Federal Government agencies are looking for a 'caring' relationship from their outsourcing supplier, according to a quarterly survey by Asia Pacific IT market research consultancy East and Partners.
The Canberra Report, a survey of 126 Federal Government agencies, found the five most important factors that agencies consider when hiring IT contractors are quality of general advice, end user support, technical support, vendor proactivity and responsiveness.
"The traditional issues of vendors performing to contract and implementation practice have become increasingly a given -- vendor capabilities in these areas are assumed and are no longer a big differentiator," the report said. "Users are looking for other reasons to do business with a specific supplier.
"In particular, they are emphasising people strengths in acting as a true supply partner in delivering general advice, account and relationship management and being proactive in their dealings with customers."
The report revealed the areas in which vendors are performing best are adding value beyond contract requirements, citizenship, end user support, solution implementation and fitting the right solution for the purpose.
Their worst performance, according to the report, is in industry development achievements, responsiveness, pre-sales 'investments' by vendor, technology leadership and performance to contract.
Responsiveness is the fifth most important factor users want to see vendors deliver on, but it is rated the second worst area of supplier performance, the report revealed.
It also said although only two of the 30 performance factors were rated 'worse than average' on the five-point scoring scale by the agencies, the actual scores are "considerably worse than could have been expected given the importance being attached to them by Federal users".
"Similarly, users themselves need to reconsider where they place emphasis in their vendor management and selection practices based on these results. Many factors they have rated as being of modest importance to their needs are the very areas they see poor vendor performance in."
The report found the five best overall performing vendors in the Federal Government spheres were Candle, Sun Microsystems, SAP, NEC and AAPT.
East and Partners surveyed government agencies' chief information officers, chief IT development officers and chief IT operations officers about their working experiences with IT vendors. There was 100 per cent participation.
The departments included Defence, Tax, Foreign Affairs and Trade, Treasury, Australian Bureau of Statistics, Australian Customs Service and Centrelink.
As private enterprises struggle to meet the December 21 Privacy Legislation deadline, Commonwealth agencies are floundering in their efforts to meet their own privacy standards.
The agencies are required by the Protective Security Manual (PSM) to consider the security implications of their electronic information systems and to devise policy and plans to ensure the systems are appropriately protected.
According to Andrew Bewick, federal business manager for security consultancy 90East (Asia-Pacific), the whole psyche of security behaviour within Commonwealth departments is "not up to scratch".
"There isn't any document control in many departments. The Defence Department has been doing it well for decades, but the Australian Taxation Office, for example, has employed thousands of new consultants to deal with the implementation of the GST; how could all these staff be trained to operate securely in such a short timeframe?
"[In addition] often the IT solution put in place [within a department] does not correlate with the business processes. There is a lack of understanding of the issues and focus of the core business. People just think they will get someone in to put in the firewall, do the encryption, but [the technology] is not being linked back to business processes."
Seeking to resolve these kinds of issues, the Australian National Audit Office (ANAO) has contracted 90East to conduct a review of its IT security environment, policies and practices.
Bewick said ANAO conducted an audit of itself against 10 other government departments and "weren't happy with the results", so called for tenders for an external audit.
"The audit department wanted to ensure that its shop was in order. It wants to be a model, especially for departments that want to connect up to Fedlink," he said. FedLink will be used to secure intra-government communication as well as government online initiatives.
Peter Green, ANAO's chief information officer, said the agency decided on an external review to ensure it was up to date with the PSM and other government and NOIE (National Office for the Internet Economy) initiatives.
The review, which will be completed by the end of the year, is worth between $100,000 and $200,000, and will result in an action plan for the ANAO.
The audit will include a revision of ANAO's security policy, assessment of the security management framework, assessment of the security aspect of the configuration of the IT infrastructure, configuration of the laptop SOE, Internet and remote support infrastructure, and identify gaps between the assessments and best practice e-security requirements.
Green said the next step after the completion of the action plan would depend on the results and magnitude of the issues.
The ANAO outsources its IT to Unisys. "Any threat exposed by the report, may be resolved by us, Unisys or result in a new tender," Green said.