Mapping dimensions

The six mapping dimensions support the authorities in establishing an overview of their portfolio of ICT systems.

This model shows the six mapping dimensions. They include: finance, business support, technical condition, documentation and knowledge, security and, finally, contracts and sourcing

Mapping of portfolio of ICT systems

This article includes a detailed description of the six mapping dimensions in a model for portfolio management of government ICT systems.

The authority must account for the capacity of its ICT systems to support the needs of the specific business. This includes outlining whether the authority's systems provide the necessary functionality seen from the users' perspective – including whether the ICT systems meet agreed or expected requirements for accessibility.

The authority’s outline of its “business support” provides an overview and understanding of the applicability of the individual ICT system – both in isolation and as part of the portfolio. Based on the users' needs, the authority must use this insight to identify and prioritise measures in its ICT action plan.


The authority must establish an overview of the technical state across its portfolio of ICT systems, including whether the ICT systems can be further developed, adjusted and scaled to the authority's future needs.

Among other things, the questions aim at the current technologies’ continued access to a wide vendor-market to support any development and maintenance needs. The earlier mentioned mapping will thereby identify options for maintaining future support for significant processes.


The public authority should map the extent to which it is in possession of up-to-date and adequate documentation of its ICT systems. It should also map its rights in relation to the system itself and the data in the system. Moreover, the authority should consider whether management of the ICT system is reliant on the knowledge of individual persons, and whether there are procedures to ensure that this knowledge is collected, passed on, and made available within the organisation.


The authority should ensure transparency in the costs of individual ICT systems as well as of the overall portfolio of ICT systems. This is done by identifying overall ICT costs and by allocating these to the individual ICT systems. The aim of this analysis is to contribute to better knowledge of ongoing costs and to provide better conditions for long-term prioritisation of investments.

In addition, overall ICT costs are often calculated differently across authorities. This makes it difficult to provide an accurate overview of government ICT costs. The cross governmental model for portfolio management of ICT systems will contribute to a future uniform method of calculating costs, which enables the government to better consolidate the overall ICT costs.


The authority should account for contractual aspects in cases in which the authority has outsourced all or part of the management of an ICT system, inter alia, the operation or maintenance. Contracts must be managed regularly in order to reduce risks, optimise cooperation with vendors, deal with contractual obligations and ensure compliance with legislation in connection with tendering procedures. 

In addition, the public authority should address expiry issues, options to extend and any new tendering procedures for its contracts.


Authorities, citizens and society must be confident that government ICT systems are well-functioning and that data is processed in accordance with relevant legislation. Information security is crucial for the maintenance and development of government ICT systems in order ensure protection of privacy and information security. 

The authority must assess whether the individual ICT system complies with the ISO 27001 standard, the General Data Protection Regulation.