I read with interest your article and comment on the Gateway reviews for the NHS National Programme for IT (Unheeded warnings highlight NHS flaws, www.computing.co.uk/2244750).

This large-scale programme has fundamental, but not unique, challenges. With a culture of non-accountability, no one wants to have to shoulder the responsibility for a lack of basic communication, the misinterpretation of the scheme as merely an IT project, limited ongoing buy-in from clinical staff as the programme changed, and inadequate programme and resolution management.

Effective communication is the lifeblood of any programme. If the scope and scale of the business requirements are not adequately recognised and understood, the complexity of the execution spirals, and without the hearts and minds of all stakeholders on board, there is little or no chance of success.

The view of the effort as an IT programme is also flawed. There is no such thing as an IT project. Every project has a business impact and benefit. The business case should be compelling and work for everyone. In this case, there is a substantial gap between the stated objectives and strategies of the programme and the real context in which they are delivered.

There has never been a widely accepted view of the “do-ability” of the programme. Perhaps what has been detrimental to this programme and many others is that suppliers are keen to win the business without full definition and acceptance of scope, challenge and risk.

Continuing failure to meet deadlines necessitates a fundamental change in approach to overcome root causes – for example, requirements not understood, business case not defined/believed, or a lack of delivery competency. I wonder how helpful the repeated “warnings” you mentioned have been. Do they come with remedies taking into account the deficiencies and defining what success looks like and how the programme can get back on track?

These reviews could be more proactive. Remedies must be specific and an action plan agreed with the relevant programme team. Collaboration is key – it is unclear whether or not the findings of these reviews were accepted by the people who matter. If a remedy is necessary, the governance for that review should include the execution of those remedies. If the remedies are not achieved, warning flags should be raised immediately without waiting for the next Gateway review to recognise that the same problem still exists. What is the point of project assurance if it doesn’t fix anything?

Peter Mayer

If you have staff who “take a mile rather than an inch”, I would suggest you have recruitment problems (Communication control, letters.computing.co.uk).

I manage a company that imposes no restrictions on the sites employees can access on the internet from work and we have not had any problems.

People spend time on the net when things are slack, but as long as they deliver their projects as expected, I don’t care. It is all about empowerment and responsibility rather than treating employees like children.

If your employees are not delivering, I would suggest they have bigger problems than being distracted by social networking sites. If they are delivering, why do you care when and how they take their brain breaks?

If your employees are not pulling their weight now, I’m fairly certain they will find other distractions if you block their net access. Such actions do not cure any problems, they merely drive the symptoms elsewhere.

Hugh, submitted on the web

These days, users are not fixed to a specific location or PC – so software should not be either (The unspoken software licensing debacle, jasonslater.computing.co.uk).

Although many people have laptops and can work anywhere, there is often a need to share licences, or for software to be floated between work and home.

Most software vendors do not consider the licensing of their software as a key component of the customer relationship. Increasingly, companies want to be able to share their software with vendors and/or outside consultants and this common demand is often only solved with piracy.

The demands for licensing flexibility do not align with the current business models in the software industry. Even software-as-a-service vendors have not figured it out – they still try to sell named-user access instead of a shared-access model. But offering a true service to customers should be independent of named users or machines. A more flexible approach to licensing would result in a competitive advantage, with more profit per unit/subscription sold.

Dave, submitted on the web

While the article on the relative merits of Microsoft and Google (Microsoft vs Google: you choose, www.computing.co.uk/2244381) was good, it failed to mention information security as one of the main issues.

Availability was rightly mentioned, but not confidentiality nor integrity of information. If a company entrusts its information to a public cloud, what standards will protect that data and who will indemnify the firm should their valuable information leak or be maliciously modified or deleted?

Cloud computing has a place for business, but how big a place will depend on how much trust it can generate and not how capable or cheap the solutions are.

Peter Wenham

I hope we see more software vendors licensing software to a person instead of to a machine (The unspoken software licensing debacle, http://jasonslater.computing.co.uk).

Users demand flexibility in how they use their software. For example, if I wanted to share my licence for a particular piece of software for a day with a co-worker, I should be able to do that. Software vendors need to look at supporting floating licences around various PCs. Current licensing approaches are draconian and treat customers like criminals.

Andrew, submitted on the web

I take issue with Andrew Thomas’ letter about the use of social media in business (Trusting sociable staff, letters.computing.co.uk).

Phone calls are open and obvious in their nature, sitting and tapping at a keyboard is not. We have an acceptable use policy at my firm, we are open about why it is necessary and have presented each member of staff with the policy and talked it through with them to prevent abuse. This is vital to all businesses as this issue is a people problem rather than a technical one.

However, despite this, several staff members have spent hours a day posting on Twitter, Bebo, Facebook, and the like. We eventually stopped access to these sites other than during the lunch hour. This involved buying expensive software and is a cost that should not be required.

We do not live in an ideal world, Mr Thomas. There will always be staff who take a mile rather than an inch and this has to be controlled – it is called management.

Alistair, submitted on the web

I must take issue with Andrew Thomas, founder of Social Media in a Corporate Context, when he says that if staff are trusted with a telephone, they should be trusted with social networking software (Trusting sociable staff, letters.computing.co.uk).

Using a telephone is a highly visible activity – visible in terms of colleagues and visible in terms of phone bills. If someone were to abuse the use of a phone, the evidence would be there for all to see and hear.

My company is trying to minimise call spend as far as possible as this may be seen as a perk of the job and personal calls could eat into the bottom line. Any spend that doesn’t move the business along can end up costing people’s jobs.

Updating a Facebook entry or using Twitter is a hidden activity at the desktop. If someone is typing away, without looking at the screen would anyone else be able to distinguish between someone finishing a report to a tight deadline, or someone involved in a hectic session of: “Last weekend was amazing – what are we doing this weekend?” We can run a proxy server report, but then we step into the trust issues raised by Mr Thomas.

Social networking has its place. However, without a cohesive business strategy for its use, there are any number of caveats and there needs to be a balance between a trusting, social-networking environment in the office – with responsible use – and a free-for-all that results in the work becoming of secondary importance and the viability of the company suffering.

Besides, anyone who works in manual labour will often have no access to social – or any – networks and there is no issue of morale or trust there.

Mark Evans

Baruch Atta’s opinion that Cobol is a cinch (letters.computing.co.uk) is an interesting one.

In development terms, it is probably easier than other languages, but I would have thought the main problem was one of maintenance.

I recall many years ago having to amend a three-page nested “IF” statement that I found to be “out in the open and available” – a pity that the documentation was not.

Alec Gibbons

Virtualisation enables operational benefits, whether it is application or hardware virtualisation (Half of IT managers see no benefit from virtualisation, www.computing.co.uk/2243049).

While virtualisation leads to savings, it also imposes new challenges. With regard to monitoring and management, while this is supported well at infrastructure level, it is not at the application level.

Specifically, managing application service levels and isolating problems may be more complex than in non-virtualised environments.For example, monitoring systems are not built for on-demand virtualised environments, which leads to high administrative costs. At the application level, flexible monitoring tools supporting transactional tracing and relation of application performance metrics to those of the underlying virtualised environments are crucial.

Alois Reitbauer

I work for an organisation that has been using virtualisation for about four years and you don’t even need a GCSE in economics to see the operational and cost benefits (Half of IT managers see no benefit from virtualisation, www.computing.co.uk/2243049).

Creating development environments, patching, migration, server provisioning and service resilience are all benefits that merely scrape the surface, and there are so many more that I could almost write a dissertation on the subject.

I would love to know more about why these IT managers don’t see the benefits.

David McAdam