E-Procurement Draft Guidelines - Revised

Guidelinesforcomplianceto
QualityrequirementsofeProcurementSystems
STQCDirectorate
DepartmentofInformationTechnology,
MinistryofCommunications&InformationTechnology,
ElectronicsNiketan,6CGOComplex,LodhiRoad,
NewDelhi110003
Dt:05.08.2011

CONTENTS
1.0
Introduction
2.0
OperatingModelsofeProcurementSystem
3.0
4.0
5.0
SpecificrequirementsofeProcurementSystem
RequirementsofConformity
TestingframeworkforQualityandSecurityCharacteristics
6.0Evaluation&Certificationprocess
Annexures
AnnexureI :RisksofeProcurementSystemsandrelatedISO27001controls
AnnexureII :ChecklistforeSecurityCompliance(includingCVCGuidelines)
AnnexureIII:ChecklistforcompliancetoGOIprocurementprocedures(GFR)
AnnexureIV:Checklistforlegalcompliance(ITActAmendment2008)
AnnexureV :DefinitionsandReferenceDocuments
Referencedocuments:
1. eTenderingProcess
2. eTenderingGlossary
3. eProcurementIntegrityMatrix
4. OWASP(OpenWebApplicationSecurityProject)Top10ApplicationSecurityRisks
2010
5. BusinessrequirementsspecificationcrossindustryeTenderingprocess(Source
CWA15666)
Forms&Templates:
TemplateI:TemplatefordefiningUsabilityRequirementsSpecificationsof
theSoftwareproduct
TemplateII:TemplateforPerformanceSpecification
FormI:ApplicationformforapplyingforTestingtoSTQC

1.0
1.1
Introduction
Background
The public sector is one of the biggest purchasers of goods & services in the
economy. The Government of India acknowledges that automating procurement
process using electronic tools/techniques and enabling opportunities to suppliers
fully supports the objective of nondiscrimination, fair & open competition.
eProcurement is identified as a mission mode project under national eGovernance
plan. The objective is to transform public sector purchase activity from labor
intensivepaperbasedtoefficienteProcurementprocess.
Electronic Procurement (eProcurement) is the use of Information and
Communication Technology (specially the Internet) by the buyer (in this case
Government) in conducting their procurement processes with supplier for the
acquisitionofgoods(supplies),worksandservices.UseofInformationTechnology
promotes the aims of open, nondiscriminatory and efficient government
procurement through transparent procedures.It is the technologyenabled
acquisition of goods and services, required by an organisation, at the best value
obtainableinthemostefficientmannerpossible.
ThefactorsdrivingtheadoptionofeProcurementare:
Reducedpurchasingcostandimprovedefficiency
Standardizedpurchasingprocessesacrosstheorganization
Reducedadministrativecostswithbettereffectiveness
Significantreductionintheprocurementcycle
Reduceddiscretion
Atthesametimetheinhibitorstoadoptionare:
Lackofsupplierreadiness
Systemintegrationissues(compatibilityandinteroperability)
Confidenceonthesystem(Security,FunctionalityandPerformance)
Insufficientskilledstaff
eProcurementinvolvesasetoftechnologysolutionwhichconcentrateondifferent
keyareasofprocurementsuchas
eTendering,
eAuctionorReverseAuction,
eCatalogue/Purchasing,
eMarketPlace,
eInvocingetc.,.
ThefocusofthecurrentGuidelinesismainlyoneTendering,(i.e.tendering
withencryptedbids,theequivalentofwhichinthemanualcontextwouldbe
sealedbids).
Thisdocumentprovidestheguidelineforcompliancetoqualityrequirements
of eProcurement systems. The essential quality characteristics of
eProcurementsystemcoverSecurity,Transparency&Functionality.
1.2
GeneralRequirementsofeProcurementSystem
The basic requirements of any eProcurement system are to achieve the goal of
Government procurement, standardisation of procurement processes and
informationentitiesinanefficientandtransparentway.Hencethekeyrequirements
areto:
AddresstherequirementofGFR
Forpublicprocurementofgoods,services,works(e.g.construction)compliance
withGFRrules,processes,roles(purchasingofficer,localpurchasingcommittee
etc) are mandatory requirements. The GFR rules needs to be applied into the
application workflow of etendering process. eProcurement System should be
designedasperdefinedworkflowwithadequatesecuritymeasures.
1.3
1.4
ConfidentialityandIntegrityofInformation
Thekeyrequirementofprocurementinpublicserviceorganisationistomaintain
the confidentiality & integrity of the information in procurement life cycle to
protecttheinterestofbuyer&supplierandtoencouragethecompetitivenessin
the business. The eprocurement platform transacts confidential procurement
data and is exposed to several security threats. This requires employing a
combinationofsecuritytechnologiesandsecuritybestpracticeswhichresultin
reducedthreatofdataloss,leakageormanipulation.
AddressVigilanceGuidelines
Thesystemshouldmeettherequirementsofguidelinesissuedfromtimetotime
byCentralVigilanceCommission.
SystemAdaptability&customisation
eTendering System need to have templates to offer flexibility in bidding
methodologies as prevailing and followed currently in the manual process.
Further,systemshouldhavetemplatestoadoptbiddingmethodologiesasmay
beprescribedbyrespectiveauthorities.
The aim of this document is to provide guidelines that could be followed for
designing/developingsomecriticalfunctionalityinaneProcurementsystemaswell
as the necessary process for monitoring adherence to the security and
transparencyrequirementsofaneprocurementsystemduringtheimplementation
andpostimplementationbythe eprocurement application developers, service
providersandotherstakeholders.
Objective
ToprovideGuidelinesforassuringQualityandSecurityofaneProcurementsystem
so that confidence can be provided to its stakeholders that the system is secure,
transparent,auditable&compliantwithgovernmentprocurementprocedures.
TargetAudience
Purchase/HeadofPublicServiceOrganization
eProcurementServiceProvider
eProcurementSolutionProvider/ApplicationDeveloper
ThirdPartyTestingandAuditOrganization
4
1.5. Approach
Toachievetheaboveobjectivethefollowingapproachisrecommended.
Evaluation of eProcurement System (including data, software, hardware,
network,process)toensure
Correct&completeimplementationoforganisationprocurementpolicies&
procedures
CompliancetoGFRrules,CVCguidelines,ITAct(includingamendments)
Assuring Security by Design & Development (ie some critical security and
transparency related functionality has to be built into the eprocurement
softwareapplication),Implementation,Deployment&Use
SecurityofDataStorageandCommunication
Performance
Usability
Interoperability
Identificationofrisksandconcernsofeprocurementsystem&providingthe
guidelinesformitigatingtheidentifiedrisks.
2.0 OperatingModelsofeProcurementSystem
TherearefouroperatingmodelsforeProcurement(Referencedoc1)
i) DedicatedeProcurementSystem:theGovernmentorganizationwishingtodoe
Procurement,ownsandcontrolsthesysteminfrastructure,andalsocontrolsall
theprocurementactivitiescarriedout.
ii) OutsourcingModel1(PartialOutsourcingManagedServices):TheGovernment
organization procures and owns the system, which is managed by service
provider with adequate security controls. There is a risk that service providers
may get access to vendor data. Issues relating to Official Secrets Act shall be
consideredforthismodel.
iii) Outsourcing Model2 (Partial Outsourcing Infrastructure Support): The
Government organization uses the eProcurement system of a Service Provider.
The Service Provider also owns and controls the infrastructure. There is a risk
that service providers may get access to vendor data & service provider start
participatingincoreprocurementprocess,IssuesrelatingtoOfficialSecretsAct
shallbeconsideredforthismodel.
iv) Outsourcing Model3 (Full Outsourcing (ASP) Model): Multiple Government
organizationscanregisterandthemselvesusetheASPsportalfortheirvarious
etendering/ eauction activities with complete control of the all the core
tendering activities in their hands, without any intervention from the service
provider.Theregistration/deregistrationactivities,andtheportalinfrastructure
ismanagedbytheserviceproviderwithadequatesecuritycontrols.Inthiscase,
essentially the Service Provider is only a platformprovider. The powers and
responsibility of the tendering process remains in the hands of the duly
authorized officers of the government organizations, and does not get
transferred to third party service providers as in Outsourcing Model2 (Full
Outsourcing). So while there is some outsourcing in respect of infrastructure,
there is no outsourcing of the actual tendering/ procurement activities by the
concerneduserGovernmentorganizations.
All models of eprocurement system must incorporate functionality, processes and

technologiesoutlinedin(AnnexureI,II,IIIandIV),andespeciallyapplycountermeasuresto
mitigateknownrisks(AnnexureI)
3.0 SpecificrequirementofeProcurementSystem
3.1 The service provider in consultation with the Purchase Officer shall establish the
followingprocess:
Business Process Reengineering switching from Manual Procurement to
eProcurement. (Since Government tendering processes falls within a standard
framework, only limited options should be given to the Purchase Officer. The
service Provider/ Purchase Officer should not be able to reduce the essential
securityandtransparencyaspectsofthesystemonthepretextofreengineering
andcustomization]).
ImplementationofBidEncryptionatclientend(iebidderscomputer)using
SymmetricKey,orAsymmetricKey(PKIbased)subjecttoissuesraisedin
AnnexureIandIIbeingsuitablyaddressed
Bidsbeforetransmissionfromthebidderscomputershouldbeprotectedwith
SSLEncryption.
Functionality/Security/TransparencyrelatedRequirementsofaManual
TenderingSystemandConformanceitsAvailabilityintheOfferedeProcurement
system(functionalityrequirementsofGFR&CVCguidelines)
eProcurementSystemmusthavetemplatestoofferflexibilityinbidding
methodologyasprevailingandfollowedcurrentlyinthemannerofprocessing.
Further,thesystemshouldhavetemplatestoadoptbiddingmethodologyasmay
beprescribedbythepurchaser,aslongasthemethodologyisalegally
acceptablemethodology.
eProcurement System should deploy PKI based technologies for authenticating
thebids,andopeningelectronictenderbox.Securemethodologyfordecrypting
bidsshouldbedeployedcorrespondingtotheencryptionmethodologydeployed
(vizsymmetric,orPKIbasedasymmetric).TheentireIThardwareinfrastructure
of EProcurement System which includes application software, hardware, and
systemsoftwarebehardenedasrelevant.Thesystemmustdeployantispyware
and antispam with a provision to update regularly. The updation of these
softwareontheEProcurementSystembedoneusingtheofflineupdationmode.
The EProcurement System must have software tools to protect the operating
system from injection of spyware. The entire infrastructure be protected and
secured at the perimeter level by installing firewalls and Intrusion Prevention
System.ThesystembeconfiguredproperlysoastodetectanykindofIntrusion
intoITsystem.
eProcurement System can be further secured by installing suitable security
incident and event management mechanisms SIEM (Security Incident Event
Management).
eProcurementapplicationshouldhaveaudittrailfacilities.
The PKI Key Management System must specify the holder of private key and
publickey.Theprocedureinthiscasemaybeprescribed.
eProcurement System should not provide read access to password to the
Administrator.EProcurementSystemfurthershouldnothaveforgotpassword
featurewhichprovidesadministratorgeneratedorsystemgeneratedtemporary
password.
3.2
The Purchase Officer of a Public Service Organisation (Government Department)

musttoensurethateProcurementsystemwhichheintendstousecomplieswithall
theapplicablerequirementslistedinSections3and4.
3.3
3.4
ThePurchaseOfficermustanalysetheriskarisingoutofestablishmentofabove
mentionedprocessesandapplysuitablecontrols.TheannexureI,II,IIIandIVmaybe
followed
EscrowingofSourceCode
Thesourcecodeoftheeprocurementapplicationsoftwarealongwiththe
modification/changes/patcheswhichisimplementedbytheagencyfromtimeto
timeshallbeescrowedwiththeagencynominatedbytheuserorganizationsor
governmentincaseofdedicatedportals.
An MOU would be entered between purchase officer/ purchaseorganization and

serviceprovider
4.0 RequirementsofConformity
4.1 eProcurerementsystemsmustaddress:
Eprocurement application should have provisions of ensuring validation of PKI
signaturethroughCertificaterevocationlist(CRL)andvalidityofcertificate.
Shall have mechanism for time synchronisation by using time synchronisation
service(TSS)athostinglevel,orsynchronisationwithmasterserveratthedata
centrewheretheeprocurementsystemishosted
Time Stamping [facility should be there in the eprocurement application for
timestampingofallimportanteventslikecreationoftendernotice,approval
oftendernotice/tenderdocuments,submissionofbidsandsupplementarybids
(likemodification,substitution,alternatives),etc]
ThesystemmustconfirmtoGFRrules,processes,roles(purchasingofficer,local
purchasing committee etc.), compliance to CVC guidelines and IT Act (including
amendments).
4.2 OtherRequirementsforQualityandSecurityEvaluation
:
Thefollowingconditionsshallbeagreedinwritingbyserviceprovider
ForDedicatedportalandASPModel,theeprocurementapplicationshouldhave
facilityforgeneratingauditlogs,whichshouldbeaccessible(indownloadable
form)toaspeciallydesignatedofficerofthePurchaseorganization.For
OutsourcingModels1and3,eprocurementserviceprovidershallsubmitallthe
logsoftransactioncreatedbytheeprocurementsolutionincludingforensic
imageonquarterlybasisorasprescribedbytheuserorganizationregularlyand
asandwhendemandedbythepurchasers.Thelogswillbedulysignedbythe
administrationoftheserviceproviderbyhiselectronicsignature.
Theauditforcertificationoftheentireeprocurementsolutionshallbe
undertakenafteritsdeploymentandpriortoitsusage.
Theeprocurementsolutionincludingthecomputerservershallbeinstalledin
India.Nodataascaptured/storedintheeprocurementsolutionwillbetaken
outofthecountry.Theintentofthisclauseistocoverthedatacentreandthe
routing.Additionally,theforeignbiddersshouldbeabletoquote.
Theauditofthecompleteeprocurementsystemshallbeundertakenonlyon
the request of the organization/agency who wish to use/install the system.
Softwareapplicationcanbetestedbasedontherequestofthedeveloper.
Theeprocurementsolutionshallneedtobetestedandauditedagainafterithas
been significantly modified (addition/ deletion of functions/ modules) or
customizedforaneworganizationwhetherstandaloneorsharedmode
The traffic emanating to and from eProcurement systems will be scanned if
requiredbytheauthorisedbody.
StorageofElectronicInvoices
Itisassumedthatinvoicestransmittedelectronicallywillbestoredelectronically.
Ifpublicserviceorganisationwishtostoreinvoiceinthepaperformsameshall
beprovisionedinlocalpurchaseprocedureapprovedfromcompetentauthority
ForVATpurposerecordsmustberetainedfor6years.6Yearsrulemaycause
serious storage problem or undue expense; competent authority may take a
suitabledecisionfortheretentionperiod.
The records may be stored anywhere State Data Centre/PSU own data center.
The only requirement is that of security, strategic control and record must be
made available to public service organisation on demand within a reasonable
period.

5.0TestingframeworkforQualityandSecurityCharacteristics
5.1 eProcurementQualityandSecurityAssuranceModel
AeProcurementQualityandSecurityAssuranceModelisdepictedbelow:
The Quality & Security evaluation model consist of four layers namely, Data, Application,
Infrastructure and Process. Layer by layer assessment will ensure compliance with
applicablerequirementssuchasCVC,ITAct,GFR2005andconcernsofotherstakeholders.
5.2 Descriptionofthemodel
Briefdescriptionofthelayers(fromoutermosttoinner)isgivenbelow.
ProcessLayer
ISO27001ProcessAudit#
VerificationoftheITsecurityprocessestoensurethatsecureandbestpractices
arefollowedinoperationandmaintenanceoftheeProcurementSysteminline
with international standard on Information Security Management System, ISO
27001/27002
Tosupplementthefunctionalitybuiltintotheeprocurementsystem,where
somerequirementsoftheeprocurementsystemandalliedprocessesarebeing
addressedthroughorganizationalproceduresunderISO27001/27002,these
shouldbeexplicitlydefinedwithsatisfactoryexplanations.Atthetimeof
certification/audit,suchproceduresasoutlinedbytheeprocurementvendor/
serviceproviderinresponsetoAnnexureI,II,IIIoftheseGuidelines,shallbe
reviewedandevaluated.
MonitoringagainstagreedSLAs#
SLA monitoring shall ensure that the eprocurement system is adhering to the
agreed upon service related (i.e., user centric) as well as system related (i.e.,
9
technology centric) service quality requirements such as availability,

performance,problemresolution,etc.WhileservicerelatedSLAstakecareofthe
services delivery issues, the system related SLAs address IT technology
(hardware,softwareandnetwork)usedindeliveringtheservices.
InfrastructureLayer
ArchitectureReview#
The review of eprocurement system shall be done to ensure that the defined
architectureoftheeprocurementsystemisadequateandsuitableformeeting
thevariousoperationalandservicedeliveryrequirementssuchasperformance,
security,availability,etc.
It is also recommended that once the eprocurement system is deployed, the

deployed architecture should be audited to verify its compliance against the
definedarchitecture.Theauditshouldcoverlogicalpositioningofvarioussystem
componentssuchasfirewall,IDS/IPS,servers,loadbalancer,etc.Inaddition,end
toendtransactionflowsshouldbeverifiedtoensurethattheyaregoingthrough
thedefinedpathbyusingdummytesttransactionsandanalysisoflogsatvarious
layers.Certificationbodyshallusestandardizedchecklistforthecriteria.
VulnerabilityAssessment(Servers&NetworkDevices)#
Systemconfigurationcheckingorverificationofhardeningandvulnerabilityscanning
shall be performed to find out weaknesses, vulnerabilities and misconfiguration in
the target hosts (Servers, Routers, Firewalls, Switches etc.) which hosts the e
procurement application system. Certification body shall use standardized checklist
forthecriteria.
PenetrationTestingoftheSystem#
Penetration Testing (PT) shall be normally done remotely from public domain
(Internet) and also can be done from internal network to find out exploitable
vulnerabilities. Series of testing conducted like information gathering from public
domain,portscanning,systemfingerprinting,serviceprobing,vulnerabilityscanning,
manual testing, password cracking etc. using stateoftheart tools (commercial and
open source) and other techniques shall be used with the objective of unearthing
vulnerabilities and weaknesses of the overall eprocurement system and its
underlyingITinfrastructure.Certificationbodyshallusestandardizedchecklistforthe
criteria.
PerformanceTestingoftheSystem#
Performance testing of the eprocurement system shall be done to ensure that
system is capable of handling defined user as well as transactional load. The
performance testing of the eprocurement system essentially means measuring the
response time of the system for defined scenarios. While measuring the response
time it is important to record the resource (CPU, Memory, etc.) utilization. The
capacityoftheeprocurementsystemshouldbecheckedbysystematicallyincreasing
theloadonthesystemtillperformancedegradationorsystemcrashisencountered.
Alsothemanner/trendinwhichperformancechangeswithloadwilldeterminethe
scalabilityoftheeprocurementsystem.
ApplicationLayer
ApplicationDesignReview#
10

(Note: This would be applicable only where customized software development is
being done for a specific organization. Furthermore, it should be noted that this
review would not be a substitute for the review and testing of critical security and
functionalityoutlinedinAnnexuresI,IIandIIIoftheseGuidelines)
Designreviewcoversthehighleveldesignandthelowlevel(detailed)designofthee
procurement software application. It will ensure that software has been designed
using best practices and design rules. The review will verify that the design has
modularity, flexibility, low complexity, structural fanin & fanout and it is loosely
coupled & highly cohesive. The correctness of logics and algorithms used in the
detailed design should be verified including any zero day vulnerability in the
algorithm.
ApplicationCodereview*
(Note: This would be applicable only where customized software development is

being done for a specific organization. Furthermore, it should be noted that this
review would not be a substitute for the review and testing of critical security and
functionalityoutlinedinAnnexuresI,IIandIIIoftheseGuidelines)
Thecodereview(i.e.,staticanalysis)ofthesoftwareapplicationsourcecodeshallbe
carriedoutusingtoolandmeasuremetricssuchaslinesofCode,CodeComplexity,
Fanin & fanout, Application CallGraph, Dead Codes, Rule Violation, Memory leaks
etc. It is also recommended to perform walk through of the source code with code
developertoverifythelogicsandalgorithmsusedforcorrectnessandoptimization.
Specialfocusshouldbegiventoidentifyanyunwantedfunctions(notrequiredbythe
eprocurement software application), as these not to have functionalities can be
potentialsecuritythreats.
ApplicationFunctionalTesting#
Thefunctionaltestingoftheeprocurementsoftwareapplicationshallbecarriedout
tovalidatetheapplicationmeetsthespecifiedfunctionalrequirementscoveringthe
work flows, navigations, and business & data Validation rules for the defined user
categories with access rights. The functional testing should be done following black
boxapproachandusingendtoenduserscenarios.
(Note: Detailed scenarios would be prepared for each application software to be

tested. This would include all important steps and scenarios of Government
Tendering,aswellas,allissuesoutlinedinAnnexuresI,IIandIIIoftheseGuidelines)
ApplicationSecurityTesting#
The test is conducted to unearth various application security vulnerabilities,

weaknesses and concerns related to Data /Input Validation, Authentication,
Authorization /Access Control, Session Management, Error Handling, Use of
Cryptography,etc.Typicalissueswhichmaybediscoveredinanapplicationsecurity
testing include Crosssite scripting, Broken ACLs/Weak passwords, Weak session
management, Buffer overflows, Forceful browsing, Form/hidden field manipulation,
Command injection, SQL injection, Cookie poisoning, Insecure use of cryptography,,
11
Misconfigurations, Wellknown platform vulnerabilities, Errors triggering sensitive

informationleaketc.OWASP(OpenWebApplicationSecurityProject)guidelinesare
usedforthetesting.
(Note: Detailed scenarios would be prepared for each application software to be

tested.ThiswouldteststocoverallsecurityrelatedissuesoutlinedinAnnexuresI,II
and III of these Guidelines, especially aspects related to bidencryption. In addition,
standard security tests, viz CertIn, OWASP, FBI Top 20 (any other?) will be
conducted)
ApplicationUsabilityTesting*
Usabilitytestingusuallyinvolvessystematicobservationundercontrolledconditions
todeterminehowwellpeoplecanusetheproduct.eprocurementsystemisusedby
users of different levels of computer knowledge. User expectation varies with
different types of user. Usability testing will ensure that the all types of users are
comfortable to use the system. This shall be done by using defined international
standards which recommend extensive user interaction and analysis of user
behaviourforadefinedtask.
ApplicationInteroperabilityandCompatibilityTesting*
Interoperability Testing shall be done to check if the software can coexist and
interchangedatawithothersupportingsoftwareinthesystem.Compatibilitytesting
shall check if the software runs on different types of operating systems and other
hardware/software/interfaceaccordingtocustomerrequirements
DataLayer
DataStorageSecurityAudit#
Thisisdonetoensuretheuseofstandardandstrongcryptographywhilestoringthe
sensitivedataandusercredentialsintheapplicationorassociateddatabase.Itisalso
verifiedthatthecryptographyusediscompliantwiththeInformationTechnologyAct
(ITACE)andtheCVCguidelines
DataCommunicationSecurityAudit#
ThisisdonetoensurethatsecurecommunicationchannellikeSSL,TLSorequivalent
is used for transmission of sensitive data and credentials by the eprocurement
system. The cryptographic algorithms and the key size implemented by the system
shouldbestandard,strongandcompliantwiththeITACTandtheCVCguidelines.
It is recommended that the complete data transmission to and from the e

procurementwebsiteshouldbeSSL/TLSenabled.
6.0 EvaluationandCertificationProcess
6.1 TheapplicantshallsubmittherequesttoTestingandauditingagency(likeSTQC)to
geteProcurementSystemassessed.Theapplicationshouldspecifywhethertestingis
required only for the eprocurement application, or for the complete e
procurement system, viz the application along with the server in a specific hosting
environment. Application for the former case can be made by the application
software developer or licensor, and will cover only Part1 of the two scenarios
outlined below. The application for the latter case can be made by the service
12
provider,ortheorganizationwhichisprocuringthesystemforitsdedicateduse,and
willcoverbothPart1and2ofthetwoscenariosoutlinedbelow.
6.2 Inputs&accessrequiredbyCertificationBody
[ScenarioA: Where Customized Software Development of an eProcurement

Systemisundertaken]
(Part1)
InputsrequiredforApplicationTesting
o RFPoftheeProcurement
o SoftwareRequirementsSpecification(SRS)addressingfunctionaland
nonfunctional requirements including business functions and
applicableregulations,standardsandpolicies.
o Usermanual(operationalinstructions).
o Software application related information such as Work flows/
Navigations,Businesslogics/Rules,ValidationRules,Screenshotsand
User categories with roles & access rights. Specifically for testing,
applicationrelatedinformationsuchasWorkflows/Navigationsfor
creating comprehensive System Test Cases covering various
tenderingscenarios,Usercategorieswithroles&accessrightswould
berequired.
o SoftwareDesignDocument
o Software Application Source Code (if the need is to assess to all
desirablerequirements)
Theinputsshouldbeavailablealongwithaccesstotheapplicationhostedinastaging
environmentwithtestdata.
Note:Apartfromreviewofthedevelopmentalaspects,detailedscenarioswouldbe
prepared for each application software to be tested. This would cover all security
relatedissuesoutlinedinAnnexuresI,IIandIIIoftheseGuidelines,especiallyaspects
relatedtobidencryption.
(Part2)
SystemArchitecture
SecurityArchitectureforconductingVA&P
ISMSofeProcurementInformationSystem(eSecurityManual)
Access to eprocurement system/ test site with sample data (preferably
fielddata).
Accesstohardware,software,Network&ITinfrastructuretoconnecttest
toolsontothesystem,whererequired.
NondisclosureAgreement(NDA)willbesignedbySTQCtocovertheconfidentiality
oftheinformationsubmittedbytheapplicant
[ScenarioB:WhereReadytoUseeProcurementSoftwareLicenseistoprovided,
oreProcurementServicesaremadeavailablethroughanASP]
Note: The focus Testing/ Certification here is on the Functionality, Security and
Transparencyrelatedaspects.
13
(Part1)
o User Manual (operational instructions), or equivalent Guidelines for users
providedonlineonthescreensoftheapplication
o SoftwareapplicationrelatedinformationsuchasWorkflows/Navigations
for creating comprehensive System Test Cases covering various tendering
scenarios,Usercategorieswithroles&accessrights.
Theinputsshouldbeavailablealongwithaccesstotheapplicationhostedinastaging
environmentwithtestdata
Note: Detailed scenarios would be prepared for each application software to be
tested.ThiswouldteststocoverallsecurityrelatedissuesoutlinedinAnnexuresI,II
andIIIoftheseGuidelines,especiallyaspectsrelatedtobidencryption.
(Part2)
SystemArchitecture
SecurityArchitectureforconductingVA&PT
Accesstoeprocurementsystem/testsitewithsampledata(preferablyfield
data).
Access to hardware, software, Network & IT infrastructure to connect test
toolsontothesystem,whererequired.
NondisclosureAgreement(NDA)willbesignedbySTQCtocovertheconfidentialityofthe
informationsubmittedbytheapplicant.
6.3 RequirementsofCompliancefordemonstration
TestingandassessmentasspecifiedinSection4.0shallbecarriedout.
To demonstrate conformity to the ESSENTIAL Quality and eSecurity assurance

requirementsandminimumfunctionalitycompliancethefollowingshallbecomplied:
Evidence of compliance to implementation of ISO 27001 Information Security

Management System with applicable controls in all concerned entities. The
SecurityprocessesshallbeauditedaspercontrolsdefinedineSecurityManual
providedbytheapplicant,and/orintheapplicantsresponsetoAnnexureI,II,
III,andIV.
The risk analysis methodology used by the service provider shall adequately
address the concerns raised in this document (AnnexureI). Mitigation
methodology and techniques implemented should ensure eProcurement
InformationSystemissecure.
Whileimplementingthesecuritycontrolstheserviceprovidershalldemonstrate
that the requirements of vigilance administration (CVC) (AnnexureII) are
adequately addressed in the Information Security Management System. Also
whileimplementingISO27001,thesolutionprovidershallensurethatadequate
controlshavebeenimplementedtoensurethatsecurityatdesignandoperation
levelareaddressedadequately
The software shall be tested for functionality, workflow and other essential
requirements(likeCVCGuidelines,GFR,ITActAnnexureI,II,III,andIV).
TheapplicationhardeningshallbeassessedforTop10vulnerabilitiesdefinedby
OWASP(Referencedoc3)
Network should be assessed for adequate security through penetration testing
and vulnerability assessment as per NIST 800115.To demonstrate that the
14
requirements are implemented and effective, the services of agencies

empanelledbyCERTINcanbeused(http://www.certin.org.in).
TodemonstratecompliancetotheDESIRABLErequirementsfollowingshallbe
complied,whereapplicable:
The software source code shall be evaluated using white box test
approach through code review/ inspection process for identifying
maliciouscodes/Trojanetc.
Workflow shall be in line with the requirement of CWA 15666 to
standardized Business Processes and Information Entities using UML
Version1.4andebXMLCoreComponentsTechnicalSpecificationforData
Structure (Reference doc 4). This will attain the objective of
InteroperabilityandCompatibilityofvarioussolutionsbothatbuyerand
supplierend
The solution shall be tested to Usability requirements as per Usability
informationdefinedinTemplateI.
6.4 If results are satisfactory and meet the requirements of this document, STQC shall
issuealetterindicatingConformitywithspecifiedrequirements.
15
CertificationProcessFlowChart
Client
Client
Refer
Refer to
to
UID Application
a)
a) Rules
Rules &
& Procedures
Procedures for
for Biometric
Biometric Devices
Devices for
for UID
Application Certification
Certification (UID
(UID 01
01 01)
01)
Refer to to the applicants
b)
Guidelines
(UID
b) Guidelines to the applicants

(UID 01
01 02)
02)
c)
(UID
c) Schedule
Schedule of
of charges
charges
(UID 01
01 03)
03)
Biometric System
a) Guidelines
& Security
of eProcurement
d)
form
for
Components
of
Certification
(UID
d) Application
Application
formfor
forQuality
Components
of the
theRequirements
Biometric System
CertificationSystem
(UID 01
01 05)
05)
b) Schedule of charges
Submit application to the Certification

dRequest STQC for Certification
Agreement
Contract
and Applicant
Between STQC
Non disclosure
STQC to evaluate evidence of conformity supplied by the Applicant
agreement
Test Pre-requisites &
Procedure
Is Result of testing and
No
evaluation
OK
Satisfactory
Corrective Action by Supplier
Test Activities
Test Records
Assessment of Information
System
Test Reports
Testing of Application by test lab
Intimate client for

non compliance if
minor discrepancy,
Result Satisfactory
ask client to provide
the information/
If major and not
able to close then
close the job with

Grant of Certificate of approval for
intimation to
Applicant
Update the record and maintenance of certificate
Applicant
16

ScopeofCertification
eProcurementlifecycleconsistoffollowingactivities:
Purchasetopay
o Contractmanagement
o Contentmanagement
o Selection/requisition
o Workflowapproval
o order
o receive
o invoice
o payment
eSourcing
o managementinformation
o collaboration
o specification/notice
o expressionofinterest
o invitationtotender
o evaluate
o negotiate/reverseauction
o award
Generally,theseactivitiesarecoveredindifferentmodulese.g.
SupplierRegistration
Etedenring
eAuction
ePayment
Accounting
ReverseAuction
eCatalogueManagement
MIS
ContractManagement
TheapplicantcandefineanymoduleasapartofscopeofcertificationwhiletheeTendering
moduleistheessentialrequirementtoobtainthecertification.Dependingonthe
complexityofthemoduleandthescopeidentifiedbytheapplicanttheCertification
Body/TestAgencywillchargefortestingandcertification.
17
AnnexureIRisksofeProcurementSystemsandrelatedISO27001controls
Sl.
Risks/Concerns
Control
ISO27001
No.
Identification
Control
Reference
1.ConcernsrelatedwithElectronicvs.ManualProcurement
1.1
WhileimplementingeProcurementsystemthe Identificationof A15.1.1
Allrelevant
solutionprovidermaydobusinessprocessre applicable
statutory,regulatory
engineering to make the system efficient and legislation
andcontractual
effective.Thereisariskofcompromisingbasic compliance
requirementsandthe
organizations
principlesofpublicprocurement
approachtomeet
theserequirements
shallbeexplicitly
defined,documented,
andkeptuptodate
foreachinformation
systemandthe
organization.
1.2
Guidanceandrecommendedpractices
The underlying principle of etendering and manual tendering process should be
same in respect of guidelines of CVC, GFR, Legal and transparency related
requirements.Whiledoingreengineeringtheserequirementsshallnotbenegotiated
andcompromised.
SincesectionA15.1.1ofISO27001demandsexplicitdefinitionoftherequirements,
Annexures I, II, III of these Guidelines should be treated as a Checklist for this
purpose:
Incorporationofmultiplebidding
Identificationof A15.1.1
Allrelevant
methodologiesineProcurementsolutionsas
applicable
statutory,regulatory
provisionedinManualProcurementSystem
legislation
andcontractual
andtheflexibilityinthesolutiontotheextent compliance
requirementsandthe
organizations
required
approachtomeet
theserequirements
shallbeexplicitly
defined,documented,
andkeptuptodate
foreachinformation
systemandthe
organization.
GuidanceandrecommendedpracticeseProcurementSystem
Depending upon the requirements of a tender any one of the multiple bidding
methodologiesasoutlinedbelowshallbeprovisionedintheapplication:
Singlestage,singleenvelope
Singlestage,twoenvelope
Two stage (with facility for technical conformance, and if required, revised
tenderdocuments)
Twostage, two envelope and requirement of Prequalification stage when
requiredsubmissionofoneormoreAlternativebidsasapplicable.
Each bid part (eg technical, financial) may be required to be submitted in a
summary format along with a detailed bid. The latter could be a large file.
There should be provision of appropriate file size (at least 10 MB) in the
applicationwithdataencryptionasoutlinedelsewhereintheseGuidelines.
Afterhavingsubmittedtheoriginalbidforeachbidpart,abidderhasarightto
submit:
Modificationbid
18
Substitutionbid
OrWithdrawalbidforallhisbidsubmissions.
The etendering system must effectively cater to all these possibilities without
compromisingsecurityandtransparencyinanymanneratanystage,foranybidpart
(suchasPrequalification,Technical,andFinancial).
The etendering system need to have templates to offer flexibility in bidding
methodologiesasprevailingandfollowedcurrentlyinthemanualprocess.Further,
systemshouldhavetemplatestoadoptbiddingmethodologiesasmaybeprescribed
byrespectiveauthorities.
2.0ConcernsrelatingtoImplementationofeprocurementsystemsusingPKIbasedBid
Encryption
A12.3
2.1
A system in which Public Key of a Tender Cryptographic
Objective:Toprotect
OpeningOfficerorofany other officer of the controls
theconfidentiality,
purchase department, or of any person from Regulationof
authenticityor
theserviceprovidersorganization is used for cryptographic
integrityof
informationby
bidencryption,andcorrespondingPrivateKey controls
cryptographicmeans.
usedforDecryption
A.12.3.1:Apolicyon
theuseof
Many time bids are encrypted at the bidders
cryptographic
computerwithpublickeyasmentioned
controlsfor
above,andtheencryptedbids,withadditional
protectionof
informationshallbe
SSL encryption, reach the etendering server
developedand
through fileupload and/ or filling of online
implemented.
forms.
A.12.3.2:Key
managementshallbe
There are risks related to integrity of persons
inplacetosupport
in (a) purchase (buyer) organization & (b) e
theorganizationsuse
ofcryptographic
Tendering Service Providers organization. As
techniques.
Typicalimplementationpracticesinclude
A15.1.6
PrivateKeywithwhichdecryptionisdone,
Cryptographic
is available with the concerned officer
controlsshallbeused
incompliancewithall
beforethePublicTenderOpeningEvent
relevant
Public Key with which bidencryption is
agreements,laws,
andregulations.
doneisavailablepublicly.
PublicKeyalgorithmsareslow.
Copy of the decryptionkey(ie private key

of the encryptioncertificate issued by a
CA) is generally available (ie backed up)
with the CA. Duplicate can generally be
requested in case of loss, however, this
canalsobemisused.
GuidanceandrecommendedpracticesUseofPKItechnique
If the eprocurement system uses PKI for bidencryption, it has to satisfactorily
addresstheaboveissuesandconsequentconcerns(Ref2.2below)throughsuitable
functionality built into the eprocurement application. Where, in addition, some
issues are being further addressed through organizational procedures under ISO
27001, these should be explicitly defined with satisfactory explanations, otherwise
certification process will become subjective. While doing this, the following can be
keptinview:
19
2.2
Various techniques are available in market for improving implementation of PKI

based encryption such as escrowing, splitting and repeated encryption to further
strengtheningthesecurityofinformationandimplementation.
If the eprocurement system uses any of the above techniques, it will have to be
explained how the related concerns (Ref 2.2 below) have been addressed.
Furthermore, practical procedures will have to be put in place which can be
implementedatthefieldlevelindiverselocationsinthecountryinauserfriendly
manner.
(i)Whilealleffortsmustbemadetoensure Controlof
A12.6.1
Timelyinformationabout
that no spyware is put in the server which technical
technicalvulnerabilitiesof
can make clandestine copies of a file or vulnerabilities information
databeinguploadedtotheserver,andthen
systemsbeingusedshall
beobtained,the
sending this clandestine copy to a secret Protection
organization'sexposure
destination,thepossibilityofsuchspyware against
tosuchvulnerabilities
being planted in the webserver cannot be maliciousand
evaluated,and
appropriatemeasures
totally ruled out. This undesirable mobilecode
takento
eventuality could occur due to connivance
addresstheassociated
of the administrators of the Service OSAccess
risk.
Provider,oreventhroughremoteinjection. Control
Forsecure&transparentfunctioningofthe
A10.4
etendering system, it cannot be assumed Logmonitoring A.10.4.1
Detection,prevention,
thattherewillneverbesuchapossibilityof
andrecoverycontrolsto
the spyware being planted in the e
protectagainst
tenderingserver.
maliciouscodeand
appropriateuser
awarenessprocedures
(ii) If the spyware is planted at the kernel
shallbe
level,theremaynotbeanyaudittrail.
implemented.
(iii)AuditTrails(bothapplicationlevel,and
A.10.4.2
Wheretheuseofmobile
Operating system level) are essentially
codeisauthorized,the
reports. To that extent it is possible to
configurationshall
fudge these. Also, other than application
ensurethattheauthorized
mobilecodeoperates
levelaudittrailreports,theotheraudittrail
accordingtoa
reports can be quite complex and
clearlydefinedsecurity
impractical to analyze for ongoing
policy,andunauthorized
mobilecodeshall
operations of this nature. In spite of this,
bepreventedfrom
audittrailreportsareusefulandshouldbe
executing.
thereassupportingevidence.However,in
a sensitive application of this nature, audit

A11.5
trailscannotbedependeduponasthesole
A.11.5.1
protectionagainstanymalafideact.
Accesstooperating
systemsshallbecontrolled
byasecurelogon
procedure.
A.11.5.2
Allusersshallhavea
uniqueidentifier(userID)
fortheirpersonal
useonly,andasuitable
authenticationtechnique
shallbechosento
20
substantiatetheclaimed
identityofauser.
A.11.5.3
Systemsformanaging
passwordsshallbe
interactiveandshall
ensurequalitypasswords.
A.11.5.4
Theuseofutilityprograms
thatmightbecapableof
overriding
systemandapplication
controlsshallberestricted
andtightly
controlled.
A.11.5.5
Inactivesessionsshallshut
downafteradefined
periodofinactivity.
A.11.5.6
Restrictionsonconnection
timesshallbeusedto
provideadditional
securityforhighrisk
applications.
A10.10
A.10.10.1
Auditlogsrecordinguser
activities,exceptions,and
information
securityeventsshallbe
producedandkeptforan
agreedperiodto
assistinfuture
investigationsandaccess
controlmonitoring.
A.10.10.2
Proceduresformonitoring
useofinformation
processingfacilities
shallbeestablishedand
theresultsofthe
monitoringactivities
reviewedregularly.
A.10.10.3
Loggingfacilitiesandlog
informationshallbe
protectedagainst
tamperingand
unauthorizedaccess.
A.10.10.4
Systemadministratorand
systemoperatoractivities
shallbelogged.
A.10.10.5
Faultsshallbelogged,
analyzed,andappropriate
actiontaken.
21

A.10.10.6
Theclocksofallrelevant
informationprocessing
systemswithinan
organizationorsecurity
domainshallbe
synchronizedwithan
agreedaccuratetime
source
GuidanceandrecommendedpracticesSpyware/Trojan/BOTS
Itisimportantthatevenifaclandestinecopyismadeandstolenasabove,thebid
encryptionmethodologyshouldbesuchthatitshouldnotbepossibletodecryptthe
bidsinconnivancewithanyofficeroftheBuyerorganizationortheServiceProvider
organization.Whilethisissuebecomesirrelevantifbidencryptionisdoneatbidder
endwithbiddercreatedsymmetricpassphrase,incasePKIbasedbidencryptionis
done, the software functionality has to be suitably augmented to mitigate this
security threat. This threat has also been explicitly mentioned in CVC guidelines
(refersecuritycheckpointNo.14ofAnnexureII)
a)Thecontrolsshouldbeplacedtoguardagainstthepossibilityofinjectingspyware
formakingclandestinecopiesofasubmittedbidandthensendingthisclandestine
copytoasecretdestination.
Thespywarearethemalicioussoftwarecodeswhichcanbeinjectedintothesystem
remotely.Toprotectthesystemfrominjectionofspyware,thesystemneedstobe
secured.Thesystemneedtobesecuredandprotectedinthefollowingmanner;
Hardening of hardware and software of the entire Information Technology

infrastructure(whichincludecomputersystem,software,routeretc.)
Installationofantispyware,antispamandantivirussoftware.
Installation of software tools to protect the operating system from injection of
spyware.Thesesoftwareneedtobeupgradedonacontinuousbasis.
The entire infrastructure needs to be secured at the perimeter level by installing

FirewallsandintrusionPreventionSystem.
AfterinstallationofsoftwareandprotectingbydevicesastheentireITinfrastructure
needs to be audited by the Information Technology Auditors. Indian Computer
Emergency Response Team (CERTIN), Department of Information Technology has
empanelledauditorsforauditingsystemsfromthepointofviewofcybersecurity.It
isalwaysrecommendedthatsystemshouldbeauditedatleastonceinayearandas
andwhentheinfrastructure(i.ehardwareandsoftware)isaugmentedbyadditions
ofnewhardwareandsoftware.
Further people operating these systems need to be trained in monitoring and

detectinganyintrusioninthesystemandnetwork.
b)ThekerneloftheoperatingsystemintheITinfrastructureshouldbesecuredfirst
by hardening the operating system and installation of software which protects it
frominjectofspywareoranykindofintrusion.
c)Theeprocurementsystemshouldhaveaudittrailfacilities.Theseaudittrailsare
complex but dependable. The audit trails reports provide useful information about
the instructions which take place in the system both at operating system and
22
2.3
application software. This information is necessary to analyze nature of intrusion,

vulnerabilitiesexploitedandtotracktheperpetrators.Italsohelpsintakingstepsin
preventingfutureintrusion.
The analysis of audit trail requires appropriate expertise both in respect of

applicationandoperatingsystem.Suchexpertiseisavailableinthecountryatmany
places.CERTInalsofacilitatestheuserorganizationinanalyzingtheaudittrails.
Private Key with which decryption is done, Cryptographic A12.3
is available with the concerned officer controls
beforethePublicTenderOpeningEvent
A.12.3.1
Apolicyontheuseof
Segregation
cryptographiccontrolsfor
a)Ifaclandestinecopyofabidismadeas ofduties
protectionof
describedabovebeforethetenderopening
informationshallbe
developedand
event (TOE), and if the concerned tender
implemented.
opening officer (TOEofficer) connives in
decrypting the bid before the TOE, the

A.12.3.2
Keymanagementshallbein
confidentialityofthebidiscompromised.
placetosupportthe
organizationsuse
b) The above concern with the difference
ofcryptographictechniques
that the copy of the bid is made with the

A10.1.3
connivance of the Database Administrator
Dutiesandareasof
(DBA).
responsibilityshallbe
segregatedtoreduce
c) If the concerned TOEofficer(s) is/ are
opportunitiesfor
unauthorizedor
absentduringtheTOE,howthebidswillbe
unintentionalmodificationor
decrypted especially keeping in view that
misuseoftheorganizations
theprivatekeysshouldnotbehandedover
assets.
toanybodyelse.
Note:Whilesomeguidanceisprovidedbelow,itistheresponsibilityoftheindividual
vendorstodesignanddeveloptheirapplicationsinamannerthataddressesthe
outlinedconcerns.Theyshouldfirstconvincinglydemonstratethefullmethodology
toDIT,andthenDITwilltransparentlyputthismethodologyonitswebsite,sothat
bidderswhousesucheprocurementsystemsinfuturearefullyassuredagainst
breachofconfidentialityoftheirbiddata.
A process needs to be established and followed in respect of key management of

encryption keys particularly the key with which the bid would be decrypted at the
timeofopeningofthebids.Suchprocessshouldavoidcompromisingconfidentiality
andpossibilityofdecryptingclandestinecopyofthebid.Inthisregardthefollowing
three approaches may be adopted with proper checks while keeping in view the
legalityoftheprocessforendusers.Furthermore,practicalprocedureswillhaveto
beputinplacewhichcanbeimplementedatthefieldlevelindiverselocationsinthe
countryinauserfriendlymanner.
SplittingofKeys:
Abidderwouldsubmitthebiddocumentafterencryptingitwiththepublickey
of the tendering organization, so that the contents are encrypted and are
decryptedbytheauthorizedofficialsatthetenderingorganization.Tominimize
the risks associated with person of dubious integrity or collusion, private key
decryption should be split into `M parts with the requirement of minimum `N
23
2.4
splitsbeingrequiredforitsuse.(`Nshouldbemorethan1andlessthanorequal
to M). `N and `M will be decided by the tendering organization and suitably
configuredonthesystem.
Multiple encryption of the bid document with multiple public keys and
decryption of document with the multiple corresponding private keys of the
tenderingorganization.
Application of multiple encryption of the bid document could be prescribed in a

predefined order by authorized officials of the tendering organization. Decryption
willhavetobecarriedoutinthereverseorder.Themultipledecryptionkeys(i.e.
private)maybeheldbydifferentofficialsofthetenderorganization.Encryptingthe
bid document first with public key of the bidder and then by the public key of
tenderingorganization.Thebiddocumentmaythenbedecryptedbytheprivatekey
of the authorized official of tendering organization and then by the private key of
bidder. It may be noted that the decryption keys are applied in reverse order in
applicationofencryptionkeys.
Theimplementationofthissystem,however,wouldrequirephysicalpresenceofthe
bidder who encrypted the bid at the time of submission of bid. Preferably the
person of bidding organization should be same who has signed the bid by digital
signature.Therearelogisticissueswiththisapproach.
Public Key with which bidencryption is Cryptographic
A12.3
done is available publicly. The easy controls
A.12.3.1
Apolicyontheuseof
availability of the public key makes the
data encrypted with it vulnerable to Regulationof
protectionof
ChosenPlaintextAttack
cryptographic
informationshallbe
developedandimplemented.
controls
A.12.3.2
placetosupportthe
organizationsuse
A15.1.6
Cryptographiccontrolsshall
beusedincompliancewith
allrelevant
agreements,laws,and
regulations.
2.5
Public Key algorithms are slow. As a result Capacity
A10.3.1
many etendering systems which use PKI for management Theuseofresourcesshall
bemonitored,tuned,and
bidencryption, use mainly an encrypted
projections
onlineform for bid submission, and do not
madeoffuturecapacity
requirementstoensure
havefacilityforanencrypteddetailedbid(eg
therequiredsystem
detailedtechnicalbidasafile),alongwiththe
performance.
online form. As a result, the detailed bid is
either not submitted, or it is submitted in
24
unencryptedform.
2.6
A system in which Public Key of a bidders
representative is used for bidencryption at
bidders office, and where decryption will be
done by the bidders representative himself
using his private key during the Online Public
TOE.
Concerns:
a)
Concerns outlined in 2.4 and 2.5
outlined above are applicable here also, and
shouldbesuitablyaddressed.
b)
How would the bids be opened if the
bidders representative with whose key bids
have been encrypted is not available during
the Online Public TOE ? The nonavailability
could be due to leave, termination or any
otherreason.
c)
Copy of the decryptionkey (ie private
key of the encryptioncertificate issued by a
CA)isgenerallyavailable(iebackedup)with
theCA.Duplicatecangenerallyberequested
in case of loss, however, this can also be
misused.
Note: Private key cannot be transmitted by

the bidder over the internet. Furthermore,
duringtheOnlinePublicTOE,bidscannotbe
allowedtobedownloadedfromtheserverto
the bidders computer. This would
tantamount to the bids being taken away
from the tenderbox back to the bidders
office for opening. This cannot be allowed.
Therefore the bidder will have to be
physicallypresentduringthePublicTOE,and
such a system will never be able to have a
proper Online Public TOE. This would
immediately remove one of the biggest
benefitsofeprocurement.Assumingthatall
other concerns are satisfactorily addressed,
this would at best be a PARTIAL e
procurementsystem.
3.Concernsrelatingtosituationswherebidsbeforebeingtransmittedfromthebidders
25
computerareprotectedwithonlySSLEncryptionandDatabaselevelEncryptionisdone
beforethebidisstoredintheDatabaseServer
3.1
i)Forsecureandtransparentfunctioningof Cryptographic A12.3
A.12.3.1
the etendering system, it cannot be controls
Apolicyontheuseof
assumed that there will never be any
persons of dubious integrity in the Regulationof protectionof
cryptographic informationshallbe
Purchaseorganization
developedand
ii)Forsecureandtransparentfunctioningof controls
implemented.
theetenderingsystem,itcannot be
A.12.3.2
assumed that there will never be any
placetosupportthe
persons of dubious integrity in the e
organizationsuse
tenderingServiceProvidersorganization
iii)Whilealleffortsmustbemadetoensure
A15.1.6
thatnospywareisputintheserverwhich
Cryptographiccontrolsshall
beusedincompliancewith
canmakeclandestinecopiesofafileordata
allrelevant
beinguploadedtothe
server,
and
agreements,laws,and
then sending this clandestine copy to a
regulations.
secret destination, the possibility of such
spyware being planted in the webserver
cannotbetotally
ruled
out.
This
undesirable eventuality could occur due to
connivance of the administrators of the
Service Provider, or even through remote
injection. For secure and transparent
functioning of the etendering system, it
cannotbe assumedthattherewillnever
be such a possibility of the spyware being
plantedintheetenderingserver.
iv) If the spyware is planted at the kernel
level,theremaynotbeanyaudittrail.
v) Audit Trails (both application level and
Operatingsystemlevel)are essentially
reports.Tothatextentitispossibletofudge
these. Also, other than application level
audit trail reports, the other audit trail
reports can be quite complex and
impractical to analyze for ongoing
operations of this nature. In spite of this,
audit trailreports are useful and should be
thereassupportingevidence.However,ina
sensitive application of this nature, audit
trails cannot be depended upon as the sole
protectionagainstanymalafideact.
Securesubmissionofbidfrombidderscomputertotheservershouldbedoneafter
the bid file/ data is encrypted (with symmetric or asymmetric encryption) at the
bidderscomputerandfurthersubmittedtotheeprocurementserverthroughSSL
encryption. Only the encrypted file submitted by the bidder should be stored and
shouldbedecryptedattheTenderOpeningEvent(TOE).
3.2 AssumingthatonlySSLencryptionisapplied Cryptographic
A12.3
toabidwhileitisbeingtransmittedfrom the controls
A.12.3.1
Apolicyontheuseof
bidderscomputertotheserver,itisafactthe
26
cryptographic
role of SSL encryption is limited to the Regulationof
controlsfor
transmission phase (ie transportation to the cryptographic
protectionof
server), and that on reaching the server the controls
informationshallbe
developedand
SSL encryption is removed. The bid is now
implemented.
presumably encrypted again with PKI or
A.12.3.2
Symmetric Key. Albeit small, there is an
Keymanagement
shallbeinplaceto
interim period before the bid is encrypted
supportthe
again.Intheinterimperiodthebidisactually
organizationsuse
in an unencrypted state and to that extent
ofcryptographic
techniques
vulnerable.
Irrespective of whether PKI or Symmetric Key

A15.1.6
is used for encryption at Databaselevel, the
Cryptographic
encryptingkeyisavailable/accessibletosome
controlsshallbeused
officer of the purchase organization, or an
incompliancewithall
relevant
administrator of the etendering Service
agreements,laws,
Provider,ortheDBA.
andregulations.
Theaboveissuesexistirrespectiveofwhether
only select data is encrypted, or the entire
databaseisencrypted.
If a clandestine copy of a bid is made as

described above in the interim period which
would be before the tender opening event
(TOE), and if the administrator connives, the
confidentialityofthebidiscompromised.
1b. The above concern with the difference

that the copy of the bid is made with the
connivance of the Database Administrator
(DBA)anddecryptiondoneinconnivancewith
thepersonholdingthedecryptionkey.
Securesubmissionofbidfrombidderscomputertotheservershouldbedoneafter
thebidfileisencrypted(withsymmetricorasymmetricencryption)atthebidders
computer and further submitted to the eprocurement server through SSL
encryption. Only the encrypted file submitted by the bidder should be stored and
shouldbedecryptedattheTenderOpeningEvent(TOE).
The twoway process as suggested may be followed strictly. This will address the
concerns raised. The information on reaching the server where eprocurement
software is deployed through SSL mode will remain encrypted even after the SSL
encryption is removed. Information will lie encrypted in the system hosting e
procurementsoftware.DataBaseAdministrator(DBA)willnotbeabletodecryptthe
informationashewillnotbehavingthedecryptionkeys.Itmaybementionedhere
thatatnopointoftimetheSystemAdministratororDataBaseAdministratorshould
be authorized to hold the private (decryption) key. The organization shall have a
procedurewhich can include three differentapproachesto address three different
scenarios.
4.ConcernaboutSymmetrickeybasedBidEncryptiondoneattheBidderscomputer
4.1
a) While bidders representatives should be Cryptographic
A12.3
welcome during Online Public TOE, it should controls
A.12.3.1
27
not be mandatory for them to be present if

theirbidsaretobeopened.
b)Howthesecurityofthesymmetrickey(i.e.
thekeyusedforencryptionofeachbidpart)is
ensured, between the period of bid
submissionandtheOnlinePublicTOE,keeping
inviewtheconcernsoutlinedabove.
c) It should be allowed for a bidder to have

different keys for bidencryption of each bid
part (such as Prequalification, Technical, and
Financial)hesubmits.
Regulationof
cryptographic
controls
Apolicyontheuseof
cryptographic
controlsfor
protectionof
informationshallbe
developedand
implemented.
A.12.3.2
Keymanagement
shallbeinplaceto
supportthe
organizationsuse
ofcryptographic
techniques
A15.1.6
Cryptographic
controlsshallbeused
incompliancewithall
relevant
agreements,laws,
andregulations.
Theorganizationshallhaveproceduretoaddressabove.EProcurementsystem
shouldhavefunctionalitysuchthatthephysicalpresenceofbiddersshouldnotbe
mandatoryduringOnlinePublicTOE.
5.Concerns/clarificationsbasedons42(1)oftheITAct2000relatingtoDigitalSignatures,
aUserOrganizationsAdministrativeHierarchy,andsomerelatedaspects
5.1
In any large Government or PSU Purchase Cryptographic
A12.3
organization, there can be multiple indenting controls
A.12.3.1
Apolicyontheuseof
departments, multiple tendering authorities
cryptographic
(ie entities which can invite tenders in their Regulationof
controlsfor
name),andtens(andsometimeshundreds)of cryptographic
protectionof
Informationshallbe
officers involved with different activities controls
developedand
relatingtovarioustenders.
implemented.
Asituationshouldnotariseintheetendering
A.12.3.2
Keymanagement
system where due to limitation of the e
shallbeinplaceto
tendering system, these departments and
supportthe
officers are not able to themselves execute
organizationsuse
ofcryptographic
their duly assigned roles as in the manual
techniques
process, and are constrained to reassign/
abdicate their roles and responsibilities to a

A15.1.6
fewtechsavvytechniciansorthepersonnelof
Cryptographic
the serviceprovider of the etendering
controlsshallbeused
incompliancewithall
system.
relevantagreements,
laws,andregulations.
Theconcernsinthisregardare:
a) No such limitations exist in the offered e
tenderingsystem,andthesystemsupports
multiple
departments
and
a
comprehensivehierarchyofofficerswhich
is such that each officer can continue to
performhis/hertenderingrelatedroleina
securemannerwithfullaccountability,and
with no need for any reassigning of
responsibilities.Itisbeingclarifiedthatthe
objective here is not to provide a full
28
b)
c)
d)
e)
fledgedvirtualofficetotheofficers,butto
provide adequate facilities within the
applicationformultipleofficersofmultiple
departments to carry out their respective
tendering related activities with proper
security and full accountability. Roles
relating to various tendering activities
within each department, and which could
vary from tender to tender, would inter
alia include deciding methodology and
rules pertaining to a particular tender,
creation of tender notice, approval/
rejection of tender notice, creation of
corrigendum, approval of corrigendum,
creationtenderdocumentforms,approval
of tender document forms, overall
approval/ rejection of tender documents,
providing responses to clarification of
tender documents, uploading minutes of
prebid meeting, one or more officers
conducting public online tender opening
event (TOE), approving minutes of the
public online TOE, shortlisting responsive
bidders for the next stage (where
applicable), managing roles of various
personnel, and assigning alternative
personnelincasetheoriginalassigneesare
absent,etc.
The offered etendering system has
facility, such that roles with conflict of
interest can be offered to different
persons within the organization, so that
conflictofinterestisavoided.
Thereshouldbeoneauthorizedpersonas
an overall coordinator and representative
of that organization in the etendering
system, with powers to delegate different
rolestodifferentusersfromtimetotime,
and all such rolechanges must be audit
trailed in the application. The credentials
of this overall coordinator must be
verified.
There should be provision for having
separateauthorizeduser(atthecorporate
level of each Buyer organization, i.e.
externaltoitstenderingdepartments)who
can access the applicationlevel audittrail
(ie auditlog) reports. Other users of the
organization should not have access to
thesereports.
Undernocircumstanceswillitberequired
for any officer to hand over his/ her
29
5.2
privatekey(usedfordigitalsigning,orbid
decryption if applicable in the offered
system) to anyone else within the
organization, or to anyone in the service
providers organization, or to anybody
else.
f) There could be occasions when an
authorized officer of a Purchase/Buyer
organization is on leave, gets transferred,
resignsorhis/herservicesareterminated.
One example where such an eventuality
mayariseisifthepublickeyofthetender
opening officer is used for bid encryption,
and his private key required for bid
decryption during the online tender
opening event. There should no limitation
in the etendering system which may
necessitatethattheprivatekeyofsuchan
officerbehandedovertoanybodyelsefor
the scheduled tendering processes to
continueuninterrupted.
Note:Theaboveisnecessaryforcompliance
withs42(1)oftheITAct2000.
Theeprocurementsystemshouldhavethefeaturestoaddressabove.UndertheIT
Act, 2000 any holder of a Digital Signature, whos Digital Signature Certificate has
beenissuedbyalicensedCA,isresponsibleforprotectingthecorrespondingprivate
key.Unlessthecertificatevalidityhasexpiredorthecertificatehasbeenrevokedby
theissuingCA,anydigitalsignaturewillbelegallyvalidandwillbeattributedtothe
person listed in the Digital Signature Certificate. Similar mechanism measures
shouldbeevolvedforencryptionkeypairaswell.
Handing over of private (decryption) key by one officer to another officer both in
caseofdigitalsignatureaswellasincaseofencryptionshouldnotbeallowed
In case of digital signature, private key should be one of the two factor
authentication method which must be implemented. The other could be Personal
Identification Number (PIN) or biometric etc., so that nobody else can use the
privatekeyforsigningthedocument.
Further, it is the responsibility of the eprocurement system to reject the Digital

Signature (except for verification) in case the corresponding Digital Signature
Certificate has expired. It is suggested that eprocurement tendering system must
havesigninginterfacewhichcankeeptrackofcorrespondingcertificateparticularly
relating to expiry aspect of digital signature. There should also be a clause in the
tender document stating that tender will not be considered for evaluation if the
digitalsignaturecertificatehasexpired(exceptforverification).
In any large Supplier/ Vendor organization, Cryptographic
A12.3
therecanbemultiplesales departments
controls
A.12.3.1
Apolicyontheuseof
which can bid for different tenders. Also
cryptographic
within each such department there can be Regulationof
30
many executives involved with different cryptographic

activities
relatingtovarioustenders.
controls
Asituationshouldnotariseintheetendering
system where due to limitation of the e
tendering system, these departments and
executivesarenotabletothemselvesexecute
their duly assigned roles as in the manual
process, and are constrained to reassign/
abdicate their roles and responsibilities to a
fewtechsavvytechniciansorthepersonnelof
the serviceprovider of the etendering
system.
controlsfor
protectionof
informationshallbe
developedand
implemented.
A.12.3.2
Keymanagement
shallbeinplaceto
supportthe
organizationsuse
ofcryptographic
techniques
A15.1.6
Cryptographic
controlsshallbeused
incompliancewithall
relevant
agreements,laws,
andregulations.
Thishasimplicationonprocessandtechnology.Therewouldbescenariosregarding
multipletenderingwithinorganization.eProcurementsoftwaremusthavefeatures
toaddresssuchsuggestedissuesvizmultiplesalesdepartmentswithinabidder/
supplier organization, multiple executives (each with his own digital signature
certificate) for performing various eprocurement related tasks within each such
department;systemformanagingrolesandauthorizationsofsuchexecutivesincase
of transfer, leave, termination etc; independent executive within each bidder/
supplier organization for accessing audit trails relating to that organization. Apart
fromfromensuringsecuritywithinasupplier/bidderorganization,suchfunctionality
is necessary to ensure that users within a supplier/ bidder organization do not
handover their private keys to each other for completing an ongoing tendering
process.Iftheseconcernsarenotaddressed,itwouldresultinviolationofs42(1)of
theITAct.
Further, it is suggested that organizations implementing eprocurement system

shouldconducttrainingprogrammesforpersonswhohavebeenassignedrolesand
areusingthesystemonfunctionalaspectrelatedtoprocessandtechnicalaspectsof
thesystem.Thetrainingprogrammeshouldalsocoverdosanddontsforusingthe
system.
6.Someotherfunctionality/Security/TransparencyrelatedrequirementsofaManual
TenderingSystemandConformanceitsAvailabilityintheofferedetenderingsystem
6.1
Concern
Cryptographic A12.3
(Manual System)A Tender Notice is issued controls
A.12.3.1
Apolicyontheuseof
afterinternalclearance.OnceaTenderNotice
is published in a newspaper, it becomes an Regulationof protectionofinformation
authenticrecord.
cryptographic shallbedevelopedand
implemented.
controls
A.12.3.2
(ElectronicSystem)
Keymanagementshallbe
a)Atahigherlevel,thereshouldbeclearance
inplacetosupportthe
organizationsuse
(which is audittrailed within the application
ofcryptographic
anddigitallysigned)beforeaTenderNoticeis
techniques
issued.
A15.1.6
b) For authenticity and for assurance that it
Cryptographiccontrols
shallbeusedin
hasnotbeentampered,theelectronicTender
compliancewithall
31
Notice (which is an electronic record), should

haveanaudittrailwithintheapplicationofits
creation/ approval/ posting. Also, the tender
notice should be digitally signed by an
authorized officer of the Purchase/ Buyer
organization.
Concern
(ManualSystem)
A Corrigendum is issued after internal
clearance/approval.OnceaCorrigendumtoa
Tender Notice is published in a newspaper, it
becomesanauthenticrecord.
(ElectronicSystem)
and digitally signed) before a Corrigendum is
issued.
has not been tampered, the electronic
Corrigendum (which is an electronic record),
should have an audittrail within the
applicationofitscreation/approval/posting.
Also, the Corrigendum should be digitally
signed by an authorized officer of the
Purchase/Buyerorganization.
Concern
(ManualSystem)
Once Tender Documents are published, and
soldwithofficialreceiptandserialno.foreach
copysold,thesebecomeanauthenticrecord.
(ElectronicSystem)
a) For authenticity and for assurance that it
hasnotbeentampered,theelectronicTender
Documents (which is an electronic record),
application of its posting. Also, the Tender
Documents should be digitally signed by an
organization.
b) At the time of online sale/ downloading of
thetenderdocuments,officialserialnumber
shouldbegivenalongwiththereceipt.
Concern
(ManualSystem)
An Addendum is issued after internal
clearance/ approval. Once Addendum to
Tender Documents are published, and
relevantagreements,
32
distributed, these become an authentic

record.
(ElectronicSystem)
and digitally signed) before an Addendum is
issued.
has not been tampered, the electronic
Addendum (which is an electronic record),
applicationofitsapproval/posting.Also,the
Addendum should be digitally signed by an
organization.
Concern
(ManualSystem)
ClarificationofTenderDocuments.Inresponse
toabiddersquery,anauthorized officer of
thePurchase/Buyerorganizationrespondsto
the querist with a copy to all other
prospective bidders who have purchased
tender documents (without revealing the
identityofthequerist).Theresponseissigned
bytheconcernedofficerforauthenticity.
(ElectronicSystem)
Theetenderingsystemshouldalsohavesuch
afacilitywithallthefunctionalityasdescribed
in the previous column. For authenticity and
for assurance that it has not been tampered,
the response from the authorized officer of
thePurchase/Buyer organization should be
digitallysignedbyhim.
Concern
(ManualSystem)
PreBid meeting. The minutes of the Prebid
meeting are signed for authenticity by an
authorized officer of the Purchaser/ Buyer
organization and made available to the
prospectivebidders.
(ElectronicSystem)
Theetenderingsystemshouldalsohavesuch
afacilitywithallthefunctionalityasdescribed
in the previous column. For authenticity and
for assurance that it has not been tampered,
the Minutes should be digitally signed by an
authorized officer of the Purchaser/ Buyer
33
6.2
organization.
Concern
(ManualSystem)
BidMethodologies/Formats:
Dependingonthecircumstancesandnatureof
a tender, one of the many bidding
methodologiesmaybeprescribedbyaBuyer,
and the bidder would have to respond
accordingly.
Singlestage,singleenvelope
Singlestage,twoenvelope
Two stage (with facility for technical
conformance, and if required, revised
tenderdocuments)
Twostage,twoenvelope
Where required, the above may be
combinedwithaPrequalificationstage
In some cases, the Purchaser may allow
submissionofoneormoreAlternativebids
Each bid part (eg technical, financial) may
berequiredtobesubmittedinasummary
format along with a detailed bid. The
lattercouldbealargefile.
After having submitted the original bid
for each bidpart, a bidder has a right to
submit:
Modificationbid
Substitutionbid
Or Withdrawal bid for all his bid
submissions.
(ElectronicSystem)
Theetenderingsystemshould
supportallthebiddingmethodologies/
formatsasoutlinedabovewithout
sacrificinganyaspectof
securityandtransparency
includingthoselistedelsewhereinthisdocument.
CVCCircularNo.OfficeOrderNo.43/7/04dated2ndJuly2004hadalsorequiredthat
tender documents posted on an etendering/ eprocurement website should be
digitallysignedbyanofficerofthetenderingorganization,andfortheassuranceof
the bidder who is viewing or downloading the tender documents, the CVC circular
required that facility be provided to verify the digital signature to ensure the
authenticityandintegrityofthetenderdocuments.
The eprocurement system should have functionality as outlined above under

(ElectronicSystem),andtheBuyerorganizationshouldhaverelatedproceduresto
implementthis.
Concern
Cryptographic
A12.3
34
6.3
(ManualSystem)
controls
A.12.3.1
Apolicyontheuseof
Signingofeachpageofeachbidpart(pre
cryptographic
qualification,technical,financial)especially
Regulationof
controlsfor
thesummaryformatandthe
cryptographic
protectionof
informationshallbe
detailedbidincludingmodification,
controls
developedand
substitution,withdrawal.
implemented.
A.12.3.2
Keymanagement
The sealed bids are deposited securely in a
shallbeinplaceto
lockedtenderbox,andstoredsecurelytillthe
supportthe
box is opened during the public tender
organizationsuse
ofcryptographic
openingevent.
techniques
A15.1.6
(ElectronicSystem)
Cryptographic
Theetenderingsystemshouldhavethe
controlsshallbeused
incompliancewithall
correspondingfacilitieswithoutsacrificingany
relevantagreements,
aspectofsecurityandtransparencyincluding
thoselistedelsewhereintheseGuidelines.
It should not be possible to open the e

tender boxes till the specified time has
occurred or elapsed, and till all the
authorized TenderOpening Officers have
formally instructed the system to do so
withPKIbasedDigitalSignatures
Till the Public Tender Opening Event,

security related features should be such
that the contents of the bids which are
being stored cannot be accessed and
decryptedbyeventheauthorizedofficers
of the Purchaser/ Buyer or the
Administrators of the Service Provider
(even if they wish to do so with malafide
intentions).
Theeprocurementsystemshouldhavefeaturestoaddressthesuggestionsmadein
thisdocument.
Anyeprocurement/etenderingservicesmustprovidethefacilityofTimeStamping
which is critical for establishing data and time of document submission and its
acknowledgement.TimeStampingfeatureshouldbebuiltwithintheapplicationand
synchronisationofetendering/eprocurementservershouldbedonewithmaster
serveratthedatacenterwheretheeprocurementsystemishosted(asmentioned
insection4.1oftheseGuidelines).Alternatively,theeprocurementserviceprovider
cantakeTimeStampingservicesbeingprovidedbylicensedCAs.
(ManualSystem)
Cryptographic A12.3
PublicTenderOpeningEvent(s)[PublicTOEs] controls
A.12.3.1
Apolicyontheuseof
For Transparency, there is an elaborate Regulationof protectionofinformation
procedureforopeningofbidsinthepresence cryptographic shallbedevelopedand
implemented.
ofauthorizedbidders.Afewsalientaspectsof controls
A.12.3.2
35
thisare:
Authorized representatives of bidder

organizations
a) Whohavesubmittedtheirbidsareentitled
to be present and have to sign in their
attendance.
b) Eachbidisopenedoneatatimeinfrontof
the participating bidders, and the
concerned bidder is entitled to satisfy
himselfthathisbidpacketisintactandhas
notbeentamperedwith.
c) If Bid security [earnest money deposit
(EMD)] is applicable for a tender, then
details of the EMD submitted, or
exemption claimed with basis thereof is
disclosedtotheparticipants.
d) Salientpointsofeachopenedbidareread
out aloud for the benefit of the
participating bidders, and to ensure that
nochangeismadeinthebidcontentslater
onwithconnivance.
e) Clarificationsmaybesoughtfromabidder
whose bid has been opened and record is
madeofthequeryandtheresponse.
f) Each page of the opened bid is
countersigned during the TOE itself (by
eachtenderopeningofficer(typicallyupto
3)toensurethatnochangeismadeinthe
bidcontentslateronwithconnivance.
g) After all the bids are opened and
countersigned by the TOEofficers, the
minutesofthemeeting(ieTOE)aretobe
recorded.
h) Eachbidpartmaybeopenedinaseparate
tender opening event in which only the
authorized bidders are allowed. This is
supposedtobedoneinaverytransparent
manner with proper scheduling of events
and proper information to the concerned
bidders.
i) Bid parts which are due for opening in a
subsequent tender opening event are
securelystoredtillthatevent.
j) IfinaparticularTOE,ifitisdecidednotto
open the bid of a bidder, then such bids
arereturnedopened.
(ElectronicSystem)
Facility for the authorized personnel to
conduct Public Online Tender Opening Event
with Bidders attending from remote
inplacetosupportthe
organizationsuse
ofcryptographic
techniques
A15.1.6
shallbeusedin
compliancewithall
relevantagreements,
36
locations electronically with full security

procedures.TenderOpeningEventshouldbe
simultaneouslyviewablebyallattendeesfrom
theirrespectivelocations
Theetenderingsystemshouldsupportallthe
salientaspects,viza,b,c,d,e,f,g,h,iaslisted
inthepreviouscolumnwithoutsacrificingany
aspect of security and transparency including
those listed elsewhere in this matrix/
questionnaire. As soon as a bid is opened,
participating bidders should be able to
simultaneouslydownloadthesalientpoints(ie
thesummaryinformation)oftheopenedbid.
For (j) keeping in view the nature of the

internet,suchbidsmaybearchivedunopened.
Note:Inaddition,incaseswheresomebidders
havebidoffline(iemanually),and this has
been allowed, then the following should be
ensured:
- That the offline bids are opened first and
theirsalientpointsenteredintothesystem
beforetheonlinebidsareopened.Thisis
all done in the presence of the online
bidderswhoaresimultaneouslywitnessing
thisexercise.
Thecompiled/integrateddataoftheboth
the online and offline bidders should be
made available in the form of an online
comparisoncharttoalltheparticipants.
TheGFRrequiresthattendersbeopenedinpublicinthepresenceoftheauthorized
representatives of the bidders. The Finance Ministry Manual on procurement
proceduresoutlinesindetailstherequirementsofatransparentlyconductedPublic
Tender Opening Event. CVC Guidelines on security aspects of eprocurement also
staetherequirementofOnlinePublicTenderOpeningEvent.Merelyopeningbids
online, and then separately making them available for display to the bidders
subsequently, and/ or from a different location/ screen (ie user interface) without
thesimultaneousonlinepresenceofbidders,doesnotfulfilltherequirementsofa
proper and transparent online Public TOE. A comprehensive and transparent Public
Tender Opening Event is the backbone of transparency and fairness of the Public
Procurementprocess,manualorelectronic. Thishasanimpactontechnicalaswellas
proceduralaspects.
It must be ensured that etendering/ eprocurement has comprehensive

functionality for a transparent Public Online Tender Opening Event (Public OTOE).
Well established practices of manual tender opening (with legal and transparency
related significance) should have corresponding electronic equivalents for
transparent etendering/ eprocurement. Some relevant processes of a fair and
transparentonlinepublicTOEshouldinclude:
37

i.Openingofthebidsinthesimultaneousonlinepresenceofthebidderswithproper
online attendance record of the authorized representatives of the bidders. Merely
opening bids online, and then subsequently displaying some results to the bidders
does not fulfill the requirements of a transparent Online Public Tender Opening
Event
ii.SecurityCheckstoassurebiddersofnontamperingoftheirbids,etalduringthe
onlineTOEitself
iii.Onebyoneopeningofthesealedbidsinthesimultaneousonlinepresenceofthe
bidders
iv.Onlineverificationofthedigitalsignaturesofbiddersaffixedtotheirrespective
bids
v.Readingout,ieallowingbidderstodownloadtheelectronicversionofthesalient
points of each opened bid (opened in the simultaneous online presence of the
bidders)
vi.ThereshouldbeaprocedureforseekingclarificationsbytheTOEofficersduring
online Public TOE from a bidder in the online presence of other bidders, and
recordingsuchclarifications
vii.Digitalcountersigning(byallthetenderopeningofficers)ofeachopenedbid,in
thesimultaneousonlinepresenceofallparticipatingbidders
viii.PreparationoftheMinutesoftheTenderOpeningEventanditssigningbythe
concernedofficersinthesimultaneousonlinepresenceofthebidders
WhilebiddersshouldbewelcometobepresentphysicallyduringtheTOE,itshould
notbemandatoryforthemtodoso.Alltheaboveshouldbeachievedonlineina
userfriendlymanner.
Theeprocurementsystemhastosatisfactorilyaddresstheaboverequirements
throughsuitablefunctionalitybuiltintotheeprocurementapplication.Where,in
addition,someissuesarebeingfurtheraddressedthroughorganizationalprocedures
underISO27001,theseshouldbeexplicitlydefinedwithsatisfactoryexplanations.
7.Concerns/clarificationsrelatingtopreventingotherBiddersfromBiddinginthee
TenderingScenario,andMiscellaneousConcerns/Clarifications
7.1
Can the etendering prevent competitors/ Controlof
A12.6.1
tendermafiafromlockingtheaccounts(target technical
technicalvulnerabilities
accounts) of other users/ bidders by vulnerabilities ofinformation
deliberately entering incorrect authentication Cryptographic systemsbeingusedshall
beobtained,the
informationagainstusernames(whicharenot controls
secret)ofsuchbidders/users?
Regulationof evaluated,and
cryptographic appropriatemeasures
takentoaddressthe
controls
associatedrisk.
A12.3
A.12.3.1
Apolicyontheuseof
protectionof
informationshallbe
developedand
implemented.
A.12.3.2
inplacetosupportthe
38
organizationsuse
ofcryptographic
techniques
A15.1.6
shallbeusedin
compliancewithall
relevantagreements,
7.2
Generally any system are designed in such a manner that it gets locked/denied
permission after repeated login attempts based on wrong passwords and user IDs.
Such a scenario, if it exists, in eprocurement system may be exploited by the
competitors/tendermafiatopreventthegenuinebidders.Toavoidsuchasituation
the eprocurement system should not have features for locking the system on
account of repetitive login attempts based on wrong passwords and user IDs and
digitalsignatures.Itisalsosuggestedthatlogintotheeprocurementsystemshould
bebasedondigitalsignatures.Ithasalsobeensuggestedthateprocurementsystem
should have interface software to check the validity of digital signature/certificate.
Otherinnovativemethodsmayalsobedevelopedtoaddressthisconcern.
For security reasons, Administrators of the e Controlof
A12.6.1
tenderingapplication/portalshouldnot have technical
any access to the passwords of the various vulnerabilities ofinformation
users.Neithershouldthe Administrators
Cryptographic systemsbeingusedshall
beobtained,the
beabletogeneratepasswordsfortheusers.
controls
Regulationof tosuchvulnerabilities
cryptographic evaluated,and
appropriatemeasures
controls
takentoaddressthe
associatedrisk.
A12.3
A.12.3.1
Apolicyontheuseof
protectionofinformation
shallbedevelopedand
implemented.
A.12.3.2
inplacetosupportthe
organizationsuse
ofcryptographic
techniques
A15.1.6
shallbeusedin
compliancewithall
relevant
agreements,laws,and
regulations.
TheAdministratorsoftheetenderingapplication/portalshouldnothaveanyaccess
to the passwords of the various users. Neither the software should allow the
Administratortogeneratepasswordfortheusers.
Thedesigner/developershouldfactorthisatthedesignstage/developmentstage,ie
the eprocurement system has to satisfactorily address the above requirements
throughsuitablefunctionalitybuiltintotheeprocurementapplication.
39
7.3
The Forgot Password feature should not be

based on some questions and answers which
can be guessed by a competitor/ hacker.
Pleaseexplainhowthisisachieved.
Controlof
A12.6.1
technical
vulnerabilities ofinformation
Cryptographic systemsbeingusedshall
beobtained,the
controls
Regulationof evaluated,and
cryptographic appropriatemeasures
takentoaddressthe
controls
associatedrisk.
A12.3
A.12.3.1
Apolicyontheuseof
protectionofinformation
shallbedevelopedand
implemented.
A.12.3.2
inplacetosupportthe
organizationsuse
ofcryptographic
techniques
A15.1.6
shallbeusedin
compliancewithall
relevantagreements,
7.4
IftheeprocurementsystemhasForgotPasswordsfeature,itshouldaddress
theseconcerns.
ThereshouldbefacilityforComprehensive
ElectronicAuditTrail(ieAuditLog,or
Log
A10.10
VigilanceReports)withintheapplicationwith monitoring A.10.10.1
Auditlogsrecordinguser
provisionforArchiving.
activities,exceptions,and
information
Specifically:
securityeventsshallbe
producedandkeptforan
i) There should be audit trail reports for
agreedperiodtoassistin
eachtenderofeachBuyerorganization,as
futureinvestigationsand
well as, nontender specific activities (like
accesscontrolmonitoring.
A.10.10.2
creation of userhierarchy and role
Proceduresformonitoring
authorization), which is viewable only to
useofinformation
the authorized user of that Buyer
processingfacilitiesshallbe
organization. Other users of the
establishedandtheresults
ofthemonitoringactivities
organization should not have access to
reviewedregularly.
theseaudittrailreports.
A.10.10.3
ii) Similarly, there should be audit trail
Loggingfacilitiesandlog
informationshallbe
reportsforeachtenderofeachSupplier/
protectedagainst
Bidderorganization,aswellas,nontender
tamperingand
specific activities (like creation of user
unauthorizedaccess.
A.10.10.4
hierarchyandroleauthorization),whichis
Systemadministratorand
viewable only to the authorized user of
systemoperatoractivities
that Supplier organization. Other users of
shallbelogged.
theorganizationshouldnothaveaccessto
A.10.10.5
Faultsshallbelogged,
audittrailreports.
analyzed,andappropriate
40
7.5
7.6
actiontaken.
iii) As backup, and as protection against
A.10.10.6
tampering of audittrail reports saved by
Theclocksofallrelevant
an individual organization at its end,
informationprocessing
systemswithinan
facility should be available for the
organizationorsecurity
authorized eprocurement application
domainshallbe
administrator to have parallel access to
synchronizedwithan
agreedaccuratetime
such reports of both Buyer organizations,
source
as well as, Supplier organizations.
Furthermore, information pertaining

contentofbidsandBidSubmission[which
is sensitive till the TenderOpening Event
(TOE)], should not be accessible to the e
procurement application administrator till
thestartoftheTOE.
iv) The authorized administrator of the e
procurement/ etendering application
should also have access to audit trail
reports of other administrators within the
application.
v) The application should not provide any
facility to modify or delete audit logs, or
suspendloggingoperations
The eprocurement system and software should have the facility and functionality.
There should be facility for Reports relating to TenderingActivities, and
correspondingMISReportswhichareaccessibletotherelevantauthorizedusersof
thatorganization.
AsrequiredinaCVCorder,theetendering
CVCOrder
NA
systemshouldhavefacilityfordisplaying
AwardofContracts
Theapplicationshallhavethisfunctionality.Furthermore,thisinformationshouldbe
digitallysignedbytheconcerneduseroftheBuyerorganizationwithfacilityfor
verificationbytheviewer.
It is important that officers of a Buyer Controlof
A12.6.1
organization involved in procurement related technical
activities continue to perform their related vulnerabilities ofinformation
roles without reassigning or abdicating
systemsbeingusedshall
beobtained,the
responsibilities. A prerequisite to enable
officerstoperformtheirrolesistheexistence
of comprehensive virtual hierarchy and role
evaluated,and
appropriatemeasures
authorizationasoutlinedabove.
takentoaddressthe
associatedrisk.
Another requirement to enable this is that e
Tendering Systems must design their user
interfaces to be user friendly, and that all
informationthattheuserneedsto perform
eachtransactionisavailableeasilyandclearly
fromthescreen
Concern
41
TheeTenderingapplicationmustbedesigned,
developed and deployed using reputed and
secureplatformssuchas.DotNet,J2EEetc,
that minimize defects like bugs and
vulnerabilities. It is important to ensure that
during deployment; only compiled codes of
theetenderingapplicationsoftwareareused,
with further protection to prevent runtime
modifications in the code. Please clarify how
thisisachieved.
Concern
It should not be possible to compromise the
security of the etendering application, even
withknowledgeofitsarchitecture,designand
encryptionalgorithmused.
The application shall be architectured, designed and developed (ie the required
functionality should be inbuilt in the application) to address above concerns. The
bestpracticesandprocessestodevelopsecuresoftwareshallbefollowed.
8.ConcernsrelatingtoBiddersmakingfalseassertionsbasedonnonexistingfunctionality
intheiretenderingsoftware(ImportantEligibility/QualifyingCriteria)
References may be given of various clients Quality

NA
who have used the etendering/ e
assessment
procurement software before the date of
ofsolution
submission of bids. Such references should Publically
statewhetherornottheeTenderingsoftware
available
suppliedtoeachreferenceclientwascapable
capability
of handling each of the following No
requirements:compositetechnical&financial
monopolizati
bids (single stage single envelope); technical
on
andfinancialbidsinseparateenvelopes(single
stage two envelope); single stage two
envelope preceded by prequalification; and
various security and transparency related
concerns outlined in this AnnexureI,
AnnexureII (which is based on CVC
Guidelines).
The solution should be assessed in respect of various security and transparency
relatedconcernsoutlineintheseGuidelines,anditsscopeofCapabilityshouldbein
public domain, ie the functionality claimed should have references. This will
discourage monopolizing a particular vendor and solution and will encourage new
entrants from offering such systems thereby affecting the competitiveness of
procurement of systems. To encourage new entrants, while there should be no
compromise on security, transparency and crucial functionality related concerns
highlightedherein,theeligibilitycriteriainrespectofnumberoftenders,revenue
criteriafromeprocurement,etcshouldbeminimum.
42
SummaryAnalysisofRiskofeProcurementSystems
SecurityRisks
Security
Availability
Authentication
Access
AuditTrail
Liability
ComputerFraud
Breachbyexternal
party
Virusaffectingthe
system
Denialofservice
Intellectualproperty
SoftwareRisks
SwitchingCostand
compliancewithRules
ofGovernment
Procurement
Applets,scriptingand
punchout
Interoperability
Compromisethroughpotentialweaknessesinthesystem
Theneedforservicestobeònallthetime
Masqueradingidentityorrepudiationofmessage
Anypurchasingsystemmustsupportauthenticationofusersso
thatindividualtransactioncanbetracedbacktotherelevant
person.Generally,thisisbyusernameandpassword.
Alternatively,theauthenticationmechanismcouldbenetwork
loginorotherdirectoryservices,whilehighersecurity
requirementmaydemandtokenbasedmethodsuchasdigital
certificate,smartcardorbiometricsdevices.
Toensureusersonlyhaveaccesstothefunctionsrequiredtodo
theirjobs,aneProcurementsystemshouldincorporateroles
basedaccesscontrolmechanism.Thisshouldallowaparticular
roletobeassignedtoeachuseroftheapplication,andto
determinewhichfunctionareasthisroleincorporates.
ArobusteProcurementsolutionshouldincorporatea
comprehensiveaudittrail,withrecordingofwhodidwhatand
whenatvariouskeystagesofthepurchasingprocess.The
systemshouldalsoallowrulestobeincorporated,examplethe
personwhoapprovesarequisitionmustbedifferentfromthe
requisitionoriginator.Settingsuchprincipleswithinthe
purchasingapplicationcanbeausefulcountermajoragainst
possiblefraud.
Throughemploymentorlegalcontractualobligations
Internalabuseandmisuse
Externalattackbyvariousparties,whethercorporateespionage
orterrorists
EmailvirusessuchasNIMDAorMelissawhichhavecapabilityof
cripplingsystems
Floodingacomputersinternetconnectionwithrequeststo
disrupttrafficflow
Misappropriationorreleaseofintellectualproperty
ControlofspendingtospecificsuppliersaspartofeCommerce
Someapplicationswhichonlyrequireuserstohaveaccesstothe
internetviaawebbrowsermayalsorequireadditionalsoftware
tobeinstalledandrunonthelocalmachine,suchasActiveX
components,JavaApplets,browserscriptandcookies.Security
policyshouldallowthesesoftwarecomponentstobeinstalled
andrun.
Lackofinteroperabilitybetweenthesystemofthebidderand
systemoftheprocurementbody
Systeminteroperabilityisthesmoothtransitionofdatabetween
systemsinternallywithinanorganisation,examplebetweenan
43
eProcurementsystemandafinancesystemandexternally
examplebetweenabuyerseProcurementsystemandsuppliers
eCommerceSystem.
ThepreferredmethodofdataflowtodayiseXtensibleMarkUp
Language(XML).XMLisacceptedacorestandardfordata
exchangebetweentheGovernmentandBusiness.
ProjectRisks
Competitive
information
Lackofrequiredskills
Wrongtechnology
choice
Complexityand
Managementof
electronicrecords
ReputationalRisk
BusinessContinuity
EnvironmentalRisks
Naturalhazard
Changingtechnology
Maverick
Spend/compliance
Risktocustomerandsupplierdata,aswellasothercommercially
sensitiveinformation
Staffnotbeingproperlyequippedwiththecorrectskillset.
Repercussionofnotadheringtoroles&responsibilitieswhile
handlingprivatekey/usersecretofpersonnelinvolvedine
procurementlifecycle.
Investinginthewrongtechnology,thismayleadtogreatercosts
thaninitiallyprojected,orbeingstuckwithavendor
Increasingcomplexityoforganisation,systemsandmodels
Theincreasingelectronicdeliveryofpublicservicestobusiness
andcitizens,inturn,producingmoreelectronicrecords.
Electronicrecordsunlockcontentpreviouslydifficulttoassessin
paperform,enablemoreeffectivesharingofinformationand
contributetoknowledgeexchange.However,theyneedtobe
retainedandmaintainedoverthemediumtolongtermasthe
recordsalsodemonstrateaccountability.
Privacyandexcessissuesandparticularlyrighttoinformationact,
VATandothertaxationactrequiredthatelectronicrecordsbe
managedconstantlywithinregulatoryenvironment.
Theriskofdamaginggoodwillorbrandequityasaresultofe
Commercemishap
Toprotecthistoricdataintheeventofasystemfailure,orto
allowapurchasedepartmenttocontinueoffsiteintheeventof
disaster,securityarrangementshouldalsoincludeabusiness
continuityplan.Thisshoulddetail:
Precautionstopreventdisasterfromoccurringsuchasvirus
checking
Physicalsecurityinthepremiseswheretheapplicationis
heldand
Duplicationofdataontomultiplestoragedevices
Procedurestofollowintheeventofanunrecoverable
disastere.g.retrievalofoffsitebackupsorrelocatingtoa
warmrecoveryserverwhichcontainsallhistoricaldata.
Finally,itisimportanttotestanycontinuityplansonaregular
basis.Thetimetodiscoverthatnotallrelevantfilesarebacked
upisduringatestdrill,notwhentryingtorecoveraftera
catastrophicfailure.
Becauseofinvolvementofremotelylocatedadditionalbody
Rateofchangeoftechnologyprogressingaheadoftheabilityto
secureit
Procurementrisk,describingemployeesexpenditurevianon
preferredsuppliers,resultinginablowoutincosts.
44
AnnexureIIChecklistforeSecurityCompliance(includingCVCGuidelines)
Table1:GeneralSecurityIssues
Sl. IssuestobeChecked
MeansofChecking
No.
1
Whethertheapplicationissecurefrommakingany
Functionality
temporarydistortionintheelectronicposingoftender
Verification/Testing
notice,justtomisleadcertainvendors?
(Applicationlevel)
2
Ifyesat2above,thenwhetheranyautomaticsystems
Functionality
alertisprovidedintheformofdailyexceptionreportin
theapplicationinthisregards?
(Applicationlevel)
3
Whetherapplicationensuresthatthetenderdocuments
Functionality
issuedto/downloadedbybiddersarecompleteinshape
aspertheapprovedtenderdocumentsincludingallits
(Applicationlevel)
corrigendum?
4
Isthereanycheckavailableintheapplicationtodetect
Functionality
andalertaboutthemissingpagestothetenderer,ifany? Verification/Testing
(Applicationlevel)
5
Whetherapplicationensuresthatallthecorrigendum
Functionality
issuedbytheCompetentAuthorityarebeingfully
communicatedinproperfashiontoallbiddersincluding
(Applicationlevel)
thosewhohadalreadypurchased/downloadedthebid
documentswellaheadoftheduedateandbefore
uploadingthecorrigendum?
6
Whethersystemissafefromsendingdiscriminatory
Functionality
communicationtodifferentbiddersaboutthesamee
tenderingprocess?
(Applicationlevel)
7
Whethereprocurementsolutionhasalsobeen
Functionality
customizedtoprocessalltypeoftendersviz
Limited/Open/GlobalTenders?
(Applicationlevel)
8
WhetheronlinePublicTenderopeningeventsfeatureare Functionality
availableintheapplication?
(Applicationlevel)
9
Whetherfacilitiesforevaluation/loadingofbids,strictlyin Functionality
termsofcriterialaiddowninbiddocumentsareavailable Verification/Testing
intheapplication?
10 Whethersufficientsafeguardshavebeenprovidedinthe Functionality
applicationtodealwithfailedattemptblocking?
(Applicationlevel)
11 Whetherapplicationissafefromsubmissionoffakebids? Functionality
Verification/Testingto
checkthatabidcanbe
submittedonlybyaduly
authorizeduserofthe
bidderorganization,and
thatallbidder
organizationsare
authenticated.
(Applicationlevel)
Application
Vulnerability
45
12
Whetherencryptionsofbidsaredoneatclientsend?
13
Whethersafetyagainsttamperingandstealing
informationofsubmittedbid,duringstoragebeforeits
openingisensured?
14
Whetherapplicationissafefromsiphoningoffand
decryptingtheclandestinecopyofabidencryptedwith
Publickeyoftenderopeningofficer?
Assessment(Testfor
OWASPTop10and
otherknown
vulnerabilities)
(Applicationlevel)
Functionality
(Applicationlevel)
Functionality
Verification/Testingof
relatedfeaturesand
explanationsgivenby
theeprocurement/e
tenderingsoftware/
serviceprovider
againstrelevant
sectionsandpointsof
AnnexureI,viz
sections2,3and4of
AnnexureI.
(Applicationlevel,as
wellas,Networklevel)
Application
Vulnerability
Assessment(Testfor
OWASPTop10and
otherknown
vulnerabilities)
Functionality
relatedfeaturesand
explanationsgivenby
theeprocurement/e
tenderingsoftware/
serviceprovider
againstrelevant
sectionsandpointsof
AnnexureI,viz
sections2,3and4of
AnnexureI.
(Applicationlevel)
Application
Vulnerability
Assessment(Testfor
OWASPTop10and
otherknown
vulnerabilities)
46
15
16
17
18
19
20
21
22
23
(Applicationlevel)
Whetherapplicationissafefrommutilation/sabotageof
Functionality
otherwiserenderingtheencryptedbidintheetenderbox
duringstorage,tomakeitunreadable/invalidinanyform,
relatedfeaturesand
beforeopeningofthebids?
explanationsgivenby
theeprocurement/e
tenderingsoftware/
serviceprovider
againstrelevant
sectionsandpointsof
AnnexureI,viz
sections2,3and4of
AnnexureI.
Application
Vulnerability
Assessment(Testfor
OWASPTop10and
otherknown
vulnerabilities)
Whetherintroductionofspecialcharacters/executable
TestingofInputValidation
filesetcbyusersarerestrictedintheapplication?
(ReferOWASPTesting
Guide)
(Applicationlevel)
WhethervaliditycheckofDSCisbeingdoneatserver
Verificationofthe
end?
implementation
(Applicationlevel)
Whethersystemsupportsthefeaturethateventhoughif Verificationofthe
apublishedtenderisbeingdeletedfromtheapplication, implementation
doesnotallowpermanentdeletionofthepublished
(Applicationlevel)
tenderfromtheDatabase?
Whethersufficientsecurityfeaturesareprovidedinthe
Reviewofthe
applicationforauthenticationprocedureofthesystem
authenticationmechanism
administratorlikeID,password,digitalsignature,
implemented.
biometricetc.
(Applicationlevel,aswell
as,Networklevel)
Whetheraudittrailsarebeingcapturedintheapplication Verificationofthe
implementation
onmedianotpronetotampering,suchasopticalwrite
once?
as,Networklevel)
Whetherlogshippingfeaturingavailable,wherea
Verificationofthe
separatededicatedserverreceivesthelogsfromthe
implementation
applicationoverwebserviceinrealtime?
(Networklevel)
Whetherintegrityandnontamperingisensuredin
Verificationofthe
maintainingtheserverclocksynchronizationandtime
implementation
stamping?
(Networklevel)
Whetherapplicationgeneratesanyexception
Functionality
47
24.
25
26
27
report/systemalertsetctoindicatetheresettingofthe
clock,incasetheapplicationfortimestampingiskillingat
theserverlevelandtimeismanipulated?
Whetherapplicationensuresthatthequotesfromvarious
bidderswiththeirnamearenotbeingdisplayedtoanyone
includingtotheorganizationduringcarryingoutofthee
reverseauctioningprocess?
Whetherapplicationisfitforusagecomplyingwiththe
requirementsoftenderprocessingvizauthenticityof
tender,nonrepudiationandsecrecyofinformationtillthe
actualopeningoftenders
Functionality
(Applicationlevel)
Functionality
(ReferGFRforthe
requirements)
(Applicationlevel)
Whetheranycomprehensivethirdpartyaudit(asper
Verificationof
statutoryrequirementandalsoaspertherequirementsof records/reports/certificate
etenderprocessing(compliancetoITAct2000)wasgot
s
conductedbeforefirstputtingittopublicuse?
as,Networklevel)
WhetherapplicationcomplieswiththeCommission/s
Coveredbelow
Guidelinesdated17.9.2009onSecurityconsiderationfor
eprocurementsystems
Table2:InfrastructureSecurityIssues
Sl.
IssuestobeChecked
No.
1
PerimeterDefence:
Deploymentofrouters,firewalls.IPS/IDS,Remote
Accessandnetworksegmentation.
(Networklevel)
Authentication:
Networkauthenticationthroughdeploymentof
passwordpolicyforaccessingthenetworkresources.
Tominimizeunauthorisedaccesstothee
procurementsystem,atsystemlevel.
Monitoring:
DeploymentofloggingatOS/networkleveland
monitoringthesame.
MeansofChecking
NetworkArchitecture
Review
Assessmentof
vulnerabilitiesand
hardening/configurationof
networkandsecurity
devicese.g.routers,
switches,firewalls,IPS/IDS
etc.
(Networklevel)
Reviewofauthentication
policiesandmechanisms
(Networklevel)
Reviewofloggingand
monitoringpolicies,
procedures&mechanisms
(Networklevel)
Secureconfigurationofnetworkhost:
Assessmentofvulnerabilities
Thesecurityofindividualservers&workstationsisa
andhardening/configuration
criticalfactorinthedefenceofanyenvironment,
ofthehosts(servers,client
especiallywhenremoteaccessisallowed
workstationsetc.)
workstationsshouldhaveSafeguardsinplacetoresist (Networklevel)
commonattacks.
Systempatching:
ReviewofPatch
48
Asthevulnerabilityofthesystemisdiscoveredalmost
ManagementProcedure
regularlyandthesystemvendorsarealsoreleasing
Verificationofthe
thepatches,Itisexpectedthatthehostarepatched
systempatchingstatus
withlatestsecurityupdates.
(Networklevel)
ControlofMalware:
ReviewofMalwareControl
Suitablecontrollikeantivirus,antispywareext.
policies,proceduresand
mechanisms
shouldbedeployedonthehostassociatedwithe
procurementsystem.However,optionforrunningthe (Networklevel)
servicesatnonprivilegeduserprofilemaybelooked
for.Otherwisesuitableoperatingsystemwhichis
immunetovirus,Trojanandmalwaremaybe
deployed.
Structuredcabling:
Verificationofthecabling
Theavailabilityofthenetworkservicesiscritically
(Networklevel)
dependentonthequalityofinterconnectionbetween
thehoststhroughstructuredincludingtermination&
marking.Itisexpectedtheeprocurementsystemhas
implementedstructuredcablingandothercontrols
relatedwithnetworkandinterconnection.
Table3:ApplicationSecurityIssuesatDesignLevel
Sl.
IssuestobeChecked
No.
1
Authentication:
Theauthenticationmechanismoftheeprocurement
applicationshouldensurethatthecredentialsare
submittedonthepagesthatareservedunderSSL
2
AccessControl:
Theapplicationshallenforceproperaccesscontrol
modeltoensurethattheparameteravailabletothe
usercannotbeusedforlaunchinganyattack.
Sessionmanagement:
Thedesignshouldensurethatsessiontokensare
adequatelyprotectedfromguessingduringan
authenticatedsession.
Errorhandling:
Thedesignshouldensurethattheapplicationdoes
notpresentusererrormessagestotheoutsideworld
whichcanbeusedforattackingtheapplication.
Inputvalidation:
Theapplicationmayacceptinputatmultiplepoints
fromexternalsources,suchasusers,client
applications,anddatafeeds.Itshouldperform
validationchecksofthesyntacticandsemantic
validityoftheinput.Itshouldalsocheckthatinput
datadoesnotviolatelimitationsofunderlyingor
dependentcomponents,particularlystringlengthand
characterset.
MeansofChecking
FunctionalityVerificationof
theimplementation
(Applicationlevel,andSSL
verificationatNetworkLevel)
Assessment/Testing(Refer
OWASPTestingGuide)
(Applicationlevel)
OWASPTestingGuide)
(Applicationlevel)
OWASPTestingGuide)
(Applicationlevel)
OWASPTestingGuide)
(Applicationlevel)
49
Allusersuppliedfieldsshouldbevalidatedatthe
serverside.
Applicationloggingandmonitoring:
Loggingshouldbeenabledacrossallapplicationsin
theenvironment.Logfiledataisimportantfor
incidentandtrendanalysisaswellasforauditing
purposes.
Theapplicationshouldlogfailedandsuccessful
authenticationattempts,changestoapplicationdata
includinguseraccounts,serveapplicationerrors,and
failedandsuccessfulaccesstoresources
FunctionalityVerificationof
theimplementation
(Applicationlevel)
Table4:ApplicationSecurityIssuesDuringDeployment&Use
MeansofChecking
No.
1
Availability/Clustering/Loadbalancing:
Verificationofthe
Dependingonthenumberofexpectedhitsand
implementation
accesstheoptionforclusteringofserversandload (Networklevel)
balancingofthewebapplicationshallbe
implemented
2
Applicationanddatarecovery:
Reviewofbackuppolicies,
Suitablemanagementprocedureshallbedeployed proceduresandthebackup
forregularbackupofapplicationanddata.The
andrestorationrecords.
regularityofdatabackupshallbeincommensurate (Networklevel)
withthenatureoftransaction/businesstranslated
intotheeprocurementsystem.
3
IntegrityoftheApplication,Controlofsourcecode. Reviewoftheconfiguration
Configurationmanagement:
managementprocedure,
Suitablemanagementcontrolshallbeimplemented mechanismandits
onavailabilityofupdatedsourcecodeandits
implementation
deployment.Strictconfigurationcontrolis
(Networklevel)
recommendedtoensurethatthelatestsoftwarein
theproductionsystem.
Table5:ApplicationSecurityIssuesduringDataStorage&Communication
MeansofChecking
No.
1
Encryptionfordatastorage:
Verificationofthe
Sensitivedatashouldbeencryptedorhashedinthe implementation
databaseandfilesystem.Theapplicationshould
(Applicationlevel)
differentiatebetweendatathatissensitiveto
disclosureandmustbeencrypted,datathatis
sensitiveonlytotamperingandforwhichakeyed
hashvalue(HMAC)mustbegenerated,anddata
thatcanbeirreversiblytransformed(hashed)
withoutlossoffunctionality(suchaspasswords).
Theapplicationshouldstorekeysusedfor
decryptionseparatelyfromtheencrypteddata.
2
Datatransfersecurity:
Verificationofthe
Sensitivedatashouldbeencryptedpriorto
implementation
transmissiontoothercomponents.Verifythat
(Applicationlevel,aswellas,
50
intermediatecomponentsthathandlethedatain
cleartextform,priortotransmissionorsubsequent
toreceipt,donotpresentanunduethreattothe
data.Theapplicationshouldtakeadvantageof
authenticationfeaturesavailablewithinthe
transportsecuritymechanism.
Specially,encryptionmethodologylikeSSLmustbe
deployedwhilecommunicatingwiththepayment
gatewayoverpublicnetwork.
Accesscontrol:
Applications should enforce an authorization
mechanism that provides access to sensitive data
andfunctionalityonlytosuitablypermittedusersor
clients.
Rolebased access controls should be enforced at
the database level as well as at the application
interface. This will protect the database in the
eventthattheclientapplicationisexploited.
Authorizationchecksshouldrequirepriorsuccessful
authenticationtohaveoccurred.
All attempts to obtain access, without proper
authorizationshouldbelogged
Conduct regular testing of key applications that
process sensitive data and of the interfaces
available to users from the Internet include both
black box informed testing against the
application. Determine if users can gain access to
datafromotheraccounts.
Networklevel)
Testing/Assessmentofthe
accesscontrol
implementationasper
definedpolicies.
(Applicationlevel)
51
AnnexureIIIChecklistforCompliancetoGOIprocurementprocedures
GFR2005,GovernmentofIndia,MinistryofFinance,DepartmentofExpenditure
ThecontentsofGFR2005areasfollows:
Chapter
NameoftheChapter
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
Introduction
GeneralSystemofFinancialManagement
I.GeneralPrinciplesrelatingtoexpenditure&paymentofmoney
II.Defalcationandlosses
III.Submissionofrecords&information
Budgetformulationandimplementation
GovernmentAccounts
Works
ProcurementofGoodsandServices
I.ProcurementofGoods
II.ProcurementofServices
InventoryManagement
ContractManagement
GrantsinaidandLoans
BudgetingandAccountingforExternallyAidedProjects
GovernmentGuarantees
MiscellaneousSubjects
I.Establishment
II.Refundofrevenue
III.Debtandmisc.obligationsofGovt.
IV.Securitydeposits
V.Transferoflandandbuildings
VI.Charitableendowmentsandothertrusts
VII.Localbodies
VIII.DestructionofrecordsconnectedwithAccounts
IX.ContingentandMiscellaneousExpenditure.
Chapter6,ProcurementofGood&ServicesisapplicableforeProcurementSystem(EPS).
ThelistofGFRrequirementsgivenbelowprovidesgeneralguidelinesabouttheapplicability
of the requirements in the EPS and the verification mechanism. The assumption has been
made that in an ideal situation, all the GFR requirements will be applicable to the EPS.
However,inactualsituation,dependingontheclients(buyerorganization)requirements,all
the GFR requirements may not be applicable and hence not addressed by the EPS.
Therefore, it is recommended that the EPS solution/ service provider uses this list as a
guidelineandpreparessimilarlistfortheEPSbeingdevelopedaspertheapplicabilityofthe
GFRrequirements.
ThecompliancetoapplicableGFRrequirementsmaybeverifiedasfollows:
In case of manual procurement system, compliance verification may be done through
processauditofthepolicy&proceduresoftheclients(buyerorganization).Itisupto
theclienttoperformtheprocessaudittoensurecompliance.
Incaseofeprocurementsystem,complianceverificationshallbedonethroughtesting
and audit of the functionalities in the EPS solution. It is recommended; that internal
verificationmaybedonebytheEPSsolutionproviderandalsobeexternallyverifiedby
ThirdPartyAgencyforclientsacceptance.
52
Rule
Description
General
GFR covers Rules relating to Tenders relating to Works,
Goods and Services. The eprocurement system should
have functionality to cover all kinds of tenders, whether
thetendersrelatetoWorks,GoodsorServices.Whilesome
specific rules relating to procurement of Goods and
Services are outlined below, corresponding functionality
for Works tenders should also be implemented in the e
procurementsystem.
ToBeAddressed
By
Compliance
Verification
Chapter6:ProcurementofGoodsandServicesGuidelines
Rule
Description
ToBeAddressedBy
Compliance
Verification
A) ProcurementofGoods:Rule135to162
135 Thischaptercontainsthegeneralrulesapplicable
to all Ministries or Departments, regarding

procurement of goods required for use in the
public service. Detailed instructions relating to
procurement of goods may be issued by the
procuring departments broadly in conformity
withthegeneralrulescontainedinthisChapter.
136 DefinitionofGoodsTheterm'goods'usedinthis
chapter includes all articles, material,

commodities, livestock, furniture, fixtures, raw
material, spares, instruments, machinery,
equipment, industrial plant etc. purchased or
otherwise acquired for the use of Government
butexcludesbooks,publications,periodicals,etc.
foralibrary.
eprocurementSystem
Functionality
137 Fundamentalprinciplesofpublicbuying:
Every authority delegated with the financial shouldhavefunctionality Verification/Testing
powersofprocuringgoodsinpublicinterestshall toensuretransparency, ofrelated
featuresand
havetheresponsibilityandaccountabilitytobring accountability,fairness
efficiency,economy,andtransparencyinmatters andequitabletreatment explanations
relating to public procurement and for fair and ofsuppliers.Thisshould givenbythee
procurement/e
equitable treatment of suppliers and promotion beensuredbye
tendering
ofcompetitioninpublicprocurement.
procurementsystem
The procedure to be followed in making public strictlyandsatisfactorily software/service
provideragainst
procurement must conform to the following addressingthevarious
issuesespeciallyoutlined relevantsections
yardsticks:
andpointsof
(i)Thespecificationsintermsofquality,typeetc., inAnnexureIofthese
as also quantity of goods to be procured, should Guidelines.Specificallyfor AnnexureIof
theseGuidelines
be clearly spelt out keeping in view the specific fairnessitmustbe
needs of the procuring organisations. The ensuredthatthee
specifications so worked out should meet the procurementsystem
53
basicneedsoftheorganisationwithoutincluding supportsalllegitimate
superfluous and nonessential features, which processesand
may result in unwarranted expenditure. Care methodologiesfor
should also be taken to avoid purchasing invitingbidsina
quantities in excess of requirement to avoid transparentmanner,and
undernocircumstances
inventorycarryingcosts;
(ii) Offers should be invited following a fair, shouldtheconfidentiality
ofthebidbe
transparentandreasonableprocedure;
(iii) The procuring authority should be satisfied compromisedbeforethe
that the selected offer adequately meets the OnlinePublicTender
OpeningEvent.
requirementinallrespects;
(iv) The procuring authority should satisfy itself Importantly,aproperly
that the price of the selected offer is reasonable conductedPublicTender
OpeningEventisthe
andconsistentwiththequalityrequired;
(v) At each stage of procurement the concerned backboneoftransparency
procuring authority must place on record, in inpublicprocurement.
precise terms, the considerations which weighed Theeprocurement
withitwhiletakingtheprocurementdecision.
systemmusthaveavery
transparentand
comprehensiveOnline
PublicTenderOpening
Event.Foraccountability,
thereshouldbea
comprehensiveHierarchy
andRoleAuthorizationof
officerswithdetailed
AuditTrailsasoutlinedin
AnnexureIofthese
Guidelines.
Whererequired,
functionalityofthee
procurementsystem
shouldbesupplemented
withProcurementPolicy
&Proceduresinternalto
theBuyerorganization.
138 Authoritiescompetenttopurchasegoods:
eprocurementSystem
An authority which is competent to incur shouldhavefunctionality
contingent expenditure may sanction the forRequisition
purchase of goods required for use in public Management(ieIndent
service in accordance with Schedule V of the Management)withdigital
Delegation of Financial Powers Rules, 1978, signatures.
followingthegeneralprocedurecontainedinthe
followingrules.
139 Procurementofgoodsrequiredonmobilisation: ProcurementPolicy&
Procurement of goods required on mobilisation Proceduresinternalto
and/ or during the continuance of Military theBuyerorganization
operationsshallberegulatedbyspecialrulesand
orders issued by the Government on this behalf Note:Generallyno
fromtimetotime.
specificrequirementsfor
eprocurement.
Functionality
&Audit
ProcessAudit
54
140 Powersforprocurementofgoods:
ProcurementPolicy&
The Ministries or Departments have been Proceduresinternalto
delegated full powers to make their own theBuyerorganization
arrangements for procurement of goods. In case
however,aMinistryorDepartmentdoesnothave Note:Generallyno
therequiredexpertise,itmayprojectitsindentto specificrequirementsfor
the Central Purchase Organisation (e.g. DGS&D) eprocurement.
with the approval of competent authority. The
indentformtobeutilisedforthispurposewillbe
as per the standard form evolved by the Central
PurchaseOrganisation.
141 Ratecontract:
ProcurementPolicy&
The Central Purchase Organisation (e.g. DGS&D) Proceduresinternalto
shall conclude rate contracts with the registered theBuyerorganization
suppliers,forgoodsanditemsofstandardtypes,
which are identified as common user items and Note:Generallyno
are needed on recurring basis by various Central specificrequirementsfor
GovernmentMinistriesorDepartments.
eprocurement.
DefinitionofRegisteredsuppliersisgiveninRule
142 below. The Central Purchase Organisation
willfurnishandupdatealltherelevantdetailsof
the rate contracts in its web site. The Ministries
or Departments shall follow those rate contracts
tothemaximumextentpossible.
142 Registrationofsuppliers:
ProcurementPolicy&
With a view to establishing reliable sources for Proceduresinternalto
procurement of goods commonly required for theBuyerorganization
Government use, the Central Purchase
Organisation (e.g. DGS&D) will prepare and Note:Generallyno
maintain itemwise lists of eligible and capable specificrequirementsfor
suppliers.Suchapprovedsupplierswillbeknown eprocurement.
as "Registered Suppliers". All Ministries or
Departments may utilise these lists as and when
necessary. Such registered suppliers are prima
facieeligibleforconsiderationforprocurementof
goods through Limited Tender Enquiry. They are
also ordinarily exempted from furnishing bid
security along with their bids. A Head of
Department may also register suppliers of goods
which are specifically required by that
DepartmentorOffice.
(ii) Credentials, manufacturing capability, quality
control systems, past performance, aftersales
service, financial background etc. of the
supplier(s) should be carefully verified before
registration.
(iii) The supplier(s) will be registered for a fixed
period (between 1 to 3 years) depending on the
natureofthegoods.Attheendofthisperiod,the
registered supplier(s) willing to continue with
registration are to apply afresh for renewal of
registration. New supplier(s) may also be
Process
Audit
Process
Audit
Process
Audit
Functionality
55
consideredfor registration at any time, provided

theyfulfilalltherequiredconditions.
(iv)Performanceandconductofeveryregistered
supplier is to be watched by the concerned
Ministry or Department. The registered
supplier(s)areliabletoberemovedfromthelist
of approved suppliers if they fail to abide by the
termsandconditionsoftheregistrationorfailto
supply the goods on time or supply substandard
goods or make any false declaration to any
Government agency or for any ground which, in
the opinion of the Government, is not in public
interest.
143 EnlistmentofIndianagents:
eprocurementSystem
Functionality
AspertheCompulsoryEnlistmentSchemeofthe shouldhavefeaturefor Verification/Testing
Department of Expenditure, Ministry of Finance, bidder(IndianAgent)to &Audit
it is compulsory for Indian agents, who desire to beabletofurnishdetails
quote directly on behalf of their foreign oftheirenlistingwiththe
principals, to get themselves enlisted with the concernedCentral
Central Purchase Organisation (eg. DGS&D). PurchaseOrganizationin
However, such enlistment is not equivalent to thebid.
registrationofsuppliersasmentionedunderRule
142above.
eprocurementSystem
Functionality
144 Reserveditems:
The Central Government, through administrative shouldhavefeaturefor Verification/
instructions, has reserved all items of handspun TenderNoticetohighlight Testing
and handwoven textiles (khadi goods) for suchspecialreservations.
exclusive purchase from Khadi Village Industries
Commission (KVIC). It has also reserved all items
of handloom textiles required by Central
Government departments for exclusive purchase
fromKVICand/orthenotifiedhandloomunitsof
ACASH (Association of Corporations and Apex
SocietiesofHandlooms).TheCentralGovernment
has also reserved some items for purchase from
registered Small Scale Industrial Units. The
Central Departments or Ministries are to make
their purchases for such reserved goods and
items from such units as per the instructions
issuedbytheCentralGovernmentinthisregard.
145 Purchase of goods without quotation (Upto ProcurementPolicy&
ProcessAudit
Rs.15,000/):
Proceduresinternalto
PurchaseofgoodsuptothevalueofRs.15,000/ theBuyerorganization
(RupeesFifteenThousand)onlyoneachoccasion
maybemadewithoutinvitingquotationsorbids Note:Generallyno
onthebasisofacertificatetoberecordedbythe specificrequirementsfor
competentauthorityinthefollowingformat.
eprocurement.
"I,___________________,ampersonallysatisfied
that these goods purchased are of the requisite
quality and specification and have been
purchasedfromareliablesupplieratareasonable
price."
56
146 Purchase of goods by purchase committee ProcurementPolicy&

(AboveRs.15,000/&uptoRs.1,00,000/):
Proceduresinternalto
Purchase of goods costing above Rs. 15,000/ theBuyerorganization
(Rupees Fifteen Thousand) only and upto Rs.
1,00,000/ (Rupees One lakh) only on each Note:Generallyno
occasion may be made on the recommendations specificrequirementsfor
of a duly constituted Local Purchase Committee eprocurement.
consisting of three members of an appropriate
levelasdecidedbytheHeadoftheDepartment.
The committee will survey the market to
ascertain the reasonableness of rate, quality and
specifications and identify the appropriate
supplier.Beforerecommendingplacementofthe
purchase order, the members of the committee
willjointlyrecordacertificateasunder.
"Certified that we _____________________,
membersofthepurchase
committee are jointly and individually satisfied
thatthegoodsrecommendedforpurchaseareof
the requisite specification and quality, priced at
the prevailing market rate and the supplier
recommended is reliable and competent to
supplythegoodsinquestion."
147 Purchaseofgoodsdirectlyunderratecontract: ProcurementPolicy&
(1) In case a Ministry or Department directly Proceduresinternalto
procures Central Purchase Organisation (e.g. theBuyerorganization
DGS&D) rate contracted goods from suppliers,
the prices to be paid for such goods shall not Note:Generallyno
exceed those stipulated in the rate contract and specificrequirementsfor
the other salient terms and conditions of the eprocurement.
purchaseshouldbeinlinewiththosespecifiedin
the rate contract. The Ministry or Department
shall make its own arrangement for inspection
andtestingofsuchgoodswhererequired.
(2) The Central Purchase Organisation (e.g.
DGS&D)shouldhostthespecifications,pricesand
other salient details of different rate contracted
items,appropriatelyupdated,onthewebsitefor
usebytheprocuringMinistryorDepartment.
148 A demand for goods should not be divided into ProcurementPolicy&
smallquantitiestomakepiecemealpurchasesto Proceduresinternalto
avoid the necessity of obtaining the sanction of theBuyerorganization
higher authority required with reference to the
estimatedvalueofthetotaldemand.
Note:Generallyno
specificrequirementsfor
eprocurement.
149 Purchaseofgoodsbyobtainingbids:
ProcurementPolicy&
ExceptincasescoveredunderRule145,146and Procedures
147(1), Ministries or Departments shall procure
goods under the powers referred to in Rule 140 eprocurementsystem
above by following the standard method of shouldhavefunctionality
obtainingbidsin:
forcreatingand
ProcessAudit
ProcessAudit
ProcessAudit
Process
Audit
Functionality
ofrelated
57
(i)AdvertisedTenderEnquiry;
(ii)LimitedTenderEnquiry;
(iii)SingleTenderEnquiry.
managingTenderNotices, featuresand
Corrigenda,Tender
explanations
Documents,Addenda;
givenbythee
floatingOpenTenders,as procurement/e
wellas,LimitedTenders tendering
(SingleTendersbeinga
software/service
specialcaseofLimited
provideragainst
Tenders);
relevantsections
andfunctionalityfor
andpointsof
otherassociated
AnnexureI
processes
150 Advertisedtenderenquiry:
eprocurementSystem Functionality
(i) Subject to exceptions incorporated under shouldhavefunctionality Verification/Testing
Rules 151 and 154, invitation to tenders by forcreatingand
ofrelated
advertisementshouldbeusedforprocurementof managingTenderNotices, featuresand
goods of estimated value Rs. 25 lakh (Rupees Corrigenda,Tender
explanations
Twenty Five Lakh) and above. Advertisement in Documents,Addenda;
givenbythee
such case should be given in the Indian Trade floatingOpenTenders
procurement/e
Journal(ITJ),publishedbytheDirectorGeneralof withfunctionalityfor
tendering
Commercial Intelligence and Statistics, Kolkata otherassociated
software/service
and at least in one national daily having wide processes.Costofpriced provideragainst
TenderDocuments
relevantsections
circulation.
(ii)Anorganisationhavingitsownwebsiteshould shouldbepayableonline andpointsof
alsopublishallitsadvertisedtenderenquirieson atthetimeof
AnnexureI.
thewebsiteandprovidealinkwithNICwebsite. downloadingtender
It should also give its web site address in the documents,orpayable

Inaddition,auditof
advertisementsinITJandnewspapers.
offlineparalleltothe
theProcurement
(iii) The organisation should also post the onlinebidsubmission
Policy&
complete bidding document in its web site and beforethebidsubmission Proceduresofthe
permit prospective bidders to make use of the deadline.Inthelatter
concernedBuyer
documentdownloadedfromthewebsite.Ifsuch case,provisionshouldbe organizationcanbe
a downloaded bidding document is priced, there theretotaketheoffline carriedout.
shouldbeclearinstructionsforthebiddertopay paymentonrecordduring
theamountbydemanddraftetc.alongwiththe thePublicTOE.
bid.
(iv)WheretheMinistryorDepartmentfeelsthat Inaddition,the
the goods of the required quality, specifications concernedBuyer
etc.,maynotbeavailableinthecountryanditis organizationshouldhave
necessary to also look for suitable competitive ProcurementPolicy&
offers from abroad, the Ministry or Department Procedurestoimplement
may send copies of the tender notice to the theotherrequirements
Indianembassiesabroadaswellastotheforeign
embassiesinIndia.Theselectionoftheembassies
willdependonthepossibilityofavailabilityofthe
requiredgoodsinsuchcountries.
(v) Ordinarily, the minimum time to be allowed
for submission of bids should be three weeks
fromthedateofpublicationofthetendernotice
or availability of the bidding document for sale,
whichever is later. Where the department also
contemplates obtaining bids from abroad, the
minimumperiodshouldbekeptasfourweeksfor
58
bothdomesticandforeignbidders.
eprocurementSystem
151 Limitedtenderenquiry:
Functionality
(i)Thismethodmaybeadoptedwhenestimated shouldhavefunctionality Verification/Testing
valueofthegoodstobeprocuredisuptoRupees forinvitingLimited
ofrelated
Twentyfive Lakhs. Copies of the bidding Tenders(Domestic,as
featuresand
documentshouldbesentdirectlybyspeedpost/ wellas,Global)withall
explanations
registeredpost/courier/emailtofirmswhichare relatedfeaturessuchas givenbythee
borne on the list of registered suppliers for the creatingandmanaging
procurement/e
goods in question as referred under Rule 142 TenderNotices,
tendering
above.
Corrigenda,Tender
software/service
The number of supplier firms in Limited Tender Documents,Addenda,
provideragainst
Enquiryshouldbemorethanthree.Further,web sendingInvitationLetters, relevantsections
based publicity should be given for limited etc.RelevantSupplier
andpointsof
tenders. Efforts should be made to identify a organizationsregistered AnnexureI.
higher number of approved suppliers to obtain bytheBuyerunderRule
moreresponsivebidsoncompetitivebasis.
142shouldbesent
Inaddition,auditof
(ii)PurchasethroughLimitedTenderEnquirymay InvitationLetters.
theProcurement
be adopted even where the estimated value of ForwebpublicityTender Policy&
theprocurementismorethanRupeestwentyfive NoticesofsuchLimited Proceduresofthe
Lakhs,inthefollowingcircumstances.
Tenders(orShortTerm concernedBuyer
(a) The competent authority in the Ministry or tenders)shouldbeposted organizationcanbe
carriedout.
Department certifies that the demand is urgent ontheeprocurement
and any additional expenditure involved by not websiteforgeneral

procuring through advertised tender enquiry is publicity.Thisisalsoa
justified in view of urgency. The Ministry or CVCrequirement.
Departmentshouldalsoputonrecordthenature
oftheurgencyandreasonswhytheprocurement Inaddition,the
concernedBuyer
couldnotbeanticipated.
(b)Therearesufficientreasons,toberecordedin organizationshouldhave
writing by the competent authority, indicating ProcurementPolicy&
thatitwillnotbeinpublicinteresttoprocurethe Procedurestoimplement
goodsthroughadvertisedtenderenquiry.
theotherrequirements
(c)Thesourcesofsupplyaredefinitelyknownand
possibility of fresh source(s) beyond those being
tappedisremote.
(iii) Sufficient time should be allowed for
submission of bids in Limited Tender Enquiry
cases.
Functionality
152 Twobidsystem:
eprocurementSystem
Forpurchasinghighvalueplant,machineryetc.of shouldhavefunctionality Verification/Testing
a complex and technical nature, bids may be forinvitingSingleStage ofrelated
obtainedintwopartsasunder:
TwoEnvelopetendersor featuresand
(a)Technicalbidconsistingofalltechnicaldetails TwoStagetenders(as
explanations
alongwithcommercialtermsandconditions;and mentionedinCVC
givenbythee
(b)Financialbidindicatingitemwisepriceforthe guidelines),withsecure procurement/e
methodologyforsealing tendering
itemsmentionedinthetechnicalbid.
Thetechnicalbidandthefinancialbidshould be bids(iedataencryptionof software/service
sealed by the bidder in separate covers duly boththeTechnical,as
provideragainst
superscribedandboththesesealedcoversareto wellas,Financialbid
relevantsections
andpointsof
be put in a bigger cover which should also be partsbythebidder
sealed and duly superscribed. The technical bids himselfbeforebid
AnnexureI.
are to be opened by the purchasing Ministry or submission.Inaddition,
59
Departmentatthefirstinstanceandevaluatedby thereshouldbe
a competent committee or authority. At the functionalityforopening
secondstagefinancialbidsofonlythetechnically onlythetechnicalbids
acceptable offers should be opened for further first;functionalityfor
evaluation and ranking before awarding the creatingashortlistof
contract.
technicallyresponsive
bidders;functionalityfor
asecondtenderopening
eventforopeningthe
financialbidsofthe
bidders
153 Latebids:
eprocurementSystem
In the case of advertised tender enquiry or shouldhavefunctionality
limited tender enquiry, late bids (i.e. bids forNotAcceptingLate
received after the specified date and time for Bids
receiptofbids)shouldnotbeconsidered.
154 Singletenderenquiry:
eprocurementSystem
Procurement from a single source may be shouldhavefunctionality
resortedtointhefollowingcircumstances:
forinvitingbidfromonly
(i) It is in the knowledge of the user department onespecifiedSupplier
thatonlyaparticularfirmisthemanufacturerof organizationwithall
therequiredgoods.
featuresapplicablefor
(ii)Inacaseofemergency,therequiredgoodsare LimitedTendersas
necessarily to be purchased from a particular highlightedabove.
source and the reason for such decision is to be
recorded and approval of competent authority Inaddition,the
obtained.
concernedBuyer
(iii) For standardisation of machinery or spare organizationshouldhave
parts to be compatible to the existing sets of ProcurementPolicy&
equipment (on the advice of a competent Procedurestoimplement
technicalexpertandapprovedbythecompetent theotherrequirements
authority), the required item is to be purchased
onlyfromaselectedfirm.
Note: Proprietary Article Certificate in the
followingformistobeprovidedbytheMinistry/
Department before procuring the goods from a
singlesourceundertheprovisionofsubRule154
(i)and154(iii)asapplicable.
(i) The indented goods are manufactured by
M/s....
(ii)Noothermakeormodelisacceptableforthe
followingreasons:.
(iii) Concurrence of finance wing to the proposal
vide:..
(iv) Approval of the competent authority vide:
________________________
(Signaturewithdateanddesignation
oftheprocuringofficer)'
155 Contentsofbiddingdocument:
eprocurementSystem
Alltheterms,conditions,stipulationsand
shouldhavefunctionality
Functionality
Functionality
Inaddition,auditof
theProcurement
Policy&
Proceduresofthe
concernedBuyer
organizationcanbe
carriedout.
Functionality
60
informationtobeincorporatedinthebidding
documentaretobeshownintheappropriate
chaptersasbelow:
Chapter1:InstructionstoBidders.
Chapter2:ConditionsofContract.
Chapter3:ScheduleofRequirements.
Chapter4:SpecificationsandalliedTechnical
Details.
Chapter5:PriceSchedule(tobeutilisedbythe
biddersforquotingtheirprices).
Chapter6:ContractForm.
Chapter7:OtherStandardForms,ifany,tobe
utilisedbythepurchaserandthebidders.
forGeneralTermsand
Conditions,SpecialTerms Inaddition,auditof
andConditions,Detailed theProcurement
TenderDocumentsand Policy&
ElectronicForm(for
Proceduresofthe
Technicaldetails)and
concernedBuyer
ElectronicForm(for
organizationcanbe
Financialdetails).
carriedout.
Inaddition,the
concernedBuyer
organizationshouldhave
ProcurementPolicy&
Procedurestoimplement
156 Maintenancecontract:
eprocurementSystem
Functionality
Dependingonthecostandnatureofthegoodsto shouldhavefunctionality Verification/Testing
be purchased, it may also be necessary to enter forinvitingbidsforsuch
into maintenance contract(s) of suitable period Maintenancecontracts. Inaddition,auditof
eitherwiththesupplierofthegoodsorwithany
theProcurement
other competent firm, not necessarily the Inaddition,the
Policy&
supplier of the subject goods. Such maintenance concernedBuyer
Proceduresofthe
contracts are especiallyneeded for sophisticated organizationshouldhave concernedBuyer
and costly equipment and machinery. It may ProcurementPolicy&
organizationcanbe
however be kept in mind that the equipment or Procedurestoimplement carriedout.
machinery is maintained free of charge by the theotherrequirements
supplierduringitswarrantyperiodorsuchother
extended periods as the contract terms may
provide and the paid maintenance should
commenceonlythereafter.
eprocurementSystem
Functionality
157 Bidsecurity:
(i)Tosafeguardagainstabidderswithdrawingor shouldhavefunctionality Verification/Testing
alteringitsbidduringthebidvalidityperiodinthe forpaymentofBid
case of advertised or limited tender enquiry, Bid Security(ieEarnest

Inaddition,auditof
Security (also known as Earnest Money) is to be MoneyDeposit)asper
theProcurement
obtainedfromthebiddersexceptthosewho are instructionsoftheBuyer, Policy&
registered with the Central Purchase eitheronlineatthetime Proceduresofthe
Organisation,
National
Small
Industries ofonlinebidsubmission concernedBuyer
Corporation (NSIC) or the concerned Ministry or (subjecttothepayment organizationcanbe
Department. The bidders should be asked to limitsofthePayment
carriedout.
furnishbidsecurityalongwiththeirbids.Amount Gateway),orpayable
of bid security should ordinarily range between offlineparalleltothe
two percent to five percent of the estimated onlinebidsubmission
value of the goods to be procured. The exact beforethebidsubmission
amount of bid security should be determined deadline.Inthelatter
accordingly by the Ministry or Department and case,provisionshouldbe
indicated in the bidding documents. The bid theretotaketheoffline
securitymaybeacceptedintheformofAccount paymentonrecordduring
Payee Demand Draft, Fixed Deposit Receipt, thePublicTOE.
Banker's Cheque or Bank Guarantee from any of
the commercial banks in an acceptable form, Inaddition,the
safeguarding the purchaser's interest in all concernedBuyer
61
respects. The bid security is normally to remain organizationshouldhave

valid for a period of fortyfive days beyond the ProcurementPolicy&
finalbidvalidityperiod.
(ii) Bid securities of the unsuccessful bidders theotherrequirements
should be returned to them at the earliest after
expiry of the final bid validity and latest on or

before the 30th day after the award of the
contract.
158 Performancesecurity:
eprocurementSystem
(i) To ensure due performance of the contract, shouldhavefunctionality
Performance Security is to be obtained from the forrecordingimportant
successful bidder awarded the contract. milestonesofContract
Performance Security is to be obtained from Executionwhichwould
every successful bidder irrespective of its includesubmissionof
registration status etc. Performance Security PerformanceSecurityby
shouldbeforanamountoffivetotenpercent.of thesuccessfulbidder(s)
the value of the contract. Performance Security
maybefurnishedintheformofanAccountpayee Inaddition,the
Demand Draft, Fixed Deposit Receipt from a concernedBuyer
Commercial bank, Bank Guarantee from a organizationshouldhave
Commercial bank in an acceptable form ProcurementPolicy&
safeguarding the purchasers interest in all Procedurestoimplement
respects.
(ii)PerformanceSecurityshouldremainvalidfora
period of sixty days beyond the date of
completion of all contractual obligations of the
supplierincludingwarrantyobligations.
(iii) Bid security should be refunded to the
successful bidder on receipt of Performance
Security.
159 (1) Advance payment to supplier: Ordinarily, eprocurementSystem
paymentsforservicesrenderedorsuppliesmade shouldhavefunctionality
should be released only after the services have forrecordingimportant
beenrenderedorsuppliesmade.However,itmay milestonesofContract
becomenecessarytomakeadvancepaymentsin Executionwhichwould
includeAdvance
thefollowingtypesofcases:
(i) Advance payment demanded by firms holding Paymentsandother
maintenance contracts for servicing of Air paymentsmadetothe
conditioners,computers,othercostlyequipment, successfulbidder(s)/
etc.
suppliers.
(ii)Advancepaymentdemandedbyfirmsagainst
fabricationcontracts,turnkeycontractsetc.
Inaddition,the
Such advance payments should not exceed the concernedBuyer
followinglimits:
organizationshouldhave
(i)Thirtypercent.ofthecontractvaluetoprivate ProcurementPolicy&
firms;
(ii)Fortypercent.ofthecontractvaluetoaState theotherrequirements
orCentralGovernmentagencyoraPublicSector
Undertaking;or
(iii)Incaseofmaintenancecontract,theamount
should not exceed the amount payable for six
monthsunderthecontract.
Functionality
Inaddition,auditof
theProcurement
Policy&
Proceduresofthe
concernedBuyer
organizationcanbe
carriedout.
Functionality
Inaddition,auditof
theProcurement
Policy&
Proceduresofthe
concernedBuyer
organizationcanbe
carriedout.
62
Ministries or Departments of the Central

Governmentmayrelax,inconsultationwiththeir
Financial Advisers concerned, the ceilings
(including percentage laid down for advance
payment for private firms) mentioned above.
While making any advance payment as above,
adequate safeguards in the form of bank
guaranteeetc.shouldbeobtainedfromthefirm.
(2)Partpaymenttosuppliers:Dependingonthe
termsofdeliveryincorporatedinacontract,part
paymenttothesuppliermaybereleasedafterit
dispatches the goods from its premises in terms
ofthecontract.
160 Transparency, competition, fairness and eprocurementSystem
Functionality
elimination of arbitrariness in the procurement shouldhavefunctionality Verification/Testing
process:
toensuretransparency,
All government purchases should be made in a accountability,fairness
Inaddition,Audit
transparent, competitive and fair manner, to andeliminationof
oftheProcurement
securebestvalueformoney.Thiswillalsoenable arbitrarinessinthe
Policy&
the prospective bidders to formulate and send procurementprocess.
Proceduresofthe
their competitive bids with confidence. Some of Thisshouldbeensuredby concernedBuyer
the measures for ensuring the above are as eprocurementsystem
organizationcanbe
follows:
strictlyandsatisfactorily carriedout.
(i) The text of the bidding document should be addressingthevarious
selfcontained and comprehensive without any issuesespeciallyoutlined
ambiguities. All essential information, which a inAnnexureIofthese
bidder needs for sending responsive bid, should Guidelines.Specificallyfor
be clearly spelt out in the bidding document in fairnessitmustbe
simple language. The bidding document should ensuredthatthee
contain,interalia;
procurementsystem
(a)Thecriteriaforeligibilityandqualifications supportsalllegitimate
to be met by the bidders such as minimum processesand
level of experience, past performance, methodologiesfor
technical capability, manufacturing facilities invitingbidsina
andfinancialpositionetc.;
transparentmanner,and
(b) Eligibility criteria for goods indicating any undernocircumstances
legalrestrictionsorconditionsabouttheorigin shouldtheconfidentiality
ofgoodsetc.whichmayberequiredtobemet ofthebidbe
bythesuccessfulbidder;
compromisedbeforethe
(c) The procedure as well as date, time and OnlinePublicTender
placeforsendingthebids;
OpeningEvent.
(d)Date,timeandplaceofopeningofthebid; Importantly,aproperly
(e)Termsofdelivery;
conductedPublicTender
(f)Specialtermsaffectingperformance,ifany.
OpeningEventisthe
(ii) Suitable provision should be kept in the backboneoftransparency
biddingdocumenttoenableabiddertoquestion inpublicprocurement.
the bidding conditions, bidding process and/ or Theeprocurement
rejectionofitsbid.
systemmusthaveavery
(iii)Suitableprovisionforsettlementofdisputes, transparentand
if any, emanating from the resultant contract, comprehensiveOnline
shouldbekeptinthebiddingdocument.
PublicTenderOpening
(iv)Thebiddingdocumentshouldindicateclearly Eventwithsimultaneous
63
that the resultant contract will be interpreted onlinepresenceof

underIndianLaws.
authorized
(v) The bidders should be given reasonable time representativesof
tosendtheirbids.
bidders,andtoeliminate
(vi) The bids should be opened in public and arbitrarinesseachopened
authorised representatives of the bidders should bidshouldbe
bepermittedtoattendthebidopening.
countersignedbythe
(vii) The specifications of the required goods TOEofficersinthe
shouldbeclearlystatedwithoutanyambiguityso simultaneousonline
thattheprospectivebidderscansendmeaningful presenceofthe
bids. In order to attract sufficient number of authorizedbidders.
bidders, the specification should be broad based
to the extent feasible. Efforts should also be Inaddition,authorized
made to use standard specifications which are representativesof
widelyknowntotheindustry.
biddersmayalsobe
(viii) Prebid conference: In case of turnkey presentofflineduringa
contract(s) or contract(s) of special nature for TOE.However,to
procurement of sophisticated and costly eliminateany
equipment, a suitable provision is to be kept in arbitrarinessandany
the bidding documents for a prebid conference doubtabouttampering,
for clarifying issues and clearing doubts, if any, thesimultaneousonline
aboutthespecificationsandotheralliedtechnical presenceofbidders
details of the plant, equipment and machinery duringTOEisimportant.
projected in the bidding document. The date, Biddersmayhavedoubts
time and place of prebid conference should be aboutthetransparencyof
indicated in the bidding document. This date theprocessifthebidsare
shouldbesufficientlyaheadofbidopeningdate. openedbytheBuyer
(ix) Criteria for determining responsiveness of independentlyinthe
bids, criteria as well as factors to be taken into backend(iewithoutthe
account for evaluating the bids on a common simultaneousonline
platform and the criteria for awarding the presenceofbidders),and
contract to the responsive lowest bidder should thensubsequently
beclearlyindicatedinthebiddingdocuments.
displayedtothebidders.
(x)Bidsreceivedshouldbeevaluatedintermsof Forcomparison,this
the conditions already incorporated in the wouldtantamounttobids
biddingdocuments;nonewconditionwhichwas beingopenedbythe
not incorporated in the bidding documents Buyerinanotherroom
should be brought in for evaluation of the bids. (wherethebiddersare
Determination of a bid's responsiveness should notpresent),andthen
bebasedonthecontentsofthebiditselfwithout broughttoasecondroom
recoursetoextrinsicevidence.
wherethebiddersare
(xi) Bidders should not be permitted to alter or waiting.Thisisobviously
modifytheirbidsafterexpiryofthedeadlinefor notatransparentpublic
receiptofbids.
opening,andsoitisnot
(xii) Negotiation with bidders after bid opening acceptable.
must be severely discouraged. However, in
exceptional
circumstances
where
price Furthermore,e
negotiation against an adhoc procurement is procurementsystem
necessary due to some unavoidable shouldallowsubmission
circumstances,thesamemayberesortedtoonly ofModification/
withthelowestevaluatedresponsivebidder.
Substitution/Withdrawal
(xiii)Intheratecontractsystem,whereanumber ofbidsonlytillthebid
64
offirmsarebroughtonratecontractforthesame submissiondeadline.
item, negotiation as well as counter offering of
ratesarepermittedwiththebiddersinviewand Tofurthereliminate
for this purpose special permission has been arbitrariness,thee
given to the Directorate General of Supplies and procurementsystem
Disposals(DGS&D).
shouldhave
(xiv)Contractshouldordinarilybeawardedtothe comprehensive
lowest evaluated bidder whose bid has been electronicformsfor
found to be responsive and who is eligible and capturingspecificdata
qualifiedtoperformthecontractsatisfactorilyas requirementsofeach
perthetermsandconditionsincorporatedinthe tender,anddetailed
corresponding bidding document. However, responsefromeach
where the lowest acceptable bidder against ad biddertoGeneralTerms
hocrequirementisnotinapositiontosupplythe &Conditions(GTC)and
fullquantityrequired,theremainingquantity,as SpecialTerms&
far as possible, be ordered from the next higher Conditions(STC).
responsive bidder at the rates offered by the
lowestresponsivebidder.
Whererequired,
(xv) The name of the successful bidder awarded functionalityofthee
the contract should be mentioned in the procurementsystem
Ministries or Departments notice board or shouldbesupplemented
bulletinorwebsite
withProcurementPolicy
&Proceduresinternalto
161 Efficiency,EconomyandAccountabilityinpublic Foraccountability,e
procurementsystem:
procurementsystem
Public procurement procedure is also to ensure shouldhavea
efficiency, economy and accountability in the comprehensiveHierarchy
system. To achieve the same, the following keys andRoleAuthorizationof
areasshouldbeaddressed:
officerswithdetailed
(i) To reduce delay, appropriate time frame for AuditTrailsasoutlinedin
each stage of procurement should be prescribed AnnexureIofthese
bytheMinistryorDepartment.Suchatimeframe Guidelines.
will also make the concerned purchase officials
morealert.
Whererequired,
(ii) To minimise the time needed for decision functionalityofthee
making and placement of contract, every procurementsystem
Ministry/ Department, with the approval of the shouldbesupplemented
competent authority, may delegate, wherever withProcurementPolicy
necessary, appropriatepurchasing powers to the &Proceduresinternalto
lowerfunctionaries.
(iii)TheMinistriesorDepartmentsshouldensure
placementofcontract withintheoriginalvalidity
of the bids. Extension of bid validity must be
discouraged and resorted to only in exceptional
circumstances.
(iv) The Central Purchase Organisation (e.g.
DGS&D) should bring into the rate contract
systemmoreandmorecommonuseritemswhich
are frequently needed in bulk by various Central
Government departments. The Central Purchase
Organisation (e.g. DGS&D) should also ensure
Functionality
Inaddition,Audit
oftheProcurement
Policy&
Proceduresofthe
concernedBuyer
organizationcanbe
carriedout.
65
162
163
164
165
166
167
that the rate contracts remain available without

anybreak.
Buybackoffer:
eprocurementSystem
When it is decided with the approval of the shouldhavefunctionality
competent authority to replace an existing old whereBuyBackPrice
item(s) with a new and better version, the shouldalsobecaptured
departmentmaytradetheexistingolditemwhile intheFinancialBidand
purchasing the new one. For this purpose, a provisionshouldbethere
suitable clause is to be incorporated in the forNetProcurement
bidding document so that the prospective and Priceaftertakinginto
interested bidders formulate their bids accounttheBuyBack
accordingly. Depending on the value and Price
conditionoftheolditemtobetraded,thetimeas
wellasthemodeofhandingovertheolditemto
the successful bidder should be decided and
relevant details in this regard suitably
incorporated in the bidding document. Further,
suitable provision should also be kept in the
biddingdocumenttoenablethepurchasereither
totradeornottotradetheitemwhilepurchasing
thenewone.
B) ProcurementofServicesRule163to177
TheMinistriesorDepartmentsmayhireexternal ProcurementPolicy&
professionals, consultancy firms or consultants Proceduresinternaltothe
foraspecificjob,whichiswelldefinedinterms Buyerorganization
ofcontentandtimeframeforitscompletionor
outsourcecertainservices.
Note:Generallynospecific
requirementsfore
procurement.
Thischaptercontainsthefundamentalprinciples
applicable to all Ministries or Departments
regarding engagement of consultant(s) and
outsourcingofservices.
IdentificationofWork/Servicesrequiredtobe eprocurementSystem
performedbyConsultants:
shouldfunctionalityfor
Engagement of consultants may be resorted to obtainingapprovalofan
in situations requiring high quality services for IndentorRequisitionNote
whichtheconcernedMinistry/Departmentdoes forengagementof
not have requisite expertise. Approval of the consultantswithprovision
competentauthorityshouldbeobtainedbefore forrecordingrelevant
engagingconsultant(s).
justification.
Preparation of scope of the required work/ eprocurementSystem
service:
shouldfunctionalityfor
The Ministries/ Departments should prepare in obtainingapprovalofan
simple and concise language the requirement, IndentorRequisitionNote
objectivesandthescopeoftheassignment.The forengagementof
eligibilityandprequalificationcriteriatobemet consultantswithprovision
by the consultants should also be clearly forrecordingrelevant
identifiedatthisstage.
justification.
Estimatingreasonableexpenditure:
eprocurementSystem
Ministry or Department proposing to engage shouldfunctionalityfor
Functionality
Process
Audit
Functionality
Functionality
Functionality
66
consultant(s) should estimate reasonable obtainingapprovalofan

expenditure for the same by ascertaining the IndentorRequisitionNote
prevalent market conditions and consulting forengagementof
otherorganisationsengagedinsimilaractivities. consultantswithprovision
forrecordingrelevant
justificationwithestimated
expenditure.
168 Identificationoflikelysources:
eprocurementSystem
Functionality
(i) Where the estimated cost of the work or shouldhavefunctionality Verification/Testing
service is upto Rupees twentyfive lakhs, forinvitingExpressionof ofrelated
preparationofalonglistofpotentialconsultants Interest(EOI)through
featuresand
maybedoneonthebasisofformalorinformal LimitedorOpenInvitation, explanations
enquiries from other Ministries or Departments withotherfunctionalityas givenbythee
or Organisations involved in similar activities, applicableforLimitedand procurement/e
ChambersofCommerce&Industry,Association OpenTenders.Thiscould tendering
ofconsultancyfirmsetc.
bedonethroughfirst
software/service
(ii) Where the estimated cost of the work or InvitingApplicationsfor
provideragainst
service is above Rupees twentyfive lakhs, in Prequalificationfollowed relevantsections
addition to (i) above, an enquiry for seeking byBidding,ordirectly
andpointsof
Expression of Interest from consultants should invitingBidsinoneortwo AnnexureI.
be published in at least one national daily and envelopes.
the Ministry's web site. The web site address

Inaddition,Audit
should also be given in the advertisements. Whererequired,
oftheProcurement
EnquiryforseekingExpressionofInterestshould functionalityofthee
Policy&
include in brief, the broad scope of work or procurementsystem
Proceduresofthe
service,inputstobeprovidedbytheMinistryor shouldbesupplemented concernedBuyer
Department, eligibility and the prequalification withProcurementPolicy& organizationcanbe
criteria to be met by the consultant(s) and Proceduresinternaltothe carriedout.
consultants past experience in similar work or Buyerorganization.
service. The consultants may also be asked to
send their comments on the objectives and
scope of the work or service projected in the
enquiry. Adequate time should be allowed for
gettingresponsesfrominterestedconsultants
Functionality
169 Shortlistingofconsultants:
eprocurementSystem
On the basis of responses received from the shouldhavefunctionality Verification/Testing
interested parties as per Rule 168 above, forshortlistingconsultants
consultantsmeetingtherequirementsshouldbe whohavebeenfoundto Inaddition,Audit
oftheProcurement
short listed for further consideration. The beeligibleafterthefirst
numberofshortlistedconsultantsshouldnotbe round/prequalification. Policy&
Proceduresofthe
lessthanthree.
Whererequired,
concernedBuyer
functionalityofthee
organizationcanbe
procurementsystem
carriedout.
shouldbesupplemented
withProcurementPolicy&
Proceduresinternaltothe
Buyerorganization.
170 PreparationofTermsofReference(TOR):
eprocurementSystem
Functionality
TheTORshouldinclude:
shouldhavefunctionality Verification/Testing
1. Precisestatementofobjectives;
forincludinginthe
2. Outlineofthetaskstobecarriedout;
RequestforProposal(RFP)
67
3. Scheduleforcompletionoftasks;
documents,thedetailed
4. Thesupportorinputstobeprovidedbythe TermsofReference(TOR)
Ministry or Department to facilitate the
consultancy;
5. Thefinaloutputsthatwillberequiredofthe
Consultant.
Functionality
171 Preparation and issue of Request for Proposal eprocurementSystem
(RFP):
shouldhavefunctionality Verification/Testing
ofrelated
RFPisthedocumenttobeusedbytheMinistry/ forcreatingdetailed
Department for obtaining offers from the RequestforProposal(RFP) featuresand
consultants for the required work/ service. The andpostingthisonthee explanations
givenbythee
RFP should be issued to the shortlisted procurementsystem
consultants toseektheirtechnicalandfinancial websitewithallied
procurement/e
functionalityfor
proposals.
tendering
CorrigendaandAddenda software/service
TheRFPshouldcontain:
toRFP.Thefunctionality provideragainst
1. AletterofInvitation
2. Information to Consultants regarding the shouldalsoinclude
relevantsections
creationofElectronic
procedureforsubmissionofproposal
andpointsof
Formstocaptureprecise AnnexureI.
3. TermsofReference(TOR)
4. Eligibility and prequalification criteria in dataintheapplication/bid
case the same has not been ascertained submittedbyeach
Inaddition,Audit
through Enquiry for Expression of Interest consultant.
oftheProcurement
(EOI)
Policy&
5. ListofkeypositionwhoseCVandexperience Whererequired,
Proceduresofthe
wouldbeevaluated
functionalityofthee
concernedBuyer
6. Bid evaluation criteria and selection procurementsystem
organizationcanbe
shouldbesupplemented carriedout.
procedure
7. Standard formats for technical and financial withProcurementPolicy&
Proceduresinternaltothe
proposal
Buyerorganization.
8. Proposedcontractterms
9. Procedure proposed to be followed for
midtermreviewoftheprogressofthework
andreviewofthefinaldraftreport
172 Receiptandopeningofproposals:
eprocurementSystem
Functionality
Proposals should ordinarily be asked for from shouldhavefunctionality Verification/Testing
consultants in Twobid system with technical forinvitingSingleStage
ofrelated
and financial bids sealed separately. The bidder TwoEnvelopetenders,or featuresand
explanations
should put these two sealed envelopes in a TwoStagetenders(as
givenbythee
biggerenvelopdulysealedandsubmitthesame mentionedinCVC
procurement/e
to the Ministry or Department by the specified guidelines),withsecure
tendering
dateandtimeatthespecifiedplace.Onreceipt, methodologyforsealing
the technical proposals should be opened first bids(iedataencryptionof software/service
provideragainst
by the Ministry or Department at the specified boththeTechnical,as
date,timeandplace.
wellas,Financialbidparts relevantsections
andpointsof
bythebidderhimself
beforebidsubmission.In AnnexureI.
addition,thereshouldbe
functionalityforopening
onlythetechnicalbids
first;functionalityfor
creatingashortlistof
68
173
174
175
176
177
bidders;functionalityfora
secondtenderopening
eventforopeningthe
financialbidsofthe
bidders
Latebids:
eprocurementSystem
Late bids i.e. bids received after the specified shouldhavefunctionality
date and time of receipt should not be forNotAcceptingLate
considered.
Bids
Evaluationoftechnicalbids:
Intheeprocurement
Technicalbidsshouldbeanalysedandevaluated SystemaftertheTOEin
by a Consultancy Evaluation Committee (CEC) whichtheTechnicalBids
constitutedbytheMinistryorDepartment.The areopened,functionality
CEC shall record in detail the reasons for shouldexistformembers
acceptance or rejection of the technical ofConsultancyEvaluation
proposalsanalysedandevaluatedbyit.
Committee(CEC)toaccess
theTechnicalBidsfor
evaluationwithprovision
torecord
recommendations.
Evaluation of financial bids of the technically Intheeprocurement
qualifiedbidders:
SystemaftertheTOEin
The Ministry or Department shall open the whichtheFinancialBidsof
financial bids of only those bidders who have thetechnicallyqualified
been declared technically qualified by the biddersareopened,
ConsultancyEvaluation69
functionalityshouldexist
Committee as per Rule 174 above for further formembersof
analysisorevaluationandrankingandselecting ConsultancyEvaluation
the successful bidder for placement of the Committee(CEC)toaccess
consultancycontract.
theFinancialBidsfor
evaluationwithprovision
torecord
recommendations.
Consultancybynomination:
ProcurementPolicy&
Under some special circumstances, it may Proceduresinternaltothe
become necessary to select a particular Buyerorganization
consultant where adequate justification is
available for such singlesource selection in the Note:Generallynospecific
contextoftheoverallinterestoftheMinistryor requirementsfore
Department. Full justification for single source procurement.
selection should be recorded in the file and
approval of the competent authority obtained
beforeresortingtosuchsinglesourceselection.
Monitoringthecontract:
eprocurementSystem
The Ministry/ Department should be involved shouldhavefunctionality
throughout in the conduct of consultancy, formonitoring
preferably by taking a task force approach and performanceofa
continuouslymonitoringtheperformanceofthe consultant,whichwould
consultant(s) so that the output of the includerecordingof
consultancy is in line with the Ministry importantparameters/
Functionality
Verification/
Testing
Functionality
Verification/
Testing
Functionality
Verification/
Testing
ProcessAudit
Functionality
Inaddition,auditof
theProcurement
Policy&
Proceduresofthe
69
/Departmentsobjectives.
178
179
180
181
milestonesrelatingthe
concernedBuyer
consultantsperformance. organizationcanbe
carriedout.
Inaddition,theconcerned
Buyerorganizationshould
haveProcurementPolicy&
C) OutsourcingofServices:Rule178to185
OutsourcingofServices:
ProcurementPolicy&
Process
AMinistryorDepartmentmayoutsourcecertain Proceduresinternaltothe Audit
services in the interest of economy and Buyerorganization
efficiency and it may prescribe detailed
instructions and procedures for this purpose Note:Generallyno

without, however, contravening the following specificrequirementsfor
basicguidelines.
eprocurement.
Identificationoflikelycontractors:
eprocurementSystem
Functionality
TheMinistryorDepartmentshouldpreparealist shouldhavefunctionality Verification/Testing
oflikelyandpotentialcontractorsonthebasisof forcreatingClassifiedLists
formal or informal enquiries from other oflikelyandpotential
Ministries or Departments and Organisations contractors.Also
involved in similar activities, scrutiny of Yellow functionalityshouldexist
pages,andtradejournals,ifavailable,website foraBuyerorganization
etc.
toCreate/Manage
Contractororganizations
underdifferentHeadsand
Grades
Functionality
eprocurementSystem
PreparationofTenderenquiry:
MinistryorDepartmentshouldprepareatender shouldhavefunctionality Verification/Testing
enquirycontaining,interalia:
forcreatingandmanaging ofrelatedfeatures
andexplanations
(i) The details of the work or service to be TenderNotices,
givenbythee
Corrigenda,Tender
performedbythecontractor;
procurement/e
(ii) The facilities and the inputs which will be Documents,Addenda;
provided to the contractor by the Ministry or floatingOpenTenders,as tenderingsoftware/
Department;
wellas,LimitedTenders; serviceprovider
(iii)Eligibilityandqualificationcriteriatobemet andfunctionalityforother againstrelevant
sectionsandpoints
by the contractor for performing the required associatedprocesses
ofAnnexureI
work/service;and
(iv)Thestatutoryandcontractualobligationsto Inaddition,theconcerned
Buyerorganizationshould Inaddition,Auditof
becompliedwithbythecontractor.
haveProcurementPolicy theProcurement
&Proceduresto
Policy&Procedures
implementtheother
oftheconcerned
requirements
Buyerorganization
canbecarriedout.
InvitationofBids:
eprocurementSystem
Functionality
(a) For estimated value of the work or service shouldhavefunctionality Verification/Testing
uptoRupeestenlakhsorless:
forcreatingandmanaging ofrelatedfeatures
The Ministry or Department should scrutinise TenderNotices,
andexplanations
the preliminary list of likely contractors as Corrigenda,Tender
givenbythee
identified as per Rule 179 above, decide the Documents,Addenda;
procurement/e
70
182
183
184
185
primafacieeligibleandcapablecontractorsand floatingOpenTenders,as tenderingsoftware/

issue limited tender enquiry to them asking for wellas,LimitedTenders; serviceprovider
theiroffersbyaspecifieddateandtimeetc.as andfunctionalityforother againstrelevant
per standard practice. The number of the associatedprocesses
sectionsandpoints
contractors so identified for issuing limited
ofAnnexureI
tenderenquiryshouldnotbelessthansix.
Inaddition,theconcerned
(b) For estimated value of the work or service Buyerorganizationshould Inaddition,Auditof
haveProcurementPolicy theProcurement
aboveRupeestenlakhs:
Policy&Procedures
The Ministry or Department should issue &Proceduresto
advertised tender enquiry asking for the offers implementtheother
oftheconcerned
Buyerorganization
byaspecifieddateandtimeetc.inatleastone requirements
popular largely circulated national newspaper
canbecarriedout.
andwebsiteoftheMinistryorDepartment.
LateBids:
eprocurementSystem
Functionality
Late bids i.e. bids received after the specified shouldhavefunctionality Verification/Testing
date and time of receipt should not be forNotAcceptingLate
considered.
Bids
EvaluationofBidsReceived:
Intheeprocurement
Functionality
The Ministry or Department should evaluate, SystemaftertheTOEin Verification/Testing
segregate, rank the responsive bids and select whichtheBidsare
the successful bidder for placement of the opened,functionality
contract.
shouldexistformembers
oftheEvaluation
Committee(EC)toaccess
theBidsforevaluation
withprovisiontorecord
recommendations.
OutsourcingbyChoice:
ProcurementPolicy&
Testing&Audit
Should it become necessary, in an exceptional Proceduresinternaltothe
situation to outsource a job to a specifically Buyerorganization
chosen contractor, the Competent Authority in
the Ministry or Department may do so in Note:Generallyno
consultation with the Financial Adviser. In such specificrequirementsfor
cases the detailed justification, the eprocurement.
circumstances leading to the outsourcing by
choiceandthespecialinterestorpurposeitshall
serveshallformanintegralpartoftheproposal.
MonitoringtheContract:
eprocurementSystem
Functionality
The Ministry or Department should be involved shouldhavefunctionality Verification/Testing
throughout in the conduct of the contract and forrecordingimportant
continuously monitor the performance of the milestonesofContract
Inaddition,auditof
contractor.
Execution.
theProcurement
Policy&Procedures
Inaddition,theconcerned oftheconcerned
Buyerorganizationshould Buyerorganization
haveProcurementPolicy canbecarriedout.
&Proceduresto
implementtheother
requirements
71
AnnexureIVChecklistforCompliancewithITACT(ITACT2000andAmendment2008)
ITACT
MeansofChecking
No.
Reference
1
ElectronicSignatureImplementation:
3,3A,5,6, Verificationof
i)
ESC(ElectronicSignatureCertificate)usedfor 15,42,Ch Implementation/
theeProcurementSystembytheusersare
Functionalityand
VI;
IssuedbyCC(CertifyingAuthority)recognized Sch2,13
theESCused.
byGovt.ofIndiaCCA(ControllerofCertifying
Authority).
ii) Theprivatekeyorthesignaturecreationdata
shouldnotbestoredintheeProcurement
Systemorkeptunderthecontrolofthee
ProcurementServiceProvider.
iii) Bytheuseofapublickeyofthesubscriber/
signer,itshouldbepossibletoverifythe
electronicrecord.Thismaybereadin
conjunctionwithSch2,1385B(2)(b)except
inthecaseofasecureelectronicrecordora
securedigitalsignature,nothinginthis
sectionshallcreateanypresumptionrelating
toauthenticityandintegrityoftheelectronic
recordoranydigitalsignature.
(Explanation:Thisimpliesthatimportant
electronicrecordsofaneprocurement
application,likeTenderNotice,Corrigenda,
TenderDocuments,Addenda,Clarifications
toTenderDocuments,Bids,etcshouldnot
onlybeelectronicallysigned,thereshould
alsobeprovisionintheeprocurement
applicationtoverifytheelectronic
signatures).
iv)
Everysubscribershallexercisereasonable
caretoretaincontroloftheprivatekey
correspondingtothepublickeylistedinhis
DigitalSignatureCertificateandtakeallsteps
topreventitsdisclosure(Explanation:There
shouldbenolimitationinthefunctionalityof
theeprocurementsystemwhichmay
necessitateforthetenderingprocessesto
continueuninterruptedthattheprivatekey
ofanyofficerbehandedovertoanybody
else(whomaybeabsentorunavailable),or
whereaprivatekeyissharedbymultiple
usersduetoanyreasonsuchasabsenceof
detailedhierarchywithinauserorganization,
ormultipleusersofagroupusingacommon
key.
v)
Similarly,functionalityoftheeprocurement
systemshouldcoverotheraspectsoutlined
invarioussections(specifiedintheadjacent
72
column)oftheITAct.
ElectronicDocument&RecordControl:
Suitablecontrolsareestablishedforelectronic
documents/recordsgenerated,processed,stored,
disposedofbytheeProcurementSystemtocomply
i)
Theinformationcontainedine
Documents/eRecordsremains
accessible/usableforsubsequentreference;
ii) TheeRecordsareretainedintheoriginal
format,itwasgenerated,toaccurately
demonstratehowitwas
generated/sent/received.
iii) TheeRecordsshouldbemaintainedwith
identificationoforigin,destination,dateand
timeofdispatchorreceipt.
iv)
TheretentionperiodoftheeRecordsshould
becompliantwiththelegalandcontractual
requirements.
DataProtection:
i)
Adequateandreasonablesecuritypractices
andproceduresareinplacetoprotect
confidentialityandintegrityoftheusersdata
andcredentials
ii) Theeprocurementsystemhasto
satisfactorilyaddresstheabove)through
suitablefunctionalitybuiltintothee
procurementapplication.Where,in
addition,someissuesarebeingfurther
addressedthroughorganizational
procedures,theseshouldbeexplicitly
definedwithsatisfactoryexplanations.
Thereasonablesecuritypracticesand
proceduresfollowedshouldbedocumented
inlinewiththeinternationalstandard
ISO/IEC27001.
Duediligenceexercise:
i)
TheServiceProvidershallpublishtheterms
andconditionsofuseofitseProcurement
System,useragreement,privacypolicyetc.
ii) TheServiceProvidershallnotifyusersnotto
use,display,upload,modify,publish,
transmit,update,shareorstoreany
informationthat:
(a) belongstoanotherperson;
(b) isharmful,threatening,abusive,
harassing,blasphemous,objectionable,
defamatory,vulgar,obscene,
pornographic,pedophilic,libelous,
Verificationof
policies,
procedures,
mechanismsand
relevantrecords,
andfunctionalityof
theeprocurement
system.
43A,
Draftrule
under
Section
43A
Verificationof
policies,
procedures,
mechanismsand
relevantrecords,
andfunctionalityof
theeprocurement
system.
(Somechecksare
coveredin
AnnexureI,IIand
III)
79,
Draftrule
under
Section79
Verificationofthe
termsand
conditionsofuseof
theeProcurement
System,user
agreement,privacy
policy,andother
notificationsas
mentioned.
73
iii)
iv)
v)
invasiveofanother'sprivacy,hateful,or
racially,ethnicallyorotherwise
objectionable,disparaging,relatingor
encouragingmoneylaunderingor
gambling,orotherwiseunlawfulinany
mannerwhatever;
(c) harmminorsinanyway;
(d) infringesanypatent,trademark,
copyrightorotherproprietaryrights;
(e) violatesanylawforthetimebeingin
force;
(f) disclosessensitivepersonalinformation
ofotherpersonortowhichtheuserdoes
nothaveanyrightto;
(g) causesannoyanceorinconvenienceor
deceivesormisleadstheaddresseeabout
theoriginofsuchmessagesor
communicatesanyinformationwhichis
grosslyoffensiveormenacinginnature;
(h) impersonateanotherperson;
(i) containssoftwarevirusesoranyother
computercode,filesorprograms
designedtointerrupt,destroyorlimitthe
functionalityofanycomputerresource;
(j) threatenstheunity,integrity,defence,
securityorsovereigntyofIndia,friendly
relationswithforeignstates,orpublic
orderorcausesincitementtothe
commissionofanycognizableoffenceor
preventsinvestigationofanyoffenceoris
insultinganyothernation.
TheServiceProvidershallnotitselfhostor
publishoreditorstoreanyinformationor
shallnotinitiatethetransmission,selectthe
receiveroftransmission,andselectormodify
theinformationcontainedinthe
transmissionasspecifiedin(ii)above.
TheServiceProvidershallinformitsusers
thatincaseofnoncompliancewithtermsof
useoftheservicesandprivacypolicy
providedbytheServiceProvider,ithasthe
righttoimmediatelyterminatetheaccess
rightsoftheuserstotheeProcurement
System.
TheServiceProvidershallpublishonthee
Procurementwebsiteaboutthedesignated
agenttoreceivenotificationofclaimed
infringements.
74
ReferenceDocuments
75
ReferenceDocument1
eTenderingProcesses
etenderingportal
anetenderingportal,oranetenderingwebsite,referstoaninternetbasedportalon
whichanetenderingapplicationsoftwareishostedinasecuremanner.Oneormore
Government organizations register on the portal (as Buyer organizations). Various
vendors also register on the portal (as Supplier organizations). A Buyer organization
floats (i.e. invites) a tender on the portal, and Supplier organizations respond to such
tenders. Depending on the functionality offered by an etendering portal, all the
tenderingrelatedactivities,fromIndentManagement(orRequisitionManagement)to
Award of Contract can be carried out Online over the Internet by a Buyer
organization,andrelatedactivitiesbySupplierorganizations.
NonnegotiablefoundingprinciplesofPublicProcurementliketransparency,encouraging
competitivenessandfairtreatmenttoalletc.
Switchover from manual system of tendering to electronic tendering or etendering is

major change. Some process reengineering (i.e. change or improvement in the
methodology of conducting various activities) becomes inevitable when changeover is
made to a new technology, or a new method of working is adopted. However, while
switching over to etendering, no compromise should be made by the Government
organization on `Security and Transparency related aspects of the Government
TenderingPolicyandRulesonthepretextofreengineering.
Whileswitchingovertoetendering,aGovernmentorganization(intheroleofaBuyer)
whichurgesitsSuppliers/Vendorstochangeovertoetendering,shouldensurethatthe
etendering portal also takes care of the Supplier organizations needs for security and
transparency,andthatsuppliersaregivenreasonabletimetochangeoverinaphased
manner.
coreactivitiesrelatedtotendering
FromaBuyersperspective,`coreactivitiesrelatedtotenderingreferstoactivitieslike
raising indents (or requisitions) for procuring some item or service, approving such
requisitions, configuring the etendering system to act as per that organisations
tenderingpolicy,creatingahierarchyofofficerswithspecificauthorizationstomanage
and control activities related to etendering for various tenders, configuring the e
tenderingsystemtoactasperspecificrulesforagiventender,creatingalistofbidders
tobeinvitedfora`limitedtender,creatingatendernotice,approvingatendernotice,
authorizing issue of corrigenda , creating corrigenda, approving tender documents,
authorizing issue of addenda, approving addenda, furnishing clarifications to tender
documents,conducingonlinepublictenderopeningevent(s)andsharingsalientpoints
ofeachbidwithallparticipatingbidders,countersigningeachopenedbidduringtender
openingevent,evaluatingthebidswhichhavebeenopened,creatingalistofbiddersfor
the next stage (where applicable). From a Suppliers (or Vendors perspective), `core
tenderingactivitiesor`coreactivitiesrelatedtotenderingreferstoactivitiesrelatingto
responding to various tenders. These includecreating a hierarchy of executives with
specific authorizations to manage and control activities related to etendering for
various tenders, procuring tender documents for a tender, seeking clarifications to
tender documents, preparing a bid in multiple parts(as required by the Buyer) and
required),attendingonlinepublictenderopeningevent(s).
76
OperatingModelsforeTendering
A variety of Òperating Models have emerged through which etendering services
arecurrentlybeingoffered.Someprominentmodelsare`DedicatedeTendering
Portals (also referred to as Captive eTendering Portals), `Shared eTendering
Portals[whereservicesareofferedinASP(ApplicationServiceProvider)mode/SaaS
(SoftwareasaService)mode,anddifferenttypesofÒutsourcingModels.Also,itis
important to differentiate between the concepts of the portal. In view of the
emphasis on Security and Transparency in PublicProcurement, the acceptability of
thesemodelsvaries.Guidelinesareasfollows:
A)(DedicatedeTenderingPortals)wheretheGovernmentorganization
wishing to do etendering, owns and controls the portal infrastructure, and
alsocontrolsallthecoretenderingactivitiescarriedoutontheportal.
AGovernmentorganizationwishingtosetupadedicatedetenderingportal
foritstenderingrequirementsshouldfloatanÒpenTenderforselectinga
suitablevendor.Itshouldnotresorttobypassingofthetenderingprocess
onthegrounds,thatasaBuyerorganizationithasbeenofferedtheservice
free of charge or at nominal charge, and only Suppliers or Vendors have to
paytotheServiceProviderortheSupplieroftheetenderingsoftware,asthe
casemaybe.Insituationslikethis,asinthecaseofinfrastructureprojects,
the total revenue which accrues to the Service provider of the etendering
portal should be considered, viz revenue from the Buyer organization(s),
revenuefromregistrationofSupplierorganizationswhichwillregisteronthe
portal at the behest of that Buyer organization, and any other sources of
revenue.
B) (Use of a Shared eTendering Portal) where the Government organization

wishingtodoetenderingcontrolsallthecoretenderingactivitiesofits

organization carriedoutontheportal,butwhereownershipandcontrolof

theportalinfrastructureiswiththeServiceProvider.
AGovernmentorganizationwishingtouseanexistingetenderingportalon
shared basis for its tendering requirements may float a tender for the
purpose of selecting a suitable Service Provider. In such situations, the
nominationroutemaybeusedifboththefollowingconditionsaresatisfied.
i)
ThetotalannualrevenuewhichaccruestotheServiceProviderfrom
that Government organization and its Suppliers who register
specificallyatthebehestofthatGovernmentorganizationislessthan
Rs. Five/ten lakhs a year. (Note: Limit to be defined by the
appropriate Govt body keeping in view Finance Ministrys current
limitofRs.Tenlakhsforconsultancyservicethroughthenomination
route). For this purpose, revenue should include registration and
portalusagechargesoftheBuyerorganization,registrationcharges
of supplier organizations which register at the behest of that buyer
organization, and portalusage charges of the aforesaid supplier
organizations specifically in respect of responding to tenders of that
Buyerorganization.
ii)
The arrangement of that Government organization with the Service
Providerisona`nonexclusivebasis.
77
C)
(OutsourcingModel1):TheGovernmentorganizationoutsourcesits
tenderingactivitiestoaServiceProvider.Thecontrolofallormostofthe
coretenderingactivitiesisinthehandsoftheServiceProvider.TheService
Provideralsoownsandcontrolstheportalinfrastructure.
(OutsourcingModel2):Thegovernmentorganizationprocuresandownspartiallyor
fully the portal infrastructure, but does not manage it. Furthermore, the
Government organization outsources the managementand control of its tendering
activitiestoaServiceProvider.
ItisimportanttonotethatÒutsourcingasoutlinesaboveissubstantivelydistinct
fromÙseofaSharedeTenderingPortalasoutlinedin(ii)Babove.Incaseofthe
`SharedeTenderingPortal,theGovernmentorganizationwishingtosoetendering
controlsallthecoretenderingactivitiesofitsorganizationcarriedoutontheportal.
In case of òutsourcing since `complete control is in the hands of a third party

ServiceProvider,numberof`legaland`securityrelatedissuesarise.Someofthese
issuesare:
i)
`Tenderingisasensitiveactivity,whereintegrityandtransparencyofthe
procurementprocessisonparamountimportance.Cansuchasensitive
activitybeoutsourcedtoathirdpartyServiceProvider(whointurnmay
beapublicsectorentity,oraprivateentity)where`completecontrolisin
thehandsofthethirdpartyServiceProvider?
ii)
In case of a Government organization, the officers authorized for
`tenderingarelegallyaccountableundertheofficialSecretsAct.Certain
Standards of propriety, integrity and confidentiality are expected of
Government officers and Government departments. How will this be
ensured from personnel of a third party private Service Provider, who
would gain complete control of the tendering activities under the
outsourcingcontract?
iii)
GuidelinespertainingAccesstotheeTenderingPortal:
Accessshallbeprovidedtothegeneralpublicforviewing`tendering
opportunities (i.e. Tender Notices) posted on the etendering portal
forallÒpenTenders,aswellas`LimitedTenders(theexceptionin
caseofLimitedTendersiswhereduetoreasonsofnationalsecurityit
is expedient not to do so). Access shall implyviewing a Tender
Notice,searchingaTenderNoticewithitsreferencenumber,orname
oftheBuyerorganization.
Accessshallbeprovidedtothegeneralpublicforaccessinganyother
`Public Information sections of the etendering portal, such as
Information pertaining to forthcoming Tendering Opportunities,
InformationpertainingtoÀwardofContractsi.e.PurchaseOrders.
iv)
GuidelinespertaininguseofDigitalSignatures,ITAct2000andPhased
Approach:
AnyetenderingportaltobeusedbyaGovernmentorganizationmust
allowtheusersoftheportaltouseanyoneDigitalCertificate(Digital
Signature) issued by any Certifying Authority licensed by the CCA
subjecttootherconditionsoftheDigitalCertificateissuingauthority.
78
TheDigitalSignature(i.e.PrivateKey)cannotbehandedoverbythe
ownerofthatkeytoanyotherperson.(Ithasbeenobservedthatin
some etendering portals, the private digital keys of the authorized
officers are handed over to the staff of the service provider, or the
keysarefreelyexchangedamongsttheusers.Thispracticeshouldbe
stoppedforthwith).
No technology should be forced on the users suddenly. A phased
approachmustbeadopted.Specificallyincaseofetendering,unless
a large number of users are comfortable with use of Digital
Signatures, there is no point forcing them to deal with more
sophisticatedfeatureslikeonlinebidsubmissioninvolvingencryption
of bids etc. (It has been observed that in some etendering portals
that the staff of the Service Provider have been encrypting bids on
behalf of the bidders and conducting the Tender Opening Events on
behalfoftheauthorizedGovernmentofficers.
AllDigitalSignatureCertificatesshouldbePKIbasedandissuedbya
CertifyingAuthoritydulylicensedbytheCCA.
Compliance with IT Act 2000: Vendors of etendering portals, or
tenderingsoftware,shouldbespecificallyinstructedtokeepinviews
42(1),ands85B2(b)oftheITAct2000whilegivinga`confirmationof
compliancewiththeITAct2000.
To avoid compromise of security (i.e. compromise of private key in
this context), users of an etendering portal should not obtain `pre
prepared digital certificates through the service provider or any
other source. The digital certificate should be generated by the
concerned user (i.e. the applicant of the digital certificate) himself,
preferably on his own computer, and securely stored under a
password
79
ReferenceDocument2
ElectronicTenderingGlossary
InformationEntity Definition
Goods
ThesupplyofGoodswithminimalLabour
InvitationtoTender Arequestbyprocuringentitytocontractorsofcommercialofferfor
theentitytoappointacontractortoexecutetheworks
OpenTender
Allinterestedsuppliersmaysubmitatender
Openingoftenders Tendersshallbeopenedunderproceduresandconditions
guaranteeingtheregularityoftheopenings
OptionalContract
Procuringentityidentifiesatendererwhohassuitableassets,
reputeandabilityandthencontractswithitasitsdiscretion
Registration
Asystemtoensurethattendersaresoughtonlyfromcontracts
whomtheprocuringentityhasalreadyestablishedashavingthe
requisiteresourcesandexperiencetoperformtheintendedwork
satisfactorily.
PublicInvitation
Aninvitationtoparticipateinintendedprocurementpublishedby
procuringentities.Thenoticeshallbepublishedintheappropriate
publication
SelectiveTender
Suppliersinvitedtodosobytheprocuringentitymaysubmita
tender
Services
ThesupplyofServices,mainlyIntellectuallybasedLabour
Tender
TheletterofTenderandallotherdocumentswhichtheContractor
submittedwiththeLetterofTender,asincludedintheContract.
TenderDocuments Documentswhichshouldbeissuedbytheprocuringentitytothose
firmswhohavebeenselectedtotender,orwhowishtotenderin
caseofanOpentender
Tenderer
Firmansweringaninvitationtotender
TenderResult
Procuringentitycreatestenderresultnotice,issuesittotenders
Notice
ContractAward
Procuringentitypublishesthecontractaward
Publication
Qualification
Procuringentityverifiestenderparticipationqualificationof
tenders
Works
ThesupplyofLabour,MaterialsandassociatedPlant.
80

ReferenceDocument3
OWASP(OpenWebApplicationSecurityProject)Top10ApplicationSecurityRisks2010
A1Injection
Injectionflaws,suchasSQL,OS,andLDAPinjection,occurwhenuntrusted
dataissenttoaninterpreteraspartofacommandorquery.Theattackers
hostiledatacantricktheinterpreterintoexecutingunintendedcommands
oraccessingunauthorizeddata.
XSSflawsoccurwheneveranapplicationtakesuntrusteddataandsendsit
A2CrossSiteScripting to a web browser without proper validation and escaping. XSS allows
(XSS)
attackers to execute scripts in the victims browser which can hijack user
sessions,defacewebsites,orredirecttheusertomalicioussites.
Application functions related to authentication and session management
A3Broken
are often not implemented correctly, allowing attackers to compromise
Authenticationand
passwords, keys, session tokens, or exploit other implementation flaws to
SessionManagement
assumeotherusersidentities.
A4InsecureDirect
ObjectReferences
Adirectobjectreferenceoccurswhenadeveloperexposesareferenceto
aninternalimplementationobject,suchasafile,directory,ordatabasekey.
Without an access control check or other protection, attackers can
manipulatethesereferencestoaccessunauthorizeddata.
A CSRF attack forces a loggedon victims browser to send a forged HTTP

request, including the victims session cookie and any other automatically
A5CrossSiteRequest
included authentication information, to a vulnerable web application. This
Forgery(CSRF)
allowstheattackertoforcethevictimsbrowsertogeneraterequeststhe
vulnerableapplicationthinksarelegitimaterequestsfromthevictim.
A6Security
Misconfiguration
Goodsecurityrequireshavingasecureconfigurationdefinedanddeployed
for the application, frameworks, application server, web server, database
server, and platform. All these settings should be defined, implemented,
andmaintainedasmanyarenotshippedwithsecuredefaults.Thisincludes
keeping all software up to date, including all code libraries used by the
application.
Many web applications do not properly protect sensitive data, such as

A7Insecure
credit cards, SSNs, and authentication credentials, with appropriate
CryptographicStorage encryptionorhashing.Attackersmaystealormodifysuchweaklyprotected
datatoconductidentitytheft,creditcardfraud,orothercrimes.
ManywebapplicationscheckURLaccessrightsbeforerenderingprotected
A8FailuretoRestrict links and buttons. However, applications need to perform similar access
URLAccess
controlcheckseachtimethesepagesareaccessed,orattackerswillbeable
toforgeURLstoaccessthesehiddenpagesanyway.
A9Insufficient
TransportLayer
Protection
Applications frequently fail to authenticate, encrypt, and protect the

confidentialityandintegrityofsensitivenetworktraffic.Whentheydo,they
sometimes support weak algorithms, use expired or invalid certificates, or
donotusethemcorrectly.
A10Unvalidated
Redirectsand
Forwards
Webapplicationsfrequentlyredirectandforwarduserstootherpagesand
websites, and use untrusted data to determine the destination pages.
Without proper validation, attackers can redirect victims to phishing or
malwaresites,oruseforwardstoaccessunauthorizedpages.
81
Referencedocument4
BusinessrequirementsspecificationcrossindustryeTenderingprocess(SourceCWA
15666)
Toattaintheobjectiveofinteroperabilityandcompatibilityofvarioussolutions,bothat
buyerandsupplierenditisrequiredthatprocessesandinformationentitiesshallbe
standardizedacrossindustrialelectronictendering.Followingarethebusiness
requirementsforthesame.
BusinessProcessElaboration
ETendering
Registration
PublicInvitation
Tender/OpeningofTenders
PublicationofAward
BusinessInformationFlowDefinition
SubmitRegistrationApplication
IssueExaminationResultNotification
Publishpriorinformationnotice
Publishinvitationtotender
Submitprequalificationapplication
Issueletterofinvitationtotender
RequestTenderInformation
Issuetenderinformation
Issuetenderguaranty
Submittheresponseoftenderguaranty
Submittender
Submitqualificationandapplication
Issuequalificationresultnotice
Issuetenderresultnotice
Followingaretheprocessdetails:
Registration
Preconditions
None
BeginsWhen
Tenderersapplyforregistration
Definitions
Tenderersapplyforregistration
Procuringentityreceivesregistrationapplication
Procuringentityexaminesregistrationapplication
Procuringentitynotifiestenderersofexaminationresult
Tenderersreceiveexaminationresult
PublicInvitation
Preconditions
Procuringentityhasatenderingsubjectreleaseinvitationtotender
BeginsWhen
Procuringentityestablishesprojectstrategy
Definition
Procuringentityestablishesprojectstrategy
Procuringentitypublishesinvitationtotender
Ifnecessary,tenderersshouldbeprequalified
Ifnecessary,procuringentityselectstenders
82
EndsWhen
Exceptions
Postconditions
Whentenderershaveintentiontosubmittenders
Tenderersrequestdetailedinformationofthetenderingsubject
Procuringentityreceivesrequestfordetailedinformationofthe
tenderingsubject
Procuringentityissuesdetailedinformationofthetendering
subjecttotenders
Tendersreceivedetailedinformationofthetenderingsubject
Tenderersreceivedetailedinformationofthetenderingsubject
Procuringentitydoesnotreceiverequestfordetailedinformationofthe
tenderingsubjectbytenderers
Tenderersdonotreceivedetailedinformationofthetenderingsubject
fromprocuringentity
Tenderershavenointentiontoparticipateintender
Tenderersgetdetailedinformationofthetenderingsubject
Tender/OpeningofTenders
Preconditions
Targetedtenderingsubjectiswithinsubmissionperiodoftenders
Tenderersreceivedetailedinformationofthetenderingsubject
BeginsWhen
Tendererssubmittenders
Definitions
Tendererssubmittenders
Procuringentityreceivestenders
Procuringentityopenstenders
Ifnecessary,procuringentityverifiesqualificationofthetenderer
Procuringentitynotifiestenderresult
Tendersreceivetenderresult
EndsWhen
Tenderersreceivetenderresult
Exceptions
Procuringentitydoesnotreceivetendersfromtenderers
Tenderersdonotreceivetenderresultfromprocuringentity
Postconditions Tenderersgetdetailsoftenderresult.
PublicationofAward
Preconditions
Procuringentitynotifiestenderresulttotenderers
Beginswhen
Procuringentitypublishestenderresult
Definitions
Note:Thisdefinitionsareexampleofexecutingbusinesscollaborations
withinthisbusinessprocess
EndsWhen
Exceptions
None
Postconditions Procuringentityprovesthatthetenderhasbeenperformedwithout
injustice.
83
Templates&Forms
84
Template1:DefiningUsabilityRequirementSpecificationsoftheSoftware
Product
USABILITYREQUIREMENTSSPECIFICATIONSOF<>SOFTWAREPRODUCT
1. NAMEANDPURPOSEOFTHEPRODUCT:
<>isawebbasedeGovernancesolutiondesignedanddevelopedforcomplete
automation of the tendering/ procurement of materials, components, contracts,
worksandservices.
ThisspecificationdefinestheUsabilityrequirementsfor<>softwareapplication
2. CONTEXTOFUSE
< >has the capability to support the complete tendering process which includes
placingofonlinetechnicalbids,commercialbids,facilityforepaymentandsecure
opening of vendor bids with provision for interface to epayment gateways and
incorporatingPKIenableddigitalsignatures.
Finedetailsoftenderinglikecreationofvendordatabase,tenderannouncementand
corrigendum; tender offer processing, opening, negotiation, dynamic pricing
mechanism, automatic generation of comparative statement of bids received
tenderawardingandmanagementoftendercontractoperationandretenderingare
supported in a real time interactive environment. This system enables both
procurersandvendorstointeractwitheachotherandtransactbusiness.
a. Specificationofusers:
Basedontheanalysisoftheproduct,themainclassesofusersare
Departmentusers(ieBuyersorPurchasers)
Portal/eProcurementApplicationAdministrators(forDedicatedPortalofa
Buyer)
Registeredsuppliers/contractors/vendors
Portal/eProcurementApplicationAdministrators(forServiceProviders)
Registeredsuppliers/contractors/vendors
i. Skills&knowledge
Shouldbecomputerliterateandinthehabitofsurfingthenet
ShouldhaveKnowledgeabouttenderingprocess
ii. Trainingontheusageofsoftwaremandatory
iii. ProductExperienceNil
iv.
OrganizationalexperienceNil
v.
PhysicalattributesNormal
DepartmentUsers(ieBuyersorPurchasers)
i. Skills&knowledge
Shouldbecomputerliterateandinthehabitofsurfingthenet
ShouldhaveKnowledgeabouttenderingprocess
ii. Trainingontheusageofsoftwaremandatory
iii. ProductExperienceNil
iv.
OrganizationalexperienceRequired
v.
PhysicalattributesNormal
85

b. BroadSpecificationoftasks
Themajorworkflowsanalysedintermsofseverity,criticalityandfrequencyof
usefortherespectiveusersareasgivenbelow:
DepartmentUsers
1. VendorRegistrationspecifictoaparticularBuyer/DepartmentAnyperson
whowantstobidforanytenderofthatBuyer/Department,hasfirstto
registerwiththedepartment(afterhavingregisteredontheportal).Where
required,DepartmentAdministratorcancreatevendors
a. Theyreceivefilledinapplicationwithcredentialsofthevendors,
andthenregisterthemforaparticularclassificationandgrade
2. TheTenderingCreation:Creation,UploadingoftenderandAuthorizingthe
tender
3. TenderOpeningTenderOpeninginthesimultaneousonlinepresenceof
authorizedbidderrepresentativeswithadditionaloptionalofflinepresence,
EMDAuthorisation,countersigningofeachopenedbidinthesimultaneous
onlinepresenceofauthorizedbidderrepresentatives,Downloadingof
submittedvendordocuments,Disqualificationofavendor(i.e.archivinga
bidunopened)andComparativestatementgeneration
Subactivities:verificationofdocumentsandEMD/Bank
Guarantee
Suppliers/contractors/vendors
a. SelfRegistrationontheeprocurementbythefirstuserofan
organization,andsubmissionhisPublicKey
Subactivities:
i. Whererequired,registrationbyanauthorizeduserfor
particularDepartment/Buyerforaparticularclassificationof
trade,regionandvendorclassforaparticularduration
ii. Attachmentofsupportingdocumentsrequiredforthe
registration
b. PKIbasedloginandRequest/Procurementoftenderdocuments
c. Prequalificationbasedonprojects/tenders
d. Downloadtenderdocuments/addenda
e. Uploadfilledtenderdocuments(iebids,inenvelopesandstagesas
instructedinthetenderdocuments)
Subactivities:
i. Attachmentofsupportingdocumentsrequiredforthetender
ii. Submission
c. Specificationofenvironment
Asthisapplicationisgenerallyusedinanofficeenvironment,testingcanbe
doneinanofficeambience.
SotheUsabilityLabat<>canbeusedforcarryingouttheusertests.
3. SPECIFICATIONOFMEASURESOFUSABILITYFORPARTICULARCONTEXTS
DepartmentUsers
1. VendorRegistration
a. Effectiveness(Accuracy&Completeness):AllVendorRegistrationshave
beencompletedsuccessfully.
86
b. Efficiency:Registrationtobecompletedbytheuserwithin
<10minutes>.
c. Satisfaction:Lessthan10%ofusersreportdissatisfactionwiththe
vendorregistrationprocedures.
2. GenerationofatenderCreation
a. Effectiveness(Accuracy&Completeness);AllTendershavebeen
completedcorrectlyandsuccessfully.
b. Efficiency:TenderCreationtobecompletedbytheuserwithin10
minutes.
tendergenerationprocess.
3. Uploadingoftender
a. Effectiveness(Accuracy&Completeness):Alltendershavebeen
uploadedsuccessfully.
b. Efficiency:Uploadingtobecompletedbytheuserwithin3minutes.
uploadingprocedures.
4. OpeningofTenders
a. Effectiveness(Accuracy&Completeness):Theopeningofalltenders
havebeencompletedsuccessfully.
b. Efficiency:Openingoftenderstobecompletedbytheuserwithin5
minutes.
tenderopeningprocedures.
5. EMDAuthorisation,
a. Effectiveness(Accuracy&Completeness):TheEMDAuthorisationofall
tendershasbeencompletedsuccessfully.
b. Efficiency:EMDAuthorisationtobecompletedbytheuserwithin1
minute
c. Satisfaction:Lessthan10%ofusersreportdissatisfactionwiththeEMD
Authorisationprocedures.
6. Downloadingofsubmittedvendordocuments,
a. Effectiveness(Accuracy&Completeness):Thedownloadingofall
submittedtendershavebeencompletedsuccessfully.
b. Efficiency:Downloadingofsubmittedvendordocumentstobe
completedbytheuserwithin5minutes.
Downloadingprocedures.
7. Disqualificationofonevendor
a. Effectiveness(Accuracy&Completeness)VendorDisqualificationhas
b. Efficiency:Disqualificationofonevendortobecompletedbytheuser
within3minutes.
disqualificationprocedures.
87
8. Comparativestatementgeneration
a. Effectiveness(Accuracy&Completeness)GenerationofComparative
statementhasbeencompletedsuccessfully.
b. Efficiency:Comparativestatementgenerationtobecompletedbythe
userwithin2minutes.
Comparativestatementprocedures.
Suppliers/contractors/vendors
1. SelfRegistrationwithPKI
a. Effectiveness(Accuracy&Completeness)SelfRegistrationwithPKIhas
b. Efficiency:Registrationtobecompletedbytheuserwithin12minutes.
c. Satisfaction:Lessthan10%ofusersreportdissatisfactionwiththePKI
registrationprocedures.
2. PKIbasedloginandRequestfortenderdocumentation
a. Effectiveness(Accuracy&Completeness)AllVendorrequestshavebeen
completedsuccessfully.
b. Efficiency:Tenderrequesttobecompletedbytheuserwithin5
minutes.
Tenderrequestprocedures.
3. Downloadingoftenderdocuments
a. Effectiveness(Accuracy&Completeness)Allthetenderdocuments
havebeendownloadedsuccessfully.
b. Efficiency:Downloadingoftenderdocumentstobecompletedbythe
userwithin3minutes.
downloadingprocedures.
4. Uploadfilledtenderdocuments,SupportingdocumentsandSubmissionof
tender
a. Effectiveness(Accuracy&Completeness)Allthetenderdocuments
havebeenuploadedandsubmittedsuccessfully.
b. Efficiency:TenderSubmissiontobecompletedbytheuserwithin15
minutes.
wholetendersubmissionprocedures.
4. Usabilityobjective:Overallusability
1. Effectivenessmeasures
a. Percentageofgoalsachieved100%
b. Percentageofuserssuccessfullycompletingtask100%
2. Efficiencymeasures
a. Averagetimetocompleteatasklessthan40mts
b. Averagenooftaskscompletedperunittime0neper10mts
3. Satisfactionmeasures
a. Ratingscaleforsatisfactionmorethan90%
b. Noofcomplaintslessthan10%
88
Template2:DefiningPerformanceSpecifications
Tobeprovidedbydeveloper/user
Theapplication<Briefaboutapplication>
Thedatamodel<UseofDatabaseandDataArchitecture>
Thetechnology<UseofTechnologye.g.Net,Oracle,SQL,Softetc)
TheuserprofilesTypeofUser(Internal,Externaletc)
Thebusinessrequirements
Sl.
Characteristic/requirement
No.
1. Typeofusers(e.g.administrator/poweruser/user/guestetc.onthebasis
ofaccessrights&frequencyofuse.
2. Typeofactivitiestobeperformedbytheusers(Identifyeach
activity/function)
3. No.ofusersforeachactivity/function/scenario
(withconcurrentusers/activities)
4. Responsetimeforeachactivity/scenario
(a) Atnormalload
(b) Atmax.load
5. Totalno.ofTask(identify&listeachtask)
6. Responsetimeforeachtask
(c) Atnormalload
(d) Atmax.load
7. Throughput(foreachactivity)intermsofBytes/secondortask/secondor
no.oftaskstobecompletedwithinaspecifiedperiod
(a) Atnormalload
(b) Atmax.load
8. TurnAroundTime(activitywise)
(a) Atnormalload
(b) Atmax.load
9. I/ODevices(e.g.printer,Keyboard,Mouse,scanner,Modemetc.)
(a) UtilizationtimeforI/Odevices
(b) I/Oerrormessages/warning/failuremessagesatmax.load
(c) WaitingtimeforI/Outilizationatmax.load
10. MemoryUtilization
(a) Memoryutilizationatmax.load
(b) Memoryrelatederrormessages/warning/failuremessagesatmax.load
11 Transmissionresourcesutilization
(a) Specifythefollowings:
i) Datatransferspeedofnetworkcable
ii) NICcard
iii) Modem
iv) Hub,SwitchandRouter
(b) InternetServiceprovider(e.g.ISDNdialup/leaselinewith64/128KBPS)
(c) No.oferrormessagesatmax.load
(d) Transmissioncapacityatmax.load
12. Compliance:
Identifytheactivities/functionsrequiringconformancetostandard
(Organizationspecific/national/international),rules&regulations.
Signatureofsupplier/user:
Place:Dated:
Supplied
DataValue
89
AnnexureV
DefinitionsandReferenceDocuments
EProcurement: Electronic procurement (eprocurement) is use of electronic

tools and systems to increase efficiency and reduce costs during each stage of
thepurchasingprocess
ESourcing:Electronicsourcing(esourcing)istheuseofinternettechnologyto
establish,manageandmonitorcontracts.Itincludes:
*eTendering
*eEvaluation
*eCollaboration,and
*eContractManagement
PublicServiceOrganization(PSO):Anorganizationwhichprovidesservice(s)to
publicatlargeand/orwhoseactivitiesinfluencesinfluencepublicinterest.
eg: Government ministries and departments, Regulatory bodies, Public utility
serviceproviders,etc.
Purchase Officer: A Purchase officer is an employee within Public service
organization(Govt. Department/ Public Service Undertaking) who is responsible
at some level for buying or approving the acquisition of goods and services
needed by the organization. A Purchase Officer may oversee the acquisition of
materials, general supplies for offices and facilities or equipment. The term
Purchase Officer is also known as Procurement Manager. They are overall
responsibleforbuildingandmanagingtheirorganizationsupplychains.
ServiceProvider:Aserviceproviderisanentitythatprovidesservicestoother
entities. In the context of this document Service Provider refers to a business
that provides eprocurement services to the Public service organization (Govt.
Department/PublicSectorUndertaking).
SolutionProvider:Asolutionproviderisavendor,aserviceprovideroravalue
added reseller (VAR) that comprehensively handles the project needs of their
client from concept to installation through support. This process normally
involvesstudyingtheclient'scurrentinfrastructure,evaluatingtheclient'sneeds,
specifying the mix of manufacturers' hardware and software required to meet
projectgoals,installingthehardwareandsoftwareattheclient'ssite(s).Inmany
cases,the"solution"alsoincludesongoingserviceandsupportfromtheVAR.
SeniorAdministrators:EmployeewithinPublicserviceorganizationchargedwith
improvingtheircompanysprofits,responsiveness,andstandinginthemarket.
They are also termed as (Executive Director, Material Management or Chief
ExecutiveOfficer)dependingonthesizeoftheorganization.
Financial Advisor (CFO): Employee of Public service organization focused on
controlling costs and optimizing their organization resources. They are also
designatedasChieffinancialAdvisors(CFO).
Head IT:Employee of Public Service Organization involved in selecting and
implementingeGovernanceintheP.S.OalsoKnownaschiefinformationofficer.
He is also responsible for managing consultants and system integrators (SI)
taskedwithidentifyingleadingeProcurementsolutions.
FacilityManagementPartner(FMP):InsomecasesPSOstakeservicesofFront
end FMPs for implementation, operation, management and training of
eProcurement Solution. PSOs outsourced the operation of the eprocurement
solutionthroughfrontendfacilitymanagementpartner
90
2.0 ReferenceStandardsandNormativedocuments
ApplicationSecurity:OWASP10,2010
NetworkSecurityasperNIST800115TechnicalGuidetoInformationSecurity
TestingandAssessment
CWA(CENWorkshopAgreement15994eTenderingProcess)
CWA(CENWorkshopAgreement15666Businessrequirementsspecification
CrossIndustryeTenderingProcess)
eProcurementIntegrityMatrixfromTransparencyInternationalIndia
ISO/IEC27001InformationSecurityManagementSystemRequirements
ISO/TS15000ElectronicbusinesseXtensibleMarkupLanguage(ebXML)
ITAct2000withamendments2008
GeneralFinancialRules,2005
RelevantCVCGuidelines
91

E-Procurement Draft Guidelines - Revised

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

E-Procurement Draft Guidelines - Revised

Hochgeladen von

Copyright:

Verfügbare Formate

Guidelinesforcomplianceto

All models of eprocurement system must incorporate functionality, processes and

The Purchase Officer of a Public Service Organisation (Government Department)

An MOU would be entered between purchase officer/ purchaseorganization and

technology centric) service quality requirements such as availability,

It is also recommended that once the eprocurement system is deployed, the

(Note: This would be applicable only where customized software development is

(Note: Detailed scenarios would be prepared for each application software to be

The test is conducted to unearth various application security vulnerabilities,

Misconfigurations, Wellknown platform vulnerabilities, Errors triggering sensitive

(Note: Detailed scenarios would be prepared for each application software to be

It is recommended that the complete data transmission to and from the e

[ScenarioA: Where Customized Software Development of an eProcurement

To demonstrate conformity to the ESSENTIAL Quality and eSecurity assurance

Evidence of compliance to implementation of ISO 27001 Information Security

requirements are implemented and effective, the services of agencies

b) Guidelines to the applicants

Submit application to the Certification

Test Pre-requisites &

Testing of Application by test lab

Intimate client for

able to close then

close the job with

Update the record and maintenance of certificate

Copy of the decryptionkey(ie private key

Various techniques are available in market for improving implementation of PKI

a sensitive application of this nature, audit

Hardening of hardware and software of the entire Information Technology

The entire infrastructure needs to be secured at the perimeter level by installing

Further people operating these systems need to be trained in monitoring and

application software. This information is necessary to analyze nature of intrusion,

The analysis of audit trail requires appropriate expertise both in respect of

decrypting the bid before the TOE, the

that the copy of the bid is made with the

A process needs to be established and followed in respect of key management of

Application of multiple encryption of the bid document could be prescribed in a

Note: Private key cannot be transmitted by

Irrespective of whether PKI or Symmetric Key

If a clandestine copy of a bid is made as

1b. The above concern with the difference

not be mandatory for them to be present if

c) It should be allowed for a bidder to have

abdicate their roles and responsibilities to a

Further, it is the responsibility of the eprocurement system to reject the Digital

many executives involved with different cryptographic

Further, it is suggested that organizations implementing eprocurement system

Notice (which is an electronic record), should

distributed, these become an authentic

The eprocurement system should have functionality as outlined above under

It should not be possible to open the e

Till the Public Tender Opening Event,

Authorized representatives of bidder

with Bidders attending from remote

locations electronically with full security

For (j) keeping in view the nature of the

It must be ensured that etendering/ eprocurement has comprehensive

The Forgot Password feature should not be

Furthermore, information pertaining

References may be given of various clients Quality

to all Ministries or Departments, regarding

chapter includes all articles, material,

consideredfor registration at any time, provided

146 Purchase of goods by purchase committee ProcurementPolicy&