1 / 25

Government Transformation Initiative – eGovernment Procurement for Good Governance

Government Transformation Initiative – eGovernment Procurement for Good Governance. Session 5 – Standards in e-Government Procurement Eduardo Talero May 27, 2009. Agenda. Context for eGP BM Standards Decisions The general case for standards The specific cae of Standards and eGP

beata
Download Presentation

Government Transformation Initiative – eGovernment Procurement for Good Governance

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Government Transformation Initiative – eGovernment Procurement for Good Governance • Session 5 – Standards in e-Government Procurement • Eduardo Talero • May 27, 2009

  2. eduardo@talero.name Agenda • Context for eGP BM Standards Decisions • The general case for standards • The specific cae of Standards and eGP • Standards to consider for different phases of eGP • Reality check on standards adoption • Recommendations to consider.

  3. eduardo@talero.name Reminder: Functional Scope of eGP system Budgeting Bid/Proposal Preparation Financial management Indent management Catalog management Contract management Order management Asset management Invoicing Processing Center Public Sector systems Private Sector systems ` eGP System III IV System integration/ Collaboration E-Catalog Purchasing E-Reverse Auction II E-Tendering Buyer/Seller Support I Publication / Disclosure

  4. WHY STANDARDS? May 27, 2009 eduardo@talero.name

  5. eduardo@talero.name Standards help to… Prevent failures

  6. eduardo@talero.name Standards help to… Increase efficiency of complex operations

  7. eduardo@talero.name Standards help to… Introduce order and predictabi-lity in electronic exchanges

  8. eduardo@talero.name Standards help to… Reduce risk

  9. eduardo@talero.name Standards help to… Increasetrust

  10. How standards can help eGP • Enhance B2G/G2G connectivity and interoperability • Generate trust in electronic experience • Enhance competition and inclusion • Enhance efficiency and flexibility of public procurement function • Enhance cooperation and transparency • Facilitate evolution and innovation • Increase return, reliability of investments • Avoid vendor lock-in May 27, 2009 eduardo@talero.name

  11. eduardo@talero.name SOME STANDARDS FOR eGP System Specification/Construction Architecture (SOA,WOA ) eGP System Quality (CMM) Workflow (BPMN, UMM, BPSS) DevelopmentMethodology (UML, RUP) Networking (TCP/IP) May 27, 2009

  12. eduardo@talero.name E-GP System: KEY STANDARDS FOR DISCLOSURE FACILITIES Identification (UN-SPSC, GPC, CPV, eCl@ss) eGP System` Model legislation (UNCITRAL, EC Directives 2004/17/EC and 2004/18/EC) Laws/Regulations Business opportunities Formatting (ODF, PDF, OOXML) Bidding documents Contract awards May 27, 2009

  13. eduardo@talero.name SOME STANDARDS FOR e- GP SUPPORT FACILITIES Identification (UN-SPSC, GPC, CPV, eCl@ss) e-GP System - User Support Facilities Communication (Imap) Supplier registration & alerts Reference prices ePayments (SET, IFX..) Research support Electronic payments Registration (DUNS) Supplier Registry May 27, 2009

  14. eduardo@talero.name SOME STANDARDS FOR eGP DATA CENTER Site security (RFC 2196) IT Service Management (ISO/IEC 20000) Network security (ISO/IEC 18028-1 ) eGP Data Processing Center Computer security ISO/IEC 15408 Directory Service (LDAP, DSML) Reliability (HTTP-R) May 27, 2009

  15. eduardo@talero.name SOME STANDARDS FOR eGP TRANSACTION SYSTEMS Information security management (ISO/IEC 27001) ` eGP System System integration/ Collaboration Facilities Information Security Controls (ISO 17999) E-Catalog Purchasing Reliability (HTTP-R) E-Reverse Auctions Information Security Testing (OSSTMM) E-Tendering May 27, 2009

  16. eduardo@talero.name KEY STANDARDS FOR e- REVERSE AUCTIONS E-Reverse Auction Facilities Communication (Imap) May 27, 2009

  17. e-Tendering Facilities eduardo@talero.name Bid Vault DOCUMENT STORE PROCESSING TIMETABLE KEY STANDARDS FOR eGP PHASE IIa - eTENDERING SYSTEM QUESTIONS & ANSWERS Authentication (X509, XML DSig, XKMS) S U P P L I E R S B U Y E R S Supplier Profiles SUPPLIER ROSTER Q & A Traceability (ISO 13335) Bid Documents Decrypted Bids Encrypted Bids Encrypted Receipts Encryption (SSL, XML Encryp) May 27, 2009

  18. eduardo@talero.name SUPPLIER 1 SUPPLIER 2 Electronic Catalog Electronic Catalog SOME STANDARDS FOR eGP PHASE IIb - e-CATALOG PURCHASING SYSTEM Messaging (SOAP) Publication (UDDI) e-Catalog Purchasing Facilities Documentation (UBL, C-CATALOG) Reliability (HTTP-R, WS-R) Interoperability(WSDL, BPEL) Secure Access (SAML, XACML) May 27, 2009

  19. eduardo@talero.name EGP SYSTEM: STANDARDS FOR SYSTEM INTEGRATION/ COLLABORATION FACILITIES (PHASES III AND IV) Interoperability/Collaboration (ebXML, WS-I Profiles, WSCI, BPEL) Web Services (WS*) Interpretation (DSDL, Relax NG) Registration of Services (UDDI) Provisioning (SPML) Private Sector Systems Public Sector Systems EGP System Web Security (WS Security, SAML, XACML)

  20. eduardo@talero.name Adoption of Open Standards is… • Mandated already by many governments (India, UK, Canada, EU, Phil, Brazil…) and recommended by most. • Embraced in varying degrees by large vendors (IBM, HP, Oracle…) • However, from 2006 MDB survey of eGP systems in 14 leading countries…

  21. eduardo@talero.name Use of Open Standards by 14 leading eGP governments * • No one says to allow ODF documents. • Only 6 use UNSPSC. • Only 4 use XML, and only one uses ebXML for interoperable electronic business • Only 4 use SOAP, 3 use UDDI, only 1 uses WSDL and none use BPEL, WS-Security, WSCI (so much for SOAs). • However, most use digital certificates and asymmetrical encription for authentication. *Argentina, Australia (State of New South Wales), Brazil, Chile, Finland, Hong Kong, India (Indian Railways), Italy, Mexico, Norway, Romania, Singapore, South Korea, The Philippines

  22. eduardo@talero.name Recommendations to Consider • Adopt and open standards policy for all eGP related work. Refer to them by name (“or substantially equivalent”) in SRSs and SLAs. • Investigate and if possible adopt ebXML family of standards (ISO 15000) for all eGP-related work. • Adopt SOA and Web services as the architectural standards for eGP. • Adopt a business process modeling standard (BPMN or UMM) and use to document functional requirements of eGP system, even if procuring a COTS solution. It will serve well in acceptance testing and in avoiding vendor lock-in.

  23. eduardo@talero.name Recommendations to Consider (2) • Reserve Digital signatures and PKI for strong authentication and signing of legally-enforceable documents. For other purposes, experiment first with simpler methods (encryption, two-factor authentication). • Assign a person to watch and recommend standards. This may be done centrally for whole government. • Open door to OSS products as they often implement and promote open standards. • Strongly consider adopting international classification/description standards (UN SPSC, CPV, GTIN or similar) instead of a home-grown alternative.

  24. THANK YOUQuestions? etalero@worldbank.org May 27, 2009 eduardo@talero.name

  25. Extra slides May 27, 2009 eduardo@talero.name

More Related