Australia Council for the Arts 2017 RFT – Applicant Information: Part E

October, 2017

Part E: Applicant Information
Applicant Name

To be Completed and Returned as part of RFT

October 2017

Version25/10/17

CONTENTS

1Introduction

1.1Overview

1.2Form of Responses

1.3Required Compliance and Pricing Schedules

2Applicant Details

2.1Declaration of compliance

2.2Conflict of Interest

2.3Applicant Information

2.4Contractual Compliance

3General Information Requirements

3.1Software as a Service Details

3.2References and Federal Government Experience

3.3Certifications and Compliance

3.4CRM Core Function Integration

3.5Financial and Litigation Details

3.6Insurance Details

4Part B System Requirements

4.1Introduction

4.2Media Monitoring and Social Feeds

4.3Payment Gateway Details

4.4User Types

4.5Security Design

4.6Integration Standards

4.7Service Desk Integration

4.8Technical Standards

4.9Implementation Plan

4.10Risk Assessment

5Part C Information Requirements

5.1Introduction

5.2ITSM Standards and Best Practices

5.3Service Agreement

5.4Service Terms

5.5Service Catalogue

5.6ITSM Arrangements

5.7Release and Change Processes and Timing

5.8Sample Bill, Reports and Online Admin Portal

5.9Additional Service Requirements

5.10Service Level Agreements

5.11System Administrator Access

5.12Data Back Up and Recovery

5.13Data Archiving, Retention and Records Management

5.14Change Management Levels

5.15Continuous Service Improvement

6Pricing

6.1Pricing Worksheet Details

6.2SaaS Pricing Assumptions

6.3Implementation Pricing Assumptions

1Introduction

1.1Overview

Please use this document to provide the additional applicant information as requested.

1.2Form of Responses

Please complete all sections of this document and completed Workbooks 1 – 4 listed below.

Example files can be referenced and attached in a zip file as required. Please include your vendor name in all file names.

1.3Required Compliance and Pricing Schedules

In addition to the completion of this document, Part E, please ensure the following workbooks are completed as part of your response:

  • Workbook 1: Response to Part B Detailed Systems Requirements
  • Workbook 2: Response to Part C IT Service Management Requirements
  • Workbook 3: Pricing (please see Pricing section below for completion details)
  • Workbook 4: Service Level Requirements for Part C schedules

2Applicant Details

2.1Declaration of compliance

Our response fully complies with the Request for Tender and we agree to all draft contract conditions.

2.2Conflict of Interest

You must declare any actual or perceived conflict of interest that is likely to arise if your submission is the successful tender and how this conflict is proposed to be managed. This may include for example, where your organisation is also a product vendor or provider of technology solutions.

Where, in the opinion of the Australia Council, the conflict of interest is one that compromises the integrity of the tender process and likely to be unable to be satisfactorily managed, the Australia Council reserves the right to treat your submission as unsuccessful.

2.3Applicant Information

Please record applicant details below

Full name of Applicant:
Trading or business name:
Tenderer’s Contact:
Name:
Address:
Email:
Mobile:
Registered office
The principal place of business:
Australian Company Number and Australian Business Number:
Place and date of incorporation:
Management Structure

2.4Contractual Compliance

Please detail any clauses in Part D, Contract Conditions where the applicant is non-compliant

Section / Non Compliance

3General Information Requirements

3.1Software as a Service Details

Please provide the details of your proposed service, noting only Salesforce or Microsoft Dynamics 365 are being considered for CRM functionality due to need for IRAP compliance.Add on apps should be included in additional columns as needed.

Solution & Applicant Details / Details (for each separately sourced component or add in) / Details (for each separately sourced component or add in)
Software name
Software source
Hosting Basis (Public Cloud, Hosted application)
Hosting Platform
Security Compliance
Federal Government clients of SaaS solution
Estimated number of installations – Australia
Locations of AC data
Location of software development
Applicant relation with software developer (e.g. installation partner)
Number of installations for which the partner is responsible
Latest software release date
Software version
Release cycles

3.2References and Federal Government Experience

Vendors need to supply two references for their proposed services. Where multiple vendors are partnered in a bid two references must besupplied for each partner.Federal Government best practice requires outsourced vendors are already working with like clients. Two references for cloud deployment of Federal Government CRM or equivalent production systems must be provided.

Vendor Name(s) / Vendor Name(s) / Vendor Name(s) / Vendor Name(s)
Reference name
Reference Service Description
Service Duration / Start End
Current Status
Reference Contact Name
Reference Contact Email and Phone

3.3Certifications and Compliance

Vendors are required to be certified to a number of relevant ISO and related security and service provider standards. Vendors must provide certification details against each of the required standards, and any addition relevant qualifications.

Vendor to also detail their security policies, framework and principles for complying with best practice guidelines such as APRA CPG 234 including and relevant audit reports.

Vendors are to outline their compliance program for continually monitoring control systems in accordance with the above standards. Copies of audit reports where published should be attached.

Standard / Certification Details

Please attach copies of relevant certificates and compliance reports.

3.4CRM Core Function Integration

Applicants should provide details of the overall infrastructure solution that is proposed, reflecting the Council overall CRM centred and Office 365 / Azure architecture.

Please insert or attach solution architecture based on either Salesforce or Microsoft Dynamics 365.

3.5Financial and Litigation Details

The applicant must provide their last two years audited financials and corporate structure to support Council’s due diligence process.

All vendors should detail any litigation or claims concerning their products or services in the last two years.

3.6Insurance Details

Vendors should supply details of current insurance policies for workers compensation, public, product and professional liabilities including policy details and coverage.

Insurance / Policy Cover / Policy Details
Works Compensation
Public Liability
Product Liability
Professional Indemnity

4Part B System Requirements

4.1Introduction

Please complete Workbook 1: Response to Part B Detailed Systems Requirements to record compliance with stated requirements. (Excel Spreadsheet)

4.2Media Monitoring and Social Feeds

Please detail social and media monitoring capabilities of your solution in Part E

4.3Payment Gateway Details

Please list supported payment gateways as requested in Part B, Section 4.9 Payment Gateways.

4.4User Types

Please provide details of license or subscription types to support the core CRM module users versus the Business / Management users defined in Part B, Section 7.1 User Numbers.

4.5Security Design

Please provide details of identification, authentication and access management functions provided to secure the service Part B, Section 7.6 Technical Requirements.

4.6Integration Standards

Please provide details of integration services and standards used to support integration with SaaS Financial applications and other systems in accordance with Part B, Section 7.6 Technical Requirements

4.7Service Desk Integration

Please details of Service Desk and status and service availability feeds and integration options with Australia Council’s Primary Service Desk in accordance with Part B, Section 7.6 Technical Requirements.

4.8Technical Standards

Vendors should indicate proposed changes to Council’s existing technical standards as set out in Part B Section 7.7 Technical Standards and referenced in the table below:

Technical Component / Current Standard / Planned / Allowable Standard
Development Environment / .Net 4.5, Java, Eclipse, Visual Studio 2012
Integration Services / Web services
Server Platform / Win Server 2008 r2, / Win Server 2016 to be implemented for Cloud system
Database Server / SQL Server 2008 r2, / SQL Server 2016 for cloud systems
Security / AD 2008 / Azure AD
Virus Scanning / McAfee
Real time monitoring / SCOM and SCCM / SCCM and InTune
Communications / Telephony / Lync 2013
Digital Rights Mgt / Microsoft DRM
Virtualisation / VM Ware / Hyper-V is expected
Virtual Desktop / None
Email / Exchange 2010 / Office 365
Desktop / Windows 7 / Windows 10 Enterprise Edition
Virtual Desktop / Citrix / None
Desktop client / Standard PC has i5 4gb of RAM and 500 gb disk / Desktop refresh under way
Internet / IE 11 / Planning underway for IE 11 / Edge
Office / Office 2010 / Office 365 / 2016
Exchange archive / Exchange / Office 365
Intranet / Search / SharePoint 2010 / Office 365 / SharePoint Online
Backup / Commvault / Azure Back Up
VPN / Junos / Vendor to detail preferred solution
Phones / Lync compatible Polycom CX600
Mobile Phone / iPhone
Wi-FI / Maraki

Given the CRM system may be live before the desktop refresh and Cloud IaaS migration is complete, and the current not the planned environment may still be in place please provide details where the current environment may impose a constraint to the proposed solution, noting in particular the Java and Citrix environments.

4.9Implementation Plan

Please provide implementation Plan as requested in Part B, Section 8 IMPLEMENTATION APPROACH and Part CSchedule 9 Service Transition Plan. This should include

  • a Risk Management Plan
  • proposed implementation team and their availability to meet Council target dates.
  • details on the implementation team including relevant qualifications and experience
  • Specifically address tasks identified in Part C Schedule 9 to ensure full readiness criteria are met prior to go live with any new or changed service.

4.10Risk Assessment

Please provide a Risk Management Planas requested in Part B, Section8 IMPLEMENTATION APPROACH.

5Part C Information Requirements

5.1Introduction

Please complete Workbook 2: Response to Part C ITSM Requirements to record compliance with stated requirements.

5.2ITSM Standards and Best Practices

Please detail ITSM systems and processes in accordance with Part C 1.1 OVERALL REQUIREMENTS.

Where service responsibilities are split between the applicant as a partner or agent of a SaaS service these details need to be provided for both and a RACI or table detailing the split of responsibilities of each party.

5.3Service Agreement

Applicants should provide their Service Agreement in accordance with Part C. 1.4 FORM OF CLOUD SERVICES AGREEMENTand 1.6 SPECIFIED ITSM CLOUD SERVICES, Service Guideline 5.7 Establish a cloud service agreement

Where parts of the solution are provided by separate service providers or vendors, such as specific add ins, service terms and agreements should be provided for each separate product or service.

5.4Service Terms

Applicants should detail their Service Terms in accordance with Part C. 1.5 AVAILABLE SERVICE TERMS

The Applicant must detail the SaaS service terms including

a)Standard service term type for example “Subscription Service”

b)Charge types including per various user licenses or access, and any separate data storage or transfer (data in or out) charges, processing changes, or service requests (as per the service catalogue required in Section 1.7 below)

c)Standard service term or subscription period for example “Monthly” or “Annual”

d)Minimum service term, normal service term, extended service term where applicable

e)Discounts if any for extended terms such as three and five year contracts

f)Scale up or scale down service fees or costs

g)All and any exit or termination fees

h)Standard service hours for Council and 24 x7 support for applicants in defined lodgment periods

i)Extended service options (see below)

Applicants should outline all details of theses service terms and all applicable charges in Part E – Applicant Information, Service Terms and Charges.

Please note the service terms below define business hours as being from 7AM to 7 PM five days a week and also request 24 x 7 support of applicants during defined application lodgement periods, and a VIP service request service (elevating response times) for up to 5 nominated users. Applicants should indicate in their response:

  • Their standard service hours
  • Cost if any of the direct applicant support using the application portal
  • Any cost where this is less than the Council defined hours of the extended service
  • Whether a VIP service is provided and if so the additional cost (if any)

5.5Service Catalogue

Applicants should provide their Service Catalogue in accordance with Part C. 1.6 SPECIFIED ITSM CLOUD SERVICES, Service Guideline 5.3 Provide a catalogue of cloud services

This catalogue should align with ISO 20000-1, 6.1 and ISO 20000-9, Scenario 3 Service Catalogue details

5.6ITSM Arrangements

Please detail ITSM ISO 20000 compliance or assurances of ITILv3 (2011) best practices, including Service Management tools and service management arrangements where the Applicant is a partner of agent for a SaaS service.

Please confirm agreement to cooperate with other vendors including overall infrastructure support partner and CRM partner. Where a RACI is available that covers ITSM and system integration responsibilities, a copy should be included as part of the Service Agreement above. A RACI will need to be agreed as part of the Statement of Work to ensure responsibilities between vendors for support and integration are clear.

5.7Release and Change Processes and Timing

Please detail upgrade plans and options in accordance with Part C. 1.6 SPECIFIED ITSM CLOUD SERVICES, Service Guideline 5.12 Check and improve the SMS and cloud services

5.8Sample Bill, Reports and Online Admin Portal

Applicants should provide sample bills and monthly reports in accordance with Part C. 1.6 SPECIFIED ITSM CLOUD SERVICES, Service Guideline 5.10 Monitor and report cloud services.

This should include details of web monitoring and reporting portal available to Council across all relevant services.

5.9Additional Service Requirements

Applicants should provide response to each item set out in Part C Section 1.7 Additional Service Requirements.

Policy / Contractual Requirement / Required Details / Application Response
DR and BCP (aka IT Service Continuity Management) / Applicant to detail service guarantees including RTO / RPO levels
Australia Council requirement is for 2 hours / 2 hours
Security management / Applicant to confirm compliance with IRAP or ISO 27000 series.
Risk Management framework / Applicant to provide details of their Risk Management Framework and how it is used. The risk management framework should be used to proactively monitor and manage potential issues before they materialise. This framework should be updated at least six monthly to reflect changing risks and issues.
Council data protection / Applicant to confirm location of Council data, redundancy and backup, form of encryption (if any) and data protection policies, including specific compliance with relevant IT security standards in accordance with Federal Government cloud policies.
Vendor cooperation / Applicant to confirm co-operation with Council’s main IT Cloud Service Partner for IT Service Management, including incident and problem management, and change management.
Where a RACI is available that covers ITSM and system integration responsibilities, a copy should be included as part of the Service Agreement above. A RACI will need to be agreed as part of the Statement of Work to ensure responsibilities between vendors for support and integration are clear.
In terms of Service Desk functions, ideally an integrated interface will be provided to the Australia Council primary service desk, with updates to seamlessly flow from the SaaS service desk Applicants are requested to provide Service Desk integration and data feed options in Part E under Section 4.6 Service Desk Integration
Annual reviews / Applicant to confirm process for annual review of service, including presentation to Council management of service performance and planned or suggested service improvements
Transition Out / Applicant to confirm agreement with Disengagement Plan contract terms.
Australia Council access to itsdata during the service period and transition Out period must be agreed as part of contract terms.

5.10Service Level Agreements

Please complete Workbook 4 Service Level Requirements to respond to service level requirements in Schedules 1 to 10 of Part C.

5.11System Administrator Access

Please detail System Administration Access procedures to Australia Council data in accordance with Part C Schedule 1DATA PROTECTION, BACK UP, RETENTION AND RECORD KEEPING, Section B System Administration Access

This description will form part of the final contract schedule once agreed

5.12Data Back Up and Recovery

In accordance with Part C Schedule 1DATA PROTECTION, BACK UP, RETENTION AND RECORD KEEPING please detail how data backup is performed, including granularity, and expected response times, noting all backups regardless of technology must be:

  • Encrypted
  • On a separate or removable media to primary or secondary data sets

This description will form part of the final contract schedule once agreed

5.13Data Archiving, Retention and Records Management

In accordance with Part C Schedule 1DATA PROTECTION, BACK UP, RETENTION AND RECORD KEEPING please detail how data is archived and retained.

Please also indicate compliance with ISO 16175 (part 3).

This description will form part of the final contract schedule once agreed

5.14Change Management Levels

In accord with Part C Schedule 6, Change and Release Management, please detail the types of changes that are performed:

  • Without Australia Council notification or approval
  • With reasonable notification but without approval
  • With advanced notification with an option for Council to defer or “opt out”
  • Which Council requires that would entail approval by the Applicant

Any items in the service catalogue that require change approval to implement should also be indicated

5.15Continuous Service Improvement

In accord with Part C Schedule 8B, Continuous Service Improvement and Reporting, please detail

  • The Contractor should indicate in Part E the operation of any user forums or communities and their role in determining future enhancements.
  • The options for Council to request system enhancements, how these are costed and implemented in the solution, and the impacts of such changes on future upgrades and support costs.

6Pricing

6.1Pricing Worksheet Details

The attached Workbook 3 Pricing includes four worksheets covering:

  • Schedule of Service charges:Please add items for all SaaS charges including user, data, backup and ITSM, support and other ongoing charges. Charges can be entered as monthly or annual charges but the extended total must be for 12 months.The worksheet also allows for annual paid in advance, 3 year and 5 year term discounts to be indicated.The worksheet also provides an option to “pre-purchase” support hours as potentially a more cost-effective option to fixed support costs. Please complete if this is an option.
  • Implementation and Transition In Costs: Please add items to cover implementation services, transition in charges, integration development, and any customisation costs
  • Changes and Transition Out Costs: Please add charges for changes including adding service catalogue items, and any fixed or variable transition out costs
  • Schedule of Professional Rates: Please detail schedule of rates charges by resource type for ongoing project or change request work

6.2SaaS Pricing Assumptions

Please indicate any relevant pricing assumptions that Council needs to consider in reviewing your pricing

Assumption / Pricing Implication
Please add as required

6.3Implementation Pricing Assumptions

Please indicate any relevant implementation pricing assumptions that Council needs to consider in reviewing your pricing, including any integration assumptions:

Assumption / Pricing Implication
Please add as required

1 | Page