Gauteng MEC for Finance and e-Government Nomantu Nkomo-Ralehoko has ordered an investigation into allegations of irregularity in the Gauteng Security Operation Centre Contract.
According to a recent report by the City Press, the R30-million contract was allocated to In2IT Technologies via a tender process that was open for only two business hours.
At 17:17 on 25 March, a request for quotation was sent for a 12-month contract to provide services.
The email with this request reportedly stated the closing date and time for submission of the quotation was 10:00 on 26 March 2020.
In2IT Technologies responded within the period of two business hours with a quotation of more than 100 pages for the amount of R22,482,500 and was awarded the contract.
GSOC Services, which previously held the contract on a month-to-month basis, appealed to Communications Minister Stella Ndabeni-Abrahams, stating that it was “either deliberately or mistakenly excluded” from the tender process.
Nkomo-Ralehoko said she has noted with concern the media reports about the alleged irregularities into the appointment of the service provider for the Security Operations Centre (SOC) and has decided to initiate an investigation and provide a full report to all stakeholders.
“The SOC significantly contributes to the detection, analysis and incident management of cybersecurity activities within the province,” Nkomo-Ralehoko said.
“SOC is a critical and necessary solution for the Gauteng Provincial Government to be protected from cybersecurity threats and malicious activities.”
She confirmed that GSOC Services has been providing cybersecurity services for the past 16 years, and has been doing so on a month-to-month basis since 31 March 2016.
In the 2016/17 financial year, the Auditor-General’s departmental findings stated that the SOC contract and all extensions after the contract expired in March 2016 were declared as irregular expenditure.
“Even after the AG’s findings the department continued with the irregular expenditure on a month-to-month basis until the contract was terminated,” Nkomo-Ralehoko said.
“It was also established through the Basic Accounting System which is linked online to the Centralised Supplier Database that the service provider is not tax compliant.”
Nkomo-Ralehoko said she is committed to ensuring that proper administrative and financial accountability are adhered to by departments and urged her counterparts to act against irregular expenditure.
“In line with her mandate to enforce clean audits in all departments, the MEC supports measures being put in place to reduce irregular expenditure in the Department of e-Government,” she said.
In2IT Technologies statement
In2IT Technologies has provided a statement on the tender process, stating that it was able to respond promptly due to its response already being prepared.
“On the 25th of March 2020, In2IT Technologies in addition to numerous other companies, received an urgent email Request For Quotation (RFQ) from the Gauteng Department of e-Government,” the company said.
“The RFQ called for the same IT security services that were previously issued by the Gauteng e-Government in July 2018 (Request For Proposal (RFP) No. GT/GDeG/095/2018) and then again by the State Information Technology Agency (SITA) in May 2019 (RFP – No. RFB 1926/2019).”
In2IT Technologies said it participated in both these RFPs, however, both requests were later recalled.
“While it is reported that In2IT responded to an RFQ comprehensively within 17 hours of it being issued, it must be noted that this is the third iteration of this RFP and the company’s response is close to identical to its previous response that was prepared,” the company said.
“When the RFP was issued for the third time, In2IT did engage with the relevant stakeholders to request an extension, however, this was declined on the basis that the customer will be without service in a critical area.”
In2IT Technologies said it has a strict governance structure and processes to ensure compliance with the Public Finance Management Act and Municipal Finance Management Act of South Africa, as well as Sarbanes-Oxley (SOX) compliance in addition to being fully compliant with the Foreign Corrupt Practices Act (FCPA).
“In2IT remains committed to providing high quality of service to our customers while maintaining and confirming to a governance standard that is globally recognised and equally in compliance to local laws as we have done for nearly a decade.”