tr 0002341 infrstructure
TRANSCRIPT
-
8/2/2019 TR 0002341 INfrstructure
1/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 1 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
Request for Proposal (RFP)
for
Selection of Service Provider for Conducting
Comprehensive Audit of IT Infrastructure ( Data Centre/Disaster Recovery
Centre)
Bank of BarodaProject Office
Baroda Corporate CentreMumbai
Nov 03, 2009
-
8/2/2019 TR 0002341 INfrstructure
2/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 2 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
[A] Important Dates :
1. Issuance of RFP Document by Bank from : 06/11/2009
2. Last Date of Submission of Response by the Bidder : 30/11/2009
[B] Important Clarifications :
Following terms are used in the document interchangeably to mean:
1. Bank of Baroda, BOB, BoB, and Bank means Bank of Baroda.
2. Recipient, Respondent and Bidder means Respondent to the RFP
Document.3. RFP means the Current RFP Document
4. SP Means the Service Provider
Confidentiality
This document is meant for the specific use by the Company / person/s interested to participate in thecurrent tendering process. This document is in its entirety is subject Copyright laws. Bank of Barodaexpects the bidders or any person acting on behalf of the bidders to strictly adhere to the instructionsgiven in the document and maintain confidentiality of information. The bidders will be held responsiblefor any misuse of the information contained in the document and liable to be prosecuted by Bank ofBaroda in the event of such a circumstance is brought to the notice of the Bank. By downloading thedocument, the interested party is subject to confidentiality clauses.
-
8/2/2019 TR 0002341 INfrstructure
3/48
-
8/2/2019 TR 0002341 INfrstructure
4/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 4 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
1. Introduction and Disclaimer
This Request for Proposal document (RFP) has been prepared solely to enableBank of Baroda in the selection of suitable organizations to tender for theprovision for conducting Comprehensive Audit of the IT infrastructure installedunder the Technology Enabled Business Transformation Project.
The RFP document is not a recommendation, offer or invitation to enter into acontract, agreement or other arrangement in respect of the services. The provisionof the services is subject to observance of selection process and appropriatedocumentation being agreed between Bank of Baroda and any successful bidderas identified after completion of the selection process as detailed under Section III, Para 22.
2. Information Provided
The RFP document contains statements derived from information that is believed
to be reliable at the date obtained but does not purport to provide all of theinformation that may be necessary or desirable to enable an intending contractingparty to determine whether or not to enter into a contract or arrangement withBank of Baroda in relation to the provision of services. Neither Bank of Barodanor any of its employees, agents, contractors, or advisers gives any representationor warranty, express or implied as to the accuracy or completeness of anyinformation or statement given or made in this RFP document. Neither Bank ofBaroda nor any of its employees, agents, contractors, or advisers has carried outor will carry out an independent audit or verification or due diligence exercise inrelation to the contents of any part of the RFP document.
3. For Respondent Only
The RFP document is intended solely for the information of the party to whom itis issued and no other person or organisation.
4. Service Provider Eligibility Criteria
The SP company is required to meet the following eligibility criteria and provideadequate documentary evidence for each of the criteria stipulated below:
1. SP Must be a Government Organization/PSU/PSE/partnership firm/LLPor limited company.
2. SP Must be in existence for five years as on 31.03.2009 (in case ofmergers/acquisition/restructuring or name change, the date ofestablishment of the earlier/original Partnership Firm/Limited Companycan be taken in to account).
3. Must have a minimum turnover of atleast Rs 2 Billion in the past two yearsout of which, at least, 25% of the revenue must have come from the testing& Consulting Services
-
8/2/2019 TR 0002341 INfrstructure
5/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 5 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
4. Must have made profits for the past 3 years in succession5. Must have never been blacklisted/barred/disqualified by any
regulator/statutory body.6. Must have the experience in reviewing of IT Infrastructure Systems.7. Must not be application implementor/Solution providers, assistance
providers for implementation with an alliance with Hewlett Packard inBank of Barodas Project.
8. Must not be a direct competitor providing solution/application beingprovided/ Implemented by Hewlett Packard to the Bank.
9. Must have on rolls at least one Project Manager and one additionalmember who has similar experience as that of the (Project Manager) teamleader who would have personally involved in at least one similarassignment. The Engagement Manager must have at least experience of theTesting Services and Audit Services for 3 years.
10.Must have existence in India.
5. Confidentiality
The RFP document is confidential and is not to be reproduced, transmitted, ormade available by the Recipient to any other party. The RFP document isprovided to the Recipient on the basis of the undertaking of confidentiality givenby the Recipient to Bank of Baroda. Bank of Baroda may update or revise the RFPdocument or any part of it. The Recipient acknowledges that any such revised oramended document is received subject to the same terms and conditions as thisoriginal and subject to the same confidentiality undertaking.
The Recipient will not disclose or discuss the contents of the RFP documentwith any officer, employee, consultant, director, agent, or other person
associated or affiliated in any way with Bank of Baroda or any of its customers,suppliers, or agents without the prior written consent of Bank of Baroda.
6. Disclaimer
Subject to any law to the contrary, and to the maximum extent permitted by law,Bank of Baroda and its officers, employees, contractors, agents, and advisersdisclaim all liability from any loss or damage (whether foreseeable or not)suffered by any person acting on or refraining from acting because of anyinformation, including forecasts, statements, estimates, or projections contained inthis RFP document or conduct ancillary to it whether or not the loss or damagearises in connection with any negligence, omission, default, lack of care or
misrepresentation on the part of Bank of Baroda or any of its officers, employees,contractors, agents, or advisers.
7. Costs Borne by Respondents
All costs and expenses incurred by Recipients / Respondents in any wayassociated with the development, preparation, and submission of responses,
-
8/2/2019 TR 0002341 INfrstructure
6/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 6 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
including but not limited to attendance at meetings, discussions, demonstrations,etc. and providing any additional information required by Bank of Baroda, will beborne entirely and exclusively by the Recipient / Respondent.
8. No Legal Relationship
No binding legal relationship will exist between any of the Recipients /Respondents and Bank of Baroda until execution of a contractual agreement.
9. Recipients Obligation to Inform Itself
The Recipient must conduct its own investigation and analysis regarding anyinformation contained in the RFP document and the meaning and impact of thatinformation.
10. Evaluation of Offers
Each Recipient acknowledges and accepts that Bank of Baroda may, in its absolutediscretion, apply whatever criteria it deems appropriate in the selection of Service
Provider, not limited to those selection criteria set out in this RFP document.
The RFP document will not be construed as any contract or arrangement, whichmay result from, the issue of this RFP document or any investigation or reviewcarried out by a Recipient. The Recipient acknowledges by submitting itsresponse to this RFP document that it has not relied on any information,representation, or warranty given in this RFP document.
11.aEarnestMoneyDeposit
As part of compliance, intending bidders should pay along with RFP an Earnest
Money Deposit of Rs 50,000/- (Rs fifty thousands only). The earnest money shallbe paid by Demand Draft/Bankers Cheque/Pay Order drawn in favour of Bankof Baroda payable at Mumbai. The earnest money will not carry any interest.The EMD will be refunded immediately to non-Selected RFP Respondents. In caseof selected respondents the deposit will be adjusted against the Security Depositpayable under the terms of contract.
TheEMDmadebythebidderwillbeforfeitedif:
The Respondent withdraws his tender before processing the same.
The Respondent withdraws his tender after processing but before
acceptance of Letter of Selection for Final RFP issued by Bank. The Selected Respondent withdraws his tender before furnishing an
unconditional and irrevocable Performance Bank Guarantee/SecurityDeposit.
The Respondent violates any of the provisions of the term and conditionsof this tender specification.
-
8/2/2019 TR 0002341 INfrstructure
7/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 7of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
11. b) Security Deposit; -The EMD amount deposited by the successful bidder will be converted as securityDeposit. Excess amount of EMD (i.e. EMD 5% of the contract value) ofsuccessful bidder will be refunded by the bank with two weeks from the date ofacceptance of contract, however if the EMD amount is less than the amountequivalent of contract value then the successful bidder has to deposit thedifference amount (i.e 5% of the contract value EMD amount) by way ofDemand Draft/Bankers Cheque/Pay Order drawn in favor of the Bank of Barodapayable at Mumbai, within one week from the date of awarding the contract. TheSecurity deposit will be refunded by the bank after successful completion of theproject.
Amount of Security Deposit will be rounded off to the nearest thousand. BankGuarantee in lieu of Security Deposit is not acceptable.
11.c ) Performance Bank Guarantee :-
The Selected bidder has to provide an unconditional and irrevocable PerformanceBank Guarantee of 10% of the contract value from the Public Sector Bank in India(Other than Bank of Baroda) towards due performance of the contract inaccordance with the specifications, terms and conditions of RFP document, within15 days from the date of letter of indent (LOI). The Bank Guarantee shall be keptvalid three months , beyond the tentative completion period of project.
11.d Application MoneyThe intending bidders should pay along with bids an Application money of Rs5000/- (rupees Five Thousand only) The application money shall be paid byDemand Draft/Bankers Cheque/Pay Order drawn in favour of Bank of Baroda
payable at Mumbai. The application money is non-refundable.
11.e Execution of SLA/NDA:The SP company must execute (a) a Service Level Agreement, which wouldincludealltheservicesandtermsandconditionsoftheservicestobeextendedasdetailedhereinandasmaybeprescribedbytheBankand(b)Non-disclosureAgreement.TheSPmustexecutetheSLAandNDAwithinonemonthfromthedateofacceptanceofLetterofAppointment.
12. Errors and Omissions
Each Recipient must notify Bank of Baroda of any error, omission, or discrepancy
found in this RFP document.13. Acceptance of Terms
A Recipient will, by responding to Bank of Baroda RFP, be deemed to haveaccepted the terms as stated above from Para 1 through Para 12.
-
8/2/2019 TR 0002341 INfrstructure
8/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 8 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
14. Lodgment of RFP Response (To be read in conjunction with Section III,Para 2.4)
14.1 RFP Closing Date for submission of response
RFP Response may be received by the officials indicated below no later than 4:00
pm (Indian Time GMT +5:30) 30 Nov 2009.Submission of Response to Bank of BarodaTwo (2) paper copies and one (1) electronic copy (Microsoft XP Word and Excel,on CD ROM) of all submissions must be supplied to Bank of Barodaaddressed to General Manager (Projects & IT Operations) at :
General Manager (Projects & IT - Operations)Bank of Baroda ,Baroda Corporate CentreC-26, Block G, Bandra Kurla Complex,Bandra (East)Mumbai 400051
India
For any further clarification you may contact
Mr AK Singh
Chief manager (Projects & IT Operations)
LL 022-66985254Mr S Salunke 022-66985234
Submission will be valid if :
Copies of the RFP are submitted before the aforementioned closing time. Submission is not by Fax transmission.
Response is submitted in two separate sealed envelopes with separatemarking Technical Proposal & Commercial Proposal
All separate copies of RFP and attachments must be provided in a sealedenvelope or sachet .
Only One Submission Permitted
Only one submission of response to RFP by each Vendor / Service Provider willbe permitted. In case of partnerships / consortium, only one submission is
permitted through the lead vendor / service provider.
14.2 Registration of RFP
Registration will be effected upon Bank of Baroda receiving the RFP response inthe above manner (Para 14.1). The RFP must be accompanied with all documents,information, and details required. If the submission to this RFP does not include
-
8/2/2019 TR 0002341 INfrstructure
9/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 9 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
all the information required or is incomplete or submission is through Fax mode,the RFP is liable to be rejected.
All submissions, including any accompanying documents, will become theproperty of Bank of Baroda. Recipients shall be deemed to license, and grant allrights to, Bank of Baroda to reproduce the whole or any portion of theirsubmission for the purpose of evaluation, to disclose the contents of thesubmission to other Recipients who have registered a submission and to discloseand/or use the contents of the submission as the basis for any resulting RFPprocess, notwithstanding any copyright or other intellectual property right thatmay subsist in the submission or accompanying documents.
14.3 Late RFP Policy
Respondents are to provide detailed evidence to substantiate the reasons for a lateRFP submission.
RFPs lodged after the closing date for lodgment of RFPs may be registered byBank of Baroda and may be considered and evaluated by the evaluation team atthe absolute discretion of Bank of Baroda. It should be clearly noted that Bank ofBaroda has no obligation to accept or act on any reason for a late submittedresponse to RFP.
Bank of Baroda has no liability to any person who lodges a late RFP for anyreason whatsoever, including RFPs taken to be late only because of anothercondition of responding.
14.4 RFP Validity Period
RFPs will remain valid and open for evaluation according to their terms for aperiod of at least six (6) months from the time the RFP submission process.
14.5. Requests for Information
Recipients are required to direct all communications related to this RFP, includingnotification of late RFP submission, through the Nominated Point of Contactperson i.e. General Manager (Projects & IT Operations).All questions relating to the RFP, technical or otherwise, must be in writing onlyto the Nominated Point of Contact.Bank of Baroda will not answer any communication initiated by Respondentslater than five business days prior to the due date for lodgment of RFPs.However, Bank of Baroda may in its absolute discretion seek, but under noobligation to seek, additional information or material from any Respondents afterthe RFP closes and all such information and material provided must be taken toform part of that Respondents response.
-
8/2/2019 TR 0002341 INfrstructure
10/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 10 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
Respondents should invariably provide details of their email address(es) asresponses to queries will only be provided to the Respondent via email.
If Bank of Baroda in its absolute discretion deems that the enquiring Respondentwill gain an advantage by a response to a question, then Bank of Baroda reservesthe right to communicate such response to all Respondents.
Bank of Baroda may in its absolute discretion engage in discussion or negotiationwith any Respondent (or simultaneously with more than one Respondent) afterthe RFP closes to improve or clarify any response.
15. Notification
Bank of Baroda will notify the Respondents in writing as soon as practicableabout the outcome of the RFP evaluation process, including whether theRespondents RFP response has been accepted or rejected. Bank of Baroda is notobliged to provide any reasons for any such acceptance or rejection.
16. Disqualification
Any form of canvassing/lobbying/influence/query regarding short listing, statusetc will be a disqualification.
17. Timeframe
The following is an indicative timeframe for the overall selection process. Bank ofBaroda reserves the right to vary this timeframe at its absolute and sole discretionshould the need arise. Changes to the timeframe will be relayed to the affectedRespondents during the process.
RFP Issuance Date 05 Nov, 2009RFP Response Due 30 Nov, 2009RFP Evaluation Date 31 May, 2009
-
8/2/2019 TR 0002341 INfrstructure
11/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 11 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
Section II
-
8/2/2019 TR 0002341 INfrstructure
12/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 12 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
1. Bank of Baroda the Company
Bank of Baroda is the one of the largest Public Sector Banks in India with over 33million accounts with about 3 to 5 million transactions per day and a Branchnetwork of over 3000 branches in India and other 21 overseas countries. Bank hasover 1500 branches in rural/semi urban areas and with 70 offices / branches in 21countries overseas.
The Bank has undertaken a massive project for modernization of its bankingprocesses to become a national bank of international standard. To initiate thismodernization process, the Bank has conducted a Business Driven IT strategyformulation exercise assisted by Gartners.
2. Business & IT Strategy
The aim of Bank of Barodas IT Strategy is to conduct a Technology EnabledBusiness Transformation of current business processes through three keyendeavors:
1. The phased deployment of core applications and supporting IT infrastructureto enable the implementation of best-practice in :
Banking and financial services
Corporate operations
2. The development of a Governance of IT model and capability within Bank ofBaroda.
3. The structured development of enhanced IT capability within Bank of Barodabased on :
Outsourcing of daily IT operations
Developing and retaining key skills in planning, programme andproject management, and sourcing management
It is projected that the implementation of the IT Strategy will occur over a three tofive year period
3. Banks Vision for Business Transformation
Banks vision in going for a technology-enabled transformation is :
To become the most preferred Public Sector Bank within three years and totransform into a Universal Financial Services organization offering a fullrange of financial products to corporate and personal customers
-
8/2/2019 TR 0002341 INfrstructure
13/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 13 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
To become a customer - centric organization providing financial productsand services based on customer needs in all markets it operates
To provide products and services in an efficient, effective and responsivemanner and on-demand through multiple channels
The transformation should be rapid and visible in order to enable the Bank to reapearly benefits. The strategic goals of Bank of Baroda are :
The development of a customer centric business, The delivery of product through multi-channel distribution, The set up of new Lines of Business through re-organization of existing
lines of business along customer requirements, The set up of global functions by way of establishment of a corporate
center An improvement of operational effectiveness.
4. System Integrator (SI) of the Project
Towards realizing the above objectives, Banks current Technology EnabledBusiness Transformation Project (Project Shikhar), Bank has selected HewlettPackard India Sales Private Ltd. (HP) as the System Integrator for the Project.Broad scope of deliverables under the Project is as under :
Procurement/supply and installation H/W, System S/W, ApplicationS/W
Implementation and maintenance of application software (S/W) Designing of complete network architecture for the Bank
Procurement/supply and installation of various networking equipments,
implementing Branch LAN and enterprise-wide WAN & NetworkManagement for the entire WAN
Data Centre & Disaster Recovery Site Build, Operate & Transfer
Procurement, follow up and maintenance of network bandwidth/leasedlines, ISDN and other networking needs
Domestic and International Branch Roll-out
Proposing and Implementing Information Security Management System
Training & Transformation Management Programmed Management
Designing, developing and implementing System integration
All supporting infrastructure & Services (e.g., Data Centre/DRC, Servers,Desktops, Laptops etc., Managed Services)
Data communication networks (e.g., WAN, LAN, Voice)
5. Products / Applications being implemented by HP
-
8/2/2019 TR 0002341 INfrstructure
14/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 14 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
The SI has proposed and has been implementing the following applications forthe Bank.
Support services:
Functionality ProductFinance, General Ledger,Accounting, Consolidated GL,Finance
Finacle Core, Oracle Financials, OracleFinancial Services applications Budgeting
Sourcing and Procurement Oracle AP, Purchasing
Human Resource Management Oracle HR, Oracle training &administration, self Service , Fluous Payroll
Risk Management and Decision
support
Finacle Core, OFSA- Risk Manager, Kvar+,
Kondor Global Limits, Kondor Credit VarPerformance Management Oracle OFSA Performance Analyser,Transfer Pricing, Activity basedManagement, Balanced Scorecard Modules
Marketing Decision SupportMCIF Customer Segmentation,Campaign management
Finacle Core, Oracle Trading Communityarchitecture, Oracle Customer online,Oracle marketing Online, Oracle Salesonline
Customer Relationship ManagerCRM Analytics
OFSA And Oracle CRM Based on OracleLogical Data Model - TCA+ OracleFinancial data model
Enterprise Information systems OFSA- Performance Analyser, Riskmanager,HP- Knowledge Management System
Funds and regulatory
Functionality Product
Treasury Kondor +, KTPInvestment and Brokerage Opus Trade front end trading system
interfacing to depositories as well asbrokers and clearing houses
International Banking and ForeignExchange
Finacle Core for Basic FX and MM dealsprocessingBrowser support for K+ dealing atinternational treasury locations wherewarranted
Interactions with Other banks CBS - Clearing systems, RTGS, interfaceTreasury to NDS interface
-
8/2/2019 TR 0002341 INfrstructure
15/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 15 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
Interactions with Reserve Bank ofIndia
CBS RTGS interfaceTreasury RTGS interface
Core Processing
Functionality Product
Core banking Finacle Core including Trade finance andRemittances
Deposits Savings and investment Finacle core retail and corporateLoans Credit Lending Finacle Core Retail and Corporate Lending
Product Management Finacle Core Parameter driven Productmanagement
Customer Information System Finacle Core CIF, Oracle TCA
Non Banking financial Products Cards (Interface to existing cards systemin phase-I), Opus Cards
Transaction Payment Systems Finacle core, Electra Payment Gateway,Base24 Switch
Delivery
Functionality ProductPersonal Productivity andGroupware
Microsoft Exchange
Help Instruction and Training Online help from all application
Training using existing Training centerinfrastructureSet up of e- learning infrastructureOracle i-learningOracle Training and Administration
Imaging and Printing Scanners and printers HPOmni Capture New GenOmni docs New Gen
Work flow and DocumentManagement
Omni Flow for enterprise workflowOmni docs for document Management
Transaction Processing Base24 ATM Switch
Electra payment GatewayReporting Finacle Reporting Tool
Oracle Discoverer
Access
Functionality Product
-
8/2/2019 TR 0002341 INfrstructure
16/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 16 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
Staff Interface Oracle Self ServiceFluous Self ServiceHP Knowledge managementOracle Portal
Teller Functions/Service Center
Interface
Finacle Core
Self Service Telephone and Internet Servion IVR Phone banking
Payment Gateway Electra Payment GatewayInternet Banking Finacle eChannels , eCorporate
Other Agents and Channels Finacle SMS bankingKiosk
Security Various including Trendmicro Anti Virus,Checkpoint Firewall, Cisco pix
-
8/2/2019 TR 0002341 INfrstructure
17/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 17of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
Section - III
-
8/2/2019 TR 0002341 INfrstructure
18/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 18 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
1. Current RFP Objectives :
1.1 Project Objective
The Bank wishes to appoint competent Service Provider (SP) for carrying out`Comprehensive Audit of the IT Systems installed at the Data Centre, Mumbaiand Disaster Recovery Centre, Hyderabad implemented by HP. The SP will beresponsible as per the scope and timelines outlined below.
Although the Bank has selected an SI for implementation of various systems andis in the process of implementing the complete suit of solutions for its branchesand Administrative Offices including overseas offices, Subsidiaries etc., the Bankis looking for the Comprehensive Audit for all its IT systems installed andsystems which will subsequently be installed.
The selected service provider is required to provide service of comprehensiveaudit including the following services: Performance Testing, OptimisationTesting, High Availability Testing, Scalability Testing, Networking and HardwareSizing & Configuration Testing with reference to the four core architecturalprinciples- Performance, Scalability, High Availability, Investment Protection
Bank may, at its full discretion, choose to avail of the services for all services orpart thereof. Such decision may be advised in course of the project.
1.2 Project Scope
A description of the envisaged scope is enumerated as under. However, the Bankreserves its right to change the scope of the RFP considering the size and varietyof the requirements and the changing business conditions.
Based on the contents of the RFP, the selected SP shall be required toindependently arrive at Approach and Methodology, based on globallyacceptable standards and best practices, suitable for the Bank, after taking intoconsideration the effort estimate for completion of the same and the resource and
the equipment requirements. The Selected Service Provider is required to conductthe detailed Risk assessment of IT Assets/Resources of the Bank at DC/DR andsuggest the control measures for the risk identified.
The Bank expressly stipulates that the SPs selection under this RFP is on theunderstanding that this RFP contains only the principal provisions for the entireassignment and that delivery of the deliverables and the services in connection
-
8/2/2019 TR 0002341 INfrstructure
19/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 19 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
therewith are only a part of the assignment. The SP shall be required to undertaketo perform all such tasks, render requisite services and make available suchresources as may be required for the successful completion of the entireassignment at no additional cost to the Bank.
The SPs involvement is expected to be spread across a period of at least , 24
months from the date of contract.The services as indicated in Para 2.1 will be covered under the scope of theComprehensive Audit of the IT Services Indicative details of services mayinvolve:
2.1 Review/Audit of1. IT Infrastructure2. Data Centre and Disaster Recovery Centre3. Managed Services Effectiveness and Service Level Agreement (SLA)
Management.
4. Business Continuity Plan & Disaster Recovery Planning
2.2.1.ITInfrastructure
2.2.1.(a)ITInfrastructureinDataCentre&DisasterRecoveryCentre
1. SP shall carry out a review to ensureIT Infrastructure compliance with the bill of materials as agreed between theBank and system integrator with respect to Industry standards, best practices,requirements and specified by the Bank and are adequate to meet the projectand service objectives set out by the Bank . An indicative but not exhaustivelist of activities are listed below:
Data Centre/Disaster Recovery Centre civil and interiors as per submittedlayout
Adequacy of server space in view of future requirement
Access control facility
Fire detection and prevention
Fire protection system for server rooms
Very Early smoke detection systems for server rooms
Water leak detection systems for server rooms
Electrical subsystem (main panel, cables, Power Distribution Unit (PDU)and earthing)
Review of Electrical Power requirement and availability.
UPS systems
-
8/2/2019 TR 0002341 INfrstructure
20/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 20 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
DG sets and Control of fuel
Precision (computer room standard) Air-conditioning systems for serverroom
Air-conditioning system for other relevant areas of DC
Building management system software/hardware Closed circuit television system (CCTV) area for monitoring entry/exit
pointsandstrategiclocationswithintheserverroom
Structuredcablingsystemforfunctionalareasasperlayout
Environmentalthreatprotection(AirPurifier,HumidityControletc)
Reviewofoperatorawarenessofphysicalsecuritybreaches
Review of safeguards to mitigate risks associated with earthquake andwaterrelatedthreats
Verification of Physical Security policy and review of authorisation
documentationonfileforeachindividualwhohascardaccesstothedatacentre
ReviewofLicenseverificationofallHardware,SoftwareetconentryandexitinDC/DR
ReviewofadequacyofphysicalSecurity(Guards,armsetc)
ReviewofServerhardening
2.2.1.(b)ITOrganisationStructureStaffing
Reviewintheindicativeareasbutnotexhaustiveissuggestedbelowandsuch
otherascanbeofusetotheorganisation:- Organizational structure, governance and delegations of authority and
responsibility
Reviewofthestaffingpatternaspertheevolvedorganizationstructurebytakingintoaccounttheestimatedworkload.
Job roles for various levels of staffing created as per the organizationstructure
PlanningandmanagementofDataCenterOperations
Banks Technical Team members skills for handling servers, Storage,OperatingsystemandhaveDatabaseareas
Operationsmanagementlikeregularoperations,Disasterrecovery,backup
and restore operations, Performance monitoring and tuning, Assetmanagement,Helpdesk
BanksteamApplicationMaintenanceandsupport Evaluate the adequacy of the organizational structure and reporting
processes to assure the proper accountability of the data centersoperations.
To review employee / Service providers staff Management, entry/exit
-
8/2/2019 TR 0002341 INfrstructure
21/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 21 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
policy&trainingetcpolicy.
2.2.1.(c)ReviewofoutsourceofITOperation
Reviewthesegregationofduties
Reviewofadequacyofstaff
Reviewofreportingresponsibilityandperiodicityofreport Review of information sharing by banks DC/DR team with out source
serviceproviderteam. Reviewofworkauthorisationsystembetweenoutsourceserviceprovider
andbanksteam
AccessControl,CustomerDataPrivacy&Confidentiallity.
2.2.2 DataCentreandDisasterRecoveryCentreAudit
Thescopeofauditwillincludeevaluationofprocessfor
(Testingtoolshavetobearrangedbythebidder)
2.2.2.(a)ManagementofHardware
AcquisitioninDC/DR,installation,Upgradation,Movement,usageanddisposalprocedures
Server sizing-harddiskcapacity,RAM,Processingpower etc asperrequirements
Reviewofprocedurestoproactivelymanagetheservers,whichwouldalerttheadministratoras,andwhenserviceofthedatacenterreachesthedefinedthresholdbeforethefailureoccursontheserversordevicestoensureuptimeoftheDatacenter
Preventivemaintenance
Backupprocedures2.2.2.(b)ManagementofSystemSoftware
Software acquisition, installation, maintenance, updation of patches,development,storage,changemanagementisasperITSecurityPolicySystemSoftware:
Setupandmaintenanceofoperativesystemparameters ToReviewSettingofvariousparameters,updationsthereofandactual
workingofthemasintendedandaccurately. All the security features available in the OS are enabled/ taken
advantageofasfaraspossible
Review of Use/Control, Retention, Changes, Hard coded use ofroot/administrative,genericandotherSensitiveIDsandpassword. VulnerabilitiesinOSarebeing taken careoff.Compensatorycontrols
forknownvulnerabilitiesareinplace ReviewofOperating systemandDatabaseHardeningand document
verificationofOS/DBHardening.
-
8/2/2019 TR 0002341 INfrstructure
22/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 22 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
OSpatchesareupdatedasandwhenreleasedbyvendorandcontroloverpatchmanagement.
Changes in system software are controlled in line with theorganizations change management procedures. Proper record ismaintainedandauthenticatedregardinginstallation,itsupgradation,re-installationandmaintenance.
Review of change Management Process, reporting and measuringeffectivenessidentifyingareasofimprovements
Useofsensitivesystemsoftwareutilitiesisincontrolledmanneranditsismonitoredandlogged
.Review of compliance of existing change management process ofupdating the document after Change Management process hascompliancestatus.
2.2.2.(c)NetworkFacilityandEquipmentManagement
OverallNetworkmanagement Networkdesign-providesscalability,redundancy Networkcablingisstructured
CurrentnetworkandsecuritypostureoftheWANarchitecture IPaddressingschemesandtheirallocations Physicalandlogicalseparationofthenetworks Networkandsecurityproductsandtechnologiesdeployed-Theirusage
andphysicalsecurity Review of switches , routers configuration, scalability and port
management. Networkbottlenecksandperformanceissues Availabilityandqualityofsystemdocumentation IPSecimplementation Real-timemonitoringofnetworkpackets,whichinvolvespacketcapture
andanalysis.
MonitoringofsyslogtrafficfromamanagedCiscorouter Reviewofproceduresadoptedfor: Securedtransmissionofdatathroughdialup/ leasedline/VPN/VSATs
etc. Bandwidthmanagement Uptimeofnetwork-itsmonitoringasperservicelevelagreement Faultmanagement Capacityplanning Performancemanagementetc Monitoringoflogs(i.etracelog,CDCILogs,fatallogs,archivelogs,SU
logs,Syslog,alertlog,lastlog,applicationlog,Securitylog,Systemlog,
Fileretentionlogs,filereplicationservicelog,DNSLogs,IDSlog,AIPSLogs,eventLog,accesslog,ISSlog,AVLogetc)
LegalandRegulatoryrequirements Selection of Router, Firewall, Proxy, Intrusion, Prevention system,
IDS,Switch, Modems, Port Management etc are in consonance withbusiness requirement. Evaluate their installation, placement,configuration, security, policies defined in respective equipment for
-
8/2/2019 TR 0002341 INfrstructure
23/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 23 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
meetingthesecurityrequirementof theLANandWANandmonitoringoftheirlogs.
2.2.2.(d)DatabaseManagementSystemandDatasecurity:
Use of Data Repository System, Data Definition Language, DataManipulationLanguage
StorageofduplicatecopyofdatadefinitionandDRSatoff-site MonitoringoflogofchangestotheDatadefinitions Proceduresto ensurethatall dataareclassified intermsofsensitivity
by a formal and explicit decision by the data owner and necessarysafeguards for itsconfidentiality, integrityandavailability aretakenasperITSecurityPolicy.
Logicalaccess controls,which ensuretheaccess todatais restrictedto,authorizedusers.
Confidentialityandprivacyrequirementsaremet Authorization,authenticationandaccesscontrolareinplace Segregationofdutiesisensuredforaccessingdata Purging,RetentionandarchivalofDataFiles
Reviewofhowthedatabaseintegrityisensuredincasetablesarenotproperly updated by application software due to various reasons i.e.breakinlink,buginsoftwareetc.IncaseofdirectUpdation/modificationofdatabaseisdonebyopeningthetablesinliveenvironment,evaluatethecontrols
ProtectionofSensitiveInformationduringTransmissionandTransport Separationofduties Rotationofduties Impactofbackendupdates Conductaninternalvulnerabilityassessmentforreviewingthedatabase
securitysetting Audit-abilitybothatclientsideandserversideincludingsufficiencyand
accuracy of event logging, SQL prompt command usage, Databaselevelloggingetc.
Recovery,rollbackandrestartprocedures Auditthedatabasesystemssecuritythroughautomatedsecurityscans
andmanualreviews. To review table, partitioned and indexing etc structures are as per
applicationsoftwarerequirements.
2.2.2.(e)HelpDesk: Helpdeskfacility,whichprovidesfirst-linesupportandadvice Prioritizationofreportedproblems/calls Timelyresolutionofreportedproblems Problems and incidents are resolved, and the cause investigated to
preventanyrecurrence Incidenthandling Trendanalysisandreporting Developmentofknowledgebase Rootcauseanalysis Problemtrackingandescalationwithproperdocumentation
-
8/2/2019 TR 0002341 INfrstructure
24/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 24 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
Audittrailsofproblemsandsolutions Management/ operations of Help Desk for monitoring,managing and
reporting the faults, configuration, performanceandaccounting of theBanksWideAreaNetwork,ServersinstalledinDataCentreandotherlocationsacrossthenetwork.
Applicationsupportcallsanditsresolution
2.2.2.(f)StorageManagement
Retention,purging/archivalperiodsandstoragetermsaredefinedfor: Documents Data Programs Reports Messages(incomingandoutgoing) Keys,certificatesusedfortheirencryptionandauthentication Logfilesforvariousactivities PolicyandProceduresforpurgingofdata
2.2.2.(g)MediaStorage Responsibilities for media (magnetic tape, cartridge, disks and
diskettes)librarymanagementareassignedtospecificmembersoftheITfunctionary
Housekeeping procedures are designed to protect media librarycontents
Standardsaredefinedfor theexternalidentificationofmagneticmediaand the control of their physical movement and storage to supportaccountability
Procedurestoassurethatcontentsof itsmedia librarycontainingdataare inventoried systematically, that any discrepancies disclosed by aphysicalinventoryareremediedinatimelyfashionandthatmeasuresare taken to maintain the integrity of magnetic media stored in thelibrary.
Reviewofmediahandlingprocess ReviewofperiodicMediatesting Reviewoflabelingprocessofmediastorage
2.2.2.(h)InventoryMaintenance
Controls, which identify and record all IT assets and their physicallocation, and a regular verification programme which confirms theirexistence
ITassetsclassification Checkingforunauthorizedsoftware Softwarestoragecontrols Licensemanagement Disposalofobsoleteinventory Reviewofinsurance
2.2.2.(i)Others
-
8/2/2019 TR 0002341 INfrstructure
25/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 25 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
Review of console log activity during system shutdown andhardware/softwarere-initialization
OperationalprocedureforDatacenter Daybeginanddayendprocess Documentationofallprocess Personnelscheduling-Shifthand-overprocess
Review of operator log to identify variances between schedules andactualactivity
UseofInternet/e-mail ReviewofremotedesktopManagement/Netmeeting/FTPetc Reviewofantivirus
2.2.2.(j)ProcessManagementReview
ReviewofInstallationProcedure ReviewofMaintenanceProcedure ReviewofReleaseProcedure ReviewofUserManagementprocedure ReviewofTrackingProcedure
Rootcauseanalysis ReviewofHandoverprocedure
2.2.3. Managed Services Effectiveness & Service Level Agreement (SLA)ManagementAnalyzethecurrentSLAandadvicebyevaluatingthefollowing
Understandthebusinessstrategyandservicestrategypertaining toIToperationsbasedontheBanksguidanceprinciples/SOW(Statementofwork)fordeploymentofITinfrastructure,applicationsandoperations
Reviewandconfirmingadequacy ofmeasuring the SLAparameter &ProcessofSLAComputation
Review of SLA Computation/calculation certification process by thebank.
UnderstandtherequirementsoftheSLA ReviewofconfigurationofSLAparametersformonitoring ReviewofServiceDeskmodule Currentserviceprovision Identify/assessthekeyperformanceareas Review current Service Level Management, existing SLAs and other
contracts ReviewofSLAManagementprocess UnderstandandassesstheSLAcomputationmethodologyundertaken
bytheBank. Evaluate the sufficiency of the vendor performance against therequirementsofthemasterservicesagreement/SOW.
VendorcompliancewithSLAterms. ReviewofMISreportingtoassessaccuracyandadequacy Identifyingthegaps/conflictingterms/areasof improvement,potential
areasforSLAs Suggest changes in the vendor management practices as per the
IndustryBest-practices
-
8/2/2019 TR 0002341 INfrstructure
26/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 26 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
Evaluatewhetherperformancetargetsaremetandtherelativepriorityofeach.Suggestmethodstoimprovetheservice
AuditoffollowupactionincaseswhereSLAisnotmet.2.2.4.BusinessContinuityPlan&DisasterRecoveryPlanning:ServiceProviderwouldberequiredtoreviewBanksBCPandDRPtovalidate
BCP/DRPintermsofitsadequacy,effectiveness,efficiency,activationabilityandreliabilitytakingintoconsideration.
BusinessImpactAnalysisincludingRiskAssessment ReviewofDRPProcess ReviewBusinessFlows ReviewofResourcepriorityforrecoveryandrecoverytimeobjectives
ReviewofBusinessContinuityStrategy ReviewofadequacyDisasterRecoveryPlanandBusinessContinuityPlan ReviewofBCP/DRPDC/DRcomplete/mockDrill Reviewofachievedvsprojectedresult
Reviewofprocessofbusinesscontinuityobjective Reviewofsubmissionoftestresulttoboard IdentifyIndividualPointoffailure.
2.3 Deliverables
During the courseof review, theSPwill suggest the following in addition toothercriticalobservation/methods/improvementsasdeemedfitfromthepointofviewoftheSPprofessionalexperienceforeachof theservicesmentionedabove:
o Ways to secure theexisting Networks &anynewnetworks beingmerged/created
o Provide re-designed network & security architecture along withtechnicalspecificationsofnetwork&securitysolutionsbasedontheoperationalandbusinessrequirementsoftheBank.
o All observationswillbe thoroughlydiscussed withprocessownersbeforefinalizationofreport
o Reportswillbesubmittedassoftcopyindocandpdfformataswellasonesignedhardcopy.
o Reportswillbesubmittedterritorywiseincompliancewithrespectiveregulators.
o Allreportswillbepreparedwiththefollowinginformation:Gaps,deficiencies, vulnerabilitiesobserved specificobservationsshouldbegivenwithdetailsRiskassociatedwithGaps,deficienciesvulnerabilitiesobservedCategoryofRiskHigh/Medium/LowRecommendations/ Procedures for removing Gaps, deficiencies,vulnerabilitiesobservedPreparationofFinaltestingReportwithareasofimprovement
-
8/2/2019 TR 0002341 INfrstructure
27/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 27of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
Oncompletionof theBusinessContinuityPlananddevelopmentofimplementationplan,handoverallreports,templates,andpoliciestotheBank
2.4 Submission of Bids (Please refer to Section I, Para 14)
Thebidsshallbeintwopartsviz.TechnicalProposalandCommercialProposal.BothTechnicalandCommercialProposalsshallbesubmittedinseparatesealedenvelopes superscribing TECHNICAL PROPOSAL FOR COMPREHENSIVEAUDIT OF IT SYSTEMS ontopoftheenvelopecontainingthetechnicalbidand COMMERCIAL PROPOSAL FOR COMPREHENSIVE AUDIT OF ITSYSTEMS: ontopoftheenvelopecontainingcommercialbid.Thesetwoseparate
sealed envelopes should be put together in the sealed master envelopesuperscribingPROPOSAL for COMPREHENSIVE AUDIT OF IT SYSTEMS:
TheTechnicalProposalwillbeevaluatedfirstfortechnicalsuitability.CommercialProposal shall beopenedonly fortheshort-listedbidderswhohavequalified intheTechnicalProposalevaluation.TheTechnicalProposalshallcontainthetechnicalproposaltotherequirementoftheBankasalongwithAnnexureA,C,DandE.AcopyoftheCommercialProposalmaskingthepricesistobesubmittedalongwiththeTechnicalProposal.
TheCommercialProposalshallbesubmittedasperAnnexureB.The biddershallsubmit theProposalsproperlyfiledso that thepapersare notloose.TheBiddershallsubmit theproposal insuitable capacityof thefilesuchthatthepapersdonotbulgeoutandtearduringscrutiny.The technical proposal shall be organized and submitted as per the followingsequence:a)TableofContents(listofdocumentsenclosed)b) Technical proposal with detailed activities broken down, effort estimate,
manpowerestimatedtobedeployedalongwithannexureDandannexureEc)CompliancecertificateforallthetermsandconditionsasperAnnexure-Cd)Allcopiesofcertificates,documentaryproofsetc.e)ACDcontainingsoftcopyoftheproposalf)AnnexureAg)MaskedAnnexureB
-
8/2/2019 TR 0002341 INfrstructure
28/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 28 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
All the relevant pages of the proposals (except literatures, datasheets andbrochures)aretobenumberedandbesignedbyauthorizedsignatoryonbehalfoftheBidder.Thenumbershouldbeauniquerunningserialno.acrosstheentiredocument.ThebidderhastosubmitasoftcopyoftheentireproposalinaCD.Itshouldbe
noted that incaseof anydiscrepancy ininformation submitted bythebidder inhard-copy and soft-copy, the hard-copy will be given precedence. However, incase of non-submission of any hard copy document, if the same is foundsubmitted in the soft-copy, Bank reserves right to accept the same at itsdiscretion.TheBidsshallbeaddressedandsubmittedto:GENERAL MANAGER (PROJECTS & IT - Operations)BANK OF BARODABaroda Corporate CentreBandra Kurla Complex, Bandra (East)Mumbai 400 051
Thebids(arrangedasmentionedabove)aretobesubmittedattheSecretariatoftheGeneralManager (Projects& ITOperations),markedwiththeappropriatelabel, at the above address before the due date& time as specified. The bidsubmittedanywhereelseisliabletoberejected.Itmaybenotedthatallqueries,clarifications,questionsetc.,relatingtothisRFP,technicalor otherwise,mustbe in writing onlyandshould beto the nominatedpointofcontact.
BiddersshouldprovidetheirE-mailaddressintheirquerieswithoutfail.Thebidderwillsubmitanundertakingspecifyingthatthebidderhasobtainedallnecessarystatutoryandobligatorypermissionifanytocarryoutprojectworks,ifany.The proposal should be prepared in English in MS Word format. The e-mailaddress and phone/fax numbersof the bidder should alsobe indicated on thesealedcover.FORMATS OF BIDS: ThebiddersshouldusetheformatsprescribedbytheBankintheRFPforsubmittingbothtechnicalandcommercialbids.
-
8/2/2019 TR 0002341 INfrstructure
29/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 29 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
2.5 General Terms and Conditions (Please also refer to Section I)
2.5.1 Adherence to Terms and Conditions:ThebidderswhowishtosubmitresponsestothisRFPmustnotethattheymustabide by all the terms and conditions contained in theRFP. If the responsescontainanyextraneousconditionsputinbytherespondents,suchresponsesmaybedisqualifiedandmaynotbeconsideredfortheselectionprocess.2.5.2 Other terms and conditions :
1. BankofBarodareservestherightto :
RejectanyandallresponsesreceivedinresponsetotheRFP Waive or Change any formalities, irregularities, or inconsistencies in
proposalformatdelivery To negotiate anyaspect of proposal with any bidder andnegotiatewith
morethanonebidderatatime Extendthetimeforsubmissionofallproposals Selectthemostresponsivebidder(incasenobiddersatisfiestheeligibility
criteriaintotality) Select thenextmost responsive bidder if negotiations with thebidder of
choicefailtoresultinanagreementwithinaspecifiedtimeframe. Share the information/ clarifications provided in response toRFP byany
bidder,withanyotherbidder(s)/others,inanyform. Cancel the RFP/Tender at any stage, without assigning any reason
whatsoever.3. Substitution of Project Team Members: During the assignment, the
substitutionofkeystaffidentifiedfortheassignmentwillnotbeallowedunlesssuchsubstitutionbecomesunavoidabletoovercometheunduedelayorthatsuch changesarecritical tomeet theobligation.Insuch circumstances, the
serviceprovidercandosoonlywiththeconcurrenceoftheBankbyprovidingother staff of same level of qualifications and expertise. If theBank is notsatisfied with the substitution, the Bank reserves the right to terminate thecontractandrecoverwhateverpaymentsmadebytheBanktotheSPduringthe course of this assignment besides claiming an amount, equal to thecontractvalueasliquidateddamages.However,theBankreservestherightto
-
8/2/2019 TR 0002341 INfrstructure
30/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 30 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
insisttheSPtoreplaceanyteammemberwithanother(withthequalificationsandexpertiseasrequiredbytheBank)duringthecourseofassignment.
4. Professionalism : TheSPmust provide professional, objectiveandimpartial
adviceatalltimesandholdtheBanksinterestsparamountandmustobservethehigheststandardofethicswhileexecutingtheassignment.
5. AdherencetoStandards:TheSPmustadheretolawsoflandand
rules, regulations and guidelines prescribed by variousregulatory,statutoryandGovernmentauthorities
6. The Bank reserves the right itself or through a consultant to conduct an
audit/ongoingauditoftheconsultingservicesprovidedbytheSP.Thecostoftheaudit/ConsultantshallbebornebytheBank
7. TheBankreservestherighttoascertaininformationfromthebanksandother
institutionstowhichthebiddershaverenderedtheirservicesforexecutionof
similarprojects.8. EXPENSES: Itmaybenoted thatBankwillnotpayanyamount/expenses/
charges/fees/travelingexpenses/boardingexpenses/ lodgingexpenses/conveyance expenses / out of pocket expenses other than the AgreedProfessionalFee.However,traveling,boardingandlodgingexpenses,ifany,forsitevisitoutsideMumbaiforprojectrelatedworkwillbediscussedwiththeBank as to the need, duration, number ofpersonnel involved, etc.,and willhave tobeclearedby the Bank inadvance in writing.Settlement ofbills insuch cases will be at rates mutually agreed and reimbursable againstproductionof ticketsandbills.Mumbaiwillbeconsideredasthebasestationforthepurposeoftraveling.
9. The bidder can not change the Project Manager during entire period of
executionoftheassignmentunlessconsentedinwrittenbytheBank.10.Thebidshouldcontaintheresourceplanningproposedtobedeployedforthe
projectwhichincludes,inter-alia,thenumberofpersonnel,skillprofileofeachpersonnel,durationetc.
11.TERMS OF PAYMENT :
TheSPsfeeswillbepaidinthefollowingmannerforeachitem/activitywhichis
describedintheCommercialProposal (Annexure B) on a project to project basis :
10%of the professional feesonacceptanceof testingmethodology/strategydocumentforcriticalDataCentreandDisasterRecoverysiteITInfrastructureinrespectofhardware,SAN,CoreRouterandnetworkequipmentandsecurityinfrastructure
-
8/2/2019 TR 0002341 INfrstructure
31/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 31 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
10% of the professional fees on completion of review of IT Infrastructure ,PerformanceAcceptanceTestingofITInfrastructureandsubmissionofresultsandreports
20%oftheprofessionalfeesoncompletionofDatacenter,DRsiteauditwithsubmissionofreports.
20%oftheprofessionalfeesoncompletionofreviewofPeriodicAuditofall
CustomerfacingWebbasedapplicationat6monthsintervalupto18months(Threat&Vulnerabilityanalysis)onthesecurity andarchitectureat theDataCentre,Bank-wideNetworkArchitecture,securityandparametersettingforallIT Infrastructure within the Data Centre and Disaster Recovery Site, ATM,Internet Banking,On-lineTrading,depositoryServices andChannel bankingandsubmissionofreports.
10%of theprofessional fees on completion of review ofManagedserviceseffectivenessandSLAmanagementwithsubmissionofreports
10%oftheprofessionalfeesoncompletionofreviewofBusinessContinuityPlan&disasterrecoveryPlanningwithtestingofeffectivenessoftheDRplan
10% of professional fees onCompletion of Business ApplicationSoftware
(CBS&OtherBusinessapplication) Balance 10% of the professional fees on rectification /correction/
implementationofsuggestionsbytheSP andsubmissionoftheComplianceVerificationFinalReporttotheBank.
AllinvoiceswillbepaidbytheBankwithinaperiodof45daysfromthedateofreceipt of undisputed invoices. Any dispute regarding the invoice will becommunicatedtotheselectedbidderwithin15daysfromthedateofreceiptoftheinvoice.Afterthedisputeis resolved,Bankshallmakepaymentwithin30daysfromthedatethedisputestandsresolved.
12. LIQUIDATED DAMAGES (LD) :
TheBankwillimposeapenalty,ofRs.50,000/-(RupeesFiftythousandonly)perweekorpartthereof,fordelayinnotadheringtothetimeschedules.If the selected Bidder fails tocomplete the due performance of the contract inaccordance to thespecificationsand conditionsagreedduringthe finalcontractnegotiation,theBankreservestherighteithertocancelthecontractortoacceptperformancealreadymadebythebidder.TheBankreservestherighttorecoveranamountequaltothevalueofcontractbytheBankasLiquidatedDamagesfornon-performance.Boththeaboveareindependentofeachotherandareapplicableseparatelyandconcurrently.HoweverthesamewouldnotbeapplicableforreasonsattributabletotheBankandForceMajeure.However,itistheresponsibilityofthebiddertoprovethatthedelay isattributed to theBankandForceMajeure. The bidder shall submit theproofauthenticatedbythebidderandBanksofficialthatthedelayisattributedtotheBankand/orForceMajeurealongwiththebillsrequestingpayment.
-
8/2/2019 TR 0002341 INfrstructure
32/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 32 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
13.Indemnity :
The bidder shall indemnify Bank and keep indemnified for againstany loss ordamagebyexecutinganinstrumenttotheeffectonaNon-JudicialstamppaperthatBankmaysustainonaccountofviolationofpatent,trademarksetc.bythebidder.
14.Authorized Signatory :
Theselectedbiddershallindicatetheauthorizedsignatorieswhocandiscussandcorrespondwiththebank,withregardtotheobligationsunderthecontract.The selected bidder shallsubmit at the timeof signing the contract, acertifiedcopyof the extract of the resolutionof theirBoard, authenticated by CompanySecretary,authorizinganofficialorofficialsofthecompanyoraPowerofAttorneycopytodiscuss,signagreements/contractswiththeBank.ThebiddershallfurnishproofofsignatureidentificationforabovepurposesasrequiredbytheBank.
15. Applicable Law and Jurisdiction of court :
TheContractwith theselectedbiddershallbegovernedinaccordancewith theLaws of India for the time being enforced andwill be subject to the exclusivejurisdictionofCourtsatMumbai.16.CANCELLATION OF CONTRACT AND COMPENSATION :
The Bank reserves the right to cancel the contract of the selected bidder andrecoverexpenditureincurredbytheBankonthefollowingcircumstances.The
Bankwouldprovide30daysnoticetorectifyanybreach/unsatisfactoryprogress:
Theselectedbiddercommitsabreachofanyofthetermsandconditionsofthebid/contract.
Thebiddergoesintoliquidationvoluntarilyorotherwise. An attachment is levied or continues to be levied foraperiod of 7days
uponeffectsofthebid. Theprogress regardingexecutionof thecontract, made by theselected
bidderisfoundtobeunsatisfactory. Ifdeductionsonaccountofpenalty exceedsmorethan10%of thetotal
contractprice.
After the award of the contract, if the selected bidder does not performsatisfactorilyordelaysexecutionofthecontract,theBankreservestherighttogetthebalancecontractexecutedbyanotherpartyofitschoicebygivingonemonthsnoticeforthesame.Inthisevent,theselectedbidderisboundtomakegoodtheadditional expenditure, which the Bankmay have to incur tocarry out biddingprocessfortheexecutionofthebalanceofthecontract.Thisclauseisapplicable,ifforanyreason,thecontractiscancelled.
-
8/2/2019 TR 0002341 INfrstructure
33/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 33 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
TheBankreservestherighttorecoveranyduespayablebytheselectedbidderfromthesecuritydepositoranyamountoutstandingtothecreditoftheselectedbidder,includingthependingbillsand/or invokingBankGuarantee,ifany,underthiscontract.
17.NON PAYMENT OF PROFESSIONAL FEES :
If any of the items/activities as mentioned in the price bid and as mentioned inannexure D are not taken up by the Bank during the course of this assignment,the Bank will not pay the professional fees quoted by the SP in the Price Bidagainst such activity/item.
18.ASSIGNMENT :
Neither the contract nor any rights granted under the contract may be sold,leased,assigned,orotherwisetransferred,inwholeorinpart,bytheSP,without
the advancewrittenconsent of the Bank and any such attempted sale, lease,assignmentorotherwisetransfershallbevoidandofnoeffect.
19. Subcontracting :
TheSPshallnotsubcontractorpermitanyoneotherthanitspersonneltoperformany of the work, service or other performance required of the SP under thecontractwithoutthepriorwrittenconsentoftheBank.20. Force Majeure:
Any failureor delaybySPorBankin theperformance of its obligations,totheextent due to any failure or delay caused by fire, flood, earthquake or similarelementsofnature,oractsofGod,war,terrorism,riots,civildisorders,rebellionsor revolutions, acts of governmental authorities or other events beyond thereasonable control of non-performing Party, is not a default or a ground fortermination.TheaffectedPartyshallnotifytheotherpartywithinreasonabletimeperiodoftheoccurrenceofaForceMajeureEvent21. Dispute Resolution:Ifadispute,controversyorclaimarisesoutoforrelatestothecontract,orbreach,terminationor invaliditythereof,andifsuchdispute,controversyorclaimcannot
besettledand resolvedbythepartiesthroughdiscussionandnegotiation, thenthepartiesshallrefersuchdisputetoarbitration.Bothpartiesmayagreeuponasinglearbitratororeitherpartyshallappointonearbitratorandthetwoappointedarbitrators shall thereupon appoint a third arbitrator. The arbitration shall beconducted inEnglishand awritten ordershall be prepared. The venue of thearbitrationshallbeMumbai.ThearbitrationshallbeheldinaccordancewiththeArbitrationandConciliationAct,1996.Thedecisionofthearbitratorshallbefinalandbindingupontheparties,providedthateachpartyshallatalltimesbeentitled
-
8/2/2019 TR 0002341 INfrstructure
34/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 34 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
toobtainequitable,injunctiveorsimilarrelieffromanycourthavingjurisdictioninordertoprotectitsintellectualpropertyandconfidentialinformation
22. SP Selection/Evaluation Process :
22.1 Evaluation Criteria
Technical Bid Evaluation Criteria
Technical criteria are classified under 3 heads - Credentials, People andApproach&Methodology. Thetable belowhighlights theparametersunder thetechnicalcriteriaandscoringmethodology.
SrNo
Evaluation ParametersWeightage
InformationsProvidedmeetsrequirement( 100%)
Informations ProvidedPartiallymeetsrequirement(50%)
Informations Provideddoes notmeetsrequirement(0%)
1
Must possessexperience inconducting review ofIT Infrastructure ofData Centre / Disasterrecovery for at least 2Public Sector Banks/orEquivalentorganisation in the last3 years
20
2
Must have extensiveexperience in audit ofData Centre/ DisasterRecovery for at least 2Public Sector Banks inthe last 3 years
20
3
Bank-wide Networkin Data Centre /Disaster Recovery forat least 2 Public Sectorbanks in the last 3
years
15
4
Must have ConductedManaged ServicesEffectiveness and SLACalculation &Management
10
-
8/2/2019 TR 0002341 INfrstructure
35/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 35 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
5
Must have experiencein developing andimplementation ofBusiness ContinuityPlan and Disasterrecovery Planning in atleast 2 reputed PublicSector banks in the last3 years
10
Sub-Total
75
6
Engagement Managershould have handledsuch projects in thefirm for at least fouryears
5
7
Overall personresponsible shouldhave handled suchprojects in firm for atleast 6 years
5
8
Proposed team musthave experience inexecuting similarprojects in banks out ofwhich at least oneshould be a public
sector bank
5
Sub-Total
15
9
Demonstration of in-depth understandingof the Banks projectrequirements throughthe technical proposal
5
10
Technical Proposalwith detailed broken-down activities to beperformed, effortestimation, manpowerto be deployed on aproject-to-project basis.
5
Sub-Total 25
-
8/2/2019 TR 0002341 INfrstructure
36/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 36 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
Total Marks 100
CommercialEvaluationCriterion
Sl.No.
Major Activities TotalCost
1 IT Infrastructure
2 Data Centre / Disaster Recovery CentreAudit
3 Managed service Effectiveness & ServiceLevel Agreement
4 Business Continuity Plan & disasterRecovery Planning
NET TOTAL COST
ComputationMethodologyforarrivingatLeastPrice/LeastQuoteBank will give 60% weightage to technical score while comparing the commercialquote. The Procedure is as under :
A Score(S) will be calculated for all qualified bidders using the followingformula:
Where C Stands for nominal price quoted, Clow stands for the price quote of thelowest nominal bid. T Stands for technical evaluation score and Thigh stands forthe score of the technically highest bidder. X is equal to 0.4.
-
8/2/2019 TR 0002341 INfrstructure
37/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 37of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
In the above example, ABC , with the highest score becomes the successfulbidder.
Bank reserve the right to negotiate the price with the finally short listed bidderbefore awarding the contract. It may be noted that Bank will not entertain anyprice negotiations with any other bidder, till the Least Price bidder declines toaccept the offer.
Note :1. Banks exclude RRBs and Cooperative Banks2. The SP is required to provide documentary evidence for each of the above
criteria and the same would be required on the clients letter head in caseof credentials
-
8/2/2019 TR 0002341 INfrstructure
38/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 38 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
23. Project Timelines:
Sl. No. Major Activities Major Milestones (Only indicative. Biddershould add more detailed steps / tasks so asstrengthen the quality of the response)
TimeLines(Days)
1 IT Infrastructure Data Centre, Disaster RecoveryIT organisation structure- StaffingAcceptance Test Plan Perform Acceptance Test for all critical DataCentre and Disaster Recovery Site, ITInfrastructureAssist Bank in signing of Acceptance Test
XXXXXX
XXX
2 Data Centre / DisasterRecovery Centre Audit
Management of hardware, software, networkfacilities, application and databaseManagement of Operating System, datasecurity, help desk, Storage, BusinessContinuity, Inventory and MediaProcess Management Review
XXX
XXX
XXX
3 Managed serviceEffectiveness & ServiceLevel Agreement
Review of SLA parameters and Keyperformance AreasEvaluation of Performance under Managedservices
Setting up process, processes and controltemplates for SLA managementAdequacy of MISReview of SLA computation methodologyEstablishing best practice for SP management
XXX
XXX
XXX
XXXXXXXXX
4 Business Continuity Plan & Business Impact Analysis including Risk XXX
-
8/2/2019 TR 0002341 INfrstructure
39/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 39 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
disaster Recovery Planning AssessmentDeveloping Business flowsResource priority for recovery and recoverytime objectivesDevelopment of Business Continuity Strategy
Development and roll out of Disasterrecovery Plan and Business Continuity Plan
XXXXXX
XXX
XXX
24. Proposal and other formats
ANNEXURE ATechnical Proposal format:
Particulars to be provided by the bidder in the technical proposal
No Particulars Details to be furnished by the bidder
1 Name of the bidder
2Year of establishment andconstitution
Certified copy of PartnershipDeed or Certificate of
3Location of Registered office/Corporate office and address
4 Mailing address of the bidder
5Names and designations of thepersons authorized to makecommitments to the Bank
6Telephone and fax numbers ofcontact persons
7E-mail addresses of contactpersons
-
8/2/2019 TR 0002341 INfrstructure
40/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 40 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
8Details of:Description of business andbusiness backgroundService Profile & client profileDomestic & International presence
Alliance and joint ventures
9Whether the consulting processconfirms to ISO 9001(2000),BS7799, ISO17799 standards and ifso, furnish details of compliance.
10 Details of experience/knowledgepossessed in the areas ofProject Planning and managementreview, Resource Planning,Role and Responsibility definition,Co-ordination across multiple
11Gross revenue of the bidder (not ofthe group)Year 2007-08Year 2008-09
Total From Audit
12Net Profit of the bidder (not of thegroup)Year 2007-08Year 2008-09
13Details of the similar assignmentsexecuted by the bidder during thelast two years(Name of the Bank, time taken forexecution of the assignment anddocumentary proofs from the Bank
14Details of the similar assignmentson hand as on date (Name of theBank, time projected for executionof the assignment and
15Name of the team leader identifiedfor this assignment and hisprofessional qualifications and
experience/expertiseDetails of similar assignmentshandled by the said team leader
As per annexure E
-
8/2/2019 TR 0002341 INfrstructure
41/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 41 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
16Names of the other team membersidentified for this assignment andtheir professional qualificationsand experience/expertiseDetails of similar assignments
handled by the said team membersDocumentary proofs for all theassertions are to be enclosed
As per annexure E
17Estimated work plan and timeschedules for providing servicesfor this assignment
18 Effort estimate and elapsed timeare to be furnished in annexure D
As per annexure D
19Details of inputs, infrastructurerequirements required by the
bidder to execute this assignment.
20Details of the bidders proposedmethodology/approach forproviding services to the Bankwith specific reference to the scope
21Details of deliverables the bidderproposes with specific reference tothe scope of work.
Declaration:
1. We confirm that we will abide by all the terms and conditions contained in theRFP.
2. We hereby unconditionally accept that Bank of Baroda can at its absolutediscretion apply whatever criteria it deems appropriate, not just limiting to thosecriteria set out in the RFP, in short listing of bidders.
3. All the details mentioned by us are true and correct and if Bank of Barodaobserves any misrepresentation of facts on any matter at any stage, Bank ofBaroda has the absolute right to reject the proposal and disqualify us from theselection process.
4. We confirm that this response, for the purpose of short-listing, is valid for aperiod of six months, from the date of expiry of the last date for submission ofresponse to RFP.
-
8/2/2019 TR 0002341 INfrstructure
42/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 42 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
5. We confirm that we have noted the contents of the RFP and have ensured thatthere is no deviation in filing our response to the RFP and that the Bank will havethe right to disqualify us in case of any such deviations.
Place:Date :
Seal & Signature of the bidder
ANNEXURE B
Commercial Bid Format
Sr. No. Major Activities Major Deliverables (Onlyindicative. Bidder may addmore so as to strengthen thequality of the response)
EstimatedEffort(In mandays)
QuotedPrice(InRupees)
1 IT Infrastructure Data Centre, DisasterRecovery
IT organisation structure-Staffing
Acceptance Test Plan Perform Acceptance Test forall critical Data Centre andDisaster Recovery Site, ITInfrastructureAssist Bank in signing ofAcceptance Test
2 Data Centre/DR Audit Management of hardware,software, network facilities,application and database
-
8/2/2019 TR 0002341 INfrstructure
43/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 43 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
Management of OperatingSystem, data security, helpdesk, Storage, BusinessContinuity, Inventory and
Media
Process Management Review
3 Managed serviceEffectiveness & ServiceLevel Agreement
Review of SLA parametersand Key performance Areas
Evaluation of Performanceunder Managed services
Setting up process, processesand control templates for SLA
management
Adequacy of MIS
Review of SLA computationmethodology
Establishing best practice forvendor management
4 Business Continuity Plan& disaster Recovery
Planning
Business Impact Analysisincluding Risk Assessment
Developing Business flows
Resource priority for recoveryand recovery time objectives
Development of BusinessContinuity Strategy
Development and roll out ofDisaster recovery Plan and
Business Continuity Plan
Please also furnish the following:
2. Average cost per man-day (in Rupees) :3. Rate per man-day for Senior Resource ( in Rupees) :4. Rate per man-day for other Resources ( in Rupees) :
-
8/2/2019 TR 0002341 INfrstructure
44/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 44 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
5. Rate per man-day external site duty ( Composite Rate) :
ANNEXURE CCompliance Certificate
To, Date :
The General Manager(Projects & IT Operations)Bank of Baroda3rd, floorBaroda Corporate CentreBandra Kurla Complex, Bandra (East)Mumbai 400 051Dear Sir,Ref: -1. Having examined the Request for Proposal (RPF) including all annexures, the
receipt of which is hereby duly acknowledged, we, the undersigned offer toprovide the desired services for the Comprehensive audit of the IT systems inconformity with the said RPF and in accordance with our proposal and theschedule of Prices indicated in the Price Bid and made part of this bid.
2. If our Bid is accepted, we undertake to complete the project within thescheduled time lines.3. We confirm that this offer is valid for six months from the last date for
submission of RFP to the Bank.4. This Bid, together with your written acceptance thereof and your notification
of award, shall constitute a binding Contract between us.
-
8/2/2019 TR 0002341 INfrstructure
45/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 45 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
5. We undertake that in competing for and if the award is made to us, inexecuting the subject Contract, we will strictly observe the laws against fraudand corruption in force in India namely Prevention of Corruption Act 1988.
6. We agree that the Bank is not bound to accept the lowest or any Bid that theBank may receive.
7. We have not been barred/black-listed by any regulatory / statutory authorityand hold the necessary approvals/Licenses/permission ofstatutory/regulatory authorities.
8. We shall observe confidentiality of all the information passed on to us incourse of the tendering process and shall not use the information for any otherpurpose than the current tender.
Signed DatedSeal & Signature of the bidder
Phone No.:Fax:
E-mail:
ANNEXURE D
Estimated Effort and Elapsed Time
Sl
No
Activities Elapsed
Time
Effort
in Mandays
Number
of teammemberswho willbedeployed
Remark
s
1 IT Infrastructure
2 Data Centre/DR Audit
3 Managed service Effectiveness& Service Level Agreement
4 Business Continuity Plan &disaster Recovery Planning
Place:Date: Seal and Signature of Bidder:
-
8/2/2019 TR 0002341 INfrstructure
46/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 46 of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
-
8/2/2019 TR 0002341 INfrstructure
47/48
Bank of BarodaBaroda Corporate Centre, Mumbai
Confidential Page 47of 48 Project Office, BCC, Mumbai
RFP Document forComprehensive audit of ITSystems
Created on 03/11/2009
ANNEXURE E
Proposed Team Profile
SlNo
Name ofProposedEngagementManager
/ProposedTeamMember
Prof.Qualifications
Certifications/Accreditations
IS auditexpertise(Mention if hehas worked inBanks earlier)In terms ofyears and areasof expertise
ITExpertiseIn termsof yearsand areasofexpertise
Number ofsimilarassignmentsinvolvedIn PublicSector Banksin India
Documentary proofs are to be enclosed to substantiate the claims made.
Place:Date: Seal and signature of the bidder
-
8/2/2019 TR 0002341 INfrstructure
48/48
Bank of BarodaBaroda Corporate Centre, Mumbai
ANNEXURE F
Comments on the Terms & Conditions, Services and Facilities provided:
Please provide your comments on the Terms & conditions in this section. You arerequested to categorize your comments under appropriate headings such as thosepertaining to the Scope of work, Approach, Work plan, Personnel schedule,Terms & Conditions etc. You are also requested to provide a reference of the pagenumber, state the clarification point and the comment/ suggestion/ deviation thatyou propose as shown below.]
Sr.No.
Page#
Point /Section#
Clarification point asstated in the tenderdocument
Comment/ Suggestion/Deviation
1
2
3
4
5
6
7
8
9
Project OfficeBank of Baroda
Baroda Corporate CentreDated : 03/11/ 2009
End of Document