Stabilising the baseline as a springboard for transformation
Many organisations continue to grapple with digital transformation and wonder what it can actually deliver amid a risk of failure. In this four-part blog series, we take a look at a real-world case study of the steps Accelera took with the NSW Health Care Complaints Commission to assist the organisation on its digital transformation journey.
The NSW Health Care Complaints Commission (HCCC) acts to protect public health and safety by dealing with complaints about health service providers across the state. The commission’s drivers for transformation include allowing complainants and providers to engage through digital channels, to reduce the use of paper across the agency, and to streamline and digitize processes. The vision is for the people of NSW to benefit from faster and better outcomes.
“Accelera takes a holistic view of digital and was able to help transform our organisation while we maintained existing levels of service delivery. We are now on a clear journey of digitally-driven innovation.” Eddie Van Den Bempt, Director, Corporate Operations & CFO, NSW Healthcare Complaints Commission
In the first part in this series, we covered the assessment phase of the project. In this second part, we take a look at the importance of delivering a stable baseline ICT function, before commencing on transformational change.
When considering a ‘stable baseline’ for an ICT function, any program of work needs to focus on:
- Improving the security posture for compliance and greater resilience
- Determining and right-sourcing the non-core ICT functions to external partners
- Bringing the base infrastructure and applications up to current, patched levels
Accelera worked with external security teams and vendors to review, assess and deliver a program of change to raise the security posture of the HCCC to meet the state government’s mandated Cyber Security NSW’s Essential 8 self-rating system, and to re-certify its ICT function under the ISO 27001:2013 security standard.
This included external penetration testing, vulnerability scanning and remediation, and process documentation and controls improvement to meet the exacting ISO 27001 standard’s certification requirements.
With a compliant security baseline in place, this allowed the Commission to focus on further security posture improvements through training and awareness, which continues as the dynamics of the security landscape change.
One approach to working with a stretched ICT team is to see whether parts of their responsibility could be sourced from an external partner, often with systems, processes and scale to deliver it in a more cost effective and consistent way. This frees up the team to support the organisation on more strategic, transformative activities.
Accelera and the HCCC worked with vendors to outsource some aspects of the ICT platform and service management functions, freeing up internal resources to focus on more strategic initiatives as part of the digital transformation program.
Having gained some additional bandwidth from the internal ICT team – and access to key vendor resources to assist – a program of infrastructure and application software upgrades was then able to be progressed. Previously the program had stalled after a number of promised (and re-set) target dates for completion.
Bringing the baseline infrastructure and application software up to current, patched and vendor-supported levels enabled the Commission to have more confidence in the platform and to know that if there was an issue, external vendors would be able to support them.
The importance of having confidence in the security and reliability of the baseline systems, in order to commence a transformation agenda, can’t be underestimated. The stabilisation phase is therefore critical to delivering this confidence.
In our next post, we will cover the changes to the governance structure that were put in place to help achieve the transformation outcomes that were sought.
To see and download the full case study, please see the case study page.
