to the architecture principles will be considered. |
| Rationale | The ability and options to deliver ICT services in the most flexible and cost-effective manner across a range of (internal and external) customers with differing technology domains. For long term stability and maintainability of the enterprise architecture, the focus should be on maximising reuse of existing services. However, depending on the business requirements and timeframe, buy/build options cannot be precluded. |
| Implications | The requirements analysis and change management disciplines that underpin this principle must be embedded in the architecture governance processes. The use of COTS products reduces the amount of bespoke coding required whilst also leveraging 3 rd party investment and future development. With the existence of architecture principles, the requirements governing a COTS procurement must be considered from a more holistic strategic perspective. If bespoke development is unavoidable, then this should be restricted, where practical, to the business process layer of the architecture from where existing technical services can be consumed. |
| Ref. No. | OFP-CV2 |
|---|---|
| Name | Collaboration |
| Statement | Collaboration is now the default choice in the design and delivery of services and in the procurement and deployment of ICT infrastructure to support this. |
| Rationale | The public services delivery sector should collaborate across organisational boundaries to ensure that the services delivered - whether at national, sectoral or local level - can be truly joined up to meet the needs of the users of public services, the citizens and businesses of Scotland. |
| Implications | The requirements analysis and change management disciplines that underpin this principle must be embedded in the architecture governance processes. The requirements governing any collaborative development or procurement must be considered from a holistic and strategic perspective. |
| Ref. No. | OFP-CV3 |
|---|---|
| Name | Architectural Governance |
| Statement | The governance framework for all applications and services shall be owned and managed by a cross sector Governance Forum. The governance framework will be informed by the TOGAF Architecture Framework. |
| Rationale | A governance framework is required to ensure that the evolution of the architecture is managed and controlled so that it continues to align with government's strategy and drivers. The architecture, design, development, operation and support of solutions will be governed using business and ICT/ IS standards as approved within the particular organisation. To ensure that all technical as well as programme governance processes are completed, the TOGAF Architecture Framework will be applied in conjunction with business governance models. |
| Implications | Application of this principle within the wider National Governance framework will provide the transparency and guidance required to define and support best practices. |
Contact
There is a problem
Thanks for your feedback