Feeds

Auditors blast Blighty cops over binned multi-million pound IT project

Report says Surrey Police's SIREN system was 'poorly managed' and 'ambitious'

Security for virtualized datacentres

A new report has been highly critical of a failed £15m IT project for Surrey Police that was eventually binned by the cops.

Auditors Grant Thornton published the report today on behalf of the government's Audit Commission, which said the Surrey Integrated Reporting Enterprise Network (SIREN) project had been “poorly managed”, “poorly controlled” and run by people without the necessary skills.

“The ambitious vision for SIREN was not matched by the skills and experience available to, and deployed by, the Force for a major portion of the project’s life,” the auditors concluded, adding:

The Force was not experienced in delivering projects of this type and complexity and the chosen supplier, Memex Technology Ltd (Memex), did not make up for this shortfall in terms of managing the risk to delivery.

The Force had little experience of using the Agile approach to project management, development and delivery, which was central to the way that SIREN would be delivered. Scope was poorly controlled for a significant period of the project, delays and shortfalls in funding (resulting from missing scope or skill shortages) were identified late in the process and the initial envisaged benefits quickly diminished from the outset and, ultimately, were never delivered.

The Surrey Police said that the project was “a matter of regret” for them. Chief constable Lynne Owens said in a statement:

The Report makes clear that external circumstances changed significantly between when the SIREN project started to when it was stopped. The problems that arose in the Force’s handling of the SIREN project are not endemic, and the audit states Surrey Police has a proven record of successfully delivering change, including this being recognised by Her Majesty’s Inspectorate of Constabularies in 2013.

However, we are not complacent and are continually improving how we deliver and govern change to ensure that spend is prioritised on supporting operational policing.

The police division pulled the plug on the multi-million pound project to replace its existing crime, case and custody IT system early last year, after spending eight years developing it. Chief Constable Owens, who took over the force in 2012, started saying that the project she’d been saddled with was possibly not the best long-term option for the force late that year.

The Police and Crime Commissioner (PCC) for Surrey, Kevin Hurley, along with Owens, decided to ditch the whole thing early the following year.

"My decision to withdraw from the SIREN project has not been taken lightly, but I believe that this course of action will ultimately be in the best interests of both Surrey Police and the Surrey public,” Hurley said at the time. “It is right and proper that it will be fully reviewed by the Police and Crime Panel and by Grant Thornton, the Audit Commission's appointed external auditors."

Because the PCC had terminated the contract with the developer without cause, the police division was stuck with the full bill for the contractually agreed development costs, leading to a total payout of £14.8m over the eight years.

Surrey Police then ended up replacing its crime information system with one from Niche RMS, a less expensive option that was already in use by a number of different forces.

The auditors said that the PCC was right to axe the SIREN project when he did, but pointed out that the situation never should have come to that in the first place.

“None of the individual decisions taken were reckless – like the termination decision itself, many of them are understandable within the individual circumstances in which they were made,” they said.

“However, in our view a lack of experience of how to manage projects of this scale and complexity prevented effective corrective action being taken when problems first arose. Had this experience been in place (either in house or from a third party supplier), it is arguable a firmer control of the project may have been established from the outset, avoiding the significant delays and cost overruns that eventually resulted in the project's termination and the write-off of substantial public funds committed to date.”

Surrey Police and the PCC said they would hold a public meeting to discuss the audit and its recommendations next week. The force said it had already taken some steps to ensure that projects were better managed in future, including setting up a joint procurement team with Sussex Police and hiring a new shared Chief Information Officer to cover both forces. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
Show us your Five-Eyes SECRETS says Privacy International
Refusal to disclose GCHQ canteen menus and prices triggers Euro Human Rights Court action
Radio hams can encrypt, in emergencies, says Ofcom
Consultation promises new spectrum and hints at relaxed licence conditions
Heavy VPN users are probably pirates, says BBC
And ISPs should nab 'em on our behalf
Former Bitcoin Foundation chair pleads guilty to money-laundering charge
Charlie Shrem plea deal could still get him five YEARS in chokey
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.