The Auditor-General has updated and replaced the 2001 good practice guide on procurement, including a section on information technology procurement.
The new guide includes policies and standards for public entities to consider when implementing e-procurement and reference to guidance for public entities to consider when procuring information technology.
the guidelines say a public entity that implements e-procurement systems "should ensure that any new procedures that are established meet the same legal and policy obligations that govern all government procurement".
"In addition, a public entity will need to ensure that it adopts additional policies and standards covering the different procedures and risks associated with e-procurement." The include:
- electronic invoicing;
- electronic records management;
- commodity classification;
- online security;
- authentication controls;
- access controls;
- audit trails; and
- business continuity.
It also includes top-line requirements for electronic invoicing, electronic record management, commodity classification, interoperability and security.
For information technology procurement, the report points to guidance previously released by the auditor-General, the State Services Commission and others.