Design Standards

Deliver outcomes for customers, before solutions for government

Government services should meet the needs of the people you're designing them for. Research to learn about the problems they face and to get a deeper understanding of how to deliver a better experience for them.

Doing the right research from the start often avoids the time and cost spent on building the wrong thing.

What it means

  • have budget and time allocated to the people and tools you need to fully explore the problem space and iterate to get to the outcome
  • have people experienced in conducting diverse types of research at all stages of delivery so that you can fully explore the problem you are solving
  • ensure all team members understand the problem space and are working towards a common goal
  • use research to test any pre-determined solutions or early ideas and to help design with those who will use the service
  • explore opportunities that allow you to co-design solutions with people across agencies, platforms and channels so that you can have a joined-up, complete experience for the user
  • make sure there is accountability for the desired outcome and there is ongoing support for the team to iterate and improve or change a course of action when the evidence points that way.

Choose the right tech and tools

Good government services are flexible services that change and adapt when needed.

Technology choices on what to build or buy is fundamental to the success of a service. Poor decisions about tools, the skillsets of people who use the tools, and the platforms that the service runs on can be costly and all prevent your ability to change course when needed.

Have people with technical expertise review and select technology and vendors and show how those choices help teams deliver in a cost-effective way.

What it means

  • use vendors that transfer skills and knowledge into government. Procurement policy is designed to help with this
  • use modern application architecturesand approaches to create modular, connected, seamless, reusable, and resilient services
  • show how informed choices on tools, platforms, and vendors can support quality, flexibility, and value for money
  • consider investing to build something internally that saves effort and money over time
  • avoid being locked in to long term contracts so that it is easy for the service to adapt to change
  • have the time, money, and skills required to take advantage of new technologies and have a plan to manage any legacy technology the service might rely on.

Make it for everyone

Customer-facing and internal Government services must work for everyone who needs to use them.

Familiarise yourself with any legal requirements that advise how to make the service accessible to all.

Research and test your service with diverse user types, making sure not to exclude often underrepresented cohorts.

What it means

  • when researching and testing your service, do not exclude people with disability, language barriers, diverse cultural backgrounds, those with learning difficulties, and those with differences in ability that may be permanent, temporary, or situational
  • consider the situational and technological challenges of those in regional and remote communities without access to fast or reliable internet
  • test with assistive technologies that enable people with disability to interact with your service such as screen readers, voice recognition, and text to speech
  • comply with level AA (AAA if achievable) of the Web Content Accessibility Guidelines (WCAG) current standard and continuously test for compliance
  • work with owners of connected parts of the user journey to make sure you all meet the same accessibility standard
  • write in plain English and allow for alternatives to written English if achievable
  • ensure your funding will enable you to reach, recruit and test with these underrepresented cohorts.

Build in the open

Government has a responsibility to deliver value with public money. Being transparent about how you make decisions in the design and delivery of your products and services builds trust and customer satisfaction.

Openly collaborating with others delivers value to customers by driving reuse and increasing the diversity of service providers.

What it means

  • establish transparent team processes that engage stakeholders, document decisions, and share findings in the open unless there’s a reason not to do so, such as personal or sensitive information
  • use open-source technologies securely and share your source code so others can build on and reuse it.
    If appropriate, make your data available on data.nsw.
  • be accountable for decisions made on how your solution addresses a user need or problem if challenged
  • collaborate with others to reduce duplicate work and help different groups address user needs together
  • identify other areas within Government that have been working to solve similar problems, and work together to reduce duplication
  • Make sure you have people to support this effort right through the life of the service to keep it useful and viable such as a dedicated partnerships manager to identify and support teams to work with.

Have a multidisciplinary team

Establish a team with diverse skill-sets and thinking styles to work autonomously; empower teams to make decisions for the best service outcomes.

Employ the right people at the right time so that you can deliver over multiple releases and better the chance of building and maintaining a quality service for the user.

What it means

  • make sure your project team has the right mix of capability to solve the problem or opportunity.
    Bring different capabilities into the team as they’re needed, but make sure to transfer knowledge to new members to preserve momentum
  • have a blended team when using contractors and vendors so you can plan for skills, knowledge, and expertise to be transferred into government
  • support teams with engaged stakeholders and subject matter experts who are representative of all areas of the business, through all stages of the project
  • work together to agree on a purpose and set expectations
  • have a flat structure and safe culture so that everyone can speak, be heard, and contribute.

Measure and improve, don’t spin up and drop

Define what success looks like for the customers of your service and have the people and resources you need to continuously measure and improve its performance.

Iterating a service ensures it remains useful and cost-effective until it is no longer sustainable and transitioned to retirement.

What it means

  • budget for continual iteration so that the service remains useful until it is no longer sustainable
  • set up a team that can support changes in user needs, technology, or government policy to keep the service fit for purpose
  • establish how your service will be quantifiably measured; you should have channels to gather insights from users and be able to show how the outcomes delivered have solved the problem
  • use evidence from your learnings and actionable metrics about the problems your users face.
    Understand what they are trying to achieve at every stage of the service, so you can meet changing needs

Make it safe and secure from the start

Government systems and data must be protected and trusted. You can reduce risk and the cost of things going wrong later by ensuring the safety and security of your service design from the outset.

You should plan and budget to set up for risk mitigation and continue to track and test the safety and security of your service after every release.

What it means

  • teams should regularly meet with their local or departmental Information Security Officer (usually via your ICT section) to help to adhere to cyber security best practice and all mandatory reporting requirements in the NSW Cyber Security Policy
  • verify the stability and security of your services with continuous testing and identifying of vulnerabilities, such as conducting a penetration test prior to moving into production and retesting after it is released
  • plan to identify and assess online and offline security, user safety, and fraud risks to keep the service stable and safe for users
  • document decisions made by agencies working together and consider their respective risk appetites as they design - especially any integration points or interactions between systems
  • establish an approach to modernising legacy systems to mitigate any inherited security risks. Where this is not possible, ask if the solution supports legacy apps, how these risks are being captured, and associated controls implemented.

Look to reuse and make reusable

Minimise duplicated effort by reusing and contributing to extensively tested and proven tools, platforms, components, and patterns.

Actively sharing knowledge and transferring skills will leave things better than when you found them and deliver a reliable, consistent service for the end-user.

What it means

  • use the Design System and contribute to its continuous improvement​
  • use State Digital Assets​
  • design and build in a way that is responsive to the changing environment​
  • focus more on creating unique parts of the service, instead of what’s already been developed by others​
  • ensure you have explored the technical landscape across other agencies. Research and solutions adopted from others will save time and effort
  • reuse capabilities and platforms that capitalise on economies of scale to reduce the cost of providing the service​
  • reuse or repurpose work others have done, and build services that others can reuse and repurpose, such as API's and microservices.

Plan and protect users' privacy

Government is obligated to protect the personal information it collects, holds, and provides. Not meeting these obligations damages our customers' trust in government services.

Make sure you only collect the minimum amount of information necessary to solve the problem.

What it means

  • work with local privacy experts from the beginning and practice privacy by design to identify and minimise privacy risks through the life of the service
  • map where the service may collect, store, transport or supply personal information in a Privacy Impact Assessment. Update it as the service changes such as technology or legislations update
  • know the legal requirements when obtaining an individual’s informed consent and be transparent about the collection, storage, and intended use of personal information
  • store de-identified data separate from other personal information and apply appropriate levels of restriction, such as when using or integrating with platforms and between systems.

Work in a flexible, iterative way

Iterating a service based on the customer’s experience of it ensures it meets their needs. Agile ways of working means everyone involved in the service focuses on getting it into customers' hands as soon as possible.

Learn from how customers use a real service to quickly make changes and address problems found. This avoids the cost and poor customer experience of a pre-determined solution that may not end up working.

What it means

  • you follow agile ways of working to fail fast, uncover customer needs early and adapt
  • get support from decision-makers and people working with the team by keeping them aware of progress and new findings. Responsibility is then shared for outcomes when changes to the scope of the work are based on evidence
  • the team and decision-makers use the principles of agile governance to reduce risk, add value and drive quick cycles of quality improvement
  • test and release updates to working software frequently using a combination of automated and manual testing
  • use funding models that ensure that value is being delivered early and often, which support teams stopping at or returning to Discovery if evidence points that way.