Standard brings IT consistency to Queensland public safety

ISO 20000 standard provides more "tangible" goal than ITIL, says Queensland Public Safety Network Management Centre director, John McIntosh

A standards-based approach to IT Service Management (ITSM) adopted by the Queensland Public Safety Network Management Centre has resulted in consistent and reliable delivery of IT to the state’s law enforcement and public safety agencies, according to the centre’s director, John McIntosh.

The Public Safety Network Management Centre earned ISO 20000 accreditation in November last year, becoming the first government organisation in Queensland to be certified under the standard, and one of only two public safety groups across Australia.

The organisation was created in 2007 as a shared services initiative providing managed network services for the Queensland Police, the Department of Community Safety and the Department of Justice and Attorney General.

“Our remit is to provide managed network services that provide our customer agencies with a fixed data networking service which meets their core business requirements,” McIntosh told Computerworld Australia. McIntosh will speak at the itSMF conference in Canberra, which runs from 7 to 9 August.

McIntosh said one of his team’s major responsibilities is to provide high availability across critical sites that have a 24x7 service requirement, such as police communications centres and large courthouses. In total, about 100 out of 780 sites on the network have this requirement, he said.

“It’s become quite critical for particularly the very large courthouses across Queensland to be able to continue to operate and not have a single point of failure within the network,” he said. “Delays in court proceedings, as most people know, are costly.”

The organisation sought ISO 20000 accreditation to ensure staff responses are consistent whenever there are network failures, McIntosh said. Another advantage of getting the certification was that it would give the agency stronger contestability, he said. “We’re able to deliver our services at a level that differentiates us from other potential suppliers.”

McIntosh said ISO 20000 was preferred to the set of best practices that comprise the Information Technology Infrastructure Library (ITIL). Compared to suggested best practices, a standard provided a “tangible goal.”

“There are a lot of things within the standard that says ‘You shall do this’ and ‘You shall do that,’” he said. “ITIL doesn’t really do that—they suggest that this is a good way of doing something.”

“It gives our staff some consistency and some things to work towards.” In addition, “the requirement to maintain your [ISO 20000] certification gives us an ongoing focus,” he said.

“The standard itself is very practical,” he added. “We wouldn’t have aligned ourselves to the standard if it meant doing things that were superfluous to our own requirements.”

Getting the organisation ready for ISO 20000 certification took about six months, said McIntosh.

“We had been working on establishing service delivery capability since I started in the role in January 2008,” he said. “We had reached a certain level of maturity with regards to some of the ITSM processes, but there were other processes that were only partially implemented.”

The organisation went to market and brought in a consultant to measure the maturity of its service delivery processes. The assessment identified several gaps in the organisation’s service delivery capability and processes.

“We lacked some policies. We lacked some process documentation. We lacked a number of things which we then decided we couldn’t resource ourselves.”

It went to market again for another consultancy and brought an external organisation in to help address the gaps.

It was a mostly smooth process, he said. “The biggest challenge for us was coordinating different groups across the [centre] to contribute where required and to take staff on that journey with us.”

At the conclusion, the centre requested SAI Global to do a pre-certification audit to determine whether it was ready to be audited for ISO 20000. The group made a few minor suggestions but found no non-conformities with the standard, McIntosh said.

“We addressed those opportunities for improvement, scheduled the full audit for a couple months later and were successful in getting through that audit.”

Winning the certification reaffirmed to public safety agencies the importance of McIntosh’s IT group, he said.

“While they were already confident in our ability, achieving this certification was clear evidence that the decision to establish this shared services initiative was the right one by those agencies five or six years ago.”

McIntosh said he would recommend pursuing the standard to any organisation struggling to implement ITSM processes. “ISO 20000 is a very practical place to start.”

“I’d definitely engage partners if you don’t believe you’ve got the capacity or capability to do this yourself,” he advised. Such an approach can be critical to keeping the project focused and on track, he said.

Follow Adam Bender on Twitter: @WatchAdam

Follow Computerworld Australia on Twitter: @ComputerworldAU, or take part in the Computerworld conversation on LinkedIn: Computerworld Australia

Join the newsletter!

Error: Please check your email address.

Tags Case StudyITILitsmfqueenslandshared servicespublic safetylaw enforcementIT Service Management (ITSM)ISO 20000 Certification

More about Department of JusticeISOitSMFTechnology

Show Comments
[]