February 24, 2024

We are creating some awesome events for you. Kindly bear with us.

EXCLUSIVE – Consolidating ICT infrastructure through innovative adopt and adapt approach

EXCLUSIVE - Consolidating ICT infrastructure through innovative adopt and adapt approach

OpenGov spoke to Aaron Liu, Chief Information Officer (CIO) at the Department of Justice in New South Wales. Mr. Liu talked about getting the basics right, consolidating onto common platforms and common systems wherever possible. He talked about moving to the cloud, their innovative approach to ERP implementation and discussed public access to information.  

Can you tell us about your role?

I am the Chief Information Officer for Department of Justice, NSW. We are a complex organisation. We look after the courts and tribunals , correctional services, juvenile justice, liquor and gaming. We also provide services to a number of agencies such as Trustee and Guardian, Information and Privacy Commission,. We also have Arts within our portfolio at the moment.

What are your areas of focus in the short to medium term?

Our foremost priority is getting the basics right. That involves consolidating onto common platforms and common systems wherever possible.

We have completed our basic work on ICT infrastructure and the network layer. We have moved to cloud services within NSW government data centres. A lot of the technology platforms have moved to as-a service model.

Our next priority is moving forward to exploit those opportunities within those platforms and start on a journey of application and data consolidation.

We are moving the ERP to a consolidated platform in an as-a-service model.

Can you tell us more about the ERP consolidation?

Our ERP solution is quite different compared to how ERPs have been established in the past. It took us a while to get the model right. We wanted the advantages of cloud as a service but also have a commercial construct  that could appropriately manage the risks of going to cloud.

For us, moving to the as-a-service model had some risks. What if the vendor decides to exit the market, what if they go bankrupt? Operations being interrupted even on temporary basis, correctional officers, judges not getting paid, is unacceptable.

So, we negotiated a fairly innovative commercial construct with the vendor, who had done something similar for the Singapore government. We took it a step further however, negotiating comprehensive transition out scenarios and leveraging shared corporate services standards developed within NSW government, as a pre-blueprinted software- as-a-service solution for ERP.

Part of that innovation included a transparent commercial model for managing customisation. We followed a concept called adopt and adapt. The consumption based pricing model ensures we take up 90% of the functionality, based on NSW government standards out of the box. The remaining 10% is available customised to enable it to fit our local business needs, in areas that won’t necessarily be commoditised.

That allowed us to almost turn upside down the way we implemented the ERP. It was one of the most rapid ERP implementations, consolidating 8 separate ERPs and multiple solutions. We were able to do it because we used pre-blueprinted business solutions. So, it’s just a matter of deploying them very rapidly across multiple business units.  It’s not the normal Waterfall approach. Other clusters such as Family and Community Services have now taken advantage of our model and have also signed on. This means broader benefits for government are already being realised.

When was this process started?

The contractual negotiations probably took the longest. They happened over a period of around 12 months. Our first proof-of-concept, that we called Wave 0, went live within 6 months. Subsequent waves basically dropped massive implementations every 6 to 9 months.

We are in the midst of it. We have a wave going live around the end of October or November. We expect to complete the project within 12 to 18 months.

What are the challenges you face in the process of digital transformation?

Part of it is being agile enough and building the leadership and capability. Innovation in some ways needs to be driven from the top and encouraged from the bottom. It needs a cultural change. We have to move internal IT people, government executives, business people to think differently about how they currently do things, as opposed to moving forward with the status quo. We have to challenge old assumptions.

There are unique risks for government, which might not exist in the private sector. Having the right framework, so that we are able to utilise opportunities and innovations safely is a key challenge. For instance, creating a risk-based framework that enables cloud to be adopted, while mitigating the risks.

What is your basic approach for moving to the cloud?

I think cloud is just a different way of consuming what was traditional IT. We have to ensure that the we fully understand the TCO (Total cost of ownership), the risks, the opportunities within the cloud. We cannot go at it blindly, just because it is the fashionable thing to do. We approach it in a way that allows us to obtain the benefits but manage the risks associate with it.

It does not have to be public cloud. We need to consider whether we use private cloud in a Gov DC environment, or public cloud within a Gov DC environment, or public cloud beyond a Gov DC environment. The buzz word right now is hybrid cloud. Different workloads and different use cases will fit in different models.

But for me, cloud is default way of doing things. There’s nothing left on premise for us.

There are some areas, where the risk might be a little bit higher than we would like it to be. We have agencies with quite sensitive information. So, I don’t foresee everything going to public cloud in the short term. There will be some degree of hybrid. But that will shrink over time, as market innovations in public cloud capability catches up and exceeds on-premise in terms of security and compliance.

What are you doing in terms of cybersecurity?

We need to build up our cybersecurity capabilities. We have moved from being reactive in information security to being pro-active.

But cybersecurity requires thinking beyond the traditional ISO 27001 risk-assessment approach. It actually needs us to almost think like the hackers, the people who want to steal your data or impact your services.

In some cybersecurity threats, the motives and operations are actually not technology-driven. They are more about social engineering, practice and culture. So, cybersecurity today requires a holistic and multi-layered approach. Cyber security needs to consider us to think differently about incident management and response in a different way. Breaches will happen. No amount of investment in technology can prevent it. Its how we manage incidents, communicate with the community and respond to breaches that is sometimes overlooked.

Are you working on anything to improve access of information by the public?

Yes, we have done some initiatives. We still have a long way to go. The challenge for us is cleaning up the legacy. But now that we have started on the clean-up journey and we are fixing the basics, we can look at exposing the data to citizens.

For example, we have a crime tool in the Bureau of Crime Statistics and Research, an agency within the Department of Justice. We worked in an innovative way with a small vendor for exposing quite rich crime statistical data for NSW in a net-based interface. It actually drills down quite deep into statistical information. It’s the first of its kind in the world.

We have also provided services for accessing data around things like family history and genealogy. Some of those are revenue generating as well.

Government has a wealth of information. We have to decide what should be freely accessible, what should be protected.

Some of the challenges that we have to face revolve around privacy and security. We have to ensure security for the information we hold. We have to consider the purpose the information was originally provided for.

The trend is to use that information in multiple ways. We have to put some forethought into what the implications of that information might be. There might be unforeseen outcomes. We need to take care to make sure we get that right.

For instance, consider the addresses of offenders living in the community and the details of their crimes. Is that something the public has a right to know?  Does that mean that person will not get insurance or something? Will that affect their job prospects?

There are ways of exposing that information without impacting privacy, like de-identification of the data. We have to explore those and find the correct balance. 


Qlik’s vision is a data-literate world, where everyone can use data and analytics to improve decision-making and solve their most challenging problems. A private company, Qlik offers real-time data integration and analytics solutions, powered by Qlik Cloud, to close the gaps between data, insights and action. By transforming data into Active Intelligence, businesses can drive better decisions, improve revenue and profitability, and optimize customer relationships. Qlik serves more than 38,000 active customers in over 100 countries.


CTC Global Singapore, a premier end-to-end IT solutions provider, is a fully owned subsidiary of ITOCHU Techno-Solutions Corporation (CTC) and ITOCHU Corporation.

Since 1972, CTC has established itself as one of the country’s top IT solutions providers. With 50 years of experience, headed by an experienced management team and staffed by over 200 qualified IT professionals, we support organizations with integrated IT solutions expertise in Autonomous IT, Cyber Security, Digital Transformation, Enterprise Cloud Infrastructure, Workplace Modernization and Professional Services.

Well-known for our strengths in system integration and consultation, CTC Global proves to be the preferred IT outsourcing destination for organizations all over Singapore today.


Planview has one mission: to build the future of connected work. Our solutions enable organizations to connect the business from ideas to impact, empowering companies to accelerate the achievement of what matters most. Planview’s full spectrum of Portfolio Management and Work Management solutions creates an organizational focus on the strategic outcomes that matter and empowers teams to deliver their best work, no matter how they work. The comprehensive Planview platform and enterprise success model enables customers to deliver innovative, competitive products, services, and customer experiences. Headquartered in Austin, Texas, with locations around the world, Planview has more than 1,300 employees supporting 4,500 customers and 2.6 million users worldwide. For more information, visit www.planview.com.


SIRIM is a premier industrial research and technology organisation in Malaysia, wholly-owned by the Minister​ of Finance Incorporated. With over forty years of experience and expertise, SIRIM is mandated as the machinery for research and technology development, and the national champion of quality. SIRIM has always played a major role in the development of the country’s private sector. By tapping into our expertise and knowledge base, we focus on developing new technologies and improvements in the manufacturing, technology and services sectors. We nurture Small Medium Enterprises (SME) growth with solutions for technology penetration and upgrading, making it an ideal technology partner for SMEs.


HashiCorp provides infrastructure automation software for multi-cloud environments, enabling enterprises to unlock a common cloud operating model to provision, secure, connect, and run any application on any infrastructure. HashiCorp tools allow organizations to deliver applications faster by helping enterprises transition from manual processes and ITIL practices to self-service automation and DevOps practices. 


IBM is a leading global hybrid cloud and AI, and business services provider. We help clients in more than 175 countries capitalize on insights from their data, streamline business processes, reduce costs and gain the competitive edge in their industries. Nearly 3,000 government and corporate entities in critical infrastructure areas such as financial services, telecommunications and healthcare rely on IBM’s hybrid cloud platform and Red Hat OpenShift to affect their digital transformations quickly, efficiently and securely. IBM’s breakthrough innovations in AI, quantum computing, industry-specific cloud solutions and business services deliver open and flexible options to our clients. All of this is backed by IBM’s legendary commitment to trust, transparency, responsibility, inclusivity and service.

Send this to a friend