- Česky (cs)
- English (en)
Introduction
Part of and also a key prerequisite for meeting the objectives of the Information Concept of the Czech Republic1) (also referred to as "ICCR" or "Information Concept of the Czech Republic") is the establishment of effective central coordination of ICT management and its support of transformation initiatives towards digitalization of the SS and full eGovernment. This will only be possible through a coordinated effort to bring the local ICs of each OSS into alignment with the objectives, principles and tenets of the ICCR2). The document "Methods of ICT management of public administration in the Czech Republic" (also referred to as the "MCICT") regulates the framework of rules for the central coordinated management of ICT support for eGovernment, management of its legislative changes, building and operating ICT capacities and competences of state enterprises and agencies, management of IT departments in individual OVS as well as life cycle management of individual ISVs and other IS in public administration. It elaborates and builds on the principles of ICT management set out in the ICCR, of which it is an integral part.
For ease of use, the document is simplified as much as possible, and more detailed elaboration of individual topics is contained in its appendices and annexes, published through the so-called Knowledge Base3).
The MŘICT document will be followed by a number of legislative and methodological documents related to individual disciplines of ICT management, such as change management, project management, resource efficiency management and TCO evaluation in IT, etc.
The establishment of the MŘICT is given by the Government Resolution No. 629 of 3 October 2018, as a follow-up document to the approved IKČR4), which is part of the "Digital Czechia" programme. Other subsequent documents of the Information Concept of the Czech Republic include: the Glossary of eGovernment Concepts, the National Architectural Framework and the National Architectural Plan.
This document is also an output of the 4885) under the sub-objective IKCR 5.01 approved6) of the implementation plan of the main objective No. 5 of the Information Concept of the Czech Republic "Efficient and centrally coordinated ICT public administration" for 2019 of the "Digital Czechia" programme.
Purpose of the document
To whom the document is addressed. The target group of the MCICT are managers of individual public administration bodies (OAGs, see below) responsible for the management of the ICT departments of their offices (CIO ICT).
What are the main benefits of the document. As such, the MŘICT defines the overall approach to the ICT management system in the public administration of the Czech Republic. At the same time, its follow-up Knowledge base (de-facto as an implementation manual of the IKČR) sets out specific, directly applicable steps that are necessary to fulfil the principles and principles contained in the IKČR. It presents these steps:
- respecting the specificities given by the nature of the authority, i.e., taking into account whether it is a state or local government authority7),
- including references to current legislative restrictions on these steps.
What is the authority for the document. The ICCR, issued on October 3, 2018, defines the basic requirements for the management and development of public administration authorities and their informatics departments to be able to meet the objectives of developing public administration information system services, managing their life cycle and improving, and also obliges them to develop their information concept in accordance with the ICCR and its annexes, by providing:
- the objectives of the Czech Republic in the field of public administration information systems (also referred to as "ISVS") and
- general principles for the acquisition, creation, management and operation of public administration information systems in the Czech Republic.
Why read the document The document is formulated as a comprehensive manual (compendium), i.e. it contains not only specific prescriptions, but also desirable framework assumptions: e.g. organisational set-up, technological equipment and staffing, as well as the necessary set-up of the competence interface towards the management of the office, its clients = departments providing the performance of public administration agencies, as well as towards other supporting departments. But especially:
- provides the reasoning for obtaining the necessary support from the management,
- provides an overview of the key risks of the ICT CIO role, including recommendations on how to eliminate these risks,
- provides a comprehensive, interrelated overview of best, proven VS ICT management practices,
- offers a range of ready-to-use forms and tools, for example for effective requirements gathering or for creating the most common documents and reports,
- enables better coordination with other agencies, especially in the sharing of services, when using the methodology and its subsequent annexes within the organisation within the managed unit.
How to work with the document It is recommended to first orient oneself in the document, to understand and accept the structure of the ICT management system of the office proposed here and to familiarize oneself with the overview of the management methods offered. Subsequently, the path of implementing the management system in the organisation, changes_implementation|see procedure and plan for implementing changes, is to be followed simultaneously, and at the same time the document serves, together with the knowledge base, as a reservoir of knowledge and tools for situations when it will be necessary to use them.
Scope of the ICRC
The IKCR is binding on all state authorities and local authorities (also referred to as "authorities"8)))) - these, including public corporations, consisting, in addition to themselves, of contributory and commercial organizations established by them, according to Section 1(1) of the ISVS Act, are collectively referred to as public administration bodies (also referred to as "PABs"). The IACCT are a follow-up document to the ICCR, which develops the principles, principles and objectives guiding it and is binding on authorities to the extent that they comply with the principles, principles and objectives of ICCR.
At the same time, however, because some differences apply to the field of local government as defined by the definition of local government9), the application of the MŘICT document in the bodies of local self-government units is also different. This will be gradually adapted both to the content of the next editions of the MŘICT and especially to the detailed materials in Knowledge base.
Other public authorities (also referred to as "OVMs") that are not OVS (e.g. schools or hospitals) are not bound by IKCR (and therefore not by its annexes, including the MŘICT), but their use can bring a number of benefits, i.e. their use is recommended.
In public administration organisations, the MŘICT is recommended for the management of all ICT support for the activities of the authority, not only for the part that is formally entrusted to the IT department. In other words, in accordance with this document, these organisations must also manage the management of IT solutions, completely managed by external suppliers, as well as IT (HW, SW) elements located and managed anywhere in the OVS, typically in specialist or operational units (so-called "shadow" or "grey" IT ))' IT).
The bottom line is that all management of the delivery of ICT services in support of all functions of the OSC must be placed under one indivisible and, from the OSC's perspective, central responsibility and control, which will manage the Office's ICT in accordance with the MIRCT.
Document structure
Periodicity and updating of the MIRCT document
Given the continuous dynamic development of not only ICT but also of public administration as a whole, at a time when the share of centrally provided shared ICT VS services etc. is progressively increasing, it is all the more necessary to keep the ICT governance documents permanently and continuously updated. This will respect all the highly interrelated legislative measures and at the same time create a basis for maintaining the necessary stability and consistency of the management of all levels of ICT VS, while at the same time maintaining the need to comply with the IK CR.
Therefore, the MŘICT document, as well as the other follow-up documents of the IK CR and their expanding Knowledge base will be updated continuously after discussion with the digital commissioners and ICT managers of the individual ministries and with the expert public within the relevant working committee of the RVIS.
Anchorage of MRICT within the OSS and its legislative underpinning
In terms of content, the methodology is based mainly on Act No. 365/2000 Coll., on public administration information systems and on amendments to certain other acts, as amended (hereinafter also referred to as "Act No. 365/2000 Coll."), which establishes the powers and duties related to the creation, management, operation, use and development of public administration information systems managed by state authorities or bodies of local self-government units (also referred to as "public administration authority" or "PIA"). Pursuant to Section 5a(1) of this Act, the Information Concept of the Czech Republic is established, setting out the objectives of the Czech Republic in the field of public administration information systems (also referred to as "PIS") and the general principles for the acquisition, establishment, management and operation of public administration information systems in the Czech Republic for a period of 5 years. The current Information Concept of the Czech Republic was approved by the Government on 3 October 2018.10)
According to the IKČR and its subsequent and follow-up documents, public administration bodies create their information concept11) and other documents12).
According to the above mentioned facts, it is possible to deduce and interpret that the Methodology as one of the follow-up documents of the ICCR, which is explicitly provided for by Act No. 365/2000 Coll., is binding for all public administration bodies, however, this strict interpretation should be taken with reservation due to the elaboration and other factors of the ICCR and therefore this document is taken as recommended for the OSS. However, it is already clear, and it seems appropriate, to use and adopt the future environment of the Methods (i.e. the Methods itself and its annexes, standards, methodologies, templates, etc.) into their own internal acts (a set of internal directives and regulations). For this purpose, existing legislation in force can be used, which allows the creation of a set of binding standards in the form of internal acts, which can be based on the Methods. The Methodology will define the individual areas of competence, which can then be issued by the person in charge (representative) with all the sub-differences and uniqueness of his/her office, just in the form of an internal act (directive, regulation, etc.).
Pursuant to Article 11(4) Law No. 234/2014 Coll, 234/2014 Coll.), the **Secretary of State for the Civil Service, Head of the Civil Service Office, the State Secretary or the Personnel Director of the Civil Service Section** may issue a service regulation which is binding on all civil servants, employees in an employment relationship performing activities referred to in Section 5(1)(e) in the Civil Service Office and subordinate units and which implements this methodology in the form of the aforementioned internal acts. The methodology and the development of internal acts and standards are to be developed by the representative with the highest responsibility for ICT in the Office (i.e. the highest-ranking representative with a fulfilled field of service Information and Communication Technologies((Field of service according to Government Regulation 1/2019 Coll. https://www.zakonyprolidi.cz/cs/2019-1/)) according to [[https://www.zakonyprolidi.cz/cs/2014-234|Law No. 234/2014 Coll.. In §5, letter e), it establishes as one of the activities of the civil service: the creation and management of public administration information systems according to another law, with the exception of operational information systems.
In the same way, it can oblige methodologists and guarantors from other departments (i.e. other organizational units) to perform internal acts based on the MŘICT, so that anyone who is materially involved in the creation and modification of ICT services must have the service field Information and Communication Technologies13) (in the case of service positions) and in the job description such activities fulfilling the de facto scope of service Information and Communication Technologies14). All those with the scope of service Information and Communication Technologies15) and completed job descriptions will then be directly internally bound by these acts.
In this way, a matrix (horizontal) management can be set up within the ISMS life cycle in a given OVS and its department based on legal procedures.
Another major benefit of this approach is the possibility to bind the line organisations to the objectives of the Methods by an internal act (see above).
ICT governance as an objective of the ICCR
Efficient and centrally coordinated public administration ICT is the main objective number 5 of the ICD. DGICT is one of the means to achieve this goal. However, the ICT management methods of the GOSS cannot be a mere document, but must represent a shared competence of the GOSS, managed, disseminated and consultatively supported from a true knowledge centre of the state.
To this end, the ICCR includes sub-objective 5.2, which specifically mandates: "Build a central expertise and capacity to methodically manage the ICT management processes in the OVS. To support the effective management of the informatics units of the OVS and the entire life cycle of their IS, it is necessary to build an institutional central expertise for these processes (ITIL, CoBIT, IT4IT), which will be the authority and methodological umbrella for the OVS."
The fulfilment of Objective 5.2 is fully within the competence of the Ministry of the Interior on the basis of the Competence Act. Therefore, a unit with a national scope should be established here, containing the best specialists in ICT management methods. For the purposes of the MoICT, let us refer to it as the Department of Information Technology Management (DITM). This unit will naturally complement the responsibility of the Department of eGovernment (also referred to as "OeG") for coordinating "How to transform VS into eGovernment? " and the responsibility of the Department of the Chief eGovernment Architect (also referred to as "OHA") for coordinating "What to build? " with its own responsibility for "How to take care of ICT? ".
This department should be the one that will update the MCICT, populate the relevant part of the Knowledge base with detailed documents and accelerators, and issue the necessary ICT standards, see also ICD sub-objective 5.6.
It will be very practical if, on the basis of a number of provisions of Act No 365/2000 Coll. and related regulations, the agenda "Management of ICT in public administration" is announced. This declaration is subject to the rules of Act No 111/2009 Coll., on the basic registers, as amended (hereinafter also referred to as 'Act No 111/2009 Coll.'), specifically Section 53. At the same time, the OŘI should become the substantive administrator of several IS supporting this agenda. Such systems are, for example, the register of public administration information systems operated in the AIS Competence (part of the RPP) pursuant to Section 52c of Act No. 111/2009 Coll., the future IS for the Catalogue of ICT Services of Public Administration and the IS for the management of change plans (now temporarily and partially within the Digital Czech Republic and its catalogue of plans). These systems should also be integrated or be part of the tool for the Catalogue of (Digital) Services of the Public Administration of the Czech Republic and the IS of the Programme and Project Office of eGovernment of the Czech Republic, see below.
The competence of the existing OeG, OHA and the above-planned OŘI departments must be complemented by a unit representing the competence and national competence in the MoI in the area of management of digital transformation programmes of public administration and portfolios of transformation projects, i.e. the national Programme and Project Office of the VS, in order to coordinate the successful implementation of the objectives of the IKČR (including NAP and MŘICT). This unit will be known as PPK or O3P16).
Other related IKČR documents
In addition to the MŘICT, as follow-up document No. 1, the ICRC refers to three other follow-up documents, namely:
- Follow-up document No. 2 - Glossary of eGovernment Terms (also referred to as "SPeG"),
- Related document No. 3 - National Architectural Framework of the Czech Republic (also referred to as "NAR") and
- follow-up document No. 4 - National Architectural Plan of the Czech Republic (also referred to as "NAP").
The linking element of the follow-up documents No. 3 and No. 4 is the existence of the so-called National Public Administration Architecture of the Czech Republic, which is therefore explained below.
Glossary of eGovernment terms
Since the unambiguity of interpretation of terms used in any document is a basic prerequisite for its consistent understanding, the creation of the Glossary of eGovernment Terms (also referred to as "SPeG"), as a separate document was ordered by the Resolution of the Government of the Czech Republic No. 629 of 3 October 2018 - on the "Digital Czech Republic" programme and the draft amendments to the Statute of the Council17).
The SPeG introduces a uniform interpretation of terms and their possible synonyms from the current legislation, needed as one of the tools for the coordinated building of eGovernment according to the NAP and for the coordinated management of public administration informatics. This glossary together explains in particular the terms used in the ICD and all its successor documents. In the glossary, MŘICT updates and expands with new terms the vocabulary specified by: the Glossary of Terms of the National Architecture of Public Administration of the Czech Republic and the Glossary of the Most Frequently Used Terms in Public Administration 18), so that the interpretation is in line with the current wording of international management (ITIL, Performance Management - 3E) and architectural methodologies (TOGAF and ArchiMate).
For greater readability, the MŘICT document is as compact and concise as possible. For concepts whose introduction or more detailed interpretation is the subject of separate documents, reference is made to these specific documents.
National architecture of public administration of the Czech Republic
The public administration of the Czech Republic, as well as each individual authority, is a socio-economic-technical system that has an architecture, i.e. it contains a set of elements that form the structure of the system, their interrelations, their behaviour (functioning) and the principles and rules of their creation and development over time.
Thus, the National ICT Architecture of Public Administration of the Czech Republic (also referred to as the "NACA") is a collection of architectures and descriptions of architectures of all individual public administration offices, including all central shared eGovernment elements. It is an application of enterprise architecture methods and thinking to public administration at a higher, republican level. It aims in particular to:
- to establish a unified structured description and communication of public administration services and their ICT support, as one of the prerequisites for achieving the objectives of the ICCR,
- to maximally protect investments in shared elements of the technological and data infrastructure of the Czech eGovernment and to accelerate its further development.
All interest groups (Stakeholders) will benefit from the NACR, but in particular:
- Central eGovernment architects (OHA and OEG)
- Project Directors
- Directors of IT OSS
- Principal architects of OSS and corporations
- Auditors of the SAO and other audit bodies
- Managing authorities of structural funds
- Budget managers and other roles,
especially through the possibility of using a common and shared structured description of ICT in public administration.
The architecture units of each OSS have an indispensable role in the management of ICT in the SS. At a minimum, architects at the office level are to implement the following five distinct but complementary and mutually reinforcing functions:
- Natural role model and leader (methodologist) of the creation of Enterprise Architectures and Solution Architectures in the individual OSS in the department (office), i.e. creator and interpreter of customized methodologies, manager of departmental shared knowledge (patterns, guides, reference models and practical examples) and manager of means for sharing architectural knowledge (architectural repository, portal, wiki, discussion forums, …).
- Enterprise Architect and Solution Architect for architectures (business, application, data and technology) of central shared (or unified) services and central shared (or standardised) eGovernment systems at the level of the ministry (authority).
- Local (internal) Enterprise Architect of the Authority and those organisations of the Authority (Department) that request it and where the previous role of mentor is not sufficient.
- Controlling body (as a building authority) pre-inspecting selected features of IT projects submitted within the ministry (authority) against the NAP principles (against the master plan) and against the announced standards of solution architecture (as in the building industry against the so-called regulatory plan).
- An audit body establishing the required level of architectural maturity of individual organisations of the ministry (office), its architectural department and its processes and governance, and a body controlling the achievement of this level in the required time and its maintenance.
National Architectural Plan
The National Architectural Plan of the Ministry of the Interior (also referred to as "NAP") serves as a basic tool for formulating the way of implementing the objectives and principles of the Information Concept of the Ministry of the Interior and the information concepts of individual public administration bodies.
The uniformity of the creation and use of the NAP is ensured by adherence to the rules of the National Architectural Framework, see below.
It provides public administration authorities - administrators of information systems with a clear (illustrative) and concrete idea of what the informatics of the public administration of the Czech Republic will look like in the set horizon of 5 years, which elements of the informatisation of the public administration will be central and shared, which local elements must be uniform according to the presented models and which can be arbitrary, their interrelations and continuity while observing the set architectural principles.
A prerequisite for the maintenance and development of the NAP, which is an inherently knowledge-based discipline, is the permanent maintenance of sufficient capacities with sufficient competence for the NACR. For this - as in other professional fields - there is a need to develop and implement a concept of training, knowledge certification and accreditation of training and certification institutions.
An integral part of the NAP environment is the so-called NAP Tools, a set of tools, mainly from the IT area, to support modelling, evaluation and mutual sharing of the content of knowledge on architectures, implemented as a combination of a central architectural tool and NAP repository, possible local tools of public administrations and integration to other central eGovernment elements such as Basic Registers and Data Repositories.
Each solution captured in the NAP will go through a lifecycle and will need to be managed using the methods outlined in the MIRCT.
National Architectural Framework
The National Architecture Framework for the Public Administration (also referred to as the "NAR") establishes a binding methodology for modeling, maintaining, and using and means of describing the architecture of public administration bodies and the architecture of public administration information systems.
In particular, the NAR includes a methodology for:
- Architecture Description - i.e., the design of means to capture the various images of the architecture according to the needs of the stakeholder groups. * Architecture Development Process - i.e., a proposal for the process of creating, maintaining, and using an authority architecture, through its life cycle, divided into phases and organized by architecture domains. * Organisation of the architecture team** - i.e. a recommendation of the team's structure, skills, knowledge, management and control, and place in the overall management of the Authority.
The architectural processes and necessary capabilities, developed in more detail in the NAR, are included in the MŘICT as part of the Enterprise Architecture method are placed in the context of other methods used in the ICT solution lifecycle.
Other related documents to the MIRCT
The ICCR, as well as this methodology, foresees that a number of legislative and methodological documents and tools related to the different disciplines of ICT management, such as change management, project management, resource efficiency management and TCO assessment in IT, etc., will be built upon this methodology.
All the related documents with more detailed rules, knowledge, guidelines and tools for practical use, the so-called accelerators, will form a comprehensive Knowledge base of the methods of ICT management in the Czech Republic, published together with additional knowledge on the ICCR and its related documents NAP, NAR and the Glossary of eGovernment concepts.
Relationship of the ICTC to selected legislation
The operation of each authority, including its IT department, is governed by a range of legislation, from which a variety of obligations arise. Therefore, it is important that all responsible representatives at the substantive and technical administrators (and other key roles) have such an up-to-date list of responsibilities with links to the source legislation, including already announced expected changes. To facilitate this need, the MoI prepares an overview of responsibilities and a timetable ("CIO Calendar") as an accelerator in Knowledge Base, see also Overview of key ICT management responsibilities.
A list of the most important and relevant regulations for CIOs will be continuously updated as part of the Knowledge base. Only selected, currently valid and effective legislative sources specifying competencies, process roles, constraints, etc., relevant for the ISTC are listed hereafter. These laws are:
-
- determines the basic competences and defines the scope of the individual central state administration bodies
- establishes the principles of the activities of central state administration bodies
-
- defines the role of the Manager of the National Open Data Catalogue [§4c/2]
-
- defines key roles including e.g. ISVS Administrator, ISVS Operator and ISVS User
- defines key terms: ISVS and operational information system, ISVS service, reference interface and link between ISVS, Public Administration Portal and Central Service Point,
- defines the basic institutes, in particular: creation of ISVS, data sharing
- specifies the obligations of the Government, the Ministry and the OVS related to the ISVS, i.e., in particular: the reporting obligation and the obligation to have an attested information concept,
- No. 181/2014 Coll., on cyber security and on amendments to related laws (Act on cyber security), as amended, and Decree No. 82/2018 Coll., on security measures, cyber security incidents, reactive measures, filing requirements in the field of cyber security and data disposal (Decree on cyber security):
- defines the roles of Administrators, Operators, Asset Guarantors and now the Cybersecurity Management Committee and the roles of the Cybersecurity Manager, Architect and Auditor,
- defines the basic institutes and defines key terms, including in particular the terms Critical Information Infrastructure (CI), Critical Information System (CIS), Essential Service, Digital Service, Threat, Vulnerability, Acceptable Risk, Supporting Asset and Primary Asset,
- defines Asset Management and Vendor Management activities.
-
- setting out the scope of protection of personal data to be taken into account when creating information systems and designing systems for working with documents.
- and others
- each municipality or county are separate entities and can only be imposed obligations by law,
- the decision-making of a municipality is collective (the council makes the decisions),
- a municipality can perform, in addition to self-government activities, state administration in delegated competence and management of municipal property.
Discussion