ICT Investment Approval
The Government implemented an ICT Investment Approval process (formerly called the ICT Two Pass Review process) in 2008 to provide Cabinet with better information to support decision making on major investments in ICT-enabled proposals.
The process enables a multi stage assessment of proposals – each at increasing levels of detail and accuracy. A key component of this approach is the iterative development of a Business Case that articulates the policy objective, how the proposal contributes to the achievement of that objective, and identifies and evaluates options for delivery of the proposal.
Effective business case development is a key part of the project & programme management process that helps ensure alignment between policy intent and entity activity and investment.
The process will also better position entities for the Assurance Review processes, and is a cornerstone in the successful delivery of ICT-enabled proposals.
For government, the process supports capital budgeting decisions by providing better information on the benefits, costs and risks before final approval of ICT enabled proposals.
For entities, the process contributes to more effective delivery of policy outcomes by providing assurance that delivery options are identified and considered, costs are fully developed prior to requesting funding, and ensuring entities only develop full business cases for proposals which government has given in-principle approval.
Cabinet Submission recommendations must seek first or second pass approval in accordance with the ICT Investment Approval process. The required form-of-words is set out in the Cabinet Circular on recommendations for Portfolio Budget Submissions and Cabinet Submissions.
The ICT Investment Approval process is managed by the Investment, Capability and Assurance Branch (ICAB) within the context of the broader budget process, which is managed by the Budget Group in Finance. The two groups have arrangements in place to share information provided by entities in order to fulfill their respective roles.
Entities must comply with current Finance Estimates Memorandums covering the ICT Investment Approval process and Budget Process Operational Rules, available through their Chief Finance Officer (CFO) unit.
The Whole-of-Government ICT Investment Principles will assist your entity in prioritising possible ICT investments and developing a first pass business case.
Further information is available by emailing email@example.com.
Proposals Subject to the ICT Investment Approval Process
The ICT Investment Approval process applies to proposals, including internally funded proposals, that:
- are ICT-enabled, that is, the policy or service delivery outcomes are highly dependent on an underpinning ICT system
- have a total cost estimated to be $30 million or more, including ICT costs of at least $10 million; and
- are assessed by Finance as being high-risk in terms, for example, of cost, technical complexity, workforce capacity or schedule.
The total cost of an ICT-enabled proposal, for the purposes of determining whether it meets the cost criteria, is the through-life cost of the proposal. It includes both the capital and operating expenditure components of the proposal.
Entities bringing forward proposals that are subject to the ICT Investment Approval process must seek first pass approval from Cabinet, supported by a First Pass Business Case.
If Cabinet gives first pass approval, entities must:
- submit a draft Second Pass Business Case to to ICAB to enable early consideration and consultation, and
- submit the final Second Pass Business Case to ICAB for review prior to seeking second pass approval from Cabinet.
Timing of the ICT Investment Approval Process
|From June each year:||Entities advise Finance of ICT investment intentions. Entities commence development of their First Pass Business Cases.|
|From September each year:||Finance reviews draft First Pass Business Cases and provide feedback to entities.|
|Between December and April:||Cabinet decides if the proposal will proceed to budget deliberations. Entities incorporate any feedback and submit final First Pass Business Cases. Cabinet considers the First Pass Proposals and decides whether to agree in-principle, subject to a Second Pass Business Case.|
|Timing determined by Cabinet||
Entities develop their draft Second Pass Business Cases. Finance reviews Second Pass Business Cases and provides feedback to entities. Entities incorporate feedback and submit final Second Pass Business Cases. Cabinet considers the Second Pass Proposals and decides whether to:
Further information about the budget and Cabinet process, requirements and timing is available to Government officials through your CFO area.
The timing and dependencies of the ICT Investment Approval process, in the context of the broader budget process are described in the schematic below:
ICT Investment Approval Process Alignment
(Click through for full size)
- Text description of ICT Investment Approval Alignment
- ICT Investment Approval Process Alignment [ 133 KB]
ICT Investment Approval Process – Roles and Responsibilities
The following diagram sets out the high level roles and responsibilities of the key stakeholders involved in the ICT Investment Approval process.
ICT Investment Approval Process RACI Chart
(Click through for full size)
Proposals that are subject to the ICT Investment Approval Review process must seek staged approval from Cabinet. To enable this, entities must submit business cases subject to the ICT Investment Approval process to ICAB for review, before they are submitted to Cabinet.
At first pass, the relevant Portfolio Minister seeks in-principle agreement from Cabinet to a proposal on the basis of a First Pass Business Case. Agreement is sought to develop one or more options for second pass consideration.
At second pass, the relevant Portfolio Minister seeks Cabinet's agreement to proceed with a proposal on the basis of a Second Pass Business Case.
Entities must use existing resources to develop the First Pass Business Case, but the First Pass Proposal may include a modest bid for additional funds to develop the Second Pass Business Case where necessary. This ability to potentially secure funding to further develop a proposal is an additional benefit of the ICT Investment Approval process.
Sponsoring entities need to submit ICT Investment Approval process Business Cases via CABNET to:
Investment, Capability and Assurance Branch
Governance and APS Transformation Business Group
Department of Finance
Emerging ICT Investment Intentions:
From June each budget year, entities notify ICAB of ICT investment intentions and ICT enabled proposals that may meet the ICT Investment Approval process criteria, as they arise.
The purpose of the entity discussions with ICAB is to establish an early understanding of the potential nature, scale, complexity and broad cost of major entity ICT initiatives that may emerge for formal consideration by Cabinet. Detailed information on the proposal is not required at this stage.
Digital Transformation Office
Entities should consider the Digital Service Standard and contact the Digital Transformation Office as soon as practical when developing a proposal that has service delivery implications. Further information is available on the Digital Transformation Office website.
ICT Business Case Guide
The ICT Business Case Guide will assist entities develop sound business cases when seeking to make significant ICT investments. Business cases developed in accordance with this guide are expected to be suitable for both internal decision making and as inputs to the ICT Investment Approval process. This guide can be read in conjunction with the Sample First and Second Pass Business Case.
There are a number of Attachments in the Business Case Guide to support entities:
- Attachment A: Assumptions and Constraints
- Attachment B: Common ICT Cost Drivers used for the Business Case
- Attachment C: ICT Cost Estimation Guide
- Attachment D: Benefits Categorisation
- Attachment E: Cost Benefit Analysis
- Attachment F: Common ICT Project Risks
Entities should also consider using the following costing model:
- Costing spreadsheet [ 263 KB]
In addition, the following documentation guide provides assistance with supporting documentation requirements for ICT Investment Approval Review process:
- ICT Investment Approval Documentation Guide [ 336 KB]
- ICT Investment Approval Documentation Guide [ 35 KB]
Entities should develop business cases with due regard to the impact of Whole-of-Government ICT Policies.
First Pass Approval
When developing an ICT Investment Approval first pass business case, you should also look at the Whole-of-Government ICT Investment Principles.
A benefit of the first pass review is to minimise the use of entity resources on developing a proposal prior to the Government's initial consideration.
At first pass, entities will be expected to have canvassed realistic ICT options to deliver the outcomes of the proposal. Entities should have developed a broad, through-life cost estimate and an indicative schedule for each ICT option.
Entities should prepare an initial Business Case with one or more well considered options, and then seek in-principle agreement to the proposal from Cabinet to develop one or more options for further consideration.
In addition to the ICT Business Case Guide materials listed above, entities will benefit by using the following First Pass Business Case template and sample:
- First Pass Business Case Template [ 288 KB]
- First Pass Business Case Template [ 192 KB]
- Sample First Pass Business Case (Fictional Proposal) [ 427 KB]
- Sample First Pass Business Case (Fictional Proposal) [ 893 KB]
Second Pass Approval
At second pass, entities develop the Business Case in support of the proposal being brought forward for the second pass review by Cabinet. The Second Pass Business Case includes detailed cost assessments and risk mitigation strategies. The cost estimates are based on rigorous planning in terms of the scale and features of the ICT infrastructure, applications and support required, including non-binding, tender-quality estimates from the private sector where appropriate.
In addition to the ICT Business Case Guide materials listed above, entities will benefit by using the following Second Pass Business Case template and sample:
- Second Pass Business Case Template [ 231 KB]
- Second Pass Business Case Template [ 119 KB]
- Sample Second Pass Business Case (Fictional Proposal) [ 423 KB]
- Sample Second Pass Business Case (Fictional Proposal) [ 363 KB]
Defence ICT Investment Approval Process
Department of Defence ICT projects that are not assessed through the Kinnaird two-pass process are to use the ICT Investment Approval process as well as the following agreed costing guidance. Enquiries should be directed to the Defence, Capability and Intelligence Branch (non-DCP) or the Defence Capability Assessment Branch (DCAB) of Finance.
- First and Second Pass Costing Guidance for Defence ICT Projects [ 143 KB]
- First and Second Pass Costing Guidance for Defence ICT Projects [ 271 KB]
Assurance Review Process
The ICT Investment Approval process complements the Assurance Review Process for ICT enabled proposals. The Assurance Review process is composed of:
- Risk Potential Assessment Tool (RPAT);
- Gateway Review Process (Gateway); and
- Implementation Readiness Assessments (IRA).
The Risk Potential Assessment Tool (RPAT) provides a standard set of high-level criteria for identifying risks related to new policy proposals and assessing consequences if risks were to eventuate.
The key points of difference between Gateway and ICT Investment Approval process are that Gateway is conducted across the implementation lifecycle and is an independent project assurance methodology designed to assist the Sponsoring Entity to deliver its project/programme objectives and to deliver projects/programmes successfully.
Gateway involves conducting a series of brief, independent reviews at critical stages in the development and implementation of a project/programme and reporting to the sponsor.
The process aids in the preparation and presentation of compelling business cases in the context of a portfolio of investments, both at the entity and whole-of-government levels. The ICT Investment Approval process is designed to provide Cabinet with information to support its decisions on major investments in ICT-enabled proposals.
For proposal that are subject to both Gateway reviews and the ICT Investment Approval Process the requirement to conduct the Gateway Gate 0 and 1 reviews is not mandatory.
The purpose of an IRA is to provide assurance to Government and Entity Accountable Authorities that necessary implementation planning activities have taken place and that significant issues are identified early in the development phase.
Entities must comply with current Finance Estimates Memorandums covering Assurance Reviews and Budget Process Operational Rules, available through their Chief Finance Officer (CFO) unit.
Cyber Security requirements in Business Cases for ICT-enabled New Policy Proposals
Cyber Security requirements in Business Cases for ICT-enabled New Policy Proposals
Entities are required to consider and address cyber security risks and ensure proposals comply with relevant Government Cyber Security policies in all Business Cases prepared for ICT-enabled proposals, including those:
- brought forward as part of the Minister's Portfolio Budget Submission
- brought forward for consideration outside of the Budget process
- submitted through the ICT Investment Approval Review process
- submitted through the Department of Defence's ICT Investment Approval Process and its Two Pass Approval Process, and
- that are internally funded investments (only where business cases are required under the Budget Process Operational Rules regarding Asset and Capital Proposals.).
Entities need to demonstrate that the proposal aligns with the Australian Government's Cyber Security Strategy.
The Business Cases for ICT-enabled proposals also need to reference and explain how the proposal will comply with the mandatory requirements of the Protective Security Policy Framework (PSPF) and the ICT requirements of the Information Security Manual (ISM) through the various stages of the proposed systems development lifecycle.
Entities should address key cyber security policies and ICT requirements under the PSPF and ISM in the early stages of a proposal's systems development (at the concept development and planning stages) to enhance the integration of cyber security into a project.
For more information on the alignment of the ICT Investment Approval Review process and Cyber Security requirements, refer to EM 2010/59 Cyber Security requirements in Business Cases for ICT enabled New Policy Proposals.
Frequently Asked Questions
The answers to the Frequently Asked Questions should be read in conjunction with the ICT Business Case Guide and associated Estimates Memoranda (EMs). EMs are available to government officials from CBMS or your CFO unit.
The ICT Investment Review team manages the ICT Investment Approval process. If you have any queries concerning the process or its application to particular ICT-enabled proposals, please contact ICAB by emailing firstname.lastname@example.org.
Contact details for ICT Investment Approval process enquiries:
For enquiries on the ICT Investment Approval process and to advise us of your ICT initiatives, email email@example.com.
Last updated: 26 November 2015