TEMPLATE E – TECHNICAL APPROACH

The Treasurer and Tax Collector and Controller are separate departments each with a network group supporting their own LAN and server domain. Both departments utilize Active Directory Services for their Microsoft Server environments. Additionally, both offices exist within the CCSF WAN and utilize a variety of shared services from the Department of Technology (DT) including email and identity management for access to ERP and Financial products.

Instructions:Provide a narrative overview of how the proposed System will meet the project’s technical specifications. For each question, provide a one (1) to two (2) page essay along with any relevant user manual and/or reports.

1Technology Solution Requirements

1.1Technology Environment

1.1.1Deployment Method

Instructions: Describe the deployment model recommended for this project. Include experience with the recommended model. Cloud/Saas proposals should include description of experience implementing the solution in cloud environments as well as details of any offering from application service providers needed to support proposal.

1.1.2Server Architecture

Instructions: Describe the supported OS platforms and Server Configurations for the Proposer’s proposed System(s). Include minimum recommended specifications to support the proposed System in all required environments (e.g., development, testing, training, and production).

1.1.3Customer Architecture

Instructions: Describe the client (desktop) architecture for the Proposer’s proposed System. Include minimum recommended specifications (e.g., RAM, video RAM, disk space, processor speed) to support the proposed System, as well optional virtualized configurations to improve manageability and reduce operational costs, if appropriate.

1.1.4Data Storage Architecture

Instructions: Provide details on the data storage software and hardware components the Proposer proposes to use in its System, including the required redundant storage infrastructure if applicable.

1.1.5Tools

Instructions: Describe the details on the tools and utilities used to design, build, test, deploy, report, monitor, and operate the System and its components.

1.1.6Network Architecture

Instructions: Describe the Proposer’s proposed System approach to network topology and hardware required to achieve this architecture

1.2Performance

Instructions: Describe the Proposer’s proposed methodology for monitoring and reporting system performance, as well as the Proposer’s proposed approach to technology management. This includes the methods for centrally managing system resources such as servers, backup, archiving, and recovery equipment, databases, and applications. Provide details on the use of specialized tools the Proposer will use to automate and to track monitoring and management activities.

Describe the ability of the Proposer’s proposed System architecture to support:

  1. Internal Cityusers, external provider users, and customer users
  2. Mission-critical services/Service Level Agreements
  3. Ease of management
  4. Ability to upgrade (ease and compatibility)
  5. Virtualization and resource management
  6. Network performance requirements
  7. Meeting System response time requirements
  8. Data dashboard capabilities to facilitate the graphical display of technology performance metrics
  9. High availability and performance up time

1.3Data Integration

Instructions: Depending on the proposed Solution, the City’s requirement for data integration may include capabilities for message routing, message mapping, data transformation, protocol bridging, orchestration, end to end tracking, and legacy systems’ connectivity. Describe the Proposer’s proposed approach to Data Integration and supporting technologies. Refer to Attachment E for an overview of the Joint System Integration Plan.

1.4Business Intelligence and Reporting

Instructions: Describe the proposed approach to Business Intelligence (BI) and Reporting that should deliver a balanced set of capabilities across information delivery, analysis, development, and integration. Additionally, describe the Reporting approach for both canned and ad-hoc reports and the ability of the proposed System to provide dashboard capabilities. The Proposer’s approach, at a minimum, must take the following topics into consideration while providing the details:

  1. Use of Oracle BI as the primary data analytics tool
  2. BI infrastructure
  3. Scalable data architecture
  4. Data integration tools

1.5Scalability and Extensibility

Instructions: Describe the Proposer’s approach to Scalability and Extensibility of the proposed System including:

  1. Ability to meet future growth
  2. Configurability
  3. Flexibility to keep up with changing technology and regulatory needs
  4. Ease of maintenance
  5. Timing of upgrades and new version releases
  6. Approach to upgrades and patches or hot fixes in between significant versions

1.6Regulatory and Security

Instructions: Describe the Proposer’s proposed approach to Regulatory and Security Requirements. Consider how the Proposer’s approach to security should support technical controls and those technology solutions that must be secured to ensure the overall security of the System. The approach should potentially include, but not be limited to:

  1. How the system and application were designed with security in mind
  2. How the proposed approach leverages industry standards and models to apply security best practices
  3. How the solution contains the capability to provide user and site authentication
  4. The ability to recover from a failure of any single element
  5. Ease of Solution serviceability
  6. The support and active management of data sensitivity levels
  7. The application and system hardening processes

1.6.1Database Security

Instructions: Describe the Proposer’s proposed approach to ensure the confidentiality and integrity of the Database Management Systems responsible for managing data related to the proposed System.

1.6.2Software and Hardware Security

Instructions: Describe the Proposer’s proposed approach to develop and implement security measures that will provide security and protection for the System, including:

  1. Server OS security
  2. Customer OS security
  3. Mobile devices security
  4. Web server security
  5. Browser security
  6. POS terminal security

1.7Solution Administration

Instructions: Describe the system administration approach, procedures, and tools that will be delivered for the ongoing support and maintenance, including customization of the Proposer’s proposed System. Describe the proposed overall management framework, including proposed tools and procedures for:

  1. Application management and monitoring
  2. Web services management
  3. Systems management and monitoring
  4. Event management
  5. Identity and access management
  6. Network management and monitoring
  7. Performance monitoring
  8. Workload management

Describe any proposed third-party off-the-shelf management tools and include detailed information regarding provider, product and version.

1.7.1Technical Environments

Instructions: Proposers must describe the approach that will be taken to establish -

  1. Multiple environments (e.g., development, testing, training, production, and any disaster recovery sites as applicable to the solution delivery model proposed)
  2. Procedures used to migrate software from one environment to another
  3. Steps needed to maintain the synchronization between environments

1.7.2Technical Documentation

Instructions: Describe the technical documentation that comes delivered with the Proposer’s proposed System.

1.8Solution Management

Instructions: Describe the Proposer’s proposed approach to overall solution management including but not limited to:

  1. Centralized administration of changes/updates to distributed components
  2. SLA monitoring and reporting capabilities
  3. Support for City’s existing remote control capabilities
  4. Event management and monitoring functionality

1.9Mobile / Remote Computing

Instructions: Describe the proposed approach to remote access management.

  1. Describe any remote access polices or procedures
  2. Monitoring or reporting
  3. Maintenance of logs which include:
  4. Session status
  5. IP tracking
  6. Time and date tracking
  7. Intrusion monitoring

1.10Application and Database Backup and Recovery

Instructions: Describe backup and disaster recovery protocols. Answer should include at least the following:

  1. Written copy of current backup and DR protocols
  2. Location of backups if solution proposed is not hosted on the CCSF premises
  3. Backup and restore strategy
  4. Monitoring of backups
  5. Data encryption standards for backups
  6. Database maintenance plan

2Usability

Instructions: Describe the design approach and the characteristics of the user interface for the proposed System. The System must be designed provide feature rich systems that can deliver a consistent user experience.

2.1User Account Management

Instructions: Describe the User Account Management process. Responses should include documentation or user guides for user account management which include:

  1. Process of adding and managing users in the system
  2. Description of user roles
  3. Explanation of application of security roles in system, i.e., screen level, field level, functionality based
  4. Auditing user accounts

2.2Audit / Compliance

Instructions: Describe the Proposer’s proposed approach to support Audit and Compliance requirements, including an audit trail of all pertinent events, and giving due consideration to storage space and performance constraints. Examples of these events include:

  1. System start-up and shutdown
  2. Successful and unsuccessful login attempts
  3. User actions to access files or applications (successful and unsuccessful)
  4. Actions taken by system administrators and security personnel
  5. All administrative actions performed on the System
  6. Permission changes
  7. Creation of users and objects
  8. Deletion and modification of system files
  9. Registry key / kernel changes
  10. Skipped or rejected alerts
  11. Changes, additions or deletions to data (including operational and security data) sets identified by management
  12. Out of normal System operations usage or user access

2.2.1Regulatory / Policies

Instructions: Describe the Proposer’s approach for the proposed System to adhere to or enable state/federal regulations and County policies, including those listed under the Regulatory & Security worksheet tab in Template D – Requirements Response Matrices.

Property TaxSolution

RFP# TTX2017-09

Template E – Technical Approach

Page 1 of 6