You have been appointed as part of a consultancy team that has been commissioned to assess the management issues concerned with the delivery of an online system for the submission of personal tax returns for a large European country. The expectation is that this system will collect and process returns for 50% of the population within the first three years of operation and that this will represent taxes worth ~€93bn (£65bn, $132bn).
The system will be built and maintained by a private sector company with established expertise in the running of large-scale systems and the management of data centres. The credit rating of the company is AA.
The users of the system will be Government employees (who will have access to all data relevant to their job) and citizens (who will only have access to their personal data) using passwords generated by the Government but modifiable by the citizen.
The operational system will be run from a primary data centre located in a suburb on the outskirts of the capital city. A secondary back-up data centre is located in a nearby town approximately 25km from the capital.
Access to the system will be via a secure Government network (for Government employees) and via the Internet (for citizens). Citizens can download tax return software from the Government's web-site to complete their returns off-line.
Your client wishes you to assess the business continuity and security issues that will need to be addressed by the supplier of the system in order to assess independently the supplier's level of preparedness. Your specific role is to identify the ten key risks to which the system will be exposed and to suggest the best technological or procedural solution for mitigating each risk. You should also provide a justification for prioritising the individual risks.