Bangladesh: Introducing e-Government Procurement (e-GP) Abdus Sobhan Sikder Secretary, IMED, MOP

Bangladesh: Introducing e-Government Procurement (e-GP)

Abdus Sobhan SikderSecretary, IMED, MOP

Amulya K DebnathDirector General, Central Procurement Technical Unit

(Washington D.C.; December 10, 2008)

Bangladesh: Introducing e-Government Procurement (e-GP)

Abdus Sobhan SikderSecretary, IMED, MOP

Amulya K DebnathDirector General, Central Procurement Technical Unit

(Washington D.C.; December 10, 2008)

Session Key Parts

• Legislations

• e-GP readiness & Implementation Status

• Expected Outcomes

• Challenges

• Legislations

• e-GP readiness & Implementation Status

• Expected Outcomes

• Challenges

Legislations

•IT Act 2006 in place

•IT Rules (at approval stage)

•E-GP provisions in Public Procurement Act 2006 (PPA) & Public Procurement Rules 2008 (PPR)

•E-GP Guidelines/ Rules (at drafting stage)

•IT Act 2006 in place

•IT Rules (at approval stage)

•E-GP provisions in Public Procurement Act 2006 (PPA) & Public Procurement Rules 2008 (PPR)

•E-GP Guidelines/ Rules (at drafting stage)

Legislative Readiness• Provisions in Public Procurement Act – 2006 for

the uptake of e-GP– The Act includes a specific Section for e-Government Procurement (e-GP).

It has fully allowed all kinds of online transactions resulting to online procurement by government agencies.

Chapter Eight

Use of Electronic Processing System in Public Procurement, etc.

65. e-Government Procurement1. For carrying out the purposes of this Act, any or all government procurement under this Act may be undertaken using electronic processing system.

2. The electronic processing system and the principles governing such system shall be prescribed by the government

Explanation: For the purposes of this section, ‘Electronic Processing System’ means the online processing of data through a website.

Public Procurement Act -2006

Chapter Eight

Use of Electronic Processing System in Public Procurement, etc.

65. e-Government Procurement1. For carrying out the purposes of this Act, any or all government procurement under this Act may be undertaken using electronic processing system.

2. The electronic processing system and the principles governing such system shall be prescribed by the government

Explanation: For the purposes of this section, ‘Electronic Processing System’ means the online processing of data through a website.

Public Procurement Act -2006

Legislative Readiness

Public Procurement Rules – 2008

Public Procurement Rules, enacted from January 31, 2008 clearly spells out the mandatory requirement of publishing the procurement information from different stages of procurement cycle to the CPTU website and also offers the strong basis for online procurement transactions.

Public Procurement Rules – 2008

Public Procurement Rules, enacted from January 31, 2008 clearly spells out the mandatory requirement of publishing the procurement information from different stages of procurement cycle to the CPTU website and also offers the strong basis for online procurement transactions.

e-GP Readiness

No. Component Level of readiness

1 Government Leadership 3

2 Infrastructure and Web Services 2

3 Human Resource Planning 2

4 Standards 1

5 Planning and Management 2 & 3

6 Private Sector Integration 1

7 Policy 2

8 Systems 2

9 Legislation and Regulation 3 & 3

• E-GP readiness assessment conducted in 2006• E-GP readiness assessment conducted in 2006

e-GP Implementation Status

• Public Procurement Reform Project II (PPRPII) has one specific component to introduce e-GP on a pilot basis with the central database in the Central Procurement Technical Unit (CPTU), the nodal procurement policy unit of the Government .

• Existing MIS (PROMIS) of CPTU has few features of e-GP (IFB publication, contract award publication, etc.)

• Existing MIS will be enhanced to form first phase of e-GP for its piloting in four key target agencies (RHD, LGED, BWDB & REB)

• Public Procurement Reform Project II (PPRPII) has one specific component to introduce e-GP on a pilot basis with the central database in the Central Procurement Technical Unit (CPTU), the nodal procurement policy unit of the Government .

• Existing MIS (PROMIS) of CPTU has few features of e-GP (IFB publication, contract award publication, etc.)

• Existing MIS will be enhanced to form first phase of e-GP for its piloting in four key target agencies (RHD, LGED, BWDB & REB)

e-GP Implementation Status Contd….

• Hardware for four target agencies and connectivity for selected procuring entities of those agencies are under procurement

• e-GP system is under design/ development stage, with features in conformity with MDB Guidelines

• Selected Procuring entities’ staff will undergo e-GP training.

• Piloting of e-GP by June 2009

• Hardware for four target agencies and connectivity for selected procuring entities of those agencies are under procurement

• e-GP system is under design/ development stage, with features in conformity with MDB Guidelines

• Selected Procuring entities’ staff will undergo e-GP training.

• Piloting of e-GP by June 2009

Key Featured of e-GP System Actors

Modules in e-GP System

• Centralized Registration of Contractors/ Suppliers/ Consultants

• Workflow Management

• e-Tendering (e-Publishing/e-Advertisement, e-Lodgement, e-Evaluation, e-Contract award)

• e-Contract Management (e-CMS)

• e-Payments

• Procurement Management Information System (PROMIS)

• Centralized Registration of Contractors/ Suppliers/ Consultants

• Workflow Management

• e-Tendering (e-Publishing/e-Advertisement, e-Lodgement, e-Evaluation, e-Contract award)

• e-Contract Management (e-CMS)

• e-Payments

• Procurement Management Information System (PROMIS)

Security Features

• Presentation Layer Security• Login/Password (email as Unique ID)• CAPTCHA : Verification code has to be entered as appeared in the

‘CAPTCHA’ and this is used to avoid automatic creation of users and to ensure that users are created manually.

• Session level security• Transmission/Transaction Layer Security

• Secured Socket Layer (SSL – 128 bit encryption)• Domain/Server level Session security• Electronic Signature/ Digital Signature based authenticity

• Application Layer Security• Web services will be used to access different processes and services

offered by different modules of the applications• Message will be transferred using XML packets through SOAP.• Automated virus scan

• Presentation Layer Security• Login/Password (email as Unique ID)• CAPTCHA : Verification code has to be entered as appeared in the

‘CAPTCHA’ and this is used to avoid automatic creation of users and to ensure that users are created manually.

• Session level security• Transmission/Transaction Layer Security

• Secured Socket Layer (SSL – 128 bit encryption)• Domain/Server level Session security• Electronic Signature/ Digital Signature based authenticity

• Application Layer Security• Web services will be used to access different processes and services

offered by different modules of the applications• Message will be transferred using XML packets through SOAP.• Automated virus scan

Security Features (continued…)

• Database Layer Security• Bitwise encryption while streaming to and from database (bid box)• Confidential data like identity information will be tagged by MD5 for

integrity• SQL injection proof data access codes will be written

• Hardware Layer Security• 2 layer Firewalls to protect e-GP System access from Internet• Database will be kept in Intranet IP class behind firewall and application

server will be kept in Public IP class• Database will be clustered• Hard drive will use RAID 5 hot swappable storage technology• Daily Data backup process will be automated• Mirror server will be hosted

• Workflow based Security• Only authorized and authenticated users will have access to specific level

of workflow.• Procuring Entity will have rights to manage users as per their needs

• Database Layer Security• Bitwise encryption while streaming to and from database (bid box)• Confidential data like identity information will be tagged by MD5 for

integrity• SQL injection proof data access codes will be written

• Hardware Layer Security• 2 layer Firewalls to protect e-GP System access from Internet• Database will be kept in Intranet IP class behind firewall and application

server will be kept in Public IP class• Database will be clustered• Hard drive will use RAID 5 hot swappable storage technology• Daily Data backup process will be automated• Mirror server will be hosted

• Workflow based Security• Only authorized and authenticated users will have access to specific level

of workflow.• Procuring Entity will have rights to manage users as per their needs

Expected Outcomes• Centralized database of Public Procurement

Community (Procuring entities and Contractors/ Suppliers/ Consultants)

• Standard way of carrying out the procurement with Standard document templates

• Efficiency gain with the Procurement Workflow still keeping the same or with minimum optimization

• Compliance to the PPA-2006 & PPR-2008

• Effective Monitoring and Evaluation Platform

• Centralized database of Public Procurement Community (Procuring entities and Contractors/ Suppliers/ Consultants)

• Standard way of carrying out the procurement with Standard document templates

• Efficiency gain with the Procurement Workflow still keeping the same or with minimum optimization

• Compliance to the PPA-2006 & PPR-2008

• Effective Monitoring and Evaluation Platform

Future Challenges

• Bidding Communities Preparedness and Readiness (infrastructure & HR)

• Finalization of e-GP guidelines/ rules

• Enroot Trust on online transaction and e-Signature

• Bidding Communities Preparedness and Readiness (infrastructure & HR)

• Finalization of e-GP guidelines/ rules

• Enroot Trust on online transaction and e-Signature

THANK YOU !!!!!

(CPTU website: www.cptu.gov.bd;Email: info@cptu.gov.bd)