🏢 Business Operations · P-POL-031

IT Project Procurement

Governs IT project procurement — IT conducts budgetary engagement with one vendor for technical scoping, prepares the Technical Requirements Specification (TRS), and hands requirements to Group Procurement for competitive sourcing. IT may recommend vendors; all quotes go to Procurement. IT evaluates technically (TER), Procurement evaluates commercially (TCO/QCS), and the combined recommendation is approved per DOA before PO/contract issuance.

⬇ Download .docx ← All policies 🔄 P2P Flow

BUKHATIR GROUP

IT Project Procurement Policy

Document Code	P-POL-031
Title	IT Project Procurement Policy
Version	0.4
Effective Date	08 Apr 2026
Classification	Internal — Bukhatir Group

Role	Name	Signature	Date
Prepared by	Mohamad Koussa		08 Apr 2026
Reviewed by	Mohamad Adnaan Sait (CFO)		08 Apr 2026
Approved by

1. Purpose

This policy establishes the governance framework for procuring IT-related projects, systems, software, hardware, and professional services across the Bukhatir Group. It defines the interaction model between the IT Department (as technical owner) and Group Supply Chain / Procurement (as commercial owner), ensuring that technical rigour and commercial competitiveness are both achieved while maintaining segregation of duties, transparency, and compliance with the Group’s Delegation of Authority (DOA).

2. Scope

This policy applies to all IT project-related procurement across Bukhatir Group, including but not limited to:

Enterprise software licences, SaaS subscriptions, and cloud services.
IT infrastructure — servers, networking equipment, storage, and data-centre components.
Custom software development and system-integration services.
IT consulting, managed services, and professional services engagements.
Cybersecurity products and services.
Hardware procurement linked to IT projects (end-user devices, peripherals, AV equipment).
Maintenance, support, and renewal contracts for existing IT systems.

Routine IT consumables (toner, cables, minor accessories) below the company’s petty-cash threshold are governed by P-POL-030 (Cash Purchases) and are excluded from this policy.

3. Definitions

IT Department: The Group or BU Information Technology function responsible for technology strategy, architecture, and technical requirements.

Group Procurement: Group Supply Chain / Procurement Department, responsible for commercial sourcing, negotiation, vendor management, and purchase-order issuance.

Budgetary Engagement: A preliminary, non-binding technical discussion between IT and a single vendor to establish scope, feasibility, and rough-order-of-magnitude (ROM) pricing for budgeting and planning purposes only. No commitment or obligation is created.

Technical Requirements Specification (TRS): A document prepared by IT that defines the functional, non-functional, and integration requirements for the project, along with evaluation criteria and weighting.

Recommended Vendor List: A list of vendors that IT proposes for consideration based on technical capability, market position, and prior experience. Inclusion is advisory, not binding.

Technical Evaluation Report (TER): A scored assessment prepared by IT reviewing each vendor’s proposal against the TRS criteria.

Commercial Evaluation: Group Procurement’s assessment of pricing, payment terms, SLAs, warranty, total cost of ownership (TCO), and contractual risk.

4. Governing Principles

4.1 Segregation of Technical and Commercial Functions

IT owns the technical requirements and technical evaluation. Group Procurement owns the sourcing strategy, commercial negotiation, vendor selection recommendation, and order placement. Neither party may unilaterally commit the Group to a vendor or expenditure.

4.2 All Quotes to Group Procurement

All formal quotations, proposals, and pricing submissions from vendors must be addressed to and received by Group Procurement. IT personnel must not receive, solicit, or hold commercial proposals. If a vendor sends a quote directly to IT, the IT contact must forward it immediately to Group Procurement without discussion of commercial terms.

4.3 Vendor Recommendation, Not Prescription

IT may recommend vendors based on technical merit, market leadership, or existing ecosystem compatibility. However, Group Procurement retains the authority to include additional vendors in the sourcing exercise and to challenge any sole-source recommendation unless justified under Section 6.4.

4.4 No Commitment Without Procurement Approval

No verbal or written commitment, letter of intent, memorandum of understanding, or purchase order for IT projects may be issued without Group Procurement’s involvement and approval per the DOA matrix (P-POL-015). Budgetary discussions (Section 5, Step 1) are explicitly non-binding and must be documented as such.

4.5 Transparency and Audit Trail

Every step — from budgetary engagement through order confirmation — must be documented and traceable. All communications with vendors during the sourcing phase must be routed through or copied to Group Procurement.

5. IT Project Procurement Process

Step 1 — Budgetary Engagement (IT-Led)

IT identifies a project need and engages with one vendor (typically the incumbent or market leader) to conduct a preliminary technical discussion. The purpose is strictly to:

Understand the technical landscape, available solutions, and architectural options.
Obtain a ROM cost estimate for budgeting and capital-planning purposes.
Define the draft scope and key deliverables.

This engagement must not constitute a commitment. IT must communicate to the vendor in writing that the discussion is for budgetary purposes only and does not guarantee any future business.

Output: Draft Technical Requirements Specification (TRS) and ROM budget estimate.

Step 2 — Handover to Group Procurement

Once the TRS and budget estimate are finalised, IT submits them to Group Procurement via the standard Purchase Requisition process (P-POL-002). The submission must include:

Completed Purchase Requisition form (F-PR-01) with budget allocation confirmed.
Technical Requirements Specification (TRS) document.
Recommended Vendor List (if any) with justification for each recommendation.
ROM budget estimate from the budgetary engagement.
Evaluation criteria and weighting to be used for technical scoring.

Output: Approved PR and sourcing package handed to Group Procurement.

Step 3 — Sourcing by Group Procurement

Group Procurement takes ownership of the sourcing process and:

Reviews IT’s recommended vendor list and adds additional qualified vendors as appropriate (minimum 3 vendors per P-POL-003, unless a justified exception applies).
Issues the RFQ / RFP to all selected vendors using the TRS as the technical brief.
Manages all vendor queries, clarifications, and submission deadlines. IT is consulted for technical clarifications only.
Receives all commercial proposals and quotations directly from vendors.

Output: All vendor proposals received and logged by Group Procurement.

Step 4 — Technical Evaluation by IT

Group Procurement shares the technical sections of the received proposals with IT (commercial terms are withheld at this stage to prevent bias). IT evaluates each proposal against the TRS criteria and prepares the Technical Evaluation Report (TER), which includes:

Scored evaluation against each TRS criterion.
Technical compliance matrix (compliant / partially compliant / non-compliant).
Risk assessment of each vendor’s solution (implementation risk, integration risk, scalability).
Clear recommendation with ranking and justification.

IT must not discuss pricing, payment terms, or commercial conditions with vendors during this phase. Any vendor contact during evaluation must be coordinated through Group Procurement.

Output: Technical Evaluation Report (TER) submitted to Group Procurement.

Step 5 — Commercial Evaluation by Group Procurement

Group Procurement conducts the commercial evaluation in parallel or after receiving the TER:

Total Cost of Ownership (TCO) analysis — including licence fees, implementation, training, support, hosting, and multi-year renewal costs.
Payment terms, warranties, SLAs, penalties, and liability caps.
Negotiation rounds with shortlisted vendors (IT may attend for technical clarifications only, with no authority to agree commercial terms).
Quotation Comparison Sheet (F-QCS-01) prepared per P-POL-003.

Output: Combined technical-commercial evaluation summary and award recommendation.

Step 6 — Approval and Order Confirmation

The combined evaluation and award recommendation are submitted for approval per the DOA matrix (P-POL-015):

Award recommendation is reviewed and approved by the relevant authority based on total contract value.
Group Procurement issues the Purchase Order (P-POL-005) or Letter of Intent (P-POL-004) to the selected vendor.
Contract execution follows the Contract Management policy (P-POL-014) for engagements requiring a formal agreement.

IT is notified of the award and coordinates with the vendor on implementation planning, under Group Procurement’s oversight for commercial matters.

Output: Approved PO/LOI issued; contract executed where applicable.

6. Special Provisions

6.1 Renewals and Extensions

Renewal of existing IT contracts (maintenance, support, SaaS subscriptions) must follow the same process. IT submits renewal requirements to Group Procurement at least 90 days before expiry. Group Procurement assesses whether to renew, re-tender, or seek alternatives.

6.2 Emergency IT Procurement

In the event of a critical system failure, cybersecurity incident, or business-continuity event, the Emergency Procurement policy (P-POL-022) applies. IT must document the emergency justification and obtain retrospective approval within 5 working days.

6.3 IT as Technical Advisor Only

During the sourcing and negotiation phase, IT personnel act as technical advisors to Group Procurement. They must not:

Negotiate pricing, discounts, or payment terms with vendors.
Promise or imply vendor selection to any party.
Accept gifts, hospitality, or inducements from IT vendors (per P-POL-012).
Share commercial information from one vendor with another.

6.4 Sole-Source / Single-Vendor Justification

Where IT recommends a single vendor (e.g., proprietary platform extension, OEM-only support), a Sole-Source Justification must be submitted to Group Procurement explaining:

Why no alternative vendors can meet the requirement.
Technical and commercial risks of the sole-source approach.
Mitigations (e.g., benchmarking, contract protections, exit clauses).

Sole-source procurement above AED 50,000 requires Group CFO approval per P-POL-015.

7. Roles and Responsibilities

Activity	IT Dept	Group Procurement	BU GM	Group CFO
Budgetary Engagement	R / A	I	I	—
TRS Preparation	R / A	C	I	—
PR Submission	R	A	I	—
Vendor Sourcing & RFQ	C	R / A	I	—
Receive Quotes	—	R / A	—	—
Technical Evaluation	R / A	I	I	—
Commercial Evaluation	C	R / A	I	—
Award Approval (per DOA)	C	R	A	A (high value)
PO / Contract Issuance	I	R / A	I	—

R = Responsible, A = Accountable, C = Consulted, I = Informed

8. Associated Documents

P-POL-002 — Purchase Requisition
P-POL-003 — RFQ & Quotation Assessment
P-POL-004 — Letter of Intent
P-POL-005 — Purchase Orders
P-POL-014 — Contract Management
P-POL-015 — Delegation of Authority
P-POL-022 — Emergency & Crisis Procurement
F-PR-01 — Purchase Requisition Form
F-QCS-01 — Quotation Comparison Sheet

9. Compliance and Enforcement

Violations of this policy — including IT personnel negotiating commercial terms, receiving quotes directly, or committing to vendors without Procurement involvement — will be treated as a policy breach and reported to the Group Head of Procurement and Group CFO. Repeated violations may result in disciplinary action per HR policy and removal of procurement delegation.

10. Review and Ownership

This policy is owned by the Group Head of Procurement in consultation with the Group IT Director. It shall be reviewed annually or upon material changes to IT strategy, organisational structure, or the Group’s DOA framework.