Major IT projects

Fourteen out of 29 major IT projects (58 per cent) managed by Northern Ireland departments and their arm’s length bodies have an amber or red project status, a report has found.

Major IT projects in Northern Ireland, published by the Northern Ireland Audit Office (NIAO) in July 2025, states these projects have a total value of £2.2 billion. The current total estimated whole life cost of the 29 projects is £5.2 billion.

Major IT projects are defined as those valued at over £25 million in whole life cost. It takes six-and-a-half years on average for a major IT project to be designed, procured, implemented, and become fully operational.

The report finds that there is an absence of a consistent process to identify, manage, and report on IT systems. There is also no process to appraise systems and set priorities for new or replacement systems. The report adds that there is no overarching portfolio view of major IT projects or existing system and that the approach within individual departments varies.

There is currently no Northern Ireland Civil Service (NICS) IT strategy. Furthermore, there is no authority to mandate the implementation and delivery of such a strategy across departments.

Out of the 29 projects, 24 have been undertaken to replace legacy IT systems. For almost all of these systems, the legacy contract has been extended multiple times with systems “operating well beyond their intended life”.

Many of these extensions were to “maintain continuity of service as opposed to a strategically planned choice”. Legacy system contracts were extended by almost eight years on average.

Repeated extensions incur significant financial costs along with a potential negative impacts on service quality. Five projects were examined as part of the study and all experienced delays which led to contract extensions for legacy systems valued in excess of £573 million. Extensions arise from a pressure on resources, capacity and capability issues, and single-year budgets.

The five projects examined experienced delays or problems at the initiation stage. Reasons included a lack of clarity on scope and intended outcomes, no clear project plan, no target operating model, and insufficient suitable resources.

Three of the case studies experienced issues with governance arrangements including infrequent meetings, and membership that was not sufficiently representative of stakeholders. The report states that value can be gained from implementation of the Gateway review process. This is an assurance mechanism comprising a series of independent peer reviews undertaken during a project lifecycle.

The report finds that projects are initiated with smaller teams than are needed, key roles are not adequately filled with skilled staff, and staff often do not have the capacity needed for their roles as they retain their day-to-day responsibilities.

Recommendations

If the current approach to major IT projects persists, it will result in continued risk for value for money, while missing out on potential benefits from new technologies, the report asserts.

The NIAO outlines 10 recommendations to reform and transform public services, one of the nine priorities identified in the 2024-2027 Programme for Government (PfG). It suggests implementing these recommendations in the 12 months following the report’s publication.

The NIAO recommends that each department review the maturity and adequacy of support provided by its portfolio, programme, and project offices. It indicates that the Department of Finance should report the findings to the NICS board.

Recommendation two is the establishment of a framework to identify legacy IT systems and those soon to become legacy systems, and assess their associated risks. The NIAO also recommends that an NICS-wide IT strategy, collectively owned by all NICS departments, is implemented and applied across the NICS.

Recommendation four is that “accurate and timely” contract management and cost information is made available. This is aimed at enabling regular monitoring and reporting to support decision-making by the relevant governance mechanisms.

The NIAO recommends that sufficiently skilled staff are available from the early stages of projects to enable realistic timescales and the inclusion of costs and internal resource requirements in business cases.

Recommendation six is that potential benefits of new systems are outlined in business cases. Benefits should also be monitored and reported on once systems are operational with an aim to ensure benefits and value for money are delivered.

The NIAO recommends that projects valued at over £5 million are required to engage with the Gateway process completing a risk potential assessment. Accounting officers should embed project reporting arrangements with an aim to ensuring projects with their remit engage with the assurance process.

Recommendation eight is that governance structures should include key stakeholders with “an appropriate mix of skills and experience”. This structure should be altered and improved as necessary during a project’s life.

The NIAO recommends that the NICS address the adequacy of project management and deliver skills. This includes identifying the skills gap, development of a mature NICS project deliver professions, and ensuring staff with the required skills and training are available. The Department of Finance is recommended as the leader for this recommendation with support from NICS and human resources.

Recommendation 10 is that the NICS board takes the lead in identifying recurrent issues leading to project delays. The NIAO suggests that a “clear, time-bound action plan to address these issues must be developed”.

Comptroller and Auditor General Dorinnia Carville says: “Extending contracts on legacy systems risks a gap growing between the system’s functionality and the needs of citizens, businesses, and communities.

“Major IT projects are recognised as being complex, but this is all the more reason why the Northern Ireland public sector needs to adopt a much more strategic approach. This means planning and working collectively to maximise potential synergies in IT solutions, to better understand shared risks and to ensure best use of skills and resources.”