Guidance

Rule 16: ICT capabilities and services shall be designed to provide a high-quality product

Updated 16 October 2023

The rules are under review and subject to change.

1. Rule requirement

1.1 Service Asset and Configuration Management (SACM)

• ICT shall be such that SACM is integral to the design and the data held is relevant, accurate, and appropriately presented to the NOA Configuration Management System (CMS).

1.2 Change Management

• ICT shall have appropriate change management procedures established. They shall include change categorisation, an assessment of the risk and a RACI (Responsible, Accountable, Consulted, Informed) matrix Formal change evaluation must be mandated for all changes with potential impact beyond the boundary of the service.

1.3 Knowledge Management

• ICT shall be such that appropriate knowledge transfer to the NOA Service Knowledge Management System (SKMS) during service transition is possible

1.4 Event Management (EVM)

• ICT shall be designed to ensure appropriate event activity can be managed/configured/received by the NOA toolset

1.5 Service Management toolset

• ICT shall be designed to ensure appropriate data flow integration with the NOA Service Management toolset; to include incident/problem/change management work flows and service dashboard presentation, where appropriate

1.6 Availability Management (AVM)

• ICT shall be designed such that service availability, and therefore its constituent aspects including Reliability, Maintainability, Supportability, Usability etc. are integral to the solution design and are considered from the beginning of the service lifecycle through an iterative process of progressive assurance

1.7 IT Service Continuity Management (ITSCM)

• ICT shall be such that plans for IT Service Continuity are integral to the solution design (previously Rule 12).

2. Rule rationale

Providing high-quality capability/services is a fundamental goal for Defence and the aim is to proactively minimise the risk of delivering a service that does not meet the requirements of the Customer or the Business by considering all aspects of service management throughout the life of that capability/service.

It is important that the design of the capability and its components aligns with the business needs, and that the appropriate non-functional requirements and other aspects of Service Management are designed into the solution as early as possible.

To achieve this high-quality design, each aspect of Service Management must be considered in turn by adhering to the sub-rules governing each of the non-functional requirements.

The Defence Network is a complex system of systems with multiple commercial and technical boundaries that underpins almost all the Capabilities delivered by Defence. Without a cohesive approach to Network Management, a project may inadvertently introduce vulnerabilities to other parts of the Defence Digital Service and Network that may degrade either the capability being delivered or other live services. Mitigation of this risk is carried out by the progressive assurance built into this Rule.

This is not unique to Defence and most enterprise IT organisations are adopting similar approaches allowing them to apply effective Service Management practices.

3. Who to contact

• Service Asset and Configuration Management and Change management, email ISSOps-ODChange-Coord-Ops@mod.gov.uk

• Knowledge management, email ISSOps-SP-KnowInsight@mod.gov.uk

• Event management, email ISSOps-ODOps-ENDACGroup-OpS@mod.gov.uk

• Service Availability (AVM) and Service Continuity (ITSCM), email ISSDes-APM@mod.gov.uk