IT Strategies and Actions
This document is intended to provide an overview of of the cultural, process, and technical changes (and respective measurements) which our quarterly strategies will be promoting.
Approach
The IT Strategy team will not create a 5 or 10 year plan to transform the organization. For details on the objectives, see Medium Term and Long Term IT Pictures. Based on DevOps Research and Assessment (DORA) and the latest State of DevOps report, we want to focus on capabilities that enable high performing IT organizations. This also aligns with GC IT Policy and Direction around Digital government.
Quarterly strategies and actions will be shared with all teams in IITB. Following these actions will be mandatory as part of Management and team leads performance agreements. Strategies will be reviewed and updated quarterly based on progress and effectiveness. Below is a list of strategies and actions that could be used as quarterly strategies.
The first quarterly strategy for Q1 (2020-04 to 2020-06) will be (Draft) 20% of time to learn, automate and improve.
Goals
- Continuous learning, automation and improvements
- Reduce lead time for changes and delivery of services/devices
- Recover faster incidents and errors
- Reduce frequency of incidents and errors
- Agile (break down work, sprints, retrospectives)
- Work in the open (data, information and code)
- Expose internal and external (all) services as APIs
- Teams interact through automated digital services
Goals for IT development and operation teams
- On demand deployment
- Recover from incidents/errors in less than 1 day
- Less than 15% of changes cause incidents/errors
Goals for IT service teams
- Self service
- To enable rapid feedback
- Create automated processes to realize efficiencies
- Enable streamlined responsible distributed decision making
IITB Teams Must
Starting now! For all projects and teams!
Align with GC IT Policy and Direction
- Digital Standards
- Digital Operations Strategic Plan: 2018-2022
- Policy and Directive on Service and Digital
- Mandatory Procedures for EA Assessment
- Mandatory Procedures on APIs
- Acceptable Network and Device Use
Consult Appendix A for details.
Cultural
- IT teams must use about 10% of their time to learn/try new technologies, attend events/conferences, and stay up to date on trends and technologies related to their work
- Make it a requirement in performance agreements of directors, managers and team leads
- Track using existing CATS code for learning (300)
- Communications about the updated direction around learning and regular updates on upcoming learning opportunities
- Leverage IITB showcase and Dev CoP to share knowledge within IITB and show progress
- Create champions for topics (Agile, Git, Development, CI/CD, EA, Testing, Security, ..)
- Create crowdsourced list of learning resources in GCpedia (link on Intranet)
- Create digital channel for sharing (e.g. Slack)
- Encourage Bi-Daily Team Standups to share learning out loud
- Create a safe environment for experimentation/failure
- Setup regular communications about failures and lessons learned - link back to learning opportunities
- Offer cloud and desktop sandboxes for experimentation
- Hold blameless postmortems
- Organize lunch between the DM and a team/project that recently “failed”
- IT teams must have access to resources enabling learning and automation of testing, deployments and other manual processes
- Offer cloud and desktop sandboxes for experimentation
- Temporary hiring of talent with programming skills (e.g. Co-op students, Casuals, Talent Cloud)
- Reorganize IT teams, starting with staff that are looking for a new challenge
- IT teams and other groups must have access to modern tooling, such as SaaS (Internet), mobile and desktop tools
- Unblock access to specific SaaS for IITB employees
- Review the criteria and value add for technology bricks for SaaS
- Invest in bandwidth, DLP and document classification tool to enable more open access to Internet
- Communications that employees can use SaaS on ESDC network for unclassified information
- Add all approved software to Application Catalogue (e.g. paying ones)
- Automate parts of the software assessment and approval process
- Share software certifications with other departments
- Hiring favours candidates who demonstrate adaptability, curiosity, and strong ethics
- Work with HR to adapt hiring processes (e.g. interview questions)
- Build multidisciplinary teams capable of delivering services from start to end of life
- Encourages collaboration and fosters a culture of flexibility, mobility and well-being
Process
- IT teams must use about 10% of their time for improving existing processes and automation of testing, deployments and other manual processes
- Make it a requirement in performance agreements of managers and team leads
- Directors, management and teams must show quarterly progress related to automation and continuous improvements
- Track using CATS code (need code)
- Communications about the updated rules around continuous improvements and automation
- Organize regular hackathons to improve and automate existing processes
- Add automation tools to Application Catalogue
- Create centralized repository of scripts on GCcode
- Add automation focus to Grassroots Innovation Practice initiative
- Consult front line workers to determine quick wins
- IT teams must work using Agile methodologies, iterate and continually improve solutions, services and processes
- Organize training on Agile/DevOps for managers and team leads
- Highlight the work of existing Agile teams
- Break down and prioritize work items
- work in iterations (sprints) and show improvements
- Hold regular retrospectives
- Reduce lead time for changes and delivery of services
- Automate
- Make ongoing work and backlog visible
- Make Sharepoint site open by default
- Promote the use of GitHub, Gitlab or GCcode as working environments (Projects, tasks, documents, code, continuous integration, ..)
- Promote smaller investments over large ones, and monitor them based on business outcomes, not project plans
- Move and support product management
- Where possible, remove the need for manual/committee approval
- Empower multidisciplinary teams and allow them to work on new ideas in pursuit of business goals that solve important problems
- Clients must be included from the start of projects and can submit regular feedback
- Services must be made accessible as APIs
- Create a DevOps Dojo
- Promote continuous departmental improvement by creating a venue where teams can learn from experts in modern IT delivery best practices and principles
- Invest in teams staying up to date and continually improving their tools and the way they work
Technical
- IT teams must save all projects artifacts to a version control system
- Help SSC GCcode become officially supported
- Make GCcode the default option for new application development projects
- Promote the use of GitHub, Gitlab or GCcode as working environments (Projects, tasks, documents, code, continuous integration, ..)
- EA must actively and fairly consider open standards (data formats/protocols) and open source software for all new purchases, upgrades or migrations (including cloud solutions)
- Implement the recently approved ESDC OSS Framework
- Collaborate with other departments and agencies on best practices
- EA must enable deploy-anytime capabilities, with high degrees of automation
- Assess the implementation of a central PaaS
- IT teams must automate tests (Unit, UAT, Security, ITSM ..)
- Train Champions of automation testing
- IT teams must automate builds and deployments for all environments (Dev, QA and Production)
- Offer cloud sandboxes to experiment with automation of builds and deployments
- IT teams must have access to realistic test data
- EA must be loosely coupled and enable IT teams to autonomously, experiment with ideas, and choose their own tools
- EA and Security must provide developers with preapproved libraries
- Security must be involved from the start and in all phase of projects
- Security must develop automated tests
Measurement
- IT teams must collect data throughout the value stream
- IT teams must establish Work In Progress (WIP) limits based on team capacity and cognitive load
- IT teams must make collected data and project status visible to the business
Appendix A - Details of GC Information Technology Direction
- Digital Standards
- Design with users
- Iterate and improve frequently
- Work in the open by default
- Use open standards and solutions
- Address security and privacy risks
- Build in accessibility from the start
- Empower staff to deliver better services
- Be good data stewards
- Design ethical services
- Collaborate widely
- Digital Operations Strategic Plan: 2018-2022
- OneGC vision, aims to not only deliver on the outcome of a single window, but also go beyond it to meet Canadians’ expectations of service delivery on any platform, using any device and with any partner.
- Policy and Directive on Service and Digital
- How GC organizations must manage service delivery, information and data, information technology, and cyber security in the digital era
- Mandatory Procedures for Enterprise Architecture Assessment
- Align to the GC Business Capability model
- Design for users first and deliver with multidisciplinary teams
- Design systems to be measurable and accountable
- Use Open Standards and Open Source Software
- Maximize Reuse; Enable Interoperability
- Use Cloud and SaaS
- Design for performance, availability, scalability, security and privacy
- Mandatory Procedures on Application Programming Interfaces
- Validate API design by consuming it with a production application within your organization
- All APIs should be published to the API Store
- Acceptable Network and Device Use
- Provide open access to Internet tools and services to support public servants in their work duties, enhance collaboration and networking with their peers