Towards Legal Compliance in IT Procurement Planning in Brazil’s Federal Public Administration

Abstract

Brazil’s federal government regulates the process for contracting Information Technology (IT) solutions through a specific legislation called Instrucao Normativa (IN, or Normative Ruling) no 04/2014, which prescribes a set of activities for the three phases of the process: (i) Planning of IT Procurement, (ii) Selection of Supplier, and (iii) Contract Management. Several documents are produced during the process such as Term of Reference, Contract of Supplier, and Term of Closing the Contract. The documents produced during the IT procurement process must comply with the legal requirements defined in IN 04/2014, as well as being aligned with the IT necessities described in the IT Master Plan and the Strategic Institutional Plan. This paper presents an approach to answer the research question: “how we can guarantee that planning of procurement for IT solutions realized by Brazilian federal public organizations complies legally with the IN 04/2014?” The approach supports legal compliance verification through traceability links between legal requirements of IN 04/2014, procurement planning documents, and institutional planning documents (Strategic Institutional Plan and IT Master Plan). The approach is detailed through an example and the its main contributions are: (i) reduces manual work necessary to verification of legal compliance within the set of documents produced; (ii) supports in auditing and control of contracting of IT solutions in Brazil’s federal public administrative sphere; (iii) gives incentive to good IT governance and transparency of information.