Why CIDB grading is a weak signal for ICT capability.
The Construction Industry Development Board's grading system has a legitimate role in evaluating contractors who pour concrete, lay infrastructure, and build buildings. The system measures things that matter on a construction site: financial standing relative to project value, accumulated track record on similar civil works, and available working capital. Some public-sector ICT tenders import CIDB grading as a procurement gate, requiring bidders to hold a specific CIDB level before they are eligible to bid. The mismatch is structural and produces predictable poor outcomes.
1. What CIDB grading actually measures
CIDB grades range from 1 to 9, with each grade authorising the contractor to undertake work up to a defined contract value. The grade is determined by financial criteria (annual turnover, available capital, balance sheet strength) and by works-completed records in defined work classes (civil engineering, general building, mechanical, electrical, and several others).
The system is designed for the construction industry, where the cost of a contractor failing mid-project is enormous and recoverable only through bonds and insurance. CIDB grading effectively pre-qualifies contractors by their ability to absorb the financial shock of project execution.
The grading is not designed to measure technical competence in a specific specialist domain. Within a CIDB grade, contractors vary widely in the actual quality of work they deliver. The grading screens out under-capitalised entrants; it does not select for delivery excellence.
2. What CIDB grading does not measure
The list of things CIDB does not measure is long, and most of the items are exactly what ICT procurement should be evaluating. ITIL practice maturity. ISO 27001 controls maturity. Vendor partnership tiers with major technology manufacturers. Project Management Professional certifications on staff. Cloud-specific competencies (AWS, Microsoft, Google partner programmes). Industry-specific software certifications. POPIA Information Officer experience. Service-level achievement on previous managed-services contracts.
None of the above is reflected in a CIDB grade. A firm with deep ICT competence and a thin construction balance sheet may be CIDB Grade 1 or unregistered. A firm with a strong construction balance sheet and no ICT competence may be CIDB Grade 6.
The mismatch produces tender outcomes where the strongest ICT bidder is structurally excluded and the winning bidder is a construction firm sub-contracting the ICT work to a specialist.
3. The unintended consequences
Three predictable outcomes follow from using CIDB grading as an ICT procurement gate.
First, small specialist ICT firms are excluded. Many of the best ICT services firms in South Africa are smaller than the CIDB grading threshold the tender requires. The tender excludes them on the procurement gate before their bids are read.
Second, construction firms with weak ICT capacity become the prime contractors and sub-contract the actual ICT work. The entity then pays a 15-25 percent margin to the construction firm for the privilege of routing the work to the specialist who could have been the prime contractor under a different procurement gate.
Third, accountability becomes opaque. When something goes wrong on the ICT service, the construction prime contractor and the ICT sub-contractor each attribute the issue to the other. The entity holds the contract with the prime contractor, but the operational relationship is with the sub-contractor, and the dispute resolution is correspondingly complex.
4. The Treasury position
National Treasury's procurement framework does not require CIDB grading for ICT tenders. The CIDB Act itself applies to construction-related procurement; its application to pure ICT services tenders is not contemplated by the Act and has been questioned in procurement review correspondence on multiple occasions.
Where CIDB grading appears in ICT tenders, it is usually the result of an entity copy-and-pasting a template that was originally designed for a construction-adjacent procurement. The procurement officer may not realise the gate is inappropriate. The bidders who would have challenged it often simply don't bid.
The defensive response, if an entity has issued an ICT tender with a CIDB gate, is to issue a tender clarification removing the gate and re-advertising with the corrected specification. The corrected tender attracts a different and stronger field of bidders.
5. What to require instead
The replacements for CIDB grading on an ICT tender depend on the work being procured. Five examples cover most cases.
For managed services and end-user computing tenders: ICT sector code B-BBEE rating, ITIL Foundation certifications across the proposed delivery team, PMP or equivalent project management certification on the engagement lead, current vendor authorisations relevant to the technology stack, and audited service-level achievement on at least two previous comparable contracts with referenced clients.
For cybersecurity tenders: ISO 27001 certification of the supplier's own operations, named SANS or equivalent certifications on technical staff, demonstrable incident response experience, and PI cover specifically extending to cybersecurity advice.
For cloud transformation tenders: hyperscaler partner tier (AWS Premier, Microsoft Solution Partner, Google Cloud Partner), case studies in the relevant cloud platform, certified architects on the proposed team, and an exit plan for cloud workloads at the end of the contract.
For data and analytics tenders: data engineering case studies, POPIA Information Officer experience on the engagement lead, data architecture certifications, and references to comparable data-platform implementations.
For governance and advisory tenders: PMP, CGEIT, ITIL Master, or equivalent certifications, professional indemnity cover, and references from comparable advisory engagements.
None of the above maps to a CIDB grade. The procurement gates that matter for ICT services are domain-specific and supplier-specific.
This piece is written from the perspective of a procurement officer who has seen ICT tenders awarded badly because the wrong procurement gate was applied. Specific tender clarifications should be reviewed with Treasury or with procurement counsel before re-issuing.