ROAD ACCIDENT FUNDCOMPULSORY BRIEFING SESSION
ICT SECURITY SERVICESRAF /2013/00043
Date: 6 December 2013
Time: 10h00
AGENDA
1. Welcome and Introductions
2. Background
3. Purpose of the Bid
4. Evaluation Criteria
5. Pricing
6. Functional Criteria and points
7. Mandatory Criteria
8. Mandatory Documents
9. SLA
10. Submission of Bids
11. Contact details
12. Questions and Answers
Page 3 Citrix Support
WELCOME
The Road Accident Fund (RAF) welcome all interested bidders to the Compulsory briefing session for the invitation to bid for ICT Security Services
The RAF team:
Dinesh Govender RAF - ICT
Caston Dutuma RAF - Procurement
Lee Zietsman RAF – Procurement
Sipho Ndlovu RAF - Procurement
Background
The RAF ICT needs to improve security management across all security aspects to manage risks and external threats.
To remain actively vigilant of external activities the RAF ICT must maintain a 24/7 365 monitoring service to reduce the risk.
The RAF has identified the need to implement an information awareness programme for all RAF employees to achieve information security integrity and responsibility
Page 5 Citrix Support
PurposeTo achieve success in respect of the RAF ICT GRS objectives, the RAF ICT requires the services of a highly experienced service provider to offer a fully integrated holistic “one-stop” security management solution.
The bid comprises of three aspects of security concerns, governed by the RAF ICT:
External Security Monitoring
The RAF ICT will require the services of a certified Cisco service provider – minimum Cisco Silver partnership. The services should include monitoring and predefined direct responses to external threats .
Vulnerability Management
The bidder is expected to automate the process, provide network discovery and mapping, assessment reporting, remediation tracking and document compliance with internal security policies as well as external regulations. The bidder must adhere to ISO27001 regulations and ICT Best practices.
Information Security Awareness
The objective of the awareness programme is to focus on the attention of employees on maintaining the confidentiality, integrity, and availability of information assets as well as their role and responsibility in achieving information security.
Gauteng Gauteng Regional
PROJECT MANAGEMENT
Page 6 Citrix Support
Evaluation Criteria
The Bid evaluation will be based on the following:
− Mandatory Requirements
− Evaluation: Technical / Functionality – 90 points− Evaluation: Presentation – 10 points
» The bidders who score more than 65 points out of the 90 points before presentations will be shortlisted for presentations and those that score below, will be disqualified.
» Presentations will be scheduled with the individual qualified bidders before final evaluation. Presentations will take place on the date scheduled by the Bid Evaluation Committee at the RAF premises in Eco Glades. Bidders will be given Three (3) days to prepare presentation.
− Price and BEE Evaluations (90/10 points)
Page 7 Citrix Support
• Provide proof of ability to provide the services by submitting references in respect of each of the category of services required by the RAF – Client Reference sheet
• Capability of delivering an end to end solution in respect of all three security aspects relating to: External Security Monitoring, Vulnerability Management and Information Security Awareness - This can be done as a single service provider, consortium or Joint Venture
• Company Certification and Accreditation with reference to the services requested for following requirements:
−External Security Monitoring – Cisco Accredited Partner
−Vulnerability Management – Industry Standard Vulnerability Management accreditation for services and tools.
• Dedicated Project Manager to manage the contract for the period of two years, conduct monthly meetings, or as and when required and provide progress reports to the RAF ICT management.
Bid Mandatory Requirements
Page 8 Citrix Support
Functionality CriteriaTechnical / Functional Evaluation Points1. Experience of the Company:
The Bidder must indicate the number of years experience in providing security services – Year allocation table per requirement to be completed
20
2. Project Management:It is required that the bidder provide minimum of 2 references of the resource assigned as project manager – Reference sheet to be completed by clients
20
3. Resources:The bidder is requested to indicate the years of experience and qualification of the relevant resources. Resource CV’s must be attached and proof of certification.External Security Monitoring - CCIE (Security) / CCNP (Security) / CCSP (Security) / CCNA (Security)Vulnerability Management – CEH / SANSInformation Security Awareness – CISM / CISSP
.
50
Page 9 Citrix Support
Functionality Criteria
Technical / Functional Evaluation Points
4. PresentationMethodologyThe bidder must include as part of their presentation proposal a methodology that must provide for the following:Holistic end to end solutionPercentage of time allocated on site and off siteResources allocated for each component of the security service bid and capabilitiesAccess to systemsPerformance management
10
Total points 100
All Bidders who score LESS than 65 points on overall functionality including presentations shall not be considered for further evaluation on Price and BBBEE
Page 10 Citrix Support
Pricing Schedule
Page 11 Citrix Support
Pricing Schedule
Page 12 Citrix Support
Mandatory Documents
• Original and valid SARS Tax Clearance Certificate – No copies accepted
• Certified copy of VAT registration certificate, if applicable
• Annual Financial Statements with signed audit report
• Original certified copies of your CIPRO/CIPC company registration documents listing all members with percentage members interest, in case of a close corporation
• Original certificate of good standing or proof of application issued by the Compensation Fund (COID) or a licensed compensation insurer
• B-BBEE certificate by an accredited verification agency (South African bidders only)
• Confirmation of vendor registration with the RAF, if already registered
• Schematic representation of bidder structure, indicating holding company, shareholders, members, affiliates, franchisees, etc, as applicable
• Shareholding / membership breakdown per race, gender and percentage shareholding with shareholders of the bidding company who are not individuals
• Declaration of interest
• If the bidder is a joint venture, consortium or other unincorporated grouping of two or more persons / entities, a copy of the joint venture agreement between the members
• Completed price schedule with detailed breakdown
• Completed Bidder's Particulars
• Bid Conditions
• Signed Instructions to Bidders and any other additional bid requirements, such as proof of certification, etc.
SLA
Bidders will need to comply to the following SLA terms and Conditions:
Each page of the SLA is to be initialled and signed copies of the SLA must be submitted in duplicate
Subject to the Conditions of Contract, the Contract shall endure for a period of 2 (two) years from the Implementation Date.
Penalties shall be calculated based on the period by which a specific Key Milestone is missed
Page 14 Citrix Support
SLA
The Service Provider shall provide the Fund with a Performance Guarantee in the form and substance acceptable to the Fund and issued by the Service Provider’s bank, to the value of R500 000.00 (Five Hundred Thousand Rand) and which shall form part of the performance Gaurantee which must be confirmed within 5 days of the signing of the Contract.
Page 15 Citrix Support
Submission of Bid Responses
• One original completed and signed bid submission marked ORIGINAL with 2 copies
• Original Bid document must be completed and not seperated in file, all pages must be maintained as Section 1 of the bid submission, thereafter additional required documents are to be referenced and indexed
• All bids submissions must be hand delivered and put in the tender box at reception.
• All bids being delivered must be registered by company name in the Bid registration file at Reception.
Submission Address :
RAF ECO GLADES
420 WITCH HAZEL AVENEUE
CENTURION
11am on the 20th December 2013
Bidders will be disqualified if they fail to submit bid response by the closing date and time
Contact Details
All queries must be in writing via email to [email protected]
No telephonic queries will be accepted
All Questions to be addressed at Briefing Session
All Q&A details will be published to the RAF website www.raf.co.za on date
Questions and Answers
Bidders to ask bid related questions to line management
Thank You