Stage 3
Service implementation
Start implementing the service.
Stage 3
Service implementation
Start implementing the service.
Golden Rules
Before we proceed with the implementation of the service, we must:
01. Supported by appropriate digitization tools but by workflow management tools
02. To be done in a way that exploits the existence of process-related data that may exist in other systems of the organisation
03. Regarding authentication, follow the appropriate standards, both for the safer use of the application and for its simpler use (e.g. single sign on)
04. To take into account all security requirements and proper use and management of personal data (GDPR compliance, etc.)
05. Adopt all institutional obligations to comply with the uniform Personal Data Protection Policy
06. Integrate accessibility features to ensure that they are usable by everyone, including persons with disabilities.
07. A first functional version of the service should be developed quickly and provided to users, so that continuous improvements can be implemented after checking and feedback.
What are the actions;
The competent body (e.g. the Single Digital Gateway Coordination Service) initiates and coordinates the activities related to the development and/or procurement of the elements required for the service.
The infrastructure (e.g. hardware, databases, storage space, web-services), procedures and other elements (e.g. appearance and style of the application) are developed, providing the required functionality to the service. For the same purpose, applications and systems (e.g. workflow management systems) that may come from external suppliers are adapted.
An initial assessment of the above is carried out through the application of quality criteria (e.g. compliance with specific security requirements, protection of personal data and accessibility), so that only those that are deemed appropriate can pass the test stage.
Procedures are standardised and manuals are created or updated to provide instructions for the proper functioning of the service.
All elements of the service are tested to ensure that only those elements that meet the quality criteria will be developed in the living productive environment.
The elements of the service are developed in the living productive environment and the operating systems are configured. For this purpose, both end-users and operating staff shall receive appropriate training.
It shall be assessed whether all infrastructure and capabilities are ready before the approval for the productive operation of the service is given.
End-users shall be provided with the first functional version of the service to receive feedback and improve it.
Useful material
Each public body has specific strategic priorities and operating framework. In the following, useful material is proposed both from internationally recognized digital service management frameworks and from good practices from other Public Administrations, so that each team can choose what it deems will help it to successfully design its digital service:
France's service design system
system-de-design
The French application “demarches-simplifiees.fr”
demarches-simplifiees.fr
The FItSM framework
Proposed activities related to:
Service Portfolio Management (SPM),
Service Reporting Management (SRM),
Capacity Management (CAPM),
Information Security Management (ISM),
Customer Relationship Management (CRM),
Change Management (CHM),
Release & Deployment Management (RDM)
fitsm.eu
How can we assess that we have taken all the actions required to implementation the digital service?
You can use the following evaluation questions:
Q3.1.1 Is access to the service provided by the General Secretariat for Public Administration Information Systems (GGPSOD) to the users and competent officials of the bodies by means of the predefined oAuth-type authentication provided by the Secretariat-General for Public Administration Information Systems (GGPSOD)?
Q3.1.2 Has the legal validity of the document finally produced been ensured so that it is a valid administrative product? (unique number, digital stamp, etc.)?
Q3.2.1 Are open standards and solutions adopted for the development of the service?
Q3.2.2 Has the procedure been classified based on its category and the life event to which it relates (3-clicks away)?
Q3.2.3 Is the Agile methodology used in the implementation of the project?
E3.2.4 Have the required tasks to be implemented (backlog) been defined?
Q3.2.5 Are the priorities set in the implementation tasks?
Q3.2.6 Are the acronyms of the gov.gr dictionary used?
Q3.3.1 Has there been any previous study and familiarity with the available components of gov.gr?
Q3.3.2 Has there been any previous study and familiarity with the available building blocks of gov.gr?
Q3.3.3 Have service steps been identified that have been reused in other processes/services?
Indicative building blocks that could be used are:
1) Authentication & authorization
2) UI libraries/frameworks
3) APIs & microservices
4) Reusable data models
5) Messaging systems (SMS, email, push notifications)
6) Document storage services
7) Online payment procedures
8) Mechanisms of logging & process monitoring
9) Data encryption services
10) Search engines
E3.4.1 Has provision been made for service forms to be automatically pre-filled using interoperability and confirmed by the user?
E3.4.2 Where possible, has provision been made for the posting of a supporting document by the user to be replaced by extracting the information from the register or information system that produces the supporting document?
E3.4.3 Is the service interconnected with public administration mailboxes in order to facilitate the digital receipt of the request and to serve the posting of the reply in the citizen’s mailbox, if it is not possible to interface with the operator’s information system?
E3.4.4 If the service requires contact details of the user, are these extracted from the National Communication Register?
Q3.4.5 Has an API been implemented for the service so that it can be provided by third-party websites? (Gov as a Service)
Q3.5.1 Has the design of the UI ensured compliance with the 4 principles of accessibility?
Q3.5.2 Has the UI of the service been ensured to comply with widely accepted accessibility protocols? Eg WCAG2.1
Q3.6.1 Is the standardised user identification procedure followed?
E3.6.2 Is the eID building block being used?
Q3.7.1 Has privacy and data protection been ensured from the Design phase?
Q3.7.2 Is the single Privacy Policy of gov.gr complied with?
Q3.7.3 Is the "Privacy by Design" principle respected?
E3.8.1 Is the data collected encoded as much as possible?
E3.8.2 Is only the data strictly necessary for the execution of the procedure collected?
Q3.8.3 Are data validation rules in place?
E3.8.4 Have appropriate retention policies been identified for each type of data?
Q3.8.5 Where necessary, has provision been made for the erasure of data to be carried out in a secure manner so as not to cause problems to the results of the respective procedures?
Golden Rules
Before we proceed with the implementation of the service, we must:
01. Supported by appropriate digitization tools but by workflow management tools
02. To be done in a way that exploits the existence of process-related data that may exist in other systems of the organisation
03. Regarding authentication, follow the appropriate standards, both for the safer use of the application and for its simpler use (e.g. single sign on)
04. To take into account all security requirements and proper use and management of personal data (GDPR compliance, etc.)
05. Adopt all institutional obligations to comply with the uniform Personal Data Protection Policy
06. Integrate accessibility features to ensure that they are usable by everyone, including persons with disabilities.
07. A first functional version of the service should be developed quickly and provided to users, so that continuous improvements can be implemented after checking and feedback.
What are the actions;
The competent body (e.g. the Single Digital Gateway Coordination Service) initiates and coordinates the activities related to the development and/or procurement of the elements required for the service.
The infrastructure (e.g. hardware, databases, storage space, web-services), procedures and other elements (e.g. appearance and style of the application) are developed, providing the required functionality to the service. For the same purpose, applications and systems (e.g. workflow management systems) that may come from external suppliers are adapted.
An initial assessment of the above is carried out through the application of quality criteria (e.g. compliance with specific security requirements, protection of personal data and accessibility), so that only those that are deemed appropriate can pass the test stage.
Procedures are standardised and manuals are created or updated to provide instructions for the proper functioning of the service.
All elements of the service are tested to ensure that only those elements that meet the quality criteria will be developed in the living productive environment.
The elements of the service are developed in the living productive environment and the operating systems are configured. For this purpose, both end-users and operating staff shall receive appropriate training.
It shall be assessed whether all infrastructure and capabilities are ready before the approval for the productive operation of the service is given.
End-users shall be provided with the first functional version of the service to receive feedback and improve it.
Useful material
Each public body has specific strategic priorities and operating framework. In the following, useful material is proposed both from internationally recognized digital service management frameworks and from good practices from other Public Administrations, so that each team can choose what it deems will help it to successfully design its digital service:
France's service design system
system-de-design
The French application “demarches-simplifiees.fr”
demarches-simplifiees.fr
The FItSM framework
Proposed activities related to:
Service Portfolio Management (SPM),
Service Reporting Management (SRM),
Capacity Management (CAPM),
Information Security Management (ISM),
Customer Relationship Management (CRM),
Change Management (CHM),
Release & Deployment Management (RDM)
fitsm.eu
How can we assess that we have taken all the actions required to implementation the digital service?
You can use the following evaluation questions:
Q3.1.1 Is access to the service provided by the General Secretariat for Public Administration Information Systems (GGPSOD) to the users and competent officials of the bodies by means of the predefined oAuth-type authentication provided by the Secretariat-General for Public Administration Information Systems (GGPSOD)?
Q3.1.2 Has the legal validity of the document finally produced been ensured so that it is a valid administrative product? (unique number, digital stamp, etc.)?
Q3.2.1 Are open standards and solutions adopted for the development of the service?
Q3.2.2 Has the procedure been classified based on its category and the life event to which it relates (3-clicks away)?
Q3.2.3 Is the Agile methodology used in the implementation of the project?
E3.2.4 Have the required tasks to be implemented (backlog) been defined?
Q3.2.5 Are the priorities set in the implementation tasks?
Q3.2.6 Are the acronyms of the gov.gr dictionary used?
Q3.3.1 Has there been any previous study and familiarity with the available components of gov.gr?
Q3.3.2 Has there been any previous study and familiarity with the available building blocks of gov.gr?
Q3.3.3 Have service steps been identified that have been reused in other processes/services?
Indicative building blocks that could be used are:
1) Authentication & authorization
2) UI libraries/frameworks
3) APIs & microservices
4) Reusable data models
5) Messaging systems (SMS, email, push notifications)
6) Document storage services
7) Online payment procedures
8) Mechanisms of logging & process monitoring
9) Data encryption services
10) Search engines
E3.4.1 Has provision been made for service forms to be automatically pre-filled using interoperability and confirmed by the user?
E3.4.2 Where possible, has provision been made for the posting of a supporting document by the user to be replaced by extracting the information from the register or information system that produces the supporting document?
E3.4.3 Is the service interconnected with public administration mailboxes in order to facilitate the digital receipt of the request and to serve the posting of the reply in the citizen’s mailbox, if it is not possible to interface with the operator’s information system?
E3.4.4 If the service requires contact details of the user, are these extracted from the National Communication Register?
Q3.4.5 Has an API been implemented for the service so that it can be provided by third-party websites? (Gov as a Service)
Q3.5.1 Has the design of the UI ensured compliance with the 4 principles of accessibility?
Q3.5.2 Has the UI of the service been ensured to comply with widely accepted accessibility protocols? Eg WCAG2.1
Q3.6.1 Is the standardised user identification procedure followed?
E3.6.2 Is the eID building block being used?
Q3.7.1 Has privacy and data protection been ensured from the Design phase?
Q3.7.2 Is the single Privacy Policy of gov.gr complied with?
Q3.7.3 Is the "Privacy by Design" principle respected?
E3.8.1 Is the data collected encoded as much as possible?
E3.8.2 Is only the data strictly necessary for the execution of the procedure collected?
Q3.8.3 Are data validation rules in place?
E3.8.4 Have appropriate retention policies been identified for each type of data?
Q3.8.5 Where necessary, has provision been made for the erasure of data to be carried out in a secure manner so as not to cause problems to the results of the respective procedures?
English