Final | November 2018 | v2.0.0 | OFFICIAL - Public | QGCDG (ICT Strategic Sourcing)
For emergency procurement of ICT products and services during the COVID-19 pandemic a Queensland Government Short Form Contract is now available.
Customers must refer to the accompanying Guidance Notes for information regarding when to use this contract.
This guideline provides information and advice for Queensland Government departments to consider when implementing the policy requirements of the Procurement and disposal of ICT products and services (IS13) policy. These guidelines do not form the mandatory component of the policy and are for information only. While some information communicates other mandatory obligations which may be relevant in the context of the policy (e.g. legislation), departments are strongly recommended to further investigate these obligations in light of their own business requirements and seek legal/expert advice where necessary.
This document is primarily intended for departmental staff working in the areas of procurement, general ICT and project management.
The policy applies to all Queensland Government departments and other Queensland Government entities which are in scope for applicability of the Queensland Government Enterprise Architecture (QGEA).
This implementation guide supports the Procurement and disposal of ICT products and services policy (IS13).
Departments are increasingly dependent on ICT for many aspects of service delivery. This reliance on ICT is reflected in the magnitude of government expenditure on ICT products and services and their procurement.
The Government also recognises the need for a strong and vibrant ICT industry within Queensland and acknowledges the impact that ICT may have on the environment at the end of its effective lifecycle.
With this in mind, departmental ICT resources will be:
- procured as part of a planned strategy and managed environment
- managed in an effective, sustainable manner that maximises value for money and manages any security risk in a manner that is acceptable to the department
- aligned with the Queensland Government’s ICT-as-a-service-policy which advocates strategically sourcing ICT as-a-service as the primary option while divesting existing assets
- sourced, especially commoditised services, from private providers in a competitive market where this is feasible and represents value for money
- aligned with the Office of the Chief Advisor – Procurement (OCA-P), Department of Housing and Public Work’s (DHPW) Category Management Framework
- sourced from the local ICT industry whenever possible without prejudicing product quality and competitiveness, while meeting the department’s requirements under Australia’s free trade agreements and the Local Benefits Test
- recycled or disposed of in an accountable, cost effective and environmentally friendly manner that manages any security risk in a manner that is acceptable to the department
- Information Security Policy (IS18:2018) states departments must implement an ISMS based on ISO 27001 as per policy requirement 1. ISO 27001 states an ISMS will govern the control of secure disposal or re-use of equipment.
Conduct forward procurement planning
To ensure the effectiveness of the ICT resource planning process, each department should ensure the following:
- the departmental ICT resources strategic plan must comply with all legislative, policy, human resource administrative and regulatory obligations as outlined in the ICT resources strategic planning (IS2) policy
- when developing the departmental strategic procurement plan, departments will use their best endeavours to do business with ethical and socially responsible suppliers and will seek to influence the supply chain in this regard for its ICT resources. This may include considering the sustainability credentials of suppliers, to ensure they are ethically and socially responsible
- under Principle 6 of the Queensland Procurement Policy (QPP) Queensland Government procurement planning will be integrated at all levels, including category strategies, deal procurement plans, significant procurement plans and other relevant plans and strategies to drive accountability and delivery of best procurement outcomes
- strategic planning lead times should be sufficient to ensure that:
- the ICT industry is given forward notice of the department’s significant ICT resource requirements
- significant procurement plans can be prepared for all high value or high-risk ICT resource requirements before the procurement process
- ICT investment reviews are undertaken for any ICT procurement activity that falls within the review scope.
Legislative and policy framework
Queensland Government departments are required to undertake ICT strategic planning as set out in the mandatory requirements of the ICT resources strategic planning (IS2) policy.
Additionally, Principle 6 of the QPP requires departmental procurement planning, at both the departmental level and for the individual significant procurements, to take account of the QPP. Where appropriate departments should prepare significant procurement plans for any goods, services and capital projects that it identifies as being high expenditure or for which there is a high degree of business risk.
Alignment of planning
Well-aligned strategic procurement planning processes ensure that, with the exception of emergent needs, all high value or high-risk ICT procurement activities are identified, planned and implemented using the most effective procurement approach. Additional information on the nature of high value, high risk procurement is available from OCA–P.
For further information on planning, refer to the ICT resources strategic planning (IS2) policy.
As part of the strategic planning process, departments should consider human resource issues relating to succession planning. Strategic planning should have specific regard for ensuring the development of appropriate documentation for relevant ICT products and services to avoid the high risk of reliance on individuals for the operation of the ICT products or services. Refer to the ICT resources strategic planning (IS2) policy with regard to the ICT planning process generally.
Economic, environmental and social procurement objectives
Under Principle 2 of the QPP, departments are required to use procurement to advance the government’s economic, environmental and social objectives and support the long-term well-being of our community; specifically, we:
- do business with ethical and socially responsible suppliers
- consider government’s objectives from a whole-of-government and category perspective, prioritising these for application in our procurement decision making
- comply with the Commonwealth Disability Discrimination Act 1992 since its latest compilation in April 2018.
Additional information is available from the Social Procurement Guide and more detailed ways to include social benefits when buying for government can be found at Social Procurement.
Potential future procurements
Under Principle 1 of the QPP, departments are required to use the Queensland Government QTenders website to publish notices of potential future procurements, where the department has determined this will be of benefit to either the department or supply market. These measures help industry to better plan for future tender opportunities and have the right staff available to participate in the tender when the opportunity arises.
Significant procurement planning
Under Principle 6 of the QPP, departments are encouraged to prepare significant procurement plans for products and services that the department has identified as being high expenditure and/or having a high degree of business risk (these plans combine supply market analysis and a department’s demand requirements to inform the best approach to procuring the relevant goods or services).
Supply market analysis enables the department to get to know and understand how the market works, the direction in which it is heading, the key suppliers and the value they place on the department as a customer.
Further details of ICT procurement, planning, risk management and market analysis can be found in the Procurement guidelines which include:
The Queensland Government ICT Investment Review process supplements department ICT governance arrangements with independent reviews at set points within the initiative lifecycle. ICT Investment Review replaced the Peer Review process and:
- streamlines and integrates governance arrangements
- reviews and aligns ICT investments to support government strategic direction
- ensures appropriate assurance is being applied
- reduces the causes of project failure and delivers improved ICT outcomes through the application of independent gated reviews and segmented funding.
ICT Investment Review ensures appropriate assurance is being applied and strategic and policy alignment occurs. Additionally, the process supports increased visibility of the initiative outcomes, input requirements and potential multi-department synergies.
Departments are required to perform an assessment of initiatives against a set of pre-defined criteria. The extent of the additional governance required by the Investment Review will be determined based upon the identified levels of business criticality and risk.
Further details on the ICT Investment Review can be found on the QGCIO website (Queensland Government employees only), alternatively email ICTinvestmentreview@qgcio.qld.gov.au for information on the investment review process and the associated forms required for submission.
Conduct effective procurement process
At a minimum, departments should ensure the following:
- end user, ICT professional and procurement professional expertise should be accessed during the planning and implementation phases of the procurement process for all high value or high business risk products and services
- procurement professionals involved in ICT Procurement should be trained in the use of the Queensland Information Technology Contracting (QITC) framework to a level commensurate with the value and business risk of the procurement activity
- non-procurement professional staff involved in ICT procurement should receive fundamental training in procurement policy and procedures commensurate with the value and business risk of the procurement activity
- a value risk approach to the procurement of ICT products and services is adopted using the contract type decision tool in addition to other tools, such as the procurement Value Risk Assessment tool for category, sourcing and contract management activities.
Additional information is available at www.qld.gov.au/supplyICT.
ICT program and project assurance framework
The Queensland Government endorsed the Program and project assurance policy and framework as the new minimum standards for project initiation, evaluation, procurement and assurance across the Queensland public sector. Departments should ensure that the project management approaches identified in the Program and project assurance policy underpin the procurement processes.
Department procurement procedures are department specific procedures, which set out how procurement activities are to be conducted in compliance with the QPP , Queensland Indigenous Procurement Policy (QIPP) and other legislation, policy and agreements, including but not limited to:
Further detailed information concerning ICT procurement processes can be found at ICT procurement.
The Queensland Government has established the QITC as the cornerstone of government procurement for ICT products and services.
For further detailed information concerning procurement best practice process, tools and templates, refer to the Queensland Government Procurement website.
Departments are reminded that:
- the QITC framework is the basis for all contracts established for the procurement of ICT products and/or services
- they must use the DHPW General Contract Conditions template for the engagement of ICT contingent labour services, i.e. contractors, as this has been adopted in alignment with other contingent labour categories. Therefore, QITC should not be used for this type of procurement
- suppliers of ICT products and services are required to show their willingness to contract under the standard general and/or comprehensive contract types under the QITC framework
- ICT procurement procedures and processes must be consistent with, and reference QITC and must be readily available to all staff involved in the procurement and/or purchase of ICT products and services.
The QITC framework is managed by ICT Strategic Sourcing within DHPW and further information is available at QITC
To be effective, procurement professionals involved in the procurement of ICT products and services should be trained in the use of the QITC framework to ensure that it is appropriately deployed by departments at all stages of the procurement activity, not just during contract formation.
Departments should also ensure that any non-procurement professional staff involved in the procurement process or purchase are familiar with their departmental procurement procedures. This is to ensure that operational staff comply with and defer to best practice procurement.
Departments should ensure that a level of procurement skill is maintained that is commensurate with the size and complexity of their ICT profile. DHPW’s Skills2Procure training program provides access to both formal courses through the traditional Procurement Certification Program, and practical learning and development opportunities delivered through a new Critical Skills Boost Program for procurement.
Further information can also be sourced through the Procurement guidelines issued by DHPW.
Queensland Government QTenders
To streamline the procurement of ICT products and services by reducing the time and costs involved, a range of facilities for electronic procurement have been developed to support departmental procurement.
The Queensland Government QTenders website includes a web-based electronic tender system that allows departments to publish forward notices of upcoming tender opportunities, release invitations to offer and to receive tender responses from prospective suppliers.
The QPP requires departments to publish basic details for awarded contracts over $10,000 and additional contract details for contracts awarded of $10 million and over, in accordance with the Contract Disclosure Guidelines issued by the Director-General, DHPW. Procurement method is only required to be disclosed for contracts of $500,000 and over. While all DHPW’s resources and templates default to ‘inclusive’ and ‘exclusive’ of GST pricing, departments may wish to determine a specific position on this GST issue on a case-by-case basis.
Departments can publish awarded contract details on both QTenders and the Queensland Contracts Directory (QCD).
Queensland Contracts Directory
DHPW manages theQueensland Contracts Directory (QCD).
Departments should review the QCD (Queensland Government employees only) to ensure that, wherever possible, they use appropriate aggregated supply arrangements across departments or at the whole-of-government level.
Principle 1 of the QPP requires all departments to ensure the QCD is maintained and up to date, departments should complete details of contracts and arrangements as required by the site. This will allow departments to:
- have a reference tool that can be used to consider opportunities for cost reduction
- aggregate expenditure by establishing and using lead department or whole-of-government arrangements
- avoid unnecessary tendering activities by using existing arrangements and contracts
- use the learnings gained through the establishment and management of existing supply arrangements when developing new contracts or arrangements for similar products and services
- all Queensland Government employees have access to the full version of the QCD, the public has restricted access to the Queensland Contracts Directory.
Principle 6 of the QPP encourages the consideration of government objectives from a whole-of-government and category perspective.
This has been strengthened by OCA–P’s establishment of a Category Management Framework based on six mega-categories of government expenditure, one of which is ICT.
Category management involves understanding expenditure in a specific buying category with the intent of ensuring:
- business needs are optimised (holistically)
- markets are analysed and understood
- the risk in the procurement are identified and mitigated
- identification of how to best leverage value for money and commercial outcomes
- suppliers are actively managed to deliver ongoing value for money outcomes.
Within the ICT mega category there are 4 key categories of expenditure:
- ICT services
These categories can be further broken down into sub categories and it is at this level that departments who have notable expertise and a significant procurement capability in a specific sub category will be encouraged to be the sub category lead for whole of government. An example would be the Department of Education being the Hardware sub category lead for personal computers.
For more information on the Category Management Framework, contact email@example.com
Queensland Government Enterprise Architecture (QGEA) policy
These standards cover a range of subjects relevant to the development of tender specifications through to the development and implementation of ICT systems and databases. Current QGEA policy and information standards can be viewed on the QGCIO website.
Relevant policies and information standards include:
ICT industry development
Departments should consider the following when planning or conducting ICT procurement activities:
- existing procurement obligations regarding other legislation, policy and agreements at a national and international level are met, refer to clause 4.2 of this guideline
- forward procurement notice is given to industry through placement of notices on the QTenders and via Partners in Technology briefings as coordinated by DHPW
- ICT procurement is consistent with and meets the requirements of the ICT SME participation scheme policy and standard
- the QGCIO ICT Investment Review process (Queensland Government Employees only) to provide briefings on departmental ICT issues and initiatives requiring consideration by DG Council or the Cabinet Budget Review Committee (CBRC)
- departmental procedures include content informing staff involved in the purchase of ICT resources of the advantages of:
- early market engagement
- consultation with mega category/category managers within ICT Strategic Sourcing at DHPW.
ICT SME participation scheme policy
This policy ensures that departments adopt a consistent procurement process to ensure effective engagement with the ICT industry and specifically with small to medium sized enterprises (SMEs).
SMEs contribute significantly to the Queensland economy, and the Queensland Government is committed the assisting SMEs to access and win government business for the supply of ICT products and services.
Additional information on specific aspects of the scheme, are outlined in the ICT SME participation scheme policy and associated standard.
Early market engagement
The Industry Engagement team within DHPW ICT Strategic Sourcing was established to develop better relationships between departments and the ICT industry and to provide support and advice to departments undertaking significant ICT resource initiatives. Additional information is available at the DHPW website.
Early market engagement is a strategic and collaborative approach for Queensland government departments to gather valuable intelligence in relation to the high level aims of large scale and high investment programs. The Queensland Government can benefit from suppliers’ knowledge of markets and trends and understand the capability and capacity of suppliers before developing their procurement strategy and requirements.
From the Queensland Government’s perspective, early engagement with ICT suppliers is an important step in the program process. Early engagement, within the bounds of probity, ensures that the buyer makes a fully informed decision so that the right supplier is chosen to provide the right service while maximising buying power and minimising risk. Departments should consider the value of the engagement relative to the availability of resources to conduct the engagement process.
DHPW’s ICT Strategic Sourcing unit has prepared the Better Practice Guide for Early Market Engagement with the ICT industry
Principles of engagement
Departments should be aware that the Australian Government has developed the Government and Industry Principles of Engagement on ICT which outlines expected standards and behaviours. The Queensland Government supports the principles and is helping to promote them in the state.
The market sounding approach develops market awareness to the stage where specific potential providers are ‘sounded out’ to determine their views of potential solutions. Departments may face the need for market sounding at a program level to assess the reaction of the market to a proposed requirement and procurement approach. It is important not to enter into any agreements with suppliers at either the early market engagement or the market sounding phases. Staff need to be aware of any implied meaning in verbal statements made by them or offered by suppliers.
Additional information is also available in the revised procurement guidelines on Supply market analysis, which are available on the Housing and Public Works website.
ICT product lifecycle and services management
When disposing of ICT products and services, departments should consider the following:
- maintenance contracts, warranties, service level arrangements and disposal processes must be consistent with departmental and whole-of-government ICT procurement policies, strategies and directions and meet specific departmental requirements
- disposal cannot be conducted without approval from the accountable officer or delegated personnel
- disposal should be supervised and certified upon completion by a person delegated by the accountable officer
- an ISMS (under Information security policy (IS18:2018)) should provide governance for disposing an ICT asset in line with ISO 27001
- disposal of data should be in accordance with the Records governance policy under policy requirement 6
- a variety of disposal strategies should be provided to meet differing circumstances, based on the relative value of the ICT resource and the efficiency and cost-effectiveness of the disposal process. For example, recycling within the department or across government, trade-in, and donation to community or non-profit organisations or by sale to the public through tender or auction
- due consideration is given to applying recycling strategy and adopting environmentally sensitive disposal practices to minimise the impact of ICT assets and resources
- the disposal process is seen to be fair, equitable and open and does not favour departmental employees.
ICT resource lifecycle
An ICT resource lifecycle approach requires effective management of an asset throughout its useful life. Good business practice requires that ICT resources are appropriately secured, maintained and used for the purposes intended, periodically accounted for, assessed to ensure their continued value to the organisation and disposed of in an accountable, cost-effective and environmentally friendly manner.
Protection of resources
Departments must assess and manage the risk that information or information assets might be compromised during any maintenance process.
- adequate policies and procedures to manage the assessed risk must be in place to protect ICT resources and the information and data contained on them during any maintenance process
- policies and procedures should be reviewed regularly as new technologies are introduced and the threat changes.
Departments should base their decision as to whether to enter into a maintenance contract on consideration of cost justification versus risk.
Detailed information on the QITC framework is available on the Queensland Information Technology Contracting (QITC) framework website.
Further information regarding the variations that departments need to consider in managing maintenance contracts and warranties can be found on the DHPW’s website under the Capital Works Management Framework and the Maintenance Management Framework.
When assessing and developing maintenance processes, departments should refer to the Information Security Policy (IS18:2018).
Privacy requirements should be addressed within the context of the Information Privacy Act 2009. Recordkeeping requirements should be addressed in accordance with the Public Records Act 2002
Warranties may be offered as an extension of warranty arrangements on ICT products at the time of purchase. Although this may increase the initial purchase price of the item, there may be longer-term savings by not having to pay an annual maintenance fee.
Service or operating level agreements (SLAs or OLAs) are essential in ensuring that both departmental and service providers have a clear understanding of their respective commitments associated with the terms and conditions of any ICT maintenance agreement. Information relating to any warranty or maintenance agreements could be held as part of the department's resource register.
Management and removal of information
Over time, departments will gather a considerable amount of information that can be both significant and sensitive. It is necessary to ensure that information and records are appropriately managed and removed when a decision has been taken to dispose of an asset.
Departments should assess and manage the risk from data loss or compromise when ICT resources are disposed of.
To ensure information and records are appropriately managed, departments should refer to the Public Records Act 2002, Information security policy (IS18:2018) and the Records governance policy before undertaking ICT resource disposal processes.
The provisions of the Information Privacy Act 2009 should be used to guide the development of processes for disposal.
Departments should refer to the information on disposal of assets provided on the Department of Housing and Public Works website as well as local departmental delegation policy to determine departmental processes for the disposal of ICT resources. Under the provisions of Sections 15(1) (c) and 23(2) (a) of the Financial and Performance Management Standard, 2009, responsibility for the disposal of surplus resources rests with the accountable officer or delegate of the department. Surplus resources should only be sold, traded in or otherwise disposed of with the approval of the accountable officer and in the manner specified by that officer or delegated officer.
Supervision and authorisation
Departments should assess and manage the risk that appropriate disposal action has been undertaken and is satisfactorily completed by developing procedures to authorise and verify that the appropriate action has been undertaken and is satisfactorily completed relative to criticality.
Information Security Policy (IS18:2018) provides guidance when assessing and developing such processes.
Strategies for disposal
ICT products represent a considerable investment and their disposal requires special consideration. Generally, the time to assess disposal options should coincide with forward procurement planning. Departments should consider a number of options, including:
- disposal within government
- disposal outside government (e.g. auction)
Review the QCD for any disposal / auction arrangements for disposal of government assets.
Where appropriate, departments should consider publishing information about disposals to provide access to members of the public wishing to tender for the ICT resources. Given the increasing importance of environmental issues departments should consider disposal strategies which minimise the impact of ICT resources on the environment.
Legislative and regulatory obligations
Departments should ensure that all legal and regulatory obligations under which they operate are observed when conducting procurement processes. In particular, departments should refer to the following within the general context of due diligence, accountability and probity:
Departments should also refer to any accompanying guidelines for each as well as other legislation, regulatory or procurement requirements that apply at the departmental level.