Skip to the content

It is increasingly clear that excellence in digital government is critical to encourage investment, underpin growth, attract and retain talent and to build a resilient and secure future for our citizens.

This pursuit of excellence is not just an end; it is a means of ensuring we engage and serve our citizens and that we deliver services to them in the way that they need and that works best for them.

Technology is the key to unlocking efficient and effective service delivery from the Government to its citizens and shifting the mindset within government so that it is citizen and business centred. My Government’s digital transformation strategy sets out how we will deliver this.

The strategy and actions that will support it set out a clear path for digital transformation built on enhancing citizen and businessaccess to public services, streamlining government structures and improving processes. The ultimate aim of the strategy is to ensure easy access to government services for all.

At the start of the 9th Cabinet, one of my government’s main priorities was to grant the Department of Information Technology a strong mandate to lead and deliver on Kurdistan’s digital transformation. I remain deeply committed to the objectives of this strategy and will continue to prioritise its implementation.

I commend the work of the Department of Information Technology for their instrumental role in this strategy. All agencies of the Kurdistan Regional Government must work in unison to achieve whole-of-government digital transformation

Masrour Barzani
Prime Minister of the Kurdistan Regional Government of Iraq

Statement From The Department Of Information Technology

Throughout human history, technology and innovation have empowered nations to build better, stronger civilisations. The digital revolution is perhaps the most important event of the 21st century disrupting the status quo of every aspect of our lives as we know it.


Digital technologies can transform how governments interact with their citizens, the private sector and their international partners. 


In the modern world, citizens expect a seamless, end-to-end experience and readily accessible services. To achieve these aims, core government digital systems, data exchange layers and a nationwide digital identity management system must be implemented. For such a cross-governmental undertaking, a whole-of-government approach to public sector modernisation needs to be embraced. 


As I have said in the past, digitalisation is not an option; either we adapt now or be condemned to stagnation.


For the Kurdistan Regional Government, our Digital Transformation Strategy is the first step on the journey to delivering our ambitious vision; it is a blueprint into the future that requires a collective will from stakeholders across the KRG and investment from our international partners. It will also require a long-term public awareness campaign - to support and empower innovative tech startups, inform the public, and invest in early digital education. 


I am confident that the journey laid out through the pages of this strategy marks the emergence of a truly citizen-centric, transparent, efficient and modern government.


It will change Kurdistan in so many ways.


Hiwa Afandi
Head of Department of Information Technology

Table Of Abbreviations
API   Application Programming Interface
 CSA  Core Strategic Activity
Digital Adoption Index
DGI Digital Government index
DIT Department of Information Technology
DNS Domain Name System
GTMI GovTech Maturity Index
ID Identification
IT Information Technology
KRG Kurdistan Regional Government
OECD Organisation for Economic Cooperation and Development
OWASP Open Web Application Security Project
PMO Prime Minister’s Office
WCAG Web Content Accessibility Guidelines


Executive Summary

Digital transformation is one of the Kurdistan Regional Government’s (KRG) top priorities. The purpose of this paper is to set out and clearly communicate the aims and objectives of our digital transformation strategy. Our strategy has a single, overarching objective:


By 2025, the Kurdistan Regional Government will be a GovTech powerhouse - ranking as one of the top digital governments in the Middle East and Gulf.


This ranking will reflect the progress we make in utilising GovTech – the digitalisation of government services – to support core government systems, enhance service delivery and mainstream citizen engagement.The strategy will be supported by a planning and resourcing process that will build a blueprint for delivery to 2025 and will be centred around:


• an internal blueprint for building internal government digital capacity and capabilities across six Core Strategic Activities
• an external blueprint for prioritising and rolling out digital transformation projects across government as a whole

The document is organised into the following sections:

The introduction sets out the scope and ambition of the strategy, the context within which it has been developed and the best practice and expertise on which the recommendations have been based. It sets out an ambitious vision of the Kurdistan Regional Government as a GovTech powerhouse and one of the top digital governments in the Middle East and Gulf region by 2025. It finishes by explaining the authority vested in the Department of Information Technology to implement the strategy, it considers the policy and legal framework for the digital transformation strategy and the authorities and legal mandate on which its implementation will be based.

This section sets out how the Department of Information Technology will apply international best practice to lead the delivery of digital transformation across the Kurdistan Regional Government. It considers the GovTech policies and digital principles that will inform the implementation of the strategy. It explains how those policies and digital principles will be applied across the six Core Strategic Activities (CSAs) that underpin the delivery of this strategy. Taken together these policies and digital principles represent our agile development and continuous improvement model for delivery of our government’s digital services to citizens.

Our six Core Strategic Activities (CSAs) provide a framework for building the human and technical capabilities of the Department of Information Technology to enable the delivery of the strategy. Here we outline the actions and activities that will be taken for each. Our six CSAs are:


  1. Digital governance
  2. Digital architectur
  3. Human capital
  4. User centred design
  5. Security & data privacy
  6. Procurement


In all six CSAs the primary focus is to build GovTech capabilities, to support
GovTech enablers in the private sector and to build demand for GovTech
solutions within the Government and from citizens.

This section establishes a framework for prioritising external activities and projects that advance the digital transformation strategy. This framework will be used to develop the timebound and resourced blueprint for delivering this strategy.

Section 1 - Introduction


1.1 Overview

Digital transformation is one of the Kurdistan Regional Government’s top priorities and the Department of Information Technology is committed to advancing the digitalisation and GovTech agenda across government.

This strategy seeks to act on and operationalise the authority granted to the Department of Information Technology in the Prime Minister’s decree number 104 of 21 January 2020. This decree vested the Department of Information Technology with the headline authority to provide clear IT governance and leadership for all the projects of the Kurdistan Regional Government and its entities.

The strategy has been developed through extensive consultations held with stakeholders within the Government entities and with stakeholders who use Kurdistan Regional Government services.

The strategy is ambitious and reflects the excitement and opportunity that we see in the GovTech and digitalisation agenda. It reflects the commitment of our highly motivated staff to seize the opportunities to deliver the benefits and efficiencies of digital government to our citizens.

It also serves a practical and action orientated purpose. It provides guidance to government agencies on how to seek support for digitalisation projects from the Department of Information Technology and how projects will be prioritised and assessed by the Department of Information Technology prior to submission to the Prime Minister’s Office (PMO) Priority Unit for consideration under the PM’s Decree 104 of 21 Jan 2020.

The strategy provides details of the actions and activities that the Department of Information Technology will lead to build the human and systems capacity across six Core Strategic Activities (CSAs):

Digital Governance

Digital Architecture

Human Capital

User Centred Design

Security & Data Privacy


We have founded our strategy on international best practice including the models developed by digitally mature governments and the GovTech recommendations of the Organisation for Economic Cooperation and Development (OECD) and the World Bank.


The strategy has been prepared in the spirit of transparency and accountability. We welcome the scrutiny of interested stakeholders, and trust that this strategy provides a baseline against which the Kurdistan Regional Government’s digital transformation can be assessed.

1.2 - The Kurdistan Regional Government’s Vision for Digital Transformation


1.2.1 - Our ambition is boundless

Our vision is both ambitious and innovative: we’ve seen the massive strides that small countries can and have made in the Baltics and the Gulf. We’ve seen the transformative progress made in much larger countries – even those facing huge challenges in South Asia – with user centred design and single-entry points for all government business.


We’re determined to learn from and go beyond these advances to deliver transformative change for our citizens.


1.2.2 - Our vision for 2025

By 2025 the Kurdistan Regional Government will be a regional GovTech powerhouse and will rank as one of the top digital governments in the Middle East and Gulf region.

Our vision sees measurable progress for citizens and other key stakeholders so that by 2025:


  • Citizens and residents of the Kurdistan Region will have access to simpler, faster, connected, secure and transparent services that are tailored to their needs; specifically:

    Citizens of the Kurdistan Regional Government will be able to deal with government anywhere, anytime, on any device, for any service.

    Services will be easy to use, accessible and connected so that citizens of the Kurdistan Regional Government can do their government business from a single-entry point.

    Digital services will be designed for the user with a consistent look and feel.

    Citizens will be offered a personalised experience that is stable, secure, and reliable and ultimately anticipates the needs of every user.

  • Businesses and investors will enjoy improvements to the ease of doing business and investing, through the simplification, streamlining and digitalisation of government services relating to start up, registration, taxation etc. This will allow investors to maximise their opportunities and grow their operations and will allow the Kurdistan Regional Government to compete for investment in the industries and services that its citizens expect and rely on for employment, health, security and education.

  • Industry, not-for-profit and academia will have the opportunity to collaborate on policies, practices and innovation for their mutual benefit and to draw on appropriately curated and secure socio-economic data sets in the course of those collaborations.

  • Government will uplift the digital ecosystem to one of connected and interoperable platforms and services within the technology architecture. We will have world class Government Cloud Infrastructure, data centres, and intergovernmental networks. A culture of reuse will be backed by modern digital capabilities, delivering value for money through robust investment processes. Access to appropriately curated and secure socio-economic data sets and data sets that look at performance areas such as waiting times for health services, educational attainment and attendance at school, will provide insights that can be used in support of evidence-based policy making.

  • Public service: Our public services will be fit for purpose for the digital age, empowered by digital skills, capabilities and tools.

  • Investors, donors, multilateral agencies, and risk ratings agencies will recognise the maturity of the Kurdistan Regional Government’s digital government and GovTech offer.
1.3 – Mandate and mission

This section of the paper sets out the authority vested in the Department of Information Technology to lead and implement the digital transformation strategy.


It sets out and considers the policy framework for the digital transformation strategy and the authorities and legal mandate on which the implementation of the strategy will be based.


The section concludes with an outline of our mission as it relates to delivering this strategy in line with the Prime Minister’s Decree and the policies that support it.


1.3.1 - The legal mandate of the DIT

Our primary mandate is to transform the Kurdistan Regional Government to be citizen centric, utilising digital technologies with the aim of making the government more efficient, transparent and accountable.

We hold authority granted by the Prime Minister’s decree number 104 of 21 January 2020 to:


  • authorise and make decisions for all digital services offered or used by Kurdistan Regional Government entities;
  • identify, plan, execute and operate infrastructure projects to enable the Government to offer digital services, secure internal communication, data exchange and interoperability;
  • approve initiation and implementation of all the digital projects proposed by all entities of the Government;
  • supervise and coordinate dissemination of information related to all digital projects and the digital transformation of all the entities of the Government;
  • establish mandatory service standards for all digital services produced by any entity of the Government and remove any obstructions to the delivery of digital services;
  • support the Government’s entities to put in place the resources required to provide digital services.


1.3.2 - The policy mandate of the KRG

The Kurdistan Regional Government has determined that it will build broad political commitment to, and ownership of, the digital transformation strategy, by clearly articulating the policy objectives that will be used to drive it forward.


The policy objectives shaping the digital transformation strategy are as follows:


  • To ensure greater transparency, openness and inclusiveness of government processes and operations.
  • To encourage engagement and participation of public, private and civil society stakeholders in policy making and public service design and delivery.
  • To ensure coherent use of digital technologies across policy areas, levels of government and the delivery of public services.
  • To design new government structures, systems, programmes and initiatives so that they support and facilitate digital transformation.
  • To organise and build the structures and apparatus for digital capability around user needs.

Digital transformation will be holistic, value-driven and institutionalised across all levels of government and society.


1.3.3 - DIT’s mission

In taking this legal and policy platform, the Department of Information Technology’s mission has been defined as being to:


  • provide clear IT governance and leadership for the projects of the Government and all its entities;
  • exploit the advantages of being a late adopter to avoid inefficient, scattered, expensive and fragmented practices;
  • implement smart, affordable and secure technologies and procure and manage all infrastructure, data and applications;
  • ensure that Government data is open by default while protecting the people’s right to privacy, meaning that the data will be available securely and safely to the public and private sectors to spur innovation, stimulate incubation and ensure quality of service; and
  • use agile methods to respond rapidly to evolving and changing environments, implement high value projects quickly with minimal resources and improve control and flexibility while reducing risks.

We will thereby enable the Government to provide digital services and information to the people of the Kurdistan region of Iraq through modern age technologies anywhere, anytime, and on any device.

1.4 – Next steps

Following the release of this strategy we will, after consultations with key stakeholders, draw up a costed and timebound blueprint for its implementation. The blueprint will set out plans to:


  • build the internal capacity of Kurdistan Regional Government and private providers to underpin digital transformation; and
  • deliver the external priority programme of transformation across Kurdistan Regional Government agencies.
Section 2 – Our charter: the digital principles to guide implementation


This section of the paper provides an overview of the digital design principles that the Department of Information Technology will adopt in implementing the Kurdistan Regional Government’s GovTech agenda and guidance on the application of those principles.


The purpose of these digital design principles is to support and guide Kurdistan Regional Government agencies delivering digital transformation projects.


These digital design principles are pulled together into a charter of the standards and service levels we will follow in delivering digital transformation of Kurdistan Regional Government agencies.

2.1 - Digital design principles

In keeping with industry practice and drawing on US, Baltic, European and Gulf experiences, we have drawn key principles together into a ‘digital principles charter’ that is tailored to the Kurdistan Regional Government’s circumstances.


Our set of Digital Principles seeks to frame how we will drive the digital transformation of government: delivered through an agile development and continuous improvement model that builds best practices into all elements of design, procurement, build and management. The digital principles charter also outlines how we will support other agencies to apply this model.


This approach is practical, and action orientated. It sets out the standards and operating norms we will apply that are pursuant to PM Decree 104. It is focused on getting things right from the start of every project and driving consistent application of best practice and policies in everything that the Department of Information Technology and our partners do.


In the following section we set out how we will apply the digital principles that we will use to drive reforms and transform how we build, procure and manage digital services across the whole of the Kurdistan Regional Government.


Digital Principles

We will commit to understand what users need from our service or the service of our partner agency, whether they are internal users or citizens, residents, visitors or businesses. We will build services across organisational boundaries that are consistent and are intuitive to use. Interoperability is a key cross-cutting and unifying theme of the Kurdistan Regional Government’s digital agenda.

Our checklist for this digital principle is to:

  • talk to all stakeholders as part of the design and development process;
  • create a process map to understand how the service works on a technical level;

  • talk to the users of a service as part of the design and development process;

  • create a journey map to understand how users experience the service;

  • use prototypes and test prototypes with users;

  • make interfaces, processes and language simple and intuitive;

  • work towards Open Web Application Security Project Standards (OWASP), Web Content Accessibility Guidelines (WCAG) and latest standards;

  • build services so everyone can access them regardless of ability or skill; and

  • build services that are consistent to create trust with users.

When leading projects or supporting partner agencies we will build services that protect sensitive data and ensure users’ privacy. We will invest in security by design and develop and iterate our processes to ensure that our services always remain secure. When working to deliver projects or to guide and direct the delivery of partner projects we will monitor and test for vulnerabilities at each layer of the technology stack.

Our checklist for this digital principle is to:


  • ensure design specifications consider the latest OWASP and WCAG standards;
  • assess security risks at every stage of development;

  • assess and document data protection measures;

  • use data minimisation wherever possible;

  • use proportional security;

  • monitor, manage and mitigate security vulnerabilities whenever they arise;

  • follow incident management processes;

  • enable multi-factor authentication by default;

  • implement access controls and review them regularly; and

  • review and update risk registers regularly.

We will use our capacity wisely by using widely available technology and frameworks. When leading or supporting the delivery of partners our advice will be consistent: to scale effectively with cost efficiency in mind and to avoid vendor lock-in and unsupported frameworks, libraries or languages.

Our checklist for this digital principle is to:


  • always check the market for existing solutions;
  • use agile practices to deliver and iterate services;

  • use proven technologies;

  • use proven database structures;

  • use modern development practices and tools, for example code reviews and automated testing;

  • perform deployments automatically with deployment scripts, continuous delivery services, or similar techniques;

  • use separate development and production environments;

  • develop deployment strategies;

  • document code decisions; and

  • ensure high availability by default.

Where possible we will use supported and up-to-date open-source repositories and standards. Where there are specific requirements to use closed source or licenced source technology, we will assess the cost versus security and maintenance benefits. We will document our code in a central repository with relevant permissions and controls.

Our checklist for this digital principle is to:


  • use JSON API specifications;
  • use approved and regularly updated frameworks and languages;

  • use approved and regularly updated libraries and code;

  • use the shared repository for storing code;

  • use common data sets for core datasets, such as countries;

  • use specified standards for core data elements, such as date and time;

  • procure genuine licences to apply to technologies used in production environments.

We will ensure that our resources are used to maximum efficiency. We will build and iterate services and systems in ways that minimise the requirements for hosting and resource allocation.

Our checklist for this digital principle is to:


  • code as efficiently as possible, avoiding algorithmic bottlenecks;
  • refactor code and avoid code redundancy;

  • avoid high requirements for processing or computing power;

  • monitor system-level resource utilisation in real time;

  • monitor system performance in real time (including response times, latency, throughput, and error rates);

  • understand the load of each service and test loads before deployment; and

  • use caching wherever possible.

We will use data to understand how services perform and to iterate and improve them. We will use data from the source and automate wherever possible to improve the service for users and delivery.

Our checklist for this digital principle is to:


  • use approved logging and monitoring tools;
  • define key metrics when developing each service;

  • understand how services are performing for users;

  • integrate data from the source using APIs wherever possible;

  • automate data pipelines wherever possible; and

  • integrate government analytics.

We will solve each problem once. We will reuse components, data integrations and systems wherever possible. When we adopt a common component, we will ensure that it meets technical standards and users’ needs.

Our checklist for this digital principle is to:


  • ensure interoperability throughout the digital estate;
  • use the government digital ID when authenticating users;

  • use the government design patterns when building services;

  • use the government data centre to host services;

  • use agreed logging and performance metrics and tools;

  • build containerised services;

  • apply for DNS delegation early using the correct process; and

  • plan for business continuity and disaster recovery.

We will collaborate with users and stakeholders in a transparent way, building trust in government and government services. We will ensure there is relevant capability and senior buy-in when developing and iterating services. We will train the administrators of services and support users of services.

Our checklist for this digital principle is to:


  • understand the context of existing services (such as contracts and infrastructure);
  • put relevant capacity and capability into place;

  • obtain senior buy-in at the start of each project;

  • engage with users in a transparent way and provide regular updates when building each service;

  • agree service designs and how services operate before implementation;

  • train the administrators of services and provide guidance;

  • agree support strategies for internal and external users;

  • be transparent about how each service works and what people need to access it; and

  • publish metrics on service performance for internal and external users.

Section 3 – Building capacity for delivery


This section builds on the principles that will underpin the digital transformation of the Kurdistan Regional Government by setting out the actions and activities that will be undertaken to build the capacity within Government to deliver this strategy.

Successful delivery will be built across measurable improvements in three broad areas.


  • Citizens: improvements in services to citizens

  • Government: improvements in Kurdistan Regional Government capacity

  • Technology: improvements in digital infrastructure


To deliver these improvements we will develop a strategy implementation blueprint to address and measure capability and capacity improvements across six Core Strategic Activities (CSAs).


These CSAs encompass the cross-cutting issues that are common acrossprojects, agencies and the government as a whole. All six CSAs need to be addressed simultaneously and in a coordinated way to ensure a balanced roll out of the strategy across government. Coordination of the work across all six CSA’s will be captured in the Department of Information Technology’s blueprint for implementation.


Each of the six CSA’s is built from a number of tasks. The Department of Information Technology will seek continuous improvement in these tasks, first developing a baseline and then measuring performance improvements over time. Progress in building capability and capacity across each CSA will be developed iteratively throughout the lifetime of the strategy. The details on each CSA and the tasks can be found on the following pages.

3.1 - Strengthening digital governance

We will implement and enforce our mandate to build a digital government in stages as it improves capacity and capability to effectively govern the digital estate in the Kurdistan Region of Iraq. This will provide oversight and mechanisms to manage digital government spending and standards to ensure that the objective of digital government is achieved:

Clarify the decision-making process and financial authority of the Department of Information Technology to lead digital transformation across government and particularly in relation to major spending departments of the Kurdistan Regional Government;

Consider the Department of Information Technology’s reporting requirements and how it reports progress and is held to account within government and publicly for progress towards digitalisation;

Identify process changes and additional capabilities required to improve and enforce governance;

Identify and measure benefits and savings from improved governance;

Create guidance and processes to support cross-government stakeholders to adhere to the digital governance regime and follow the standards and principles on which it is based;

Monitor and enforce governance mechanisms;

Continue to improve governance over all areas of the digital government mandate;

Continue to iterate improvements to guidance and processes through engagement with stakeholders; and

Continue to measure savings and benefits of digitalisation as a means of generating momentum and with a view to capture data and insights to move up international GovTech rankings.

3.2 - Building digital architecture

The infrastructure for hardware, software, networks and tools will evolve iteratively to provide agility, resiliency, security, privacy, interoperability, maintainability and reduce dependencies.

A target digital architecture will be developed with a phased development path. The priority will be to improve resilience of the current architecture. Improvements to increase strategic capability and capacity willfollow.

Map current and define target architectures for hardware, software, networks, data and tools and plan a migration path;

Define approved technologies;

Define data centre hosting requirements;

Define future capability and capacity needs; and

Identify threats and vulnerabilities.

Develop service standards;


Develop web accessibility standards;

Implement architecture improvements to hardware, software, networks and tools;

Improve resilience, business continuity and disaster recovery;

Develop and test resilience procedures; and

Improve strategic capability, capacity and resilience.

3.3 - Building human capital

We will develop our internal digital capacity through recruiting human capital and developing digital talents as quickly as possible. Training and improving awareness across government will be a priority, as will headhunting external talent.

We will focus on building pipelines of talent for the Department of Information Technology from universities, private sector suppliers and the diaspora. We will support educators to develop their capabilities and capacities to educate and train digital professionals that are tailored to meet the Kurdistan Regional Government’s needs. We will inspire and support universities to focus on developing relevant digital skills and collaborate with the private sector to develop and exchange digital talent.

Forecast Department of Information Technology capacity needs in light of the digitalisation strategy and pursuant to the PM’s Decree 104;

Consider strengthening the outreach and advocacy functions of the Department of Information Technology to allow effective championing of digital skills and careers and to allow full engagement with universities etc.; and

Secure core or project-based investment for human capital.

Continue to build internal capacity;

Sell vision of the Department of Information Technology as the exciting innovative digital employer of choice;

Develop and document digital and technology career paths;

Pilot standards and ways of working to collaborate with high performing suppliers;

Build and expand diverse employment capabilities and opportunities;Attract returning diaspora with GovTech skills and experience;

Invest in and secure senior leadership through headhunting and training;

Encourage portfolio-based careers and encourage cross public and private sector dialogues and collaboration; and

Grow our base of Kurdish suppliers.

3.4 - Building capacity for user centred design

We will follow an agile user-driven approach to digital government that will enable citizens and businesses to indicate and communicate their own needs and, thereby, drive the design of government policies and public services.

In the Blueprint Phase our focus will be to elaborate and determine how, where and when citizens should expect digital services and the changes and gains for citizen-customers to 2025 and beyond.

During the Delivery Phase, the digital design focus will move from the digitalisation and re-engineering of processes to the improvement of user experiences.

Elaborate and determine how citizens should expect digital service and the changes and gains for citizens to 2025 and beyond;

Elaborate and determine where citizens should expect digital service and the changes and gains for citizens to 2025 and beyond; and

Elaborate and determine when citizens should expect digital service and the changes and gains for citizens to 2025 and beyond.


Build user journey maps as well as process maps;

Refocus business analysis onto users as well as processes;

Improve accessibility for diverse user populations and create user personas and define their needs;

Document design conventions and build a digital design process;

Incorporate user design principles into the digital design process;

Test and demonstrate prototypes and ideas with users;

Build user interface and user experience design roles;

Build a design system for government users and citizen services; and

Build data pipelines to capture quantitative data about services, install analytics and establish metrics.

3.5 - Building security and data privacy

The Kurdistan Regional Government will build a coherent and comprehensive model of data governance to deliver better policies and services and be efficient, transparent and trustworthy. The Department of Information Technology will develop its own data privacy standards and processes before pioneering deployment across government and alongside championing data privacy legislation.

Review current data protection processes and compare to international best practice; and

Chart the steps required to deliver world class data privacy across all elements of GovTech by 2025.

Develop and implement customised data privacy processes and standards for the Department of Information Technology;

Establish data protection mechanisms including impact assessments and data retention periods;

Establish information management processes;

Develop and implement digital data privacy processes and standards across government; and

Propose and champion data protection legislation based on processes and standards developed.

3.6 - Strengthening procurement

Procurement will be used progressively to develop the capacity of the Department of Information Technology and key ministries. This will be followed during the delivery phase by efforts to develop the capacity of local digital suppliers to support the Kurdistan Regional Government and contribute to development of the digital economy in the Kurdistan Region of Iraq.

We will support suppliers in the Kurdistan Region of Iraq to develop their capabilities and capacities to provide services that are tailored to meet our needs. We will change procurement rules and practices to enable procurement of software as a service and encourage the use of agile development processes to deliver digital transformation.

Define procurement principles;

Identify preferred procurement methods;

Identify how procurement contractors, delivery services and products, and commodity services can increase the Department of Information Technology capacity;

Identify procurement issues, constraints and opportunities;

Define procurement processes; and

Align procurement with standards, playbooks and common components.


Engage with existing suppliers to understand needs, constraints and opportunities;

Incentivise suppliers to build diverse workforces;

Engage more widely with the private sector to understand needs, constraints and opportunities;

Explore possible need to host some private sector activities; and

Build private sector digital development strategy.

Section 4 – Moving Forward and Prioritising Work


Governments are responsible for hundreds of citizen services. Digitalisation of all services requires significant resources and takes time. Having too many competing priorities or adopting a scattered approach is a top barrier to digital transformation globally, therefore, a well-thought-out prioritisation mechanism is a key component of any successful digital transformation strategy.


The section explains:

  1. Kurdistan Regional Government’s decision-making criteria for evaluating digital priorities.

  2. How the Department of Information Technology will work with the Prime Minister’s Office to evaluate projects and build a balanced portfolio.

  3. How the Department of Information Technology will work with government agencies to develop the proposals and business cases for their projects and then how the Department of Information Technology will support each step of the process.

4.1 - Decision making methodology

We recognise that effective digital transformation is stakeholder led. Initial work to digitalise core central government services will require extensive engagement with government departments and agencies. The Prime Minister’s Office and Department of Information Technology, as the lead digital transformation agencies, will adopt a clear prioritisation methodology for that engagement and how it will be used to identify initiatives for digital transformation.


Our prioritisation is based on a decision-making process in which four key aspects of proposed digital projects are evaluated. This process, set out as a decision tree, provides a structure for dialogue between the stakeholders to test and prioritise proposals and aims to help focused decision making that will deliver impact.


The key criteria are:

Identifying digital enablers such as core digital systems, infrastructure, cybersecurity, digital identity and payments. It will consider both the alignment of the proposal with national priorities alongside the capability of the current ecosystem, and the existing plans to ensure a strong fit.

Identifying projects that will deliver the greatest economic and societal benefit to the citizens. It validates and quantifies the impact of the project against appropriate socio-economic indicators.

Identifying projects that for several reasons, have a high potential to be successfully implemented. It will look at the risks associated with the proposal, considering the technical, financial and operational constraints that could drive impact.

It will look at the likelihood of the proposal generating impact beyond the identified stakeholders. Projects that create the foundations for further development that can ‘disrupt’ other services in the future by creating the foundations for transformation will be prioritised.


Each of the four criteria will be based on a robust quantifiable methodology that will be developed to ensure effective evidence-based assessment.

Projects and initiatives that qualify as a “Primary Focus” will be incorporated into a blueprint for delivery. The Department of Information Technology will draw up and maintain a blueprint for the delivery of the externally focused elements of the strategy and will be a living document.  


All projects and initiatives will be grouped into three strategic workstreams:


  • Citizens: improving citizen services

  • Government: improving Kurdistan Regional Government capabilities and skills of public servants and private providers of digital technology

  • Technology: improving the digital infrastructure


These three workstreams have been chosen to ensure that there is an appropriate balance of digital resourcing across the three vital components of an effective digital transformation strategy.

This blueprint will initially be driven by the established central demand for the Department of Information Technology’s services and core digital transformation. The GovTech and digitalisation agenda across government and its agencies will then feed and shape this blueprint over the life of this strategy. This demand will be established following the dissemination of this policy within government and the application of our methodology for the prioritisation of projects and initiatives.

The initial blueprint will be prepared for approval during the Autumn of 2022.


4.2 - Our services and how we work with government partners

Working beyond the initial blueprint the Department of Information Technology and Prime Minister’s Office Priority Unit will seek to work with government partners to inform and shape the blueprint using the following stepped approach. 


Agencies approach the Department of Information Technology and Prime Minister’s Office Priority Unit with an initiative or proposed project.

Prioritisation exercise is run by the Department of Information Technology and Prime Minister’s Office Priority Unit to assess the proposal across strategic fit, socio-economic impact, likelihood of success and multiplier effect potential.

Where ‘Primary Focus’ projects are identified and given a green light the next step will be to prepare a project proposal. The Department of Information Technology and the proposer will work together to define the project and assess its impact and ease of implementation.

Projects will then be prioritised and scheduled into the Department of Information Technology blueprint based on the proposal documentation taking into account the impact and difficulties compared to other projects and the time needed to develop capabilities, reduce difficulties and manage dependencies and risks.

The Department of Information Technology and the proposer will work together to prepare a business case. The business case will set out a detailed scope for the project, plan how to deliver impact and manage difficulties and identify the budget and other resources. The business case will be authorised by the Department of Information Technology, the proposer, and the owners of budgets and other resources.

The Department of Information Technology will prepare project documentation starting with a project plan. Documentation will be accepted by the project owner and used to manage all aspects of project progress using an agile approach. The direction and success of the project will be assured by close collaboration between all stakeholders throughout the project using a user centric approach.

End Note and Acknowledgements

Ownership and responsibility for this strategy rests solely with the Kurdistan Regional Government – Iraq.

The strategy has been prepared under the auspices of the Department of Information Technology (DIT) in coordination with the Prime Minister’s Office and in consultation with other relevant departments and stakeholders.

The DIT would like to acknowledge the support and advice that the UK Foreign, Commonwealth & Development Office has provided in the development of this strategy.

This support forms part of the UK funded Technical Assistance Facility For Iraq (TAFFI) and has been provided through Adam Smith International and Skotkonung Ltd.