Feeds

Corruption cops warn on old-school project management

NSW's Independent Commission Against Corruption issues procurement guidance

Secure remote control for conventional and virtual desktops

The New South Wales Independent Commission Against Corruption (ICAC) has cast its eye over the IT sector, and suspects that there's a gap between project management practise and the real world that opens the door to corruption.

The issue the ICAC is trying to address is the way that a shift from staff to contractors can open the door to cost-blowouts and even outright corruption.

Contractors are an inevitable part of the modern IT project, the corruption watchdog notes, driven by both the supply side and the customer side. Someone with saleable skills rarely wants to stagnate into system maintenance after a project is completed. On the other side, the customer organisation usually doesn't have all the skills on hand to implement a major project, and probably lacks the time to build those skills from within.

However, the ICAC states, reliance on contract specialists to deliver projects also renders obsolete traditional project controls that are taught to any professional manager: “budget, specifications, timeframe, cost and measurement of deliverables become elastic and are rendered less effective,” the commission writes. “As these controls weaken, the ICAC has seen opportunities for profiteering and corruption increase; contractors can over-service, over-price and under-deliver.”

The customer-side manager is also confronted with a dizzying array of small and micro-businesses offering specialist services, the ICAC notes: most of the country's 20,000 IT businesses have fewer than five staff, and only 500 firms have more than 20 staff. That's in addition to two thousand recruitment firms, many of which are contractor-owned.

Hence its information paper, Managing IT Contractors, Improving Outcomes, compiled after interviews with CEOs, COOs, IT managers and auditors from public and private sector organisations.

The high points of its advice are that customers should:

  • The project's business case should be linked to the controls that apply throughout the project;
  • Design and build should be kept separate – the ICAC suggests rejecting low bids that indicate an undisclosed interest (such as a low design price that the contractor hopes to recover at build time). Informal contact between contractors and internal staff should be limited during the bid, and the ICAC suggests engaging separate contractors to act as reviewers;
  • Gateway control – managing who is allowed into contracts sounds obvious, but clearly the ICAC has seen evidence of organisations engaging contractors without the proper due diligence, so it recommends background checks of contractors, as well as using recruitment firms in contest with each other.
  • Managing project managers – PMs should not be too close to contractors, the ICAC writes, and their “span of control” should be limited; and
  • Exit strategy – every project needs one, and it should include enforcing fixed limits on tenure, so that a contractor doesn't have an incentive to string-out a project to keep the money flowing.

Certainly, none of these controls would have hurt Queensland Health, whose failed payroll system rollout ended in tears, an independent inquiry, and a final bill likely to reach $AUD1.2 billion for a system that's going to be replaced anyhow. ®

Internet Security Threat Report 2014

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
Driving with an Apple Watch could land you with a £100 FINE
Bad news for tech-addicted fanbois behind the wheel
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Radio hams can encrypt, in emergencies, says Ofcom
Consultation promises new spectrum and hints at relaxed licence conditions
Special pleading against mass surveillance won't help anyone
Protecting journalists alone won't protect their sources
Big Content Australia just blew a big hole in its credibility
AHEDA's research on average content prices did not expose methodology, so appears less than rigourous
Vodafone to buy 140 Phones 4u stores from stricken retailer
887 jobs 'preserved' in the process, says administrator PwC
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.