Queensland's CCC details ICT procurement corruption risks
The Queensland Crime and Corruption Commission has published a new white paper outlining the corruption risks associated with ICT procurement in government.
According to the report, with the Queensland Government spending over $1.38 billion on ICT projects across its departments, many of which are categorised as critical business risks, the potential consequences of corruption are high.
ICT procurement has long been known as a high-risk area for fraud and corruption, with vulnerabilities having been identified at multiple stages of the procurement process, from initial tendering and selection of providers through to payment and to contract management.
Risks include government employees with influence over ICT procurement being targeted or groomed by private entities seeking to influence the outcome of tender processes — a common sales tactic among some private organisations.
The rapid pace of change in the ICT sector can also “create a minefield for procurement panels who may lack the subject matter knowledge to fully understand proposed ICT solutions and whether products offered by providers can deliver on expectations”, the white paper states.
According to the commission, several factors can increase the likelihood of corruption seeping into ICT procurements.
These include a failure of government agencies to adequately plan for significant procurements, the presence of undeclared relationships between ICT providers and government staff, involvement of government staff in secondary employment with entities that benefit from securing government ICT projects and a lack of checks and balances for procurement activities.
Recent actual corruption investigations have centred around employees registering private businesses of a similar nature to their government functions with the goal of receiving outsourced work, registering such businesses in their friends’ or family members’ names, and openly or clandestinely subcontracting themselves to vendors.
The commission has urged government agencies to develop transparent, accountable procurement and contracting processes, complete with risk identification and assessment processes.
Agencies should also be alert to potential grooming of staff by vendors, as well as staffs’ possible conflicts of interest, including in any applications for secondary employment.
Understanding the new technologies being used by cybercriminals is the first step to preventing a...
Nearly all weapon system programs tested by the US Defense Department from 2012 to 2017 had...
The UK's National Cyber Security Centre has repelled more than 10 cyber attacks per week...