Action Plan

An ICT action plan must be drawn up on the basis of the mapping of the portfolio of ICT systems carried out by public authorities.

This figure illustrates the action plan with arrows pointing both to the left and the right.

Objective

The ICT action plan is a forward-looking tool for use by public authorities in order to make a roadmap for the management of their portfolio of ICT systems. In the ICT action plan, the public authority shall describe, inter alia, how to ensure good business support, how to settle any case of maintenance backlog, and how to address any omissions and risks in the ICT systems that are critical for society.

The ICT action plan

Authorities must use a compulsory template, containing seven chapters, in the preparatory work with the action plan.

As a minimum the ICT action plan should contain:

The purpose of the summary is to briefly describe the authority’s ICT action plan.

The purpose with this chapter is to describe the context of the authority’s ICT system portfolio. It could for instance be a specification of the authority’s organisation, overall business goal or other relevant factors.

Furthermore, the public authority will have to describe the strategic direction of its organisation, which includes describing how the ICT system portfolio should support the authority’s core tasks. The purpose of the description is to get a clear impression of whether the authority has a sufficient overview of its ICT systems in order to ensure that it is able to move in the right strategic direction.

This part of the action plan is supposed to provide an overview of the public authority’s ICT system portfolio and its other ICT activities such as ICT projects. Included in the overview must be an outline of which ICT systems supports which business area of the public authority.

Furthermore it has to be clear which part of the total ICT portfolio is included in the more detailed mapping process and contained in the in the mandatory excel tool (called Datagrundlag).

For any ICT systems left out of the mapping process the authority will have to provide and explanation as to why they are not included. Pleas note that all systems with high criticality must be included.

The authority will have to cover a range of ‘points of impact’ in order to identify challenges in the ICT system portfolio. As a minimum,   the authority will have to cover the following four points:

- Business support
- Conditions of the ICT systems
- Sourcing and supply
- Security of supply for socially critical systems

The authority must clarify how to implement the ICT action plan. The authority has to make an overview of its challenges and risk related to capability, economics and organisation.

Furthermore, the authority should include initiatives to secure the realisation of the ICT action plan.

In this chapter, the authority should include a table providing an overview of the initiatives.

The appendix must include the Datagrundlag and the system catalogue.