A recent news item was titled "NSW bureaucrats fear IT contractor corruption" , it cited a recent NSW Independent Commission Against Corruption (ICAC) report as saying that a "Knowledge imbalance opens the door to exploitation" .
The report claims that senior executives in the NSW public service feel vulnerable to corruption due to a lack of understanding of specialist IT contract work.
In 2011 ICAC found against a contracted IT project manager at the NSW Department of Education and Training who recruited additional contractors from his own company, and tricked the department into paying for services that were instead delivered to his company.
In 2012 it handed down a corrupt verdict against a Sydney University IT manager who recruited his own family members and friends to contract roles at the institution through a company owned by himself and his wife.
Contractors could also overestimate the scope of projects to boost their period of employment, or gain the control of intellectual property in a way that makes an agency reliant on their ongoing services, ICAC warned.
“People in senior management roles are not going to be IT specialists, that would be silly,” ICAC's Robert Waldersee said. “So they are trying to work out what to do with IT projects while this space is rapidly evolving”.
ICAC advised the best response is to tighten project controls. It has drawn out five key “levers” that senior public servants should use to bolster their organisation’s integrity, including:
- Insistence on tightly controlled and detailed business cases
- The engagement of different contractors to design and carry out a project
- A single, dedicated channel for contractor recruitment governed by internal staff
- Careful selection and close surveillance of project managers
- Clear terms around the expiration of a contract, such as the transfer of IP, and possibly time limits on terms of employment
- Of course we would say to the NSW Government, what we always say to the Victorian Government, that the best way to reduce ICT risks is to: .
1. Ensure that ICT contractors, and senior staff overseeing ICT projects, are qualified and certified in ICT
2. Ensure that proper governance is applied to ICT projects, by applying proper standards and processes, implemented by qualified personnel
In other words "If you employ outlaws, expect to be bailed up"
Ian Dennis FACS, FAIM, FAICD
Chairman, Australian Computer Society, Victoria