2.3. Digital First Name: Digital First Statement: Create and optimize the design of services and communications for delivery via responsive digital channels (i.e., web, mobile, social media, etc.) over the traditional channels, such as mail, fax, or in-person. Rationale: • Clients expect secure and easy-to-use online options to access services from the information and application stage up to a decision on their file. • ESDC is committed to providing Canadians with access to high-quality online services, while ensuring that those who require additional assistance to access services online receive it. • Clients can complete services using digital self-service.( Goal 1 of the ESDC Service Strategy ) Implications: Digital First means: • We must optimize to digital channel • We must embrace decisions enabling its fullest control • We must design the channel to support • We must ensure the full spectrum of services covers the non-digital • We must enable business transformation to grow take up GC Digital Architectural Standards o Align to the GC Business Capability model  Define program services as business capabilities to establish a common vocabulary between business, development, and operation  Identify capabilities that are common to the GC enterprise and can be shared and reused  Model business processes using Business Process Modelling Notation (BPMN) to identify common enterprise processes o Design for Users First & Deliver with Multidisciplinary Teams  Focus on the needs of users, using agile, iterative, and user-centred methods  Conform to both accessibility and official languages requirements  Include all skillsets required for delivery, including for requirements, design, development, and operations  Work across the entire application lifecycle, from development and testing to deployment and operations  Ensure quality is considered throughout the Software Development Lifecycle  Ensure accountability for privacy is clear  Encourage and adopt Test Driven Development (TDD) to improve the trust between Business and IT o Design Systems to be Measurable and Accountable  Publish performance expectations for each IT service  Make an audit trail available for all transactions to ensure accountability and non-repudiation  Establish business and IT metrics to enable business outcomes  Apply oversight and lifecycle management to digital investments through governance o Data Collection  Ensure data is collected in a manner that maximizes use and availability of data  Ensure data collected aligns to existing enterprise and international standards  Where enterprise or international standards don’t exist, develop Standards in the open with key subject matter experts  Ensure collection of data yields high quality data as per data quality guidelines  Ensure data is collected through ethical practices allowing for use that supports appropriate citizen and business-centric  Data should only be purchased once and should align with international standards  Where necessary, ensure collaboration with department/ agency data stewards/ custodians, other levels of government, & Indigenous people o Data Management  Demonstrate alignment with departmental data governance and strategies.  Ensure accountability for data roles and responsibilities  Design to maximize data use and availability. o Data Storage  Ensure data is stored in a secure manner in accordance with the National Cyber Security Strategy, and the Privacy Act.  Follow existing retention and disposition schedules.  Ensure data is stored in a way to facilitate easy data discoverability and accessibility. o Data Sharing  Data should be shared openly by default as per the Directive on Open Government.  Ensure government-held data can be combined with data from other sources enabling interoperability and interpretability through for internal and external use  Reduce the collection of redundant data  Reuse existing data where possible  Encourage data sharing and collaboration o Use open standards and solutions by default  Use open standards and open source software. Avoid lock-in and seek independence and substitutability where open source software or open standards are available.  Enforce this order of preference: open source first, then platform-agnostic COTS, then proprietary COTS, and lastly custom-built  Make source code open and reusable under an appropriate open source software license  Expose public data to implement Open Data and Open Information initiatives o Maximize Reuse  Leverage and reuse existing solutions, components, and processes  Select enterprise and cluster solutions over department-specific solutions  Achieve simplification by minimizing duplication of components and adhering to relevant standards  Inform the GC EARB about departmental investments and innovations  Share code publicly when appropriate, and when not, share within the Government of Canada o Enable Interoperability  Expose all functionality as services  Use micro services built around business capabilities. Scope each service to a single purpose  Run each IT service in its own process and have it communicate with other IT services through a well-defined interface, such as an HTTPS-based application programming interface (API) as per Appendix D: Mandatory Procedures for Application Programming Interfaces  Run applications in containers  Leverage the GC Digital Exchange Platform for components such as the API Store, Messaging, and the GC Service Bus o Use Cloud first  Enforce this order of preference: Software as a Service (SaaS) first, then Platform as a Service (PaaS), and lastly Infrastructure as a Service (IaaS)  Enforce this order of preference: Public cloud first, then Hybrid cloud, then Private cloud, and lastly non-cloud (on-premises) solutions  Design for cloud mobility and develop an exit strategy to avoid vendor lock-in o Design for Performance, Availability, and Scalability  Design for resiliency  Ensure response times meet user needs for availability  Support zero-downtime deployments for planned and unplanned maintenance  Use distributed architectures, assume failure will happen, handle errors gracefully, and monitor actively o Design for Security and Privacy  Implement security across all architectural layers  Categorize data properly to determine appropriate safeguards  Perform a privacy impact assessment (PIA) and mitigate all privacy risks when personal information is involved  Balance user and business needs with proportionate security measures and adequate privacy protections. • Digital Principles (Canada.ca) o Design Ethical Services  Make sure that everyone receives fair treatment.  Comply with ethical guidelines in the design and use of systems which automate decision making (such as the use of artificial intelligence). o Collaborate Widely  Create multidisciplinary teams with the range of skills needed to deliver a common goal.  Share and collaborate in the open.  Identify and create partnerships which help deliver value to users. References: • ESDC Service Strategy • GC Digital Standards • GC Digital Architectural Standards • Digital Princples (https://open.canada.ca/en/blog/digital-principles?page=1%2C0)