Government plans for ID cards depend on the scheme's central component - the national identity register - not becoming the latest in the long line of IT project disasters.
According to the draft bill published this week, the register will contain personal information about every individual over 16 in the UK, including data from biometric scans. If the system is to check eligibility for public services, it will need to be instantly accessible around the clock by a huge range of public agencies. The bill promises that the register will be secure and contain an audit trail of every attempt to access data.
This is a complex IT system, but not unprecedented. However, as a high-profile government project, the register will face two special challenges. First, its specification will be vulnerable to sudden change, as ministers come up with new ideas. Second, some users will try to sabotage the system - and get wide publicity when they succeed.
So, is the project doomed before it starts? The good news for the government is that the success rate for big IT projects has doubled in the past few years. However, the success rate, according to the Standish Group, a US consultancy, is still only 34%.
There is also evidence that the government is getting better at IT-based projects. However, last week it received two reminders that things are still going wrong.
Andrew Smith, secretary of state for work and pensions, told parliament that "problems with the new computer and telephony systems" were to blame for failings in the processing of child maintenance payments at the Child Support Agency. He said the department was retaining "around 10-15%" of its monthly fee to IT firm EDS for running the service. Meanwhile, the House of Commons public accounts committee reported that the Inland Revenue's introduction of tax credits was "nothing short of disastrous" because of IT failings.
We know why projects go wrong. The National Audit Office and the Office of Government Commerce (OGC) have found eight common causes of project failure.
The draft bill and accompanying material suggests that the Home Office has taken into account several of the lessons of past failures. One is lack of leadership. The documents identify a "senior responsible owner" for the project: Helen Edwards, director general of the Home Office communities group. She will sit on a board chaired by John Gieve, permanent secretary.
The Home Office said this week that the identity register project would be kept on track by "gateway reviews" run by the Treasury's OGC. These are independent checks carried out at critical steps in a project's lifecycle. The project has already passed the first of these assessments, a "gate zero", the Home Office said. The findings of gateway reviews are secret.
The programme will also be run in distinct phases. The current phase -"programme definition" - will run until next year. It will be followed by a "procurement phase", which will pick contractors ("delivery partners") in 2006.
The contractors will install systems from 2006 to 2007. This will be followed by a distinct phase of volume end-to-end testing, from 2007. Such testing is still a novelty for government IT projects: one reason for the failure of tax credits is that there was no time to test the system properly. According to the schedule, the first cards will be issued towards the end of 2007-08.
The timetable plan reflects that of the NHS National Programme for IT. Widely seen as a success for its ability to complete procurements on schedule, it is also pioneering end-to-end testing of systems before they go live.
However, knowing how to avoid disasters doesn't necessarily stop them happening. A report published last week by the Royal Academy of Engineering suggests that a large number of complex IT projects - not just in government - go wrong because of wishful thinking and lack of professionalism. "A striking proportion of project difficulties stem from people in both customer and supplier organisations failing to implement known best practice."
The report blames the intangibility of software and the shortage of people who really understand systems, for leading project teams astray. "Software engineers are sometimes guilty of taking on degrees of novelty and risk in excess of the levels typically accepted by other engineers." Suppliers are partly at fault for creating a culture in which bug-ridden software is normal. It calls on the IT industry to "embrace the discipline and professionalism associated with traditional branches of engineering".
Overall, though, the report finds room for "cautious optimism": some industries are already following best practice. Whatever government is in power in 2008 will fervently hope that the ID card programme will be among them.
· The challenges of complex IT projects. Royal Academy of Engineering. www.raeng.org.uk
