Competitive procedure with negotiation
regarding
delivery and implementation of an IT solution for course and examination planning at Aarhus University
CONTENTS
CONTENTS 1
1. Introduction 4
2. Supplier’s obligations related to Operation 4
3. Operation of the Solution 4
3.1. Internal operation 4
3.2. External operation. 7
Instructions to Tenderers
This Appendix 7 contains the Costumer’s requirements in relation to the operation of the Solution.
The Supplier must as specified in the section below reply to the Customer’s requirements to one or more of the operational scenarios.
The tender documents use the following terminology regarding minimum requirements and requirements:
- Requirements that must be met in order to participate in the tender are referred to as minimum requirements (MR).
- The Supplier must not reserve any rights in respect of the minimum requirements.
- When submitting the tender, the Supplier must tick that all minimum requirements are met.
- High-priority requirements (R1) and lower-priority requirements (R2) do not have to be met in order to participate in the tender.
- R1 and R2 requirements can thus be fully met, partially met or not met at all, without the tender being deemed non-compliant.
The Supplier’s description of the degree and/or method of fulfilment of the Customer’s requirements (R1 and R2) will be considered as part of the Customer’s tender evaluation under the criterion “Time schedule and offered methods and processes”, sub-criterion “Operation”, see section 8.2.10.1 of the ITT.
If the operational solution offered by the Supplier only partially satisfies an R1 or R2 requirement, the Supplier must highlight the specific requirement in the requirements specification and describe the partial fulfilment.
The Customer’s evaluation of each requirement described in this Contract Appendix is further explained below and in section 8.2.10.1 of the ITT.
Variants
As specified in the ITT, tender variants are allowed.
This applies to the submission of both the initial and the final tender.
In the event that the Tenderer is able to perform operation of the Solution in more than one of the listed operational scenarios, the Tenderer may submit tenders to the relevant scenarios by the completion of this Contract Appendix 7 in more than one version.
If the Tenderer submits a tender for more than one of the operational scenarios, this Contract Appendix 7 should be named with an extension to the filename and document header stating with either “internal operation” or “external operation”.
All coordinated tenders must follow the specifications to the layout of the tender as specified in the ITT’s section 7.1.3.
The Tenderer may not submit variants of the tender in other ways than the above listed.
In the event that the Tenderer submits more than one variant of the tender all tenders will be evaluated in correspondence with the regulation in the ITT’s section 8.2.
Operational scenarios
As described in the ITT’s section 4 Object and background) the focus of this tender procedure is to identify an IT-system solution which supports the planning of courses and exams in the best way with focus on functionality, stability and availability as specified throughout the tender material.
The Contracting Authority’s IT-department sole focus is to support the university’s key main activities which are education and research.
In the effort to find the best operational platform for high quality course and examination planning throughout the university, the Contracting Authority will not exclude Tenderers or technologies by dictating the operational scenario of the course and examination planning solution tendered for.
Therefore this Contract Appendix 7 holds three different operational scenarios between which the Tenderers may choose. The Tenderers may submit tenders to one or more of the listed scenarios.
This section under the heading "Instructions to Tenderers" will not form part of the final Contract.
- Introduction
This Contract Appendix contains a detailed specification of the operational services the Supplier must deliver as part of the fulfillment of the Contract.
The Supplier’s Operation of the Delivery as regulated in this Contract Appendix 7 and clause 8.4 of the Contract must be offered at a fixed monthly price. This fee is part of the Service Delivery fee as specified in Contract Appendix 11.
- Supplier’s obligations related to Operation
R-7.1 The Supplier shall as part of its maintenance and support obligations in accordance with Contract Appendices 5 and 6 loyally participate in and support the Customer in the optimisation of the operation of the solution.
R-7.2 The Supplier must ensure that the operation of the Solution for the entire term of the agreement, comply with the requirements for response times, as defined in the Contract and Contract Appendix 6.
- Operation of the Solution
3.1. Internal operation
The requirements in this section 3.1 regulate the Suppliers responsibility related to Operation of the Solution when operated in the Customers IT-environment cf. Contract Appendix 2.
The Operation of the Solution must comply with the requirements as regulated in clause 8 of the Contract concerning Support, Maintenance and Operation.
Requirement no.2.1.1. / Specification of the Solution’s infrastructure and IT operating environment requirements / Requirement type
R1
The Supplier must specify the Solution’s infrastructure and IT operating environment requirements, taking into account the Customer’s requirements for the Solution’s capacity and service level goals (see Contract Appendix 6). The Supplier must base the above on the Customer’s IT environment (Contract Appendix 2). If there are areas where the Customer’s IT environment is in conflict with that of the Solution, the Supplier should note this. The Supplier should also note the need for consistency with other appendices (such as Contract Appendix 2, Contract Appendix 5, Contract Appendix 6 and Contract Appendix 15).
The Customer wants the specification to include at least the following different perspectives:
1. The establishment and operation of the necessary environments for any teaching/sandbox, support, maintenance and further development of the Solution.
2. The necessary software platform, including client platform, supported browser versions, OS, DB, app server, web server etc., and the scale of the various platform components with respect to licences.
3. The platform’s deployment of infrastructure and network components, including capacity requirements for hardware, CPU, memory, storage, bandwidth etc. and options for running on virtual servers specified for the various components included in the Solution.
4. The security perspective, including deployment in different zones, encryption, authentication and integrity of data flows, necessary system users on the various platforms etc., to ensure the Solution’s compliance with the Danish Act on Processing of Personal Data (Persondataloven), the Customer’s Information Security Policy and ISO 27001.
The Customer prefers that (part of) this description to be provided in the form of diagrams – e.g. UML. The architecture must demonstrate the Supplier’s best practice.
Fulfilment of the requirement
The Supplier must state whether the requirement has been fulfilled by ticking the relevant box. / No / Yes / Partially
Supplier’s response to the requirement
Requirement no.
2.1.2 / Installation instructions and scripts / Requirement type
R1
The Supplier must provide installation instructions and scripts for installation of the Solution in the specified environments, including rolling out any client software.
Fulfilment of the requirement
The Supplier must state whether the requirement has been fulfilled by ticking the relevant box. / No / Yes / Partially
Supplier’s response to the requirement.
Requirement no.
2.1.3 / Monitoring / Requirement type
R1
The Supplier must describe how operation of the Solution can or will be monitored to ensure the highest possible availability for users and the Customer’s compliance with third-party requirements. Special attention should be given to:
- Availability Management
- Incident/Problem Management and Root Cause Analysis
- Security Management
- Proactive Capacity Management
- Licence Management
The Customer wants a structured approach to logging errors and error coding which allows continuous automation of Incident Management based on, for example, error codes.
Fulfilment of the requirement
The Supplier must state whether the requirement has been fulfilled by ticking the relevant box. / No / Yes / Partially
Supplier’s response to the requirement.
The Supplier should respond to the requirement in the context of the chosen operation scenario.
Requirement no.
2.1.4 / Performance testing / Requirement type
R1
It must be possible to do performance testing, with a realistic load, on the user interfaces provided by the Solution, and a realistically populated and structured database. It must be possible to do the performance test using a simulation of the clients.
If the test can best be carried out using third-party tools, this may be noted
It must be easy to repeat the performance test, e.g. after an upgrade, and then compare to a previous baseline.
Performance testing must be possible for both the test and production environments.
Fulfilment of the requirement
The Supplier must state whether the requirement has been fulfilled by ticking the relevant box. / No / Yes / Partially
The Supplier must describe how the Customer can continuously do performance and load tests on the system.
Requirement no.
2.1.5 / Information about changes to the infrastructure / Requirement type
R1
If upgrades to the system involves that there are new requirement to the Customer's infrastructure/environments (sandbox, development, testing and production environments), the Supplier must communicate this to the customer in advance, cf. clause 7 and 25.2 of the Contract.
The customer should have the necessary time to implement the change and perform adequate and necessary testing. Depending on the complexity of the change, the length of 'necessary time' must be agreed between the supplier and the Customer.
Fulfilment of the requirement
The Supplier must state whether the requirement has been fulfilled by ticking the relevant box. / No / Yes / Partially
The Supplier must describe how they manage upgrades and the information send to the Customer.
3.2. External operation.
Requirement no.2.2.1 / Location of data centre / Requirement type
MR
The solution is expected to contain personal information that can be characterised as general, non-sensitive data under section 6 of the Danish Act on Processing of Personal Data (Persondataloven).
The Supplier must therefore ensure that the equipment used by the data centre or other equipment used for storing data is located in:
– Denmark
– Another EU member state, or
– One of the EEA countries – Iceland, Norway or Liechtenstein
Fulfilment of the requirement
The Supplier must state whether the requirement has been fulfilled by ticking the relevant box. / No / Yes / Partially
Requirement no.
2.2.2 / Establishment of production environment / Requirement type
R1
The Supplier must provide a production environment that satisfies the Customer’s general capacity and security requirements, as specified in Contract Appendix 3, which can meet the Customer’s service level goals for response times and availability, as specified in Contract Appendix 6.
The production environment must be provided in accordance with the time schedule in Contract Appendix 1.
Fulfilment of the requirement
The Supplier must state whether the requirement has been fulfilled by ticking the relevant box. / No / Yes / Partially
The Supplier must provide a description of the solution to the requirement
Requirement no.
2.2.3 / Establishment of sandbox, development and test environments / Requirement type
R1
The Supplier must establish a sandbox environment, a development environment and a test environment.
The following requirements apply to the above three environments:
· The sandbox environment must be a closed environment with the same functionality as the production environment.
· The development environment must be functionally identical to the production environment.
· The test environment must also be functionally identical to the production environment, and have the same structure (number of servers, network, FW, etc.).
The Customer does not have the same capacity requirements for the sandbox, development and test environments as for the production environment.
The number of users on the sandbox and development environments will normally be less than 10, while there will be less than 30 users on the test environment.
As long as the number of users is less than the above limits, the response times must be the same as in the production environment.
The three environments must be provided in accordance with the time schedule in Contract Appendix 1.
Fulfilment of the requirement
The Supplier must state whether the requirement has been fulfilled by ticking the relevant box. / No / Yes / Partially
The structure and equipment of the three systems must be described.
Requirement no.
2.2.4 / Operating procedures / Requirement type
R1
The Supplier must present operating procedures for managing all environments, i.e. the sandbox, development, test and production environments.
The Customer must have the opportunity to review the Supplier’s operating procedures.
The procedure for populating the three environments (sandbox, development and test environment) with production data must be described.
The Supplier must describe the process and content for backup, restore, establishment and re-establishment of environments.
Fulfilment of the requirement
The Supplier must state whether the requirement has been fulfilled by ticking the relevant box. / No / Yes / Partially
The Supplier should provide a response to the requirement below, and attach a description of the Supplier’s operating procedures.
Requirement no.
2.2.5 / Scalable operation solution / Requirement type
R1
The supplier must deliver a hosting environment where the production and test environments are scalable in step with the Customer’s ongoing use of the system.
Fulfilment of the requirement
The Supplier must state whether the requirement has been fulfilled by ticking the relevant box. / No / Yes / Partially
The Supplier should describe how the scaling of the operation solution is possible and procedures related to such scaling.
Requirement no.
2.2.6 / Reliable operation / Requirement type
R1
The Supplier should describe the robustness of the proposed hosting environment, and the areas where the hosting environment has built-in redundancy.
Fulfilment of the requirement
The Supplier must state whether the requirement has been fulfilled by ticking the relevant box. / No / Yes / Partially
The Supplier must provide a description of the solution to the requirement
Requirement no.