Briefing session presentation for ICT Security Services 2014

advertisement
ROAD ACCIDENT FUND
COMPULSORY BRIEFING SESSION
ICT SECURITY SERVICES
RAF /2014/00014
Date:
Time:
7 April 2014
10h00
AGENDA
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
Welcome and Introductions
Background
Purpose of the Bid
Evaluation Criteria
Pricing
Functional Criteria and points
Mandatory Criteria
Mandatory Documents
SLA
Submission of Bids
Contact details
Questions and Answers
WELCOME
 The Road Accident Fund (RAF) welcome all interested bidders to the Compulsory briefing
session for the invitation to bid for ICT Security Services
 The RAF team:
 Dinesh Govender
 JP du Plessis
 Lee Zietsman
Page 3
RAF – ICT
RAF – ICT
RAF – Procurement
Citrix Support
Background
The RAF ICT needs to improve security management across all
security aspects to manage risks and external threats.
To remain actively vigilant of external activities the RAF ICT must
maintain a 24/7 365 monitoring service to reduce the risk.
The RAF has identified the need to implement an information
awareness programme for all RAF employees to achieve information
security integrity and responsibility
Purpose
To achieve success in respect of the RAF ICT GRS objectives, the RAF ICT requires the services
of a highly experienced service provider to offer a fully integrated holistic “one-stop”
security management solution.
The bid comprises of three aspects of security concerns, governed by the RAF ICT:
External Security Monitoring
The RAF ICT will require the
services of a certified Cisco
service provider – minimum
Cisco Silver partnership.
The services should include
monitoring and predefined
direct responses to external
threats .
Gauteng
Vulnerability Management
Information Security
Awareness
The bidder is expected to
automate the process, provide
network discovery and mapping,
assessment reporting,
remediation tracking and
document compliance with
internal security policies as well
as external regulations. The
bidder must adhere to ISO27001
regulations and ICT Best
practices.
The objective of the
awareness programme is to
focus on the attention of
employees on maintaining
the confidentiality, integrity,
and availability of information
assets as well as their role
and responsibility in achieving
information security.
Gauteng
Regional
PROJECT MANAGEMENT
Page 5
Citrix Support
Evaluation Criteria
 The
Bid evaluation will be based on the following:
− Mandatory Requirements
− Evaluation: Technical / Functionality – 90 points
− Evaluation: Presentation – 10 points
» The bidders who score more than 65 points out of the 90 points before
presentations will be shortlisted for presentations and those that score
below, will be disqualified.
» Presentations will be scheduled with the individual qualified bidders
before final evaluation. Presentations will take place on the date
scheduled by the Bid Evaluation Committee at the RAF premises in Eco
Glades. Bidders will be given Three (3) days to prepare presentation.
− Price and BEE Evaluations (90/10 points)
Page 6
Citrix Support
Bid Mandatory Requirements
• Provide proof of ability to provide the services by submitting references in respect of each of the
category of services required by the RAF – Client Reference sheet
• Capability of delivering an end to end solution in respect of all three security aspects relating to:
External Security Monitoring, Vulnerability Management and Information Security Awareness This can be done as a single service provider, consortium or Joint Venture
• Company Certification and Accreditation with reference to the services requested for following
requirements:
− External Security Monitoring – Cisco Accredited Partner
− Vulnerability Management – Industry Standard Vulnerability Management accreditation for
services and tools.
• Dedicated Project Manager to manage the contract for the period of two years, conduct monthly
meetings, or as and when required and provide progress reports to the RAF ICT management.
Page 7
Citrix Support
Functionality Criteria
Technical / Functional Evaluation
Points
1.
Experience of the Company:
The Bidder must indicate the number of years experience in providing
security services – Year allocation table per requirement to be completed
20
2.
Project Management:
It is required that the bidder provide minimum of 2 references of the
resource assigned as project manager – Reference sheet to be completed by
clients
20
3.
Resources:
The bidder is requested to indicate the years of experience and qualification
of the relevant resources. Resource CV’s must be attached and proof of
certification.
External Security Monitoring - CCIE (Security) / CCNP (Security) / CCSP
(Security) / CCNA (Security)
Vulnerability Management – CEH / SANS
Information Security Awareness – CISM / CISSP
50
.
Page 8
Citrix Support
Functionality Criteria
Technical / Functional Evaluation
4.
Points
Presentation
Methodology
The bidder must include as part of their presentation proposal a
methodology that must provide for the following:
Holistic end to end solution
Percentage of time allocated on site and off site
Resources allocated for each component of the security service bid and
capabilities
Access to systems
Performance management
10
Total points
100
All Bidders who score LESS than 65 points on overall functionality including
presentations shall not be considered for further evaluation on Price and BBBEE
Page 9
Citrix Support
Pricing Schedule
Page 10
Citrix Support
Pricing Schedule
Page 11
Citrix Support
Mandatory Documents
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Original and valid SARS Tax Clearance Certificate – No copies accepted
Certified copy of VAT registration certificate, if applicable
Annual Financial Statements with signed audit report
Original certified copies of your CIPRO/CIPC company registration documents listing all members with
percentage members interest, in case of a close corporation
Original certificate of good standing or proof of application issued by the Compensation Fund (COID) or a
licensed compensation insurer
B-BBEE certificate by an accredited verification agency (South African bidders only)
Confirmation of vendor registration with the RAF, if already registered
Schematic representation of bidder structure, indicating holding company, shareholders, members,
affiliates, franchisees, etc., as applicable
Shareholding / membership breakdown per race, gender and percentage shareholding with shareholders of
the bidding company who are not individuals
Declaration of interest
If the bidder is a joint venture, consortium or other unincorporated grouping of two or more persons /
entities, a copy of the joint venture agreement between the members
Completed price schedule with detailed breakdown
Completed Bidder's Particulars
Bid Conditions
Signed Instructions to Bidders and any other additional bid requirements, such as proof of certification, etc..
Page 12
Citrix Support
SLA
Bidders will need to comply to the following SLA terms and Conditions:
 Each page of the SLA is to be initialed and signed copies of the SLA must be
submitted in duplicate
Subject to the Conditions of Contract, the Contract shall endure for a period
of 2 (two) years from the Implementation Date.
Penalties shall be calculated based on the period by which a specific Key
Milestone is missed.
Submission of Bid Responses
• One original completed and signed bid submission marked ORIGINAL with 2 copies
• Two envelope system – submit PRICE/BEE and Financials in a separate file/envelope clearly
marked with bidders details and bid reference
• Original Bid document must be completed and not separated in file, all pages must be
maintained as Section 1 of the bid submission, thereafter additional required documents are to
be referenced and indexed
• All bids submissions must be hand delivered and put in the tender box at reception.
• All bids being delivered must be registered by company name in the Bid registration file at
Reception.
Submission Address :
RAF ECO GLADES
420 WITCH HAZEL AVENEUE
CENTURION
11am on the Friday 9th May 2014 at 11am
Bidders will be disqualified if they fail to submit bid response by the closing date and time
Page 14
Citrix Support
Contact Details
 All queries and questions must be in writing via email to leez@raf.co.za
 No telephonic queries will be accepted
 Briefing Session attendance register will be published to web, together with minutes
taken at briefing session
 All Q&A details will be published to the RAF website www.raf.co.za on the 22nd April
2014
Questions and Answers
Bidders to ask bid related questions to line management
Thank You
Download