Government to adopt Deloitte report recommendations

The independent Deloitte report into the failed OneSchool Student Protection Reporting Module released today confirms the immediate actions taken to rectify the system failure were effective.

Education Minister Kate Jones said the report revealed serious issues that led to the failure of the September 2013 implementation and subsequent January 2015 update.

“During their investigation, Deloitte carried out a full forensic search of OneSchool Student Protection Reporting emails and identified 344 reports – in addition to the original 644 – which they were unable to verify were received by Police or Child Safety dating back to 2013,” Ms Jones said.

“We have no way of knowing whether these reports were received and that’s why they have been provided to Police and Child Safety.

“Deloitte’s investigation also found the former government cut 228 staff from the IT branch as the Student Protection Reporting Module was implemented.

“This is deeply concerning and shows the department did not have the adequate resources to deliver the reforms.

“Deloitte’s report reveals that staff working on the OneSchool technology were performing multiple key roles in addition to their prescribed position and non-technical staff were fulfilling roles typically conducted by ICT experts.”

Ms Jones said the report also found serious flaws in the risk assessment undertaken prior to the implementation of this major software update in January 2015.

“It identified in assessing risk, the OneSchool Application Board only considered the size, cost and complexity of the IT upgrade and failed to consider the potential business, stakeholder and technical implications,” she said.

“Further, a contractor incorrectly coded software for the update, the test for the update was inadequate and the test results were incorrectly interpreted.

“This report confirms serious resourcing and governance failures dating back to the initial implementation of the module in September 2013.”

Ms Jones said the Palaszczuk Government would implement all 21 recommendations of the Deloitte report including 10 recommendations which have already been actioned during the investigation.

Recommendations include:

• Implementing stronger operational governance to monitor progress and manage risks of IT updates
  
• Updating the OneSchool Software Development Lifecycle framework to adopt a risk-based approach
  
• Working with other agencies to arrange email whitelisting to reduce the risk of email filters blocking OneSchool content
  
• Investigating alternatives to email reporting

Ms Jones said the system fix – including a coding update and daily manual checks of report receipts – ensured all reports were now being delivered to Queensland Police and Department of Communities, Child Safety and Disability Services as appropriate.

“Like all Queensland parents I want to be certain such a failure does not happen again and that’s why we will implement the recommendations of this report in full,” she said.

“The actions we took to rectify the problem was swift and effective and are continuing to ensure Queenslanders can have confidence in the child protection reporting system.

“I am advised that there is no evidence that children suffered further harm as a result of the IT failure.”

Minister Jones ordered the Deloitte investigation following a coding error which resulted in 644 cases of suspected child abuse failing to be reported to QPS or DCCSDS.

Media contact: Minister Jones’ Office 3719 7530