ICT STRATEGY
2014 / 2018
 LOWER OPERATIONAL COSTS
 INCREASE REVENUE
 REDUCE RISK
‘BUILDING TRUST
THROUGH FACILITATION’
USING IT AS A
BUSINESS ENABLER
2
3
Foreword by the
Commissioner General
Highlights by the
Head of ICT
aspects from core business operations, administrative
As set out in this document, our ICT strategy will maintain
to ensure we remain at the forefront of technology in the
The vision of ICT Department is ‘To achieve fully integrated
the operational fabric to help minimize customer contacts,
public sector.
electronic customer service’, while the mission is ‘To
to provide effective self-service and electronic options for
our customers, and to support our business operations
with appropriate and evolving set of tax administration
applications and productivity tools. We will continue to
develop business intelligence and data mining capabilities
to support KRA’s focus on using risk-based approaches to
support
functions
through
This second ICT strategy aims at achieving excellence in
revenue administration through organizational renewal,
innovation, and enhanced staff productivity geared towards
customer focus. The key initiatives will include putting in
place a business continuity management plan; embracing
emerging smart technology investment decisions that will
enable realization of strategic business objectives that
embrace analytics to obtain knowledge and insights that
will grow the internal culture of fact-based decision making.
As more taxpayer services are provided over the Internet
and Mobile technologies, either directly through our
own channels or indirectly via service provider platforms
and other government sites, their continued availability,
security and performance are becoming increasingly
critical to both the running of the Authority business and
public perception.
Our ongoing business initiatives will require the evolution
of our ICT governance mechanisms to better manage all
to
project
selection,
implementation and review.
The dynamic environment in which we operate, coupled
with advances in technology means that we must continue
to innovate and adapt our business processes while
delivering predictable and reliable day-to-day services. We
will continue to leverage on emerging technology trends
while embracing change management for best practices,
and hence make whatever adjustments are necessary
It is my hope that this strategy will make the interaction with
the Authority pleasurable for all stakeholders with a view to
improving compliance, and ultimately enable achievement
of the government development agenda by mobilizing the
much needed resources.
JOHN K. NJIRAINI, MBS
COMMISSIONER GENERAL
JUNE 2015
6.ICT Risk Management - Enhancing integrity of
ICT infrastructure, systems and information: KRA is
committed to proactively identifying and mitigating
ICT risks.
7.ICT Service Delivery - Improving efficiency of ICT
service delivery: Our goal is to make working with and
within ICT Department enjoyable by re-engineering the
way the department does business under the ‘Trust and
Facilitation’ approach to service delivery, supported by
outsourcing of professional services as necessary.
8.IT Governance - Enhancing IT governance: We shall
improve IT governance in KRA to enhance compliance
with best practice frameworks, standards, procedures
and governance policies.
transform tax administration by providing innovative
technology solutions and quality ICT services’. The theme
of the second strategy is ‘Building trust by enabling
customers through enhanced business value of ICT’.
The strategy focuses on the following eight strategic
themes that need major revision and expansion with the
stated objectives:
tackle non-compliance in all its forms.
4
This Second ICT Strategy 2014/15–2017/18 sets
out an overall vision and defines the key IT principles,
policies and processes for the four-year corporate plan
period. It will be used as the blueprint for future
KRA service delivery programmes, while providing
a framework to exploit and leverage on existing and
emerging technologies and best practices to transform
business processes through simplification and agility,
to achieve full electronic customer service as set out in
the Authority’s Vision 2018 corporate strategic goal.
Guided by its vision and mission, revenue reforms
and administration programme, and strong
government support over the last decade, Kenya
Revenue Authority (KRA) is acknowledged as a tax
authority that has progressed to a customer centric
institution. This has ensured that we remain at the
forefront in exploiting technology to provide enhanced
services to citizens and businesses, to deploy improved
compliance programmes and maximize revenue
collection, and to drive organizational culture change.
1.Business Systems - Increasing efficiency and
effectiveness of business systems operations: KRA’s
business approach is to offer integrated on-line services
and self service to our customers in an efficient and
effective way.
Other elements from the previous ICT Strategy are revised
appropriately to take account of new business landscape,
environmental changes, priorities and fresh thinking.
These include Workgroups and Collaboration, Application
Development, the KRA Portal, Data Warehouse and
Business Intelligence, and Enterprise Service Bus.
The key strategies and action points to be implemented
over the strategy period are given for each theme.
This strategy was refreshed during the first year to align
2.ICT Infrastructure - Increasing availability of business
systems: Our goal is to enhance availability of business
systems and ensure continuity of business operations.
it with the Sixth Corporate Plan, which was finalized in
3.Enterprise Information Infrastructure - Establishing
a managed enterprise information infrastructure: To
improve the quality of information, we shall establish a
managed enterprise information infrastructure.
technologies, KRA will continue to realize gains in
4.Business Enablement through Technology Leveraging on ICT to enhance business capability: To
improve our ability to deliver services and enhance
taxpayer compliance, KRA shall continue to leverage
on existing and emerging technologies and innovations.
This strategy shall be the basis of all automation initiatives
5.ICT Project Management - Improving project
portfolio management: To enhance value from project
investments, KRA shall institutionalize professionalism
in ICT project selection and management.
EZEKIEL K. SAINA, HSC
DEPUTY COMMISSIONER, INFORMATION
& COMMUNICATION TECHNOLOGY
JUNE 2015
the 2015/16 financial year. Through prudent selection,
innovative use, and effective administration of information
effectiveness, productivity, staff development and job
enrichment to better meet the needs of our customers.
in the Authority, and will therefore be the main reference for
strategic ICT initiatives as well as operational ICT plans.
5
Table of Contents
Foreword by the Commissioner General
Highlights by the Head of ICT
Table of Contents
Acronyms and Abbreviations
1. Introduction
1.1 Overview of Kenya Revenue Authority
1.1.1 Purpose of KRA
1.1.2 Organization
1.2 ICT Overview
1.3 Implementation of the 1st ICT Strategy
2. Vision, Mission, Theme and Core Values
2.1 Vision
2.2 Mission
2.3 Strategy Theme
2.4 Core Values
3. Situational Analysis
3.1 Internal Environmental Analysis
3.2 External Environmental Analysis
3.3 IT as a ‘Strategic Business Enabler’ and the ‘Game Changer’
4. The Strategy
4.1 Business Systems
4.1.1 Strategic Objective, Strategies and Outcomes
4.2 ICT Infrastructure
4.2.1 Strategic Objective, Strategies and Outcomes
4.3 Enterprise Information Infrastructure
4.3.1 Strategic Objective, Strategies and Outcomes
4.4 Business Enablement through Technology
4.4.1 Strategic Objective, Strategies and Outcomes
4.5 ICT Project Management
4.5.1 Strategic Objective, Strategies and Outcomes
4.6 ICT Risk Management
4.6.1 Strategic Objective, Strategies and Outcomes
4.7 ICT Service Delivery 4.7.1 Strategic Objective, Strategies and Outcomes
4.8 IT Governance
4.8.1 Organization and Governance
4.8.2 Strategic Objective, Strategies and Outcomes
4.9 The 2nd KRA WIDE IT STRATEGY AT GLANCE
5. Strategy Implementation
5.1 Implementation Plan
5.1.1 Internal Consistency
5.1.2 Annual Planning
5.1.3 Budget
5.1.4 Communication of the Strategy
5.2 Monitoring and Evaluation
5.2.1 Setting Performance Targets
5.2.2 Monitoring Performance
5.2.3 Performance Evaluation
5.3 List of Stakeholders Consulted
6
Acronyms and Abbreviations
4
5
6
7
8
8
8
8
9
9
14
14
14
14
14
17
17
18
20
24
24
24
25
25
26
27
27
27
28
28
28
29
29
30
30
30
30
31
34
34
34
34
34
34
34
34
35
35
35
BET
Business Enablement through Technology
BPR Business Process Reengineering
BYOx
Bring Your Own anything
CAC Change Advisory Committee
CCC Change Control Committees
CMMI Capability Maturity Model Integration
CRM Customer Relationship Management
DWBI
Data Warehouse and Business Intelligence
EDMS Enterprise Document Management System
ERM Enterprise Risk Management
ERP Enterprise Resource planning
ESB Enterprise Service Bus
iCMS Integrated Customs Management System
ICT Information and Communication Technology
ICTA
Information and Communication Technology Authority
IPR Intellectual Property Rights
iTax Trade Mark for the Integrated Tax Management System
ITIL Information Technology Infrastructure Library
KRA Kenya Revenue Authority
LAN Local Area Network
MIS
Management Information Systems
PaaS
Platform as a Service
RCoE Requirements Centre of Excellence
SCT Single Customs Territory
SMEs
Small and Medium Size Enterprises
SOA Service Oriented Architecture
TIMS Tax Invoice Management System
WAN Wide Area Network
WOA Web Oriented Architecture
7
1/
Introduction
The role of KRA in the economy includes:
1.1 Overview of Kenya
Revenue Authority
1.1.1 Purpose of KRA
The purpose of the Authority is assessment, collection,
administration
and
enforcement
of
laws
relating
to revenue.
The Kenya Revenue Authority (KRA), herein
referred to as the Authority, was established by an 1.1.2 Organization
Act of Parliament, Chapter 469 of the Laws of The Authority is a Government agency that runs its
Kenya, which became effective on 1st July 1995. operations in the same way as a private enterprise. In
The Authority is charged with the responsibility of order to offer better single-window services to taxpayers,
collecting revenue on behalf of the Government of KRA is divided into Five Regions as follows: Rift Valley
Kenya. A Board of Directors, consisting of both Region, Western Region, Southern Region, Northern
public and private sector experts, makes policy Region and Central Region. KRA is divided into the
decisions to be implemented by KRA Management. following nine main departments (see Figure 1.1): a.
The Chairman of the Board is appointed by the Customs & Boarder Control (C&BC), b. Domestic Taxes
President of the Republic of Kenya. The Chief (DTD), c. Investigations & Enforcement (I&E), d) Strategy,
Executive of the Authority is the Commissioner Innovation & Risk Management (SI&RM), e. Corporate
General who is appointed by the Minister Support Services (CSS), f. Kenya School of Revenue
Administration (KESRA), g. Internal Audit (IA), h. Ethics &
for Finance.
Integrity (E&I), and i. Legal Services & Board Coordination
(LS&BC).
Commissioner General
Internal
Audit
Kenya School of
Revenue
Administration
(KESRA)
Investigations &
Enforcement (I&E)
Corporate Support
Services (CSS)
Human
Resources
Ethics &
Integrity
(E&I)
Legal Services &
Board Coordination
(LS&BC)
b)To advise on matters pertaining to the administration
or/and the collection of revenue under written laws;
KRA operates in an environment that demands significant
c)To enhance efficiency and effectiveness of tax
administration
by
eliminating
bureaucracy,
procurement, promotion, training and discipline;
d)To eliminate tax evasion by simplifying and streamlining
procedures and improving tax payer service and
education, thereby increasing the rate of compliance;
e)To promote professionalism and eradicate corruption
amongst K.R.A. employees by paying adequate
salaries that enable the institution to attract and
retain competent professionals of integrity and sound
ethical morals;
Finances
Procurement &
Supplies Services
Regional Offices
Administration
& Logistics
Security
ICT
Strategy, Innovation & Risk
Management (SI&RM)
Corporate Risk
Management
Marketing &
Communication
Corporate Tax
Dispute Resolution
Research
Knowledge
Management &
Corporate Planning
Information and Communication Technology Department in
reliance on automation as a result of advances in IT and
telecommunication that is facilitated by an enabling legal
and regulatory framework in the country. The mandate
of ICT in KRA is to support KRA business objectives and
play the role of a ‘change enabler’ in the modernization of
business operations and support systems.
KRA has a centralized IT infrastructure platform with a
primary and secondary Data Center. The regional offices
are connected to the Data Centers through a Wide Area
Network (WAN) infrastructure. The main IT applications in
KRA include the Simba system for Customs operations
f) To restore economic independence and sovereign
pride of Kenya by eventually eliminating the perennial
budget deficits by creating organizational structures
that maximize revenue collection;
and the Integrated Tax Management System (iTax) for
g)To ensure protection of local industries and facilitate
economic growth through effective administration of
tax laws relating to trade;
1.3 Implementation of
the 1st ICT Strategy
i) To facilitate distribution of income in socially acceptable
ways by effectively enforcing tax laws affecting income
in various ways; and
Board of Directors
Domestic
Taxes (DTD)
1.2 ICT Overview
h)To ensure effective allocation of scarce resources in the
economy by effectively enforcing tax policies thereby
sending the desired incentives and shift signals
throughout the country;
Figure 1.1: The Organization Structure of KRA
Customs & Border
Control (C&BC)
a)To administer and enforce written laws or specified
provisions of written laws pertaining to assessment,
collection and accounting for all revenues in
accordance with these laws;
j) To facilitate economic stability and moderate cyclic
fluctuations in the economy by providing effective
tax administration as an implementation instrument
of the fiscal and stabilization policies and Being a
‘watchdog’ for the Government agencies (such as
Ministries of Agriculture, Health, Finance, etc.) by
controlling exit and entry points to the country to
ensure that prohibited and illegal goods do not pass
through Kenyan borders.
Domestic Taxes operations.
The first KRA ICT strategy was developed in November
2005 as a modernization roadmap for the transformation
of the Management Information Systems (MIS) Department
in line with the technology trends and to re-align the KRA
operational systems along the business strategic direction.
Various projects were identified for implementation over
a period of five years starting from December 2005. The
current plan came to an end in December 2010, although
its implementation has continued until 2014. The in-house
SWOT analysis revealed a number of lessons. The key
lessons have been summarized in Table 1.1.
Table 1.1: Lessons from Implementation of the First ICT Strategy
ORGANIZATIONAL ICT
MANAGEMENT ASPECT
LESSONS
Systems Implementation
Need
for thorough BPR, requirements definition, acceptance and
QA approach
Need
to undertake
minimize resistance
change
management
among
the
staff
to
Avoid
scope changes and creep
Importance
of a comprehensive and tested roll out and roll back strategy
System
performance greatly hampered by several integration points
8
9
ORGANIZATIONAL ICT
MANAGEMENT ASPECT
LESSONS
Remove
option of reverting back to manual system
There
is need to include security risk analysis in project planning and
implementation
Project Management
Projects
should be well conceptualized, adequately resourced & with
proper criteria (entry/exit) for starting and closure
Proper
testing of delivered products is cardinal
It
is important to have an institutionalized project management and
communication framework in place
Need
for permanent and dedicated project teams for implementation and
roll out
Internal
and external stakeholder management, communication and
sensitization should be given priority
Contractors
- Need for proper contractor management, to avoid
contractor driven initiatives, to stick to the contract terms, and not to
allow contractors to sit at decision organs
Need
for institutionalization of an ICT strategic management process
Human Resources
Need
for early knowledge transfer
Adequate
corporate management support is important for the project –
in terms of funding and attention
and
the provision of customer-focused services by effective
critical enabler to improvement of business processes
and operations of the Authority. The key aim of ICT
Department is to achieve efficiency and effectiveness in
ICT service delivery. The objective of this document is to
present the second KRA ICT strategy that incorporates
lessons learnt from implementing the first ICT strategy
and effectively responds to changes in KRA’s internal and
external environments.
2.Alignment
with the Corporate Plan
implementing the fifth corporate plan, whose life ends in
therefore necessary to ensure alignment with the sixth
corporate strategic plan. The sixth corporate plan views
ICT as game changer in revenue administration. This is
observed from the corporate strategic plan’s strategic
priority four, which addresses ICT directly and is stated as:
‘Enabling business by leveraging on technology to achieve
Demonstrated
leadership in use of IT in the public sector
Influenced
other government agencies in the use of technology
Having
higher appetite for timelines than quality
Bad
planning culture (non-existent)
No
respect of non-disclosure of information in projects
corporate strategic plan that had not been realized by
June 2014 will either be implemented or facilitated by the
strategies set out in this document.
The second ICT strategy is also aligned to the second
medium-term plan of Vision 2030, the KRA Vision 2018
Corporate Strategic Goals, as well as the National ICT
corporate strategy of 2015.
3.Methodology
The methodology that was used to develop this strategy
used a framework from popular strategic management
literature that adopts a planning perspective whilst at the
same time flexible enough to allow for multiple stakeholders
participation. The framework used is summarized in
Table 1.2.
full electronic customer service and enhance operational
efficiency and service delivery in line with best practice, to
achieve high customer satisfaction levels”. This strategic
a)Fully automated single collector: this requires an
expansive and expensive ICT programme to be
implemented. There will be need to seek innovative
ways of meeting the ICT development requirements.
Improve
strategies on contractor support/maintenance
The ICT outputs and performance targets in the fifth
Master Plan (2014-2017). It’s also aligned to the sixth
There
is need for infrastructure capacity planning
Maintenance
should be included in the procurement requirements
the ‘game changer’ in support of KRA’s business
departments to increase efficiency by simplifying,
standardising, automating work procedures to
enhance transparency in taxpayer transaction leading
to overall operational excellence.
management of ICT services in the Authority. ICT is a
goal has the following objectives of making KRA:
Plan
for retirement of obsolete infrastructure components
10
Information
Proper
assessment of infrastructure requirements should be carried out
Include
infrastructure requirements in business requirements
Culture
through
June 2015. In developing this second ICT strategy, it was
Organizational
political goodwill is crucial in implementing reforms
Leadership
Authority
Need
to build capacity in business analysis and institutionalize
Requirements Centre of Excellence (RCoE) to ensure that requirements
are adequately defined
Need
for improved literacy and uptake of ICT
Maintenance & Support
Revenue
Communication Technology Department is committed to
KRA has institutionalized strategic planning and is currently
There
should be proper structures for knowledge transfer
Infrastructure
Kenya
of the Second ICT Strategic Plan
There
should be a long-term automation and IT infrastructure architecture
and plan
Open
source requires more technical support
Corporate Management
1.Objective
b)Full electronic customer service provider: whereas
KRA is approaching the technical requirements for
full electronic service, the country’s ICT development
index (IDI) will constrain the private sector’s ability to
take up the services requiring a considerable effort to
promote uptake.
c)
Make ICT a ‘Game Changer’ in Accountability
and Integrity (allowing us to plug the leak instead
of continuously bailing out water) and to exploit
technological advances to improve service delivery
(e.g. cloud computing to reduce capital costs, attend
to security concerns and reduce impact of limited
ICT staff), mobile platforms, etc). The Corporate Plan
envisions IT as a ‘strategic business enabler’ and
11
Key Questions
Outline Description
Methods Used
Output (Result)
1. Where are we?
Appraisal of both the
Data collected from internal Critical ICT environmental
internal and external
and external stakeholders
environments of KRA,
in consultative meetings.
analysis
with respect to ICT
(SWOT Analysis)
2. Where do we want
Establishing the strategic
Workshop with
to go?
direction of KRA with
ICT personnel.
respect to ICT (ICT Vision,
Mission and Core Values)
• Common vision for ICT
• ICT mission
• Theme for strategy
• Core values
3. How do we get there?
Developing ICT strategy
Workshop with ICT
(Strategic Themes,
personnel.
Strategic Objectives,
Strategies and Expected
• Strategic Objectives
• Strategies
• Outcomes
Outcomes)
• Strategic interventions
or initiatives
4. How do we know
• Developing
Workshop with ICT
whether we are getting
implementation plans for
personnel and selected
there or not?
the ICT strategy (KPIs
KRA business managers.
and targets)
• Implementation plan
• Monitoring and evaluation
plan
• Monitoring and evaluation
framework for the
implementation of
the ICT strategy
The methodology was designed to be highly participatory, as is evident from Table 1.2. In addition to the workshops
indicated in Table 1.2, the draft ICT strategy was presented to business and ICT managers, KRA Top Management, the
Procurement & Disposal and Information & Communication Technology Oversight Committee of the Board, and the KRA
Board of Directors.
The next chapter presents the vision, mission and core values of the ICT function in KRA. It also provides the theme for
the second ICT strategy. Chapter three analyses both the internal and external environments and identifies the strengths,
weaknesses, opportunities and threats. The following chapter describes the strategy in terms of strategic objectives,
strategies and expected outcomes for each of the eight strategic themes identified from the situational analysis in chapter
three. The final chapter outlines how the strategy will be implemented. This includes the implementation plan, prioritization
of the strategic initiatives to be implemented, monitoring and evaluation, ICT organizational structure, the financial
implications of the proposed strategic initiatives, project implementation roadmap and the critical success factors.
12
VISION, MISSION,
THEME & CORE VALUES
13
2/
Vision, Mission, Theme and
Core Values
The vision, mission and core values of the KRA ICT function have
been developed and aligned to those of the corporate. In addition, we
have provided the theme that will guide the implementation of the second
ICT strategy.
2.1 Vision
2.3 Strategy Theme
2.4 Core Values
The KRA corporate theme is:
We adopt the following corporate core values:
BUILDING
TAXPAYER
TRUST
THROUGH
FACILITATION FOR ENHANCED TAX COMPLIANCE
a)Competence: We ensure competency, efficiency and
achieving excellence.
b)Trustworthy: We uphold highest standards of trust
and honesty.
The theme of the second ICT strategy is:
BUILDING TRUST BY ENABLING CUSTOMERS
THROUGH
ENHANCED
BUSINESS
VALUE
OF ICT
c)Helpful: We are committed to effective empowerment
and facilitation.
d)Ethical: We commit to treat everyone with dignity,
esteem and fairness.
The KRA corporate vision is:
TO FACILITATE KENYA’S TRANSFORMATION THROUGH INNOVATIVE,
PROFESSIONAL AND CUSTOMER-FOCUSED TAX ADMINISTRATION
The figure below illustrates how the various strategic initiatives converge to define the overall ICT vision.
The vision of ICT Department is:
TO ACHIEVE FULLY INTEGRATED ELECTRONIC CUSTOMER SERVICE
2.2 Mission
The KRA corporate mission is:
BUILDING TRUST THROUGH FACILITATION SO AS TO FOSTER COMPLIANCE
WITH TAX AND CUSTOMS LEGISLATION
The mission of ICT Department is:
TO TRANSFORM TAX ADMINISTRATION BY PROVIDING INNOVATIVE
TECHNOLOGY SOLUTIONS AND QUALITY ICT SERVICES
The strategy envisions a technology architecture that provides a secure interface to the various
service delivery channels including offline batch (uploading offline files, e.g. Tax Returns
in iTax), third party systems and facilitates data abstraction from various data sources to
KRA applications systems via an enterprise service bus.
14
15
3/
Situational Analysis
Internal and external environmental analysis is
critical in understanding the conditions within which
organizations operate. These conditions can either
be facilitating or hindering the organization towards
excellence performance. Further, such a strategic
environmental analysis provides an appreciation of
the capabilities of an organization and the external
factors that affect it. Therefore the analysis results
in the identification of strengths, weaknesses,
opportunities and threats (SWOT), which provide
a good indication of what the future strategies
will be.
Shared Government Facility, Communication Links with
major redundancy links to the primary and backup site.
Adoption globally, of IPv6, structured and tiered network
at Data Centre (Access, Distribution and Core layers,
each with fail-over redundant configuration). End user
equipment - Access to LAN and wireless access points
and Variety of user owned devices. The key on-going ICT
infrastructure project includes supply, installation, testing
and commissioning of the necessary physical infrastructure
From the above account, KRA has substantial investment
in ICT infrastructure, with 90% of KRA stations having
ICT infrastructure. This strength enables adoption of
new technology, supports faster automation of services,
3.1 Internal
Environmental Analysis
3.1.1 Existing Business Systems
There are 35 different business systems in KRA,
categorized as follows: 11 support Customs and Boarder
Control, 5 supports Domestic Taxes Department, 11
support Corporate Support Services, 5 support Road
and has resulted to increased PC to Officer Ratio to
enable easier access to IT services. KRA however faces
weaknesses including lack of technology infrastructure
architecture framework and standards, poor infrastructure
capacity
planning,
poorly
developed
applications,
inadequate maintenance arrangements, as well as poor
vendor management and inadequate clean power. These
weaknesses can hamper delivery of quality services to
users and stakeholders, including reduced availability
of services.
Transport and 3 are general in nature. From the investments
above, it can be observed that a key strength is that the
Authority has made substantial investment in business
systems. However, there have been weaknesses in the
processes of implementing ICT enabled and supported
business systems in the following areas: Development and
Deployments, Project Management, Change Management,
Obsolete & Legacy Platforms, Integrations, Enterprise
Information Architecture and the Portal.
SITUATIONAL ANALYSIS
Currently, only Information Systems Security policies has
been developed and approved as a corporate policy,
whilst other policies and standards are in the form of work
instructions or procedure manuals. To ensure that there is
continued and professional governance of IT services in
the Authority, policies and standards governing service
delivery, service support and development, amongst
3.1.2 Existing ICT Infrastructure
In terms of LAN/WAN communication links and end
user equipment, KRA has invested a lot, including: Data
Centre – Servers, Server Operating System Platforms,
Application Platforms, etc. running critical databases;
16
3.1.3 Existing Policies and Standards
others, need to be to be completed. This will enable ICT
and the Authority, as a whole, to improve service delivery
and support, avoid duplication of roles/processes leading
to high cost of IT delivery, enhance business continuity
and enhance the quality of application software products.
A related weakness is poor IT service support, largely
17
due to low maturity level of IT service management and
inadequate business continuity and data recovery. This
needs to be addressed in order to provide better quality
of service delivery, enhance customer satisfaction and
increase ICT credibility with business
3.1.4 Existing Organizational Structure and
Human Resources
A key strength is that KRA has a large number of highly
skilled and competent ICT staff. This enables the Authority
to easily adopt best practice standard and technology
without much training, easily adapt to technological
change, quickly implement tasks and assigned initiatives,
and reduce dependency on consultants. Despite this
strength, there is inadequate staff skills development.
This weakness has arisen because of inadequate skills
and knowledge transfer from vendors, inadequate
skills development program, and workload imbalance
amongst staff. This can lead to poor service delivery, high
staff turnover, lack of initiation and innovation and
inadequate motivation.
3.1.5 Vision 2018 Initiative
The Authority has formulated a Vision 2018 initiative
under the Sixth Corporate Plan with the strategic
objective to leverage on technology and best practices
to transform business processes, through simplification
and agility, to enhance governance and achieve fully
electronic customer service. It is therefore imperative that
ICT initiatives in the second ICT strategy must principally
support the above strategic Vision.
3.2.1 National Policy and Legal Framework
Kenya has undergone some recent changes at the
national level which led to the creation of the ICT Authority
in 2013, and whose mandate is to rationalize and
streamline the management of all Government of Kenya
The following is an outline of KRA’s external environment,
summarizing the opportunities available to the Authority
and the threats.
leading to possible disruption of services. If this threat
of remittances collection to KRA and National Public Key
is not addressed, the Authority will be unable to provide
Infrastructure – digital signing and authentication of digital
reliable services. There will also be the additional cost
documents e.g. Taxpayer transaction documentation.
of investing in redundant systems and physical security.
The opportunities offered by these regional and national
developed and launched a National ICT Master Plan
initiatives include capacity building through sponsored
(2014-2017). The National ICT Master plan is aligned to
technical training and leverage on diverse skill sets
the second MTP of Vision 2030 and other national policies
among regional stakeholders, infrastructure upgrades
and strategies, providing a basis for ensuring alignment
(servers, storage and communication links), and less
with national policies and strategies. Additionally, the ICT
duplication of data, leading to consistency and efficiency
Authority has also developed national standards on ICT.
in common processes. There are however threats,
These developments at the national level provide KRA
including divergence in technology and standards among
with opportunities to leverage on the national initiatives
stakeholders that may lead to ineffective and /or inefficient
such as national data hubs, digital payments, shared
integration and data challenges, additional administrative
services, and national ICT standards that provide for
overheads and information security challenges.
integration and interoperability with other government
towards a digital government and the implementation
of devolution as outlined in the Kenya Constitution
(2010) offer opportunities for reforms in tax law and
regulations, thereby creating avenues that can enhance
revenue collection.
3.2.3 Economic Factors
The cost of ICT equipment and systems is high. It
therefore means that it is costly to invest in ICT initiatives.
This threat leads to low investment in ICT. This threat is
made worse by the weakness of perennial inadequacy
of financial resources in the Authority, based on the ICT
3.2.2 Broader E-Government
Government Initiatives
and
Other
Finally, Kenya has increasingly become a litigious society.
This threat means that more resources might be spent
on litigation.
3.2.5
budget to overall operational budget benchmark for
tax administrations. It is also made worse by reliance
on conditional external funding. In addition, there is a
Technological Developments
In the recent past, there has been tremendous progress
in information technology that can be said to be
transformative. The technology space rapidly changes,
bringing faster processing speeds, greater storage
capacity, bigger volumes of data sets, new architectures
for
agencies. In addition, the current Government’s drive
information
and
applications,
and
advanced
software. Examples of these developments include big
data, cloud computing, mobile telephony, capacity for
complex computation, storage and networks, application
development architecture (SOA and WOA), IT service
management (ITSM), mobile technology and bring your
own device (BYOD) concept, and business intelligence
and data warehousing. All these provide different avenues
for doing business and require organizations to carefully
harness the opportunities provided by such expanding
IT capabilities to create value to consumers, businesses
and bring socio change.
There are increased developmental activities at the East
significant reliance on external funding. This may often
Africa regional level such as the development of regional
not serve the interests of the Authority given the other
The Authority needs to leverage on these emerging
integration that has given rise to ICT initiatives to facilitate
interests that this funding has to serve.
technologies and concepts to expand and widen the tax
trade among the countries of East Africa. The following
net, enhance tax compliance, improve service delivery
are some of the projects resulting from the initiatives:
and availability, enhance data integrity leading to better
Single Customs Territory (SCT), Real-Time Monitoring
System, Cargo Control System (RTMS/CCS), One Stop
Revenue Authorities Digital Data Exchange (RADDEx),
sponsored by USAid and Kenya National Electronic
Single Window System (KNESWS), developed and
3.2.4
Socio-Cultural Factors
According to the Communications Authority of Kenya
(CAK) sector statistics for the January-March 2014
period, there is increased access to mobile telephone
for the Kenya’s general public, which stands at 31.8
operated by KenTrade.
million subscriptions. Despite this positive development
Likewise, at the national level, there are some efforts
IT for business purposes especially for Government to
towards automation by several Government agencies.
These national initiatives provide opportunities for
KRA, and include the following: Integrates Population
Registration Data System (IPRS) which is a source of
nominal taxpayer data for KRA systems (e.g. iTax) and the
National Digital Registry Service (NDRS) that will see the
implementation of a digital People Registry coordinated
18
compliance. In addition, there is the increased insecurity,
Service. National Social Security Fund (NSSF) delegation
ICT functions. Further, the ICT Authority has recently
Border Post (OSBP), sponsored by JICA, Regional
3.2 External
Environmental Analysis
by Kenya Citizens and Foreign Nationals Management
however, there is low public awareness and access to
Citizen (G2C), which requires adequate computing power
that is not available on the typical mobile phones used by
Kenyans to access Internet and web-based resources.
However at the business levels, while access to the
G2C services is available, there is observed resistance
to change. If this threat is not addressed, there will be
low levels of usage of systems, leading to low levels of
image and reduced corruption, reduce the total cost of
ownership and maintenance of infrastructure, enhance
corporate image and enable collaboration with partners.
There are however threats associated with the emerging
technologies and concepts. These include increased
number of vulnerabilities due to use of diverse devices,
inability to cope with technological changes, unreliable
third party managed network segments (up to last mile
from service providers’ points of presence) and integration
with partners that do not conform to standards.
Although outsourcing is one of the opportunities
presented by developments in technology, it is deemed
to be critical to the Authority and therefore treated
separately below.
19
3.2.6 Outsourcing
Outsourcing application development depends on the
type of service needed, complexity, urgency and the
of tax payers across all taxes they are associated with.
Whereas the first ICT strategy focused on reducing
in keeping with the highest value of honesty, uprightness,
SARS is using a debt management case solution which
interactions with taxpayers and enhancing revenue
integrity and impartial application of the law. On the one
has helped them seal loopholes in VAT refunds.
collection, the second strategy focuses on enhancing
hand, it must be shown that the public machinery with
governance, promoting insight-driven processing and
regard to taxation and application of privileges is exempt
quality customer service through innovative ways and
from corruption. On the other hand, the same machinery
best practices.
must endeavor to punish the taxpayer’s evasive behavior
skills required. KRA has at the moment outsourced
In Rwanda Revenue Authority, relevant initiatives include
the
wide
mobile telephone facility (M-Declaration), involving
area network services, internet services, maintenance
mobile declaration and payment of taxes. It is a USSD
services,
commercial
centre
platform able to work with Rwanda’s MTN-Mobile
services
and
Authority
money, Tigo Cash or Airtel Money to facilitate declaration
should take advantage of outsourcing opportunities to
and payment of taxes by SMEs. There is also the tax
outsource more.
calculator facility, which makes all tax computations easy.
following
infrastructure-related
security
backup
services:
power,
appliances.
call
The
In addition, there are opportunities to outsource
The Uganda Revenue Authority has implemented
managed services, such as Infrastructure as a Service,
e-Services, involving the management of tax obligations
Software as a Service and Platform as a Service. The key
online; Tax Assistant, an interactive process that answers
benefits include cost savings, ability to scale in response
tax related questions; and Tax tools, a set of tools that
to demand (agility), speed of access and better quality
assists in calculation of tax obligations. The Mauritius
of service provision. The potential threats of outsourcing
Revenue Authority has implemented internet banking,
include the high cost of IT outsourcing and potential for
where payments can be effected online; an SMS facility
job losses.
where taxpayers can pay their income tax dues by SMS
in an upright and fair manner. Above all, measures should
be in place for reducing discretion and evasion. The
3.3.3 Realization of the Vision
Authority will apply technology to achieve these goals
In order to address the current business challenges, with
effective social communication to the public; to not only
the ever-changing business environment and evolving
technologies, it was critical that a new ICT Strategy
was developed to support KRA’s vision and business
strategies as we seek to transform tax administration to
realize the desired vision, thus:
Current State  2nd ICT Strategy  Transformation 
Realization of KRA Vision
The telecommunications infrastructure in most of the
country, especially in rural areas is either unavailable or
poor. This is due to poor national coverage, few players
in the market and the high cost of the infrastructure.
In addition, the commercial power supply is unstable
or poorly available across the country. These two
weaknesses imply that the Authority cannot rollout IT
3.3 IT as a ‘Strategic
Business Enabler’ and
the ‘Game Changer’
3.3.1 Alignment to the 6th Corporate Plan
infrastructure to all regions and that the cost of running
In order to ensure that ICT initiatives fully support the
IT and redundant systems/infrastructure is high. Finally,
corporate strategic objectives under the Authority’s Vision
the legal infrastructure or legislation is inadequate for
2018, the automation strategic initiatives were derived
data protection. This makes it difficult to adopt emerging
from the identified strategic objectives under the Vision,
technologies e.g. cloud computing.
taking into account existing/ongoing ICT initiatives.
These were then subjected to a priority evaluation
matrix. This process ensured the required ‘business-ICT’
3.2.8 Relevant Initiatives in Other Revenue
Authorities
alignment. Based on the evaluation matrix, the identified
There are automation initiatives in other revenue
implementation success through best practices, world
authorities that KRA could benchmark with. For example,
South African Revenue Services (SARS) has implemented
that provides taxpayers calling the Contact Centre with
20
3.3.3.2 Enhance Transparency and Fairness in
Tax Administration
Greater
transparency
can
in
Government-to-Business
dramatically
improve
investor
effective application of ICT to support KRA’s business
objectives of becoming a fully automated single collector,
and providing customer-focused services, aims to steer
the Authority towards the desired vision over the three
(3) year corporate plan period through well-orchestrated
public services to the population, and increase public
confidence in democratic institutions. In support of KRA
corporate strategic objectives on enhancing transparency
and fairness, the ICT strategy will seek to:
Promote
openness in designing and implementing public policy,
Provide accountability (Promote trust/confidence in the
programmes and initiatives.
integrity of systems and sets standards for conduct),
The strategic objectives of the 2nd ICT Strategy are:
and present incentives for compliance and deterrents for
To
enable KRA to be a fully collaborative government
agency that co-creates and connects with both
Kenyan Citizens and other government agencies, and
county governments.
To
enhance KRA’s capability to consistently deliver
value nationally, regionally across its borders,
and internationally, and hence contribute to the
Government’s goal of global competitiveness and
digital economy under the Vision 2030 initiative.
Deter corruption/bribery and Influence taxpayer behavior,
non-compliance.
3.3.3.3 Enhance Operational Efficiency and
Service Delivery
It is critical that the 2nd ICT strategy enables efficient
and effective service delivery in order to create a globally
competitive environment in such areas as: Ease of doing
ICT initiatives to be pursued were aligned to the strategic
business, Ease of trading across borders, and Ease of
business objectives. The approach also aimed to improve
paying taxes. These goals will be achieved through the
class solutions and sound business cases.
The Strategy therefore focuses on application of IT
ICT strategy in the following ways:
best practices to support the five strategic objectives
a)Efficient and effective service delivery to create
a globally competitive environment in such areas
as, Ease of doing business, Ease of trading
across borders and Ease of paying taxes. Efficacy
is increased mostly by standardisation and
uniformity of procedures; to the extent this is feasible.
Improve access to more services channels for
payment of taxes.
identified above, as elaborated below.
mobisite, a mobile version for filing returns on mobile
phones. A second initiative is the Help-You-eFile facility
activities that affect them.
confidence, spur economic growth, provide better
Therefore, the 2nd ICT Strategic Plan, incorporating
National Infrastructure
keep them informed but to also participate in public
interactions
using Orange Money Service.
3.2.7
by ensuring transparency, accountability, integrity and
3.3.2 Value Proposition Parameters
3.3.3.1 Increase Voluntary Compliance
live assistance. This enables a SARS agent to view the
Realization of KRA’s Vision 2018 therefore envisions IT
same screen as the taxpayer to assist in identifying the
as a ‘strategic business enabler’ and the ‘game changer’
According to best practice, it is essential that the public
problems they are experiencing. A further innovation is
that will support KRA’s business departments in their
must perceive: That there is equity and the notion of
single registration, a facility that allows single registration
relentless pursuit of operational excellence.
fairness in taxation, and the tax system is administered
21
b)Analytic and customer relationship capability to
assist the Authority to manage vast amounts of
structured and unstructured data, make sense of
it and generate insights that enable it to connect
with taxpayers at every touch point effectively, thus
maximizing value with each interaction.
c)Integration capability within core applications to
empower users to view and advice taxpayers on
queries regarding their transaction status and
related queries. Self-help capabilities integrated with
business applications to ensure taxpayers have selfservice without calling to KRA.
d)Simplification of (or making it easy to use) the most
frequently used features in tax systems for taxpayers,
such as filing returns, Obtaining supporting
documentation, Querying tax status, Paying taxes,
among others.
e)Use of the Internet, Mobile and other Technologies.
This modality allows for instrumentation of
massive consultation and reach mechanisms for
taxpayer groups.
f) Leveraging/exploitation of emerging technologies
and concepts to enhance business capability
to innovatively grow application of technology
to enhance business capability to better serve
taxpayers, and embrace change in tax culture, while
optimising IT/telecommunications investment.
g)
Trade facilitation through accelerated cargo
clearance and monitoring across borders using
non-intrusive means. High system availability with
continuity arrangements in line with the Authority’s
enterprise risk management policy. Regional trade
and Integration. Deploying ICT-enabled applications
at critical points along the supply chain e.g. customs,
ports and border crossings; and implementing a
national single window system for data management.
h) Application of geographic information systems (GIS),
satellite technologies and decision-making tools.
Effective administrative support and improved level
of automation for enhanced operational efficiency
and service delivery. Application of ICT solutions
with transformative power (high impact) in each of
the business areas and with potential for replication
or scaling-up, and Corporate Performance
Management.
Effectively
manage
corporate
operational performance management to improve
KRA’s performance and to improve employee
productivity (key driver of corporate performance).
3.3.3.4 Combating Tax Evasion and Fraud
a) Identification of Taxpayers, to adequately know and
identify the taxpayers. Differentiation of Taxpayers
and applying risk profiling to apply strategies on the
basis of aspects related to the concepts of reliability
and tax risk, to treat taxpayers according to their tax
risk profile. Segmentation of Taxpayers, to stratify
taxpayers based on some specific characteristics
such as economic activity, amount of revenues,
taxes under which they are registered, withholding
agent status, etc. which allows for the establishment
of equitable and specific rule treatments.
b)
Collaboration with other government agencies
and county governments on practical aspects
of exchange of information with key partner
organisations to leverage on 3rd party information for
compliance purposes. Provision of a single source of
compliance information, for decision making both at
operational and strategic levels.
c)Tax intelligence and analytics, to facilitate business
intelligence and data mining capabilities to support
KRA’s focus on using risk-based approaches to
tackling non-compliance to detect fraudulent
behaviour and potential tax evasion, and to provide
analytic capability to users for better decisionmaking and revenue growth. Enhance IS Security
with electronic signatures for the required level of
trust and confidence in tax information.
3.3.3.5 Business Enablement through Technology
Under the 2nd ICT strategy, KRA will grow and innovate
information technology (IT) while managing IT spend
and agility trends, driven by the following emerging
technologies: mobile devices, cloud services, social
technologies, and big data/analytics, to support, enable
and optimize the Authority’s business operations, to
promote agility and improve business capability to deliver
business, including lowering costs, increasing revenue
and reducing risk.
The cloud gives speed, ‘lowers’ operational costs, and
is transformative. Big data will facilitate data-driven
(including 3rd party data) decision-making; transforms
business,
increases
revenue,
increases
customer
intimacy, and improves business operations, resulting in
agility, i.e. efficiency, control and choice.
With the increasing business expectations and the need
Combating tax evasion can be done by creating
to get ahead of the curve in order to assure business
tax awareness, thus raising the level of compliance.
value, as part of implementing the strategy under this
ICT will be employed to achieve these objectives,
theme, we shall transform and redefine the ICT function,
including through:
embracing outsourcing, to bridge the gap between
THE STRATEGY
business and ICT.
22
23
4/
The Strategy
S1.3: Develop and/or acquire quality information systems
to effectively support business using commercial off-theshelf approaches (where practical and affordable) as
well as using cross-departmental and government
shared services
support business by using the impetus of new business
efficiency and effectiveness of business operations
consists of identified themes together with associated
in a cost effective way. In this regard, there is need to
strategic objectives, strategies and expected outcomes.
integrate business systems; to replace and retire non-
The strategic ICT themes are the key issues that
value-adding application systems; to contain the high
the Authority needs to address if it is to improve its
cost of maintaining the existing business systems; to
performance over the plan period. The themes, which
effectively enforce existing standards and IT change
are derived from the situational analysis presented in
procedures; to adopt formalized business requirements,
Chapter 3, drive the strategy and failure to adequately
system and infrastructure design standards; to ensure
and satisfactorily address the challenges associated
business continuity in case of disruption; and to enhance
with them will adversely affect realization of the strategic
capacity in procurement, contracting and vendor
objectives. After a comprehensive analysis of the current
management. In addition, there is need for segregation
and future business automation needs in the Authority,
of roles in business systems; adequate involvement
eight strategic themes were identified for action:
of business users in requirements elicitation and user
S1.8: Review and implement the application development/
acceptance testing; adoption of an appropriate systems
acquisition strategy
2.ICT infrastructure
cycle management policy; and adequate and friendly
service offerings/channels and self-service interfaces.
3.Enterprise information infrastructure
4.Business enablement through technology
5.ICT project management
6.ICT risk management
7.ICT service delivery
8.IT governance
4.1.1 Strategic Objective, Strategies
and Outcomes
In respect of business systems, the Authority will pursue
the following strategic objective:
STRATEGIC OBJECTIVE 01: To offer integrated
online services and self-service to our customers
in an efficient and effective way
The other elements of the strategy are strategic
objectives, strategies and expected outcomes. The
following sections outline why each strategic theme is
important and state the strategic objectives and specific
strategies to be pursued to address the challenges in the
thematic area, as well as the key outcomes to be realized.
In order to achieve the above objective, the Authority will
pursue the following set of strategies:
S1.1: Develop and implement a clearly defined business
application architecture, which ensures that all business
products work transparently as a unified service offering
S1.2: Review and improve standards on development,
acquisition, integration and maintenance of business
4.1 Business Systems
There is compelling need to offer integrated online
services and self-service to KRA customers for increased
24
programmes and technology opportunities to move the
The ICT strategy adopted a thematic approach that
1.Business systems
systems in growing our applications portfolio as set out in
the Corporate Plan and annual business plans, applying
appropriate CMMI standard to ensure better quality and
more repeatable processes
There is need to evolve IT infrastructure in order to ensure
good performance, scalability, and continuous availability
of business systems while protecting corporate data, and
S1.4: Maintain existing information systems to effectively
development methodology; adoption of a technology life
4.2 ICT Infrastructure
bulk of our applications to the functionally and technically
thus ensure continuity of business operations. This will
be achieved by implementing appropriate technologies,
based on flexibility, simplicity and standards-driven
reference
enterprise
technology
architecture,
for
‘safe’ quadrant of our portfolio assessment matrix
evolution to continuous availability of IT systems,
S1.5: Review existing business systems and retire those
it is imperative:
that do not deliver value or are obsolete
integrated backup and recovery of data. In this regard,
management
To
have adequate funding for sustaining and
refreshing ICT infrastructure,
S1.7: Build capacity in procurement contracting and
To
create a clear equipment refreshment and
retirement strategy, minimizing disparate/nonstandard ICT infrastructure and platforms
S1.6:
Institutionalize
a
requirements
function in the Authority
vendor management to ensure effectiveness in lead-time
planning for procurement
To
strictly enforce support and maintenance contracts
There is need to stop the habit of each initiative having
its own infrastructure/servers, which leads to inefficient
utilization of resources. There is also need to deal
S1.9: Skill up the development teams and migrate
with challenges of unreliable power and inadequate
towards more flexible service oriented architecture
coverage of infrastructure, particularly power and
(SOA) approaches, including adoption of an Enterprise
telecommunication services. In addition, it is important to
Service Bus (ESB), based on an illustrative ESB
have in place appropriate arrangements for better vendor
framework/architecture
management and for skills and knowledge transfer
S1.10: Maintain the Java standard and the open source
from vendors.
Eclipse toolset as the IDE of choice, as well as Subversion
as the primary platform for software management and
version control.
4.2.1 Strategic Objective, Strategies
and Outcomes
In this respect, the Authority will pursue the following
Pursuing the above strategic objective and strategies will
strategic objective:
realize the following outcomes:
STRATEGIC OBJECTIVE 02: To enhance availability
Oc 1.1: Reduced cost of acquisition and maintenance of
business systems
of business systems and ensure continuity of
business operations
Oc 1.2: Increased efficiency and effectiveness of
business operations
Oc 1.3: Simplify the construction, integration and
This objective will be achieved by pursuing the following
set of strategies:
flexible re-use of technical business components using a
S2.1: Upgrade and maintain ICT infrastructure while
standards-based service-oriented approach.
exploiting virtualization and consolidate technologies,
and taking advantage of the government-wide shared
services framework
S2.2: Continue with the current Operating systems mix
and database management system mix of commercial
25
Oracle and DB2, and open source SQL Server, Postgres
S2.9: Outsource services that are more effectively
and MySQL, maintaining a reasonable balance between
performed by third parties using appropriate outsourcing
business requirements and economic considerations.
models
S2.3:
The outcomes of pursuing the above strategic objective
Incrementally
implement
Virtual
Desktop
Infrastructure (VDI) as a tactical solution for mobile access
and to extend the life of older PCs and applications, and
to implement the Bring Your Own anything (BYOx) concept
S2.4: Maintain the current mix of open system hardware
and strategies are:
Oc 2.1: Continuous availability of business systems
Oc 2.2: Improved response times in service continuity
platforms, as a flexible, reliable, scalable and value for
money combination, and retire legacy server environments
S2.5: Develop and implement vendor relationship and
support and maintenance framework for ICT infrastructure
S2.6:
Manage
technology
infrastructure
life
cycle
and capacity
4.3 Enterprise Information
Infrastructure
The need for enterprise information infrastructure is
driven by the need to shift emphasis from ‘operational’
S2.7: Expand LANs and WANs in new stations, evolving
business activities to ‘compliance’ activities based on risk
the network offerings to include the widespread use of
analysis and intelligence-led decision-making. We need to
wireless technologies and address related security issues
become more proactive in our response to data received,
S2.8: Continue the transition to shared voice, video and
data networks and the exploitation of Voice over Internet
Protocol (VoIP) and Video Conferencing technologies for
cost savings and business opportunities
relating data from one source to another, with our systems
automatically reacting to any anomalies detected. Our
information management strategy also needs to address
challenges in the management of a growing volume
of unstructured data. The typical layers in enterprise
information management are as depicted below.
4.3.1 Strategic Objective, Strategies
and Outcomes
and strategies are:
Oc 3.1: Reduced cost of acquisition and maintenance of
There is thus need to establish a managed enterprise
information infrastructure by pursuing the following
strategic objective:
STRATEGIC OBJECTIVE 03: To improve the quality of
information by establishing a managed enterprise
information infrastructure
business systems
Oc 3.2: Enhanced quality of service delivery to internal and
external stakeholders
Oc 3.3: Make data, information and intelligence better
understood by the business
Oc 3.4: Enhance KRA Web presence
In order to achieve this objective, the Authority will pursue
the following set of strategies:
S3.1: Build a centralized master information/data source of
related information for use in multiple systems
S3.2: Continue the implementation of the data warehouse
and business intelligence (DWBI) project
Typical Layers in Enterprise Information Management
The outcomes of pursuing the above strategic objective
4.4 Business Enablement
through Technology
To improve its ability to deliver services and enhance
taxpayer compliance, KRA will need to leverage on
existing and emerging Information Technologies (mobile
S3.3: Implement tools to maintain quality enterprise
devices, cloud services, social technologies, and Big Data/
information and to transfer data from operational systems
Analytics) to support, enable and optimize the business; to
and other sources to the data warehouse
promote agility and improve business capability to deliver
S3.4: Implement a metadata project with supporting
policies, and adopt XML as the definition standard
S3.5: Consider the latest portal technologies in the
business, and to spend more on innovation through growth
and innovation of IT while managing IT spend and agility
trends, and thus ‘lower’ total cost of ownership (TCO) of
ICT services.
redesign of the current KRA website and Intranets
S3.6: Continue to enhance and upgrade the existing
Knowledge Management capabilities
S3.7: Liaise with other government agencies to introduce
Unique Universal Identifier to standardize taxpayer entities
S3.8: Leverage on the National ICT Master Plan to improve
interfaces with third party sources
S3.9: Make collected information more accessible via
metadata or data about data
26
4.4.1 Strategic Objective, Strategies
and Outcomes
From the foregoing, the Authority thus needs to upscale
the leveraging on ICT to enhance business capability by
pursuing the following strategic objective:
STRATEGIC OBJECTIVE 04: To improve service
delivery and taxpayer compliance by enhancing
and leveraging on existing and emerging
technologies and innovations.
27
In order to achieve this objective, the Authority will pursue
In implementing the strategy in this theme, the Authority
ICT security risks have become a major challenge in the
S6.5: Support and assist in the development of the
the following set of strategies:
shall adopt project implementation best practices. This
public service in Kenya. Firstly, there is need to address
KRA
will require transition from traditional waterfall model to
the key sources of risks through eliminating multiple user
agreed standards
an agile project execution approach of prioritizing project
accounts by creating a single view of users; increasing
products and subjecting them to requirements, design,
enforcement and awareness of ICT policy and standards;
integration, testing and deployment one at a time and
and implementing effective application controls during
making decisions based on realities during execution.
systems design. Secondly, there is need to reverse the
S4.1:
Institutionalize
Business
Enablement
through
Technology (BET)
S4.2: Implement a Customer Relationship Management
(CRM) solution, and upgrade the existing contact
negative perception of business managers of the integrity
centre solution
S4.3:
Continuously
identify
and
adopt
emerging
technologies and concepts to enhance business operations
S4.4: Benchmark against best practice technologies in
other administrations
4.5.1 Strategic Objective, Strategies
and Outcomes
The Authority therefore needs to urgently institutionalize
ICT project portfolio management. In order to do this, it will
pursue the following strategic objective:
S4.5: Develop and implement a framework for managing
emerging technologies
using RFID technologies, GIS technologies, Smartphones
and
PDAs,
among
other
emerging
technologies
enhance value
from ICT project investments by institutionalizing
professionalism
in
project
selection
and
management.
and concepts
The pursuit of the above strategic objective and strategies
will realize the following outcomes:
Oc 4.1: Increased Taxpayer compliance
Oc 4.2: Widened tax base
Oc 4.3: Reduced cost of ownership
Oc 4.4: Bridge the gap between business and ICT
In order to achieve this objective, the Authority will pursue
the following set of strategies:
ICT project management is critical to the enterprise to
ensure projects are initiated or implemented within the
project management framework in order to effectively
enforce change, project management procedures, and
discipline in planning, prioritization and selection of ICT
projects, and projects closure. The pillar will facilitate a
transfer from vendors; adequate projects documentation
while interfacing with stakeholders. There is also need for
and to enhance information security and hence protect the
perimeter of the IT platform while promoting trusted IT, by
(ISMS), toward the implementation of a holistic approach
to cyber security, projects management and best practices
in IT governance to address both business challenges and
technical issues.
Further, it is necessary to incorporate information security
during project planning; adopt an ICT security and risk
management framework; adopt a data governance
selecting automation projects
and ensure effective management of emerging technologies
S5.2: Review and enforce ICT Project Management
and concepts, e.g. BYOxs and Cloud Computing.
S5.3: Review and enforce ICT project monitoring and
S5.4: Implement knowledge transfer programmes
S5.5: Develop and implement a framework for managing
vendor and partner relationships
The pursuit of the above strategic objective and strategies
will realize the following outcomes:
4.6.1 Strategic Objective, Strategies
and Outcomes
4.6 ICT Risk Management
pursue the following strategic objective:
STRATEGIC OBJECTIVE 06: To enhance the integrity
of the Authority’s ICT infrastructure, systems and
information by proactively identifying and mitigating
ICT risks.
This objective will be achieved by pursuing the following
set of strategies:
S6.1: Implement the state of the art security system
to
S6.6: Establish and operationalize an Alternate Data
Centre and Disaster Recovery plan in accordance with
international standards and guidelines
S6.7: Only allow other agencies to access KRA data and
processes, where appropriate, in a secure manner taking
cognizance of data protection requirements
S6.8: Explore setting single-sign-on capability for our
applications as a long-term objective
S6.9: Continue to implement PKI technology for sensitive
applications/functions, and to track biometrics, smart
cards and similar technologies to enhance security of
our assets
S6.10: Address data loss prevention and in particular the
USB security issue, where appropriate, and incorporate
appropriate new rules in our IT usage policies and
guidelines for staff
S6.11: Work towards formal ISO27001 security certification
for our ICT services
S6.12: Appoint a security officer and bind IT security into
S6.13: Perform an independent IS audit to provide an
assurance about the state of the IT environment.
The outcome of pursuing the above strategic objective and
strategies is:
Oc 6.1: Improved confidentiality, integrity, availability and
accountability of KRA services
4.7 ICT Service Delivery
With the increasing business expectations and the need to
get ahead of the curve in order to assure business value,
in the spirit of ‘IT as a Business Enabler’ (refer to Section
IT as a Service (ITaaS) model, and to make working with
KRA recognizes that risks are caused by people, systems
(CCC) and Change Advisory Committee (CAC).
S6.3: Review and enforce ICT and information security
and external events. These causes of risks trigger risk
policies and standards, embracing international standards
and system failure, or damage to assets.
strategy
S6.2: Effectively manage infrastructure and system access
coordination of project based Change Control Committees
place health and safety, environment, business disruption
Management
In respect of ICT risk management, the Authority will
Oc 5.1: Improved ICT project portfolio planning
Oc 5.2: Enhanced attainment of ICT project objectives
Continuity
the overall KRA enterprise risk management framework
Standards
events, which may include fraud (internal or external), work
28
KRA is committed to identify and mitigate business risks
framework, including data integrity and data classification;
corporate and departmental mechanism for vetting and
accepting ICT projects; adequate skills and knowledge
Management (ERM).
S5.1: Institutionalize structural mechanisms for vetting and
evaluation in line with best practice
4.5 ICT Project
Management
in ICT processes and adherence to Enterprise Risk
implementing Information Security Management System
STRATEGIC OBJECTIVE 05: To
S4.6: Develop and implement an infrastructure architecture
of ICT personnel and ensure adequate risk assessment
Business
S6.4: Publish integrity index for all departments in a
quarterly newsletter
4.4.2), one of KRA’s goals is to embrace and institutionalize
and within ICT Department enjoyable by transforming and
redefining the ICT function to bridge the gap between
business and ICT, and to improve ICT operations and
29
systems management for enhanced and efficient delivery
The pursuit of the above strategic objective and strategies
of ICT services, while creating convergence of ICT staff
will realize the following outcomes:
and leveraging on outsourcing of services as necessary.
This includes embracing the “Trust and Facilitation” culture
to service delivery.
Oc7.1: Business agile and flatter ICT organisational
structure
Oc7.2: Increased retention of ICT staff
4.7.1 Strategic Objective, Strategies
and Outcomes
following strategic objective:
STRATEGIC OBJECTIVE 07: To improve the efficiency
S8.5: Improve communication within ICT and between ICT
Oc7.4: Increased ICT HR capacity
ICT services to business units to ensure and maintain a
customer service focus.
4.9 The 2nd KRA Wide IT Strategy at Glance
STRATEGY PILLARS
FULLY AUTOMATED
SINGLE COLLECTOR
CORPORATE
ICT STRATEGIC
STRATEGY
OBJECTIVES
GOAL
For the Authority to achieve this objective, it will pursue the
4.8.1 Organization and Governance
IT governance is concerned about ensuring the effective
Enhancing
Service
Delivery by
providing Fully
Electronic
Customer
Service to
increase
Efficiency and
Effectiveness
Of Business
Operations
(Fully
Automated
Single
Collector)
spirit of getting ahead of the curve in order to assure
business value
and efficient use of ICT in enabling the Authority to achieve
its business strategy. For example, there is need for the
Authority’s ICT function to adopt IT best practices of
standardization, simplification and automation, as well as
Governance, Risk and Compliance (GRC) in order to reduce
S7.2: Recruit experienced staff with relevant skills in line
overall ICT costs, increase business impact, improve
with best practice
quality of service, manage risk, and provide transparency.
S7.3: Develop, enhance and build ICT skills capacity
In this regard, it is imperative to ensure that appropriate
organizational and governance structures are in place.
S7.4: Effectively deploy and manage human resources
S7.5: Develop and implement a strategic remuneration
scheme for talented and highly skilled ICT staff
S7.6: Review processes of ICT in line with service
orientation
S7.7: Implement framework contracts to allow sourcing of
specialized skills on need basis
S7.8: Continue to use ITIL to frame the delivery,
based service delivery support framework as appropriate
STRATEGIES/INITIATIVES
1.5 Queue management solution. (QS)
1.6 Quality Management Solution (QMS)
1.7 Develop and implement a clearly defined
Business Application Architecture (BAA)
1.8 Review and improve standards on Application
Development, Acquisition, Integration and
maintenance of business systems (ADAI)
1.9 Develop and/or acquire Quality Information
System (QIS)
1.11 Retire Obsolete Systems (ROS)
STRATEGIC OBJECTIVE 08: To improve IT
S8.1: Adopt and implement ICT best practices, standards
and governance policies
S8.2: Develop and implement an ICT policy
2018
1.4 Contact Centre Upgrade (CC)
1.13 Build Capacity In Procurement Contracting
And Vendor Management (BCPV)
S7.10: Exploit the ITSM Tool for enhanced management of
2017
1.3 Enterprise Resource Planning (ERP)
1.12 Institutionalize RCOE
with internal customers and service providers
2016
1.2 Integrated Customs Management
System (iCMS)
the following strategic objective:
This objective will be achieved by pursuing the following
2014/ 2015/ 2016/ 2017/
1.1 Integrated Tax Management System (iTax)
There is thus need to enhance IT governance by pursuing
governance by enhancing compliance with best
practice frameworks, standards, procedures and
governance policies
ICT A ‘ BUSINESS
ENABLER’
2015
1.10 Maintain Existing Information Systems
(MEIS)
strategies:
ICT services
(1.) To offer
integrated on-line
services and self
service to our
customers in
an efficient and
effective way
ICT A “GAME CHANGER’
4.8.2 Strategic Objective, Strategies
and Outcomes
management and support of ICT services
S7.9: Adopt, build capacity in, develop and implement SLA
procedures and governance policies
and top management
4.8 IT Governance
S7.1: Review the ICT organizational structure in the
strategies is:
Oc8.1: Enhanced compliance to best practices, standards,
for tax administrations
of ICT service delivery by embracing SLA
based best practice frameworks and recruiting,
developing and retaining quality ICT personnel.
following set of strategies:
30
S8.4: Increase the funding of ICT guided by the benchmark
The outcome of pursuing the above strategic objective and
Oc7.3: Enhanced staff motivation
Oc7.5: A holistic view of providing support and delivery of
In view of the foregoing, the Authority will pursue the
S8.3: Decentralize ICT support staff to business functions
1.14 Review and implement Application
Development/Acquisition Strategy (AAS)
1.15 Maintain the Java and open source standard
Enhance
availability,
continuity and
response times
of business
systems
(2.) To enhance
availability
of business
systems and
ensure continuity
of business
operations
2.1 Primary Data Centre/Alternate Data Centre
(PDC/ADC)
2.2 Upgrade and Maintain ICT Infrastructure (IU)
2.3 Implement Virtualization and Consolidate
Technologies (IVC)
2.4 Implement OS Standards (OS)
2.5 Implement Hardware Platform Standardization
(HS)
2.6 Implement Vendor Relationship Management
2.7 Manage technology /Infrastructure Capacity
and Life Cycle (ILC)
31
CORPORATE
ICT STRATEGIC
STRATEGY
OBJECTIVES
STRATEGIES/INITIATIVES
GOAL
Establishing
a Managed
Enterprise
Information
Infrastructure
2014/ 2015/ 2016/ 2017/
CORPORATE
ICT STRATEGIC
2015
STRATEGY
OBJECTIVES
2016
2017
2018
(3.) To improve
the quality of
information by
establishing
a managed
enterprise
information
infrastructure
3.1 Data Warehouse and Business Intelligence
3.2 Support implementation of an Integrated
Board Management Solution (iBS)
3.3 Enterprise Document Management System
(EDMS)
3.4 Enterprise Service Bus (ESB)
3.5 Service Oriented Architecture (SOA)
Enhancing
Integrity of ICT
Infrastructure,
Systems and
Information
by use of IT
System Based
Tax Risk
Profiling
3.7 Implement Tools to Quality Data to DW (DWT)
(4.) To improve
service delivery
and taxpayer
compliance
by enhancing
the leveraging
on existing
and emerging
technologies and
innovations.
(6.)To enhance
the integrity of
the Authority’s
ICT infrastructure,
systems and
information
by proactively
identifying and
mitigating ICT
risks through a
holistic approach
to cyber security.
2016
2017
2018
6.2 Tax Management System (TIMS)
6.3 Undertake an independent IS Audit (ISA)
6.4 Manage Infrastructure And System Access
(IMA)
6.5 Review and Enforce ICT and Information
Security Policies and Standards (ISS)
6.6 Implement Secure Access KRA data and
information (SAD)
6.7 Implement Single-Sign-On Capability (SSC)
3.9 Liaise with other government agencies to;
Implement Unique Universal Identifier for entities
(UUI)
6.8 Work towards formal ISO27001 security
certification for our ICT services (ISO27)
4.1 Institutionalize Business Enablement through
Technology (BET)
4.2 Mobile Applications (MA)
4.3 Socio-Media (SM)
4.4 Customer Relationship Management (CRM)
6.9 Integrate IS security to Enterprise Risk
Management framework (IERM)
Improving
Efficiency of
ICT Service
Delivery
4.5 Content Management System (CMS)
4.6 Virtual Desktop Infrastructure (VDI)
4.7 Geographical Information System (GIS)
4.10 Voice of IP (VOIP)
(7.) To improve
the efficiency
of ICT service
delivery by
embracing
SLA based
best practice
frameworks
and recruiting,
developing and
retaining quality
ICT personnel.
4.12 Multivendor system (MVS)
4.13 Benchmark Against Best Practices
Technologies In Other revenue Administrations
(ITIG)
5.2 Review and enforce ICT Project Management
Standards (PMS)
5.3 Review and enforce ICT Project Monitoring
and Evaluation in line with Best Practice
Implement Project (M&E)
5.4 Implement Knowledge Transfer Programmes
(KT)
5.5 Develop and implement a framework to
Manage Vendor and Partner Relationships (SLA)
7.3 Develop, enhance and build ICT skills
capacity (EBC)
7.4 Effectively deploy and Manage Human
Resources (EDS)
7.5 Review processes of ICT in Line With Service
Orientation (SO)
7.8 Adopt, build capacity to, develop and
implement SLA based service delivery support
framework, Implement (SLC)
4.15 Implement ICT innovations (INO)
5.1 Implement Project Portfolio Management
Strategy (PPM)
7.2 Recruit experienced staff with relevant skills in
line with best practice (REC)
7.7 Continue to use ITIL to frame the delivery,
management and support of ICT services
4.14 Leverage Emerging Technologies Standards
(ETS)
4.16 Develop and implement an Infrastructure
Architecture
7.1 Review the ICT organizational structure in
the spirit of getting ahead of the curve in order to
assure business value Review IT structure (STRU)
7.6 Implement framework contracts to ; Allow
Sourcing Of Specialized Skills On Need Basis
(OTS)
4.11 Video Conferencing (VC)
(5.) To enhance
value from
ICT project
investments by
institutionalizing
professionalism
in project
selection and
management
6.1 Intelligence Gathering System (IGS)
6.8 Develop policies and guidelines USB usage
and security (USBS).
4.9 Mobile Payment
32
2015
3.8 Support Knowledge Management System
(KMS)
4.8 Payment Gateway (PG)
Improving
Project
Portfolio
Management
2014/ 2015/ 2016/ 2017/
GOAL
3.6 Build a centralized Master Information/Data
Source (MDS)
Exploit
Technological
Advances
to improve
service delivery
(Make ICT
a ‘Game
Changer’)
STRATEGIES/INITIATIVES
7.9 Exploit ITSM Tool for enhanced management
of ICT services
Enhancing IT
Governance
(8.) To improve
IT governance
by enhancing
compliance with
best practice
frameworks,
standards,
procedures and
governance
policies
8.1 Improve IT Governance (ITG) by Enhancing
Compliance IT Best Practices, Standards, and
Governance Policies
8.2 Review and update Procedures
8.3 Adopt and implement ICT best practices,
standards and governance policies
8.4 Develop and implement an ICT policy,
Implement IT policy (ITP)
8.5 Decentralize ICT support staff to business
functions, (DITS)
8.6 Increase the funding of ICT
8.7 Improve Communication within ICT
33
5/
Strategy Implementation
5.1 Implementation Plan
5.1.4 Communication
of the Strategy
Most staff in KRA will be involved in implementing the ICT
An excellent strategy will deliver expected results if
its implementation is good. Various activities ought
to be done to ensure successful implementation of
this strategy.
5.1.1 Internal Consistency
Successful strategy implementation requires congruence
between the various internal dimensions of an organization.
Key among these are strategy, structure, systems, style
(leadership), staff (skills, number, attitudes) and shared
values. These need to be aligned to support the strategy
being implemented.
5.1.2 Annual Planning
The ICT Department should develop annual work plans,
derived from the four-year implementation matrix. They
detail what will be done during the relevant year. Timelines
are more specific (within the year) and more persons in the
department (below the head of department) are assigned
implementation responsibilities.
5.1.3 Budget
strategy. There is need to sensitize them on key highlights
of the strategy being implemented and what is expected
work plans should be completed in time to inform the
relevant annual budgets.
EXPECTED
RESULTS
PERFORMANCE SOURCES OF DATA
DATE
RESPONSIBILITY
INDICATOR
VERIFICATION COLLECTION COLLECTION
METHODS
FREQUENCY
ASSUMPTIONS
to staff.
5.2 Monitoring and
Evaluation
Monitoring and evaluation (M&E) helps those
involved in executing the ICT strategy to assess if
progress is being made in line with expectations in
the plan. Monitoring and evaluation of performance
shall be the responsibility of those who are closely
involved in the implementation of the strategy. In this
regard, the ICT Department Head and associated
stakeholders shall carry out quarterly self-assessment
of performance and provide proofs of compliance.
They will be expected to have the capacity to conduct
self-assessment of performance and will be given the
responsibility to undertake performance measurements
and reporting. In addition, the Strategy &
Modernization Division of ICT will assist the ICT
Head of Department and the stakeholders in the role
of monitoring and evaluation.
5.2.2 Monitoring Performance
Monitoring involves establishing indicators; setting up
systems to collect information relating to these indicators
as shown in the framework above; collecting and recording
the information; analyzing the information; and using the
information to inform day-to-day management. The key
The strategy will be implemented through performance
contracts by the ICT Department and its constituent units.
The ICT Department will monitor the implementation of
the strategy on a monthly basis while the corporate will
monitor the implementation of the strategy on a quarterly
and annual basis.
reasons for monitoring can be summarized as follows:
To
establish if performance targets have been met and
the explanations as necessary;
To
act as an early warning system and detect
potential difficulties and help to address them during
implementation; and
To
provide feedback to the next phase of
implementation, reduce the cost and/or increase the
efficiency of post evaluation studies.
5.2.3 Performance Evaluation
Performance evaluation shall be carried out quarterly
and annually in all the strategic initiatives. The agreed
performance indicators and targets at all levels will be
used for benchmarking of this evaluation. The outcome of
the annual evaluation will form a basis for the following
year’s plan.
5.3 List of Stakeholders Consulted
STAKEHOLDERS/ORGANIZATION
5.2.1 Setting Performance Targets
At the beginning of the year, all the concerned units will set
their performance targets in a schedule form, together with
set timelines as part of their annual work plans as derived
34
be used.
of them. This calls for communicating the strategic plan
It will be important to maintain a link between the annual
budget, annual work plan and the ICT strategy. Annual
from the second ICT strategy. In setting these targets, it is proposed that the performance framework in Table 5.1 below
1. ICT AUTHORITY (ICTA)
2. KENYA BANKERS ASSOCIATION (KBA)
3. CENTRAL BANK OF KENYA (CBK)
4. KENTRADE
5. COMMUNICATION AUTHORITY OF KENYA
6. TAXPAYERS ASSOCIATION OF KENYA
7. KENYA MARITIME AUTHORITY
8. KENYA PORTS AUTHORITY (KPA)
9. KENYA REVENUE AUTHORITY DEPARTMENTS HEADS
10. KENYA REVENUE AUTHORITY BUSINESS AUTOMATION OFFICES
11. KENYA REVENUE AUTHORITY ICT PROCESS MANAGERS
12. KRA BOARD OVERSIGHT COMMITTEE ON ICT AND PROCUREMENT SERVICES
13. LEAD CONSULTANT - PROF. TIMOTHY WAEMA
14. REVIEWER - DR. AGNES WAUSI
35
The Deputy
Commissioner, ICT
P. O. Box 48240 - 00100 Nairobi
Tel: +254 20 310900