Key information
Executive summary
This case seeks approval to spend £4M for the implementation of the MetIP (Met Integration Platform) software upgrade project. The MetIP system is business critical and provides a 24x7 service to operational police officers. The MetIP Environments were developed in 2014 and the software will reach the end of its supported life in early 2019. This impacts the ability of the MPS to maintain high availability and security of the system. The aim of this project is to ensure that MetIP remains secure and supported so that it can continue serving the business.
The requested upgrade enables alignment with updated Digital Policing Enterprise Architecture platform strategies including the adoption of cloud and containerisation and use of Digital Policing Technical Design Authority standards for operating systems.
Recommendation
The Deputy Mayor for Policing and Crime is recommended to approve:
• The capital spends of £4.0m to implement the MetIP software upgrade which is fully funded within the new draft capital plan with MOPAC for approval in early 2019
• Ongoing additional revenue costs estimated at £181K per annum. Digital Policing will meet this revenue pressure via savings within their existing budgets.
And to note:
1. The MetIP infrastructure is operationally critical and extensive
2. Support for the current versions expires during early 2019.
3. Upgrading the software will extend the life of the platform for at least 5 years.
4. The DP strategic view is to transition support for these services to outsource providers in line with the service delivery model. This will be easier if the software is using the most current version.
Non-confidential facts and advice to the Deputy Mayor for Policing and Crime (DMPC)
1. Introduction and background
1.1. The MetIP Environments provide the software and enable a number of systems to exchange information, for example:
• Mobility applications, In Vehicle Mobile Application (IVMA), and Case management System (COPA)
• Support interfaces for a number of legacy applications/systems including:
o Custody integration with Corporate Data Warehouse and National Footwear Database (NFD),
o iPortal,
o CAD
o Internal interfaces for Connect (MiPs).
1.2. The MetIP Environments were developed in 2014 and the software will reach the end of its supported life in early 2019. This impacts the ability of the MPS to maintain high availability and security of the system. The aim of this project is to ensure that MetIP remains secure and supported so that it can continue serving the business.
1.3. This upgrade is also an opportunity to align with updated Digital Policing Enterprise Architecture platform strategies including the adoption of cloud and containerisation and use of Digital Policing Technical Design Authority standards for operating systems.
2. Issues for consideration
2.1. The MetIP infrastructure is operationally critical and extensive – careful consideration is required to assess the business implications, technical implications, costs and risks.
2.2. If the software is not upgraded, support for the current versions will expire during early 2019.
2.3. Upgrading the software will extend the life of the platform for at least 5 years.
2.4. The DP strategic view is to transition support for these services to outsource providers in line with the service delivery model. This will be easier if the software is using the most current version.
3. Financial Comments
3.1. The capital costs of £4.0m are fully funded within the new draft capital plan with MOPAC for approval in early 2019.
3.2. Ongoing additional revenue costs have been estimated at £181K per annum. Digital Policing (DP) will meet this revenue pressure via savings within the existing DP budgets.
4. Legal Comments
4.1. The Mayor’s Officer for Policing Crime is a contracting authority as defined in the Public Contracts Regulations 2015 (“the Regulations”). All awards of public contracts for goods and/or services valued at £181,302 or above will be procured in accordance with the Regulations.
5. Commercial Issues
5.1. As this project is above the EU procurement thresholds, it is necessary to comply with the Public Contract Regulations. This leads to the following options being available.
5.2. Option 1 – OJEU procurement exercise: This would be an iterative project based around software architectural development. A large OJEU exercise would not be suitable for such a contract. An OJEU exercise would take a longer period of time to complete and would not allow the team to meet its project deliverables. The OJEU route is thus not recommended.
5.3. Option 2 – Using a strategic combination of the Met’s architecture contracts and the Solution Provider Framework.
5.4. Digital Policing have identified the MPS’s Architecture Services contracts and Solution Provider Framework as the preferred route to procure the required design and development work. The initial stages of the project concerned with scoping are suited to the architecture contracts established by the Met. These are contracts created via the Digital Outcomes and Specialists (DOS) framework which is tailored for tasks such as architectural design and software scoping.
5.5. After these initial stages, a mini-competition will be undertaken via the Solution Provider Framework. The successful supplier will be given the design artefacts produced by the technical architects and proceed to develop these further so that they can be tested and implemented. The SPF provider will also manage the migration from the old platform to the new platform. The solution will also provide the on-going support for the platform.
5.6. Using the architecture contracts and the SPF framework aligns with the MPS’s strategic objectives and so option 2 is the recommended option.
5.7. Any third-party licenses will be procured via CDW. The hosting infrastructure components will be defined during the Enterprise Architecture and Design phases and will be procured via the existing service contracts.
6. GDPR and Data Privacy
6.1. The MPS is subject to the requirements and conditions placed on it as a 'State' body to comply with the European Convention of Human Rights and the Data Protection Act (DPA) 2018. Both legislative requirements place an obligation on the MPS to process personal data fairly and lawfully in order to safeguard the rights and freedoms of individuals.
6.2. Under Article 35 of the General Data Protection Regulation (GDPR) and Section 57 of the DPA 2018, Data Protection Impact Assessments (DPIA) become mandatory for organisations with technologies and processes that are likely to result in a high risk to the rights of the data subjects. The Information Assurance and Information Rights units within MPS will be consulted at all stages to ensure the project meets its compliance requirements.
6.3. The project does not use currently personally identifiable data of members of the public, so there are no current GDPR issues to be considered. If the project uses personally identifiable data of members of the public at a later date DPIAs will be completed as needed.
7. Equality Comments
7.1. Following consultation with the MPS Inclusion & Diversity no equality and diversity issues were identified.
8. Background/supporting papers
8.1. Report
Signed decision document
PCD 538