Scotland's Digital Future: High Level Operating Framework

Guidance and information for public sector organisations on the design principles, standards and specifications of the Scotland’s Digital Future: Delivery of Public Services strategy.

2 Architecture Principles

2.1 Introduction

The principles are founded on the four strategic principles set out in the paper Scotland's Digital Future - Delivery of Public Services. Each of those strategic principles is used to group together the Architecture Principles.

The architecture principles define the rules and guidelines that inform and support the way in which the architecture and design for services and systems in scope of this ICT Framework are delivered. They are intended to reflect a level of consensus across National, Sector and Local levels and should be used to assess the compliance of any new ICT initiative at each of those levels.

Architecture Principles are intended to be enduring and stable and are therefore defined at a high level. However, it is expected that the principles will be updated/extended over time where this is found to be appropriate. The principles are interrelated and should be applied as a set. In some cases, principles will compete; a governance process for their management should therefore be established to include a resolution process to manage these conflicts.

Each architecture principle defined in this paper is described using the following format (based on the TOGAF Enterprise Architecture [2] ).

Reference A unique reference identifier for the architecture principle
Name An easy to remember name that represents the principle's objectives.
Statement An unambiguous statement that describes the principle.
Rationale A statement or list of statements that describe the benefits of following the principle.
Implications A statement or list of statements that describe the consequences of adhering to the principle.

This paper is intended to be a living document, reviewed and updated as warranted by changing business and technical circumstances. The principles are provided in this section as a starting point for the formulation of a more complete set under each strategic principle pillar.

2.2 Citizen/Customer Focus

Ref. No. OFP-CC1
Name Digital Standards
Statement The design of applications and services (information and transactions) will be user focused and with a presumption of alignment with the technical standards and design principles of the full (not prototype) version of MyGovScot.
Rationale A common approach will facilitate effective user journeys.
Implications Service providers will design digital services as part of a wider public sector approach and not in isolation.
Ref. No. OFP-CC2
Name Multi-Channel
Statement The design of new applications and services shall not restrict service consumers from accessing the new functionality from currently known or defined access devices.
Rationale Applications and services have a potentially large and diverse client-base that may choose or need to employ a variety of access channels e.g. PC/Mac/Linux devices, secure kiosk, thin client, smartphone or other mobile device.

The way in which citizens consume services will change over the life of a solution/service and should not be constrained by the current technology available.

Implications The solution architecture must be adaptable and provide the capability to support these changes at the appropriate points and in a cost-effective manner.
Ref. No. OFP-CC3
Name Identity and Access Management
Statement Where possible, the solution architecture and design shall leverage existing central security services (rather than creating application-specific security). Access will be granted once the requester (human or computer) has been authenticated and authorised. The requester shall only be given enough privileges to execute those tasks needed to perform a specified job activity or function; no more and no less.
Rationale The information held within the solution or service is deemed to warrant sufficient protection to make the need for access to it controlled to an appropriate level.
Implications Managing access and authentication to public services across multiple bodies from a single point limits required level of resource overhead.

Organisations with additional security requirements (e.g. HMG protective marking schemes of IL3 and above) will require a federated authentication mechanism.

Where the use of existing central security services is impossible, the solution should comply with standards-based federation.

2.3 Privacy & Openness

Ref. No. OFP-PO1
Name Data Management - Open Data
Statement The Scottish public sector produces huge amounts of data. There is, however, relatively little open publishing of that data. By making non-personal information more accessible and encouraging its publication and reuse, opportunities exist to maximise its economic and social value.
Rationale Publishing of open data for public use supports opportunities to improve efficiency in public services and promotes economic activity and innovative use.
Implications A cohesive overview of data is required to ensure a consistent approach is taken. Common standards for data will need to be considered.
Ref. No. OFP-PO2
Name Data Management - Data Sharing
Statement The Scottish public sector produces huge amounts of data. There is , however, relatively little sharing of that data. Opportunities exist to benefit from and/or improve services via better use of the data, whilst complying with privacy requirements.
Rationale Better use of data provides the opportunity for organisations to target delivery of services, provide better integrated services and to become more efficient in their working, separately and together.
Implications A cohesive overview of data is required to ensure a consistent approach is taken and common standards for data will need to be considered. All work in this area must comply with the legal framework for data sharing, respect for individuals' rights to privacy and confidentiality and consider public confidence about when and how personal information is shared.

2.4 Skilled & Empowered Workforce

Ref. No. OFP-SW1
Name ICT work force Capability
Statement To increase the capability of ICT professionals at all levels in the public sector to support digital public service delivery.
Rationale In order to deliver and support digital public services, a professional and appropriately skilled ICT workforce is essential.
Implications A common approach to skills identification and development of the ICT workforce, such as SFIA, and collaboration in their deployment in order to maximise the impact of their skills.

2.5 Collaboration & Value for Money

Ref. No. OFP-CV1
Name Reuse, Before Buy, Before Build
Statement The design of solutions must seek to maximise reuse of existing services across the Scottish Public Sector. If existing services do not meet the business requirements and cannot be extended cost-effectively, then a supplier will be sought to provide that product or service and make it available for reuse across the sector.

If there are no existing services to reuse or suitable COTS packages that can be obtained cost-effectively, then bespoke solutions that strictly conform to the architecture principles will be considered.

Rationale The ability and options to deliver ICT services in the most flexible and cost-effective manner across a range of (internal and external) customers with differing technology domains. For long term stability and maintainability of the enterprise architecture, the focus should be on maximising reuse of existing services.

However, depending on the business requirements and timeframe, buy/build options cannot be precluded.

Implications The requirements analysis and change management disciplines that underpin this principle must be embedded in the architecture governance processes.

The use of COTS products reduces the amount of bespoke coding required whilst also leveraging 3 rd party investment and future development. With the existence of architecture principles, the requirements governing a COTS procurement must be considered from a more holistic strategic perspective.

If bespoke development is unavoidable, then this should be restricted, where practical, to the business process layer of the architecture from where existing technical services can be consumed.
Ref. No. OFP-CV2
Name Collaboration
Statement Collaboration is now the default choice in the design and delivery of services and in the procurement and deployment of ICT infrastructure to support this.
Rationale The public services delivery sector should collaborate across organisational boundaries to ensure that the services delivered - whether at national, sectoral or local level - can be truly joined up to meet the needs of the users of public services, the citizens and businesses of Scotland.
Implications The requirements analysis and change management disciplines that underpin this principle must be embedded in the architecture governance processes.

The requirements governing any collaborative development or procurement must be considered from a holistic and strategic perspective.

Ref. No. OFP-CV3
Name Architectural Governance
Statement The governance framework for all applications and services shall be owned and managed by a cross sector Governance Forum.

The governance framework will be informed by the TOGAF Architecture Framework.

Rationale A governance framework is required to ensure that the evolution of the architecture is managed and controlled so that it continues to align with government's strategy and drivers.

The architecture, design, development, operation and support of solutions will be governed using business and ICT/ IS standards as approved within the particular organisation. To ensure that all technical as well as programme governance processes are completed, the TOGAF Architecture Framework will be applied in conjunction with business governance models.

Implications Application of this principle within the wider National Governance framework will provide the transparency and guidance required to define and support best practices.


Back to top