European Commission should apply lessons learnt from its development of Schengen Info System to avoid similar delays and overspending on future IT projects - say EU Auditors
20 May 2014 12:00 PM
A report published today by the European Court
of Auditors (ECA) states that the Commission delivered the second generation
Schengen Information System (SIS II) over six years later than initially
planned and at eight times the initial budget estimate. The delays and
overspending occurred due to weaknesses in the Commission’s management in
a challenging governance context.
The
Schengen Information System (SIS) is used by border guards, police, customs,
visa and judicial authorities throughout the Schengen Area. It contains
information (alerts) on persons who may have been involved in a serious crime
or may not have the right to enter or stay in the EU. It also contains alerts
on missing persons and lost or stolen property, such as banknotes, vehicles,
firearms and identity documents. Alerts are entered in the system by national
authorities
“In 2001, the EU Council charged the
Commission with the development of a new version of the Schengen Information
System,” stated Mr Pietro Russo, the ECA Member responsible for
the report, “However, the initial deadline was unrealistic and
the Commission did not at first allocate sufficient staff with the expertise to
the project. Therefore the Commission was able to manage the main development
contract effectively only from 2009. In addition, the Commission did not
sufficiently draw on the experience of end-users and system requirements
changed during the first part of the project.”
The initial indicative
estimates of the costs to the EU budget for the central system significantly
underestimated the true scale of the investment necessary. The full cost of SIS
II amounted to € 189 million for the central system to which should be
added an estimate of over € 330 million for national systems. At the same
time, the main benefit initially expected from SIS II became less relevant with
the successful extension of SIS 1 to new member countries. In the light of
these major changes to the costs and expected benefits, the Commission did not
demonstrate that SIS II fully provided the best value for money for the
organisation.
However, the Commission
did learn lessons from its experience during the first part of the project,
enabling it to change its approach during the final project phase from 2010 and
deliver SIS II in April 2013. In
addition, it has already applied some lessons from SIS II in preparing other
large-scale IT projects.
Notes to the editors:
European Court of Auditors (ECA) special reports are
published throughout the year, presenting the results of selected audits of
specific EU budgetary areas or management topics.
This special report (No
3/2014) entitled “Lessons from the European Commission’s
development of the second generation Schengen Information System (SIS
II)”, examined why the Commission delivered SIS II over six years
later than planned and at a cost far exceeding the initial estimates. It also
examined whether there was a robust business case for SIS II throughout the
project, which took into account major changes to the costs and expected
benefits. In addition, the EU auditors assessed whether the Commission had
learnt and applied lessons from its management of the
project.
The EU auditors found
that the delay and overspend resulted from deficiencies in the
Commission’s management in a challenging governance context, particularly
during the first part of the project up until 2009. Despite major changes to
the costs and expected benefits during the project, the Commission did not
reassess the business case in order to demonstrate that SIS II remained an
organisational priority which provided a higher return on investment than other
opportunities. There was no decision, based on a reassessment of costs and
benefits, on whether to continue with, or stop, the project. The Commission
learnt lessons from its experience during the first part of the project in
order to change its approach during the final project phase from 2010 and to
deliver SIS II in April 2013.
Based on its findings,
the ECA recommended that, when managing the development of large-scale IT
systems, the Commission should:
-
base the timetable on a technical analysis of the tasks
to be performed;
-
ensure that all projects are integrated into corporate
IT governance arrangements and make full use of in-house expertise to manage
the work of contractors effectively;
-
ensure that business needs and the views of end users
are sufficiently taken into account in decision-making;
-
ensure the approval of the business case before
progressing from project initiation to project planning and its reapproval in
the event of major changes to project costs, expected benefits, risks or
alternatives;
-
ensure that key project decisions are documented in a
decision log so that they are easily traceable;
-
ensure that there is effective global coordination when
a project requires the development of different but dependent systems by
different stakeholders;
-
develop large-scale IT
systems using interoperable building blocks which can easily be re-used to
prevent being locked-in to a single contractor; and
-
pass on the lessons learnt from the Court’s audit
to DGs and EU institutions, agencies and other bodies. The Commission should
evaluate whether the expected benefits of SIS II were
achieved.
A
short video interview with the ECA Member responsible for the report is
available at: https://www.youtube.com/user/EUAuditorsECA