Bid Specification Template



ANNEXURE 1TECHNICAL AND PRICING REQUIREMENTSBIDDERS MUST SUBMIT ANNEXURE 1 TOGETHER WITH THE MAIN BID DOCUMENTRFB Ref. No:RFB 0000000875DESCRIPTIONProcurement Of Security Operations Centre Capability Establishment For SITA For A Period Of Five (5) Years.Publication Date 16 July 2021Compulsory Briefing Session22 July 2021Closing Date for questions / queries30 July 2021RFB Closing DetailsDate: 10 August 2021Time: 11:00 (South African Time) RFB Validity Period120 Days from the Closing DateNotes: Bidders should submit their bid responses strictly through gCommerce (best experienced through google Chrome) using the following link:? must ensure that you are registered on the CSD and that all your company details have been updated on the CSD.To obtain log in details please call 012 482 2373 or alternatively send an email to (gCommerce resource) with the company MAAA number.?If you encounter any system related challenges please call 012 482?2373. The help desk only operates from Monday to Friday between 08h00 am to 16h00 pm (closed on Public Holidays)gCommerce training will be conducted on Microsoft Teams every Wednesday (except public holidays) Click here to join the meeting Please allocate sufficient time to complete your submission as queries may take up to 3 business days to resolve.Ensure that you print your submission report and click on “SUBMIT REQUEST” on step 7 before the closing date and time. Bid will not be considered if not submitted before closing time. Please note that there is a possibility of unexpected downtime and this can be unique to a specific bidder. Please call the helpdesk to be assisted with such issues.Total bid price on step 5 on the gCommerce portal must be inclusive of VAT.Hand delivered or emailed documents will not be accepted.?Contents TOC \h \z \t "Heading 1,1,Heading 2,2,Heading 3,3,Annex H1,1,Annex H2,1" ANNEX A:INTRODUCTION PAGEREF _Toc77281484 \h 41.PURPOSE AND BACKGROUND PAGEREF _Toc77281485 \h 41.1.PURPOSE PAGEREF _Toc77281486 \h 41.2.BACKGROUND PAGEREF _Toc77281487 \h 41.3.PROBLEM STATEMENT PAGEREF _Toc77281488 \h 42.SCOPE OF BID PAGEREF _Toc77281489 \h 52.1.SCOPE OF WORK PAGEREF _Toc77281490 \h 52.1.1.Annual license maintenance on SOCC core solution PAGEREF _Toc77281491 \h 52.1.2.Growth PAGEREF _Toc77281492 \h 52.1.3.Training PAGEREF _Toc77281493 \h 62.1.4.Professional services PAGEREF _Toc77281494 \h 62.1.5.Solution requirements PAGEREF _Toc77281495 \h 62.1.6.Supplier requirements PAGEREF _Toc77281496 \h 72.2.SCOPE EXCLUSION PAGEREF _Toc77281497 \h 72.3.DELIVERY ADDRESS PAGEREF _Toc77281498 \h 73.TECHNICAL REQUIREMENT OVERVIEW PAGEREF _Toc77281499 \h 73.1.MAINTENANCE – NEW BASE PROCURED PAGEREF _Toc77281500 \h 73.2.PROFESSIONAL SERVICES (AS-AND-WHEN REQUIRED) PAGEREF _Toc77281501 \h 83.3.ADDITIONAL LICENCES (AS-AND-WHEN REQUIRED) PAGEREF _Toc77281502 \h 83.4.Summary: PAGEREF _Toc77281503 \h 93.5.HIGH LEVEL OVERVIEW PAGEREF _Toc77281504 \h 93.6.TECHNICAL AND FUNCTIONAL REQUIREMENT PAGEREF _Toc77281505 \h 113.6.1.FUNCTIONALITY OF THE SOCC PAGEREF _Toc77281506 \h 113.6.2.SOCC ARCHITECTURE AND CONFIGURATION PAGEREF _Toc77281507 \h 123.6.3.TECHNICAL REQUIREMENTS PAGEREF _Toc77281508 \h 133.6.4.SECURITY INCIDENT AND EVENT MONITORING SERVICE CAPABILITY PAGEREF _Toc77281509 \h 143.6.5.INFRASTRUCTURE CONFIGURATION PAGEREF _Toc77281510 \h 144.BID EVALUATION STAGES PAGEREF _Toc77281511 \h 16ANNEX A.1:ADMINISTRATIVE PRE-QUALIFICATION PAGEREF _Toc77281512 \h 175.ADMINISTRATIVE PRE-QUALIFICATION REQUIREMENTS PAGEREF _Toc77281513 \h 175.1.ADMINISTRATIVE PRE-QUALIFICATION VERIFICATION PAGEREF _Toc77281514 \h 175.2.ADMINISTRATIVE PRE-QUALIFICATION REQUIREMENTS PAGEREF _Toc77281515 \h 17ANNEX A.2:TECHNICAL MANDATORY, FUNCTIONALITY AND PROOF OF CONCEPT REQUIREMENTS PAGEREF _Toc77281516 \h 186.TECHNICAL MANDATORY PAGEREF _Toc77281517 \h 186.1.INSTRUCTION AND EVALUATION CRITERIA PAGEREF _Toc77281518 \h 186.2.TECHNICAL MANDATORY REQUIREMENTS PAGEREF _Toc77281519 \h 196.3.DECLARATION OF COMPLIANCE PAGEREF _Toc77281520 \h 197.TECHNICAL FUNCTIONALITY PAGEREF _Toc77281521 \h 207.1.INSTRUCTION AND EVALUATION CRITERIA PAGEREF _Toc77281522 \h 207.2.TECHNICAL FUNCTIONALITY REQUIREMENTS PAGEREF _Toc77281523 \h 217.2.1DESK TOP EVALUATION: PAGEREF _Toc77281524 \h 217.2.2PROOF OF CONCEPT PAGEREF _Toc77281525 \h 267.2.2.1INSTRUCTION AND EVALUATION CRITERIA PAGEREF _Toc77281526 \h 277.2.3SITE VISIT PAGEREF _Toc77281527 \h 297.2.3.1INSTRUCTION AND EVALUATION CRITERIA PAGEREF _Toc77281528 \h 29ANNEX A.3:SPECIAL CONDITIONS OF CONTRACT (SCC) PAGEREF _Toc77281529 \h 338SPECIAL CONDITIONS OF CONTRACT PAGEREF _Toc77281530 \h 338.2INSTRUCTION PAGEREF _Toc77281531 \h 338.3SPECIAL CONDITIONS OF CONTRACT PAGEREF _Toc77281532 \h 338.4DECLARATION OF ACCEPTANCE PAGEREF _Toc77281533 \h 399VALUE PROPOSITION AND PRICING PAGEREF _Toc77281534 \h 409.1COSTING AND PRICING EVALUATION PAGEREF _Toc77281535 \h 409.2COSTING AND PRICING CONDITIONS PAGEREF _Toc77281536 \h 409.3BID EXCHANGE RATE CONDITIONS PAGEREF _Toc77281537 \h 419.4RATE OF EXCHANGE PRICING INFORMATION PAGEREF _Toc77281538 \h 419.4DECLARATION OF ACCEPTANCE PAGEREF _Toc77281539 \h 419.5DECLARATION OF ACCEPTANCE FOR PROTECTION OF PERSONAL INFORMATION ACT PAGEREF _Toc77281540 \h 42ANNEX A.4:TECHNICAL SCHEDULES PAGEREF _Toc77281541 \h 4710Technical Schedules PAGEREF _Toc77281542 \h 4710.4LOCATION SCHEDULE PAGEREF _Toc77281543 \h 4710.5EQUIPMENT AND QUANTITY SCHEDULE PAGEREF _Toc77281544 \h 4710.6SOLUTION ARCHITECTURE PAGEREF _Toc77281545 \h 4710.7SERVICES AND PERFORMANCE SCHEDULE PAGEREF _Toc77281546 \h 4710.8PROJECT AND DELIVERY SCHEDULE PAGEREF _Toc77281547 \h 47ANNEX A.5:Terms and definitions PAGEREF _Toc77281548 \h 4811.ABBREVIATIONS PAGEREF _Toc77281549 \h 4812.DEFINITIONS PAGEREF _Toc77281550 \h 48ANNEX B BIDDER SUBSTANTIATING EVIDENCE PAGEREF _Toc77281551 \h 4913MANDATORY REQUIREMENT EVIDENCE PAGEREF _Toc77281552 \h 4913.1BIDDER CERTIFICATION / AFFILIATION REQUIREMENTS PAGEREF _Toc77281553 \h 49INTRODUCTIONPURPOSE AND BACKGROUNDPURPOSEThe purpose of this RFB is to invite Suppliers (hereinafter referred to as “bidders”) to submit their bids for the following security technologies to enable SITA to build its own Security Operations Centre Capability (SOCC). This same capability will be used to provide SOCC services to Government in responding to cybersecurity attacks based on a Pay-As-You-Use model. BACKGROUNDSITA’s mandate is to improve Government’s service delivery to the public through the provisioning of information technology, information systems and related services in a secured environment to Government Departments and Public Entities. SITA further needs to promote the efficiency of Departments and Public Entities through the use of information technology.SITA, as the lead ICT service provider for government, hosts most of the South African government’s critical databases such as the population databases, the financial systems, logistics, government employee databases, web sites, and various e-services. These information infrastructures, databases, web sites, and various e-services need to be protected. Considering the technology growth worldwide and the implementation of a Government Private Cloud Ecosystem (GPCE), the information stored, processed and transmitted over the network on a daily basis, needs near-real-time detection, monitoring and accurate data protection control. Managing and securing government data also encourage and contribute to economic growth.The SOCC is required to centrally monitor all the ICT assets for SITA and its clients on a 24/7/365 basis for cybersecurity attacks. The SOCC will include an appropriate technology stack, SITA security resources and industry specialist provided by the successful bidder in this tender.SITA will ensure that the SOCC facility hardware (including cloud-based storage), location and office equipment is provided. This exclude appliances that is required to deliver the solution.PROBLEM STATEMENTIt has become necessary for SITA to strengthen its cybersecurity posture. The need to improve on SITA cybersecurity capabilities comes at a time when several organisations, public and private, are being targeted by malicious hackers for various reasons, and SITA is not an exception to these attacks. As SITA pursues the information protection strategy, it is imperative that the cybersecurity risks associated with digital protection decisions are minimised and mitigated. A number of events at SITA over the past years point to an urgent need to establish mechanisms to monitor and respond to real and specifically-directed threats to the confidentiality, integrity and availability of SITA and its clients’ information and assets. The threats, risks and attack vectors referred to in this document are not generalized, but are specific to SITA and the South African Government. With the enactment of the Protection of Personal Information Act (Act 4 of 2013) (POPIA) SITA must equip itself with the ability to proof lawful processing of personal information to be compliant and avoid potential legal actions and/or penalties. In order to execute on defined strategies, innovate products/offerings and prepare the organisation for the future, there is a requirement to improve the architectural building blocks usage and modernise its Security Operations Centre Capability (SOCC).SCOPE OF BIDThis section defines the solution to address the problem statement, it focuses on how the Security Operation Centre Capability (SOCC) will be established and the approach that must be followed to deliver the requirement.SCOPE OF WORKThe project scope is to ensure that a Security Operation Centre Capability (SOCC) is established and that the service is delivered, maintained and supported, and that a service level agreement is established with SITA and SITA’s SOCC clients, including:Annual license maintenance on SOCC core solutionSupply a technology stack that delivers all the capabilities as defined in the technical requirements of this specification. Please take note of the following: This solution might consist of multiple technologies or it can be a single system that delivers all SOCC. SITA prefers a single end-to-end solution using one technology stack supported or delivered by a single OEM.The bidder must provide a fully integrated and workable solution in this proposal. If the solution consist of separate technologies integration requirements must be specified and technology dependencies clearly identified. It must be understood that SITA will buy these technologies and have full ownership of the tools and licences.Provide licence maintenance across the provided stack for a period of five (5) years.Provide SITA with technical resources in the form of professional services to augment its own internal capability and skills base. These professional services will be used as and when required across the five (5) years and will be paid for only when it was used.GrowthProvide SITA with an estimate for a projected growth (new licenses) over the five (5) years. The growth projection will be provided by SITA but SITA do not commit on any growth to be bought. Growth will only be procured when there is a client that officially commits to the SOCC service and when SITA management has approved the procurement of licences. Growth is based on a Pay-As-You-Use model.TrainingThe bidder will provide the following training throughout the duration of the contract:Skills transfer from onsite resources on a daily basis and this might even take the form of meetings and workshops. This training will not be costed and paid for. The time spend on site by vendor resources will be billed through the professional services component.Official information security skills training to ensure that security principles are learned and imbedded within the SITA team.Technical training across all technologies as delivered as part of the SOCC on this contract for twelve (12) resources per year as and when required, SITA do not commit on the training of resources if not required during the contract year.Professional servicesThe professional services in this contract will include but is not limited to supporting SITA with:Development of a costing model for SITA that will enable SITA to sell this service at a market related and cost-effective rate.Training as mentioned in (2.1.3) above.Fault finding and building of an information security knowledge and response database related to information security incidents and risks that materialised.Budget costing for level 4 incident response, investigations and management services will be based on a bucket (80 hours per bucket per quotation base as required) of container model to ensure post security operation centre continuous capability enablement at a controlled cost.Professional services will exclude maintenance and support on the technology base procured on this contract. The principles for maintenance and support Vs. professional services will be clearly defined in the special conditions section of this document.Solution requirementsThe system must be integrated into the SITA ITSM solution (BMC Remedy) to ensure security incident automation.Acquisition of a Security Operation Centre Capability (SOCC) to establish including (SITA SOCC core implementation – effort estimated at three (3) months). SITA prefers a single end-to-end solution using one technology stack supported or delivered by a single OEM:Security Incident and Event Monitoring (SIEM), Security Orchestration Authentication and Response (SOAR), threat intelligence, analytics, data services, service integration, data collection, and cyber incident management.The SOCC technologies must be certified to be hosted on SITA CFI Cloud infrastructure, including installation of software to the stage where it is ready to use. The SOCC solution includes delivery, implementation and configuration of all components included, but not limited to appliances where required, software, maintenance, professional services, training and growth as and when required.The solution must comply with the technical and functional requirements defined in this document.Supplier requirementsThe supplier must be certified in the SOCC service technologies and be an authorised platinum level equivalent service provider certified by the OEM to implement and maintain the solution.A SLA will be developed and will contain at a minimum the following:A Service level agreement (SLA) for this bid to ensure consistent service delivery of the security and incident event monitoring solution.Four (4) hour mission critical support with escalation and monthly reporting on support service.One (1) hour mission critical information security incident response with notification and cyber security incident management service.SCOPE EXCLUSIONThe scope of work excludes the following – Network perimeter equipment connecting to government network not owned by SITA.All infrastructure requirements to load software for the SOCC solution.All hardware for collectors that can be provisioned by a virtual system.All facility infrastructure.DELIVERY ADDRESSSITA Centurion, 459 John Voster Avenue, Centurion, 0048 for the core solution, collectors may be required across the SITA landscape as listed below.2924-298300TECHNICAL REQUIREMENT OVERVIEWThe following are mandatory requirements to this request:The bidder must be an OSM/OEM or a registered OSM/OEM partner to provide Security Operations Centre services.MAINTENANCE – NEW BASE PROCUREDMaintenance required for solution as procured through this contract for the SITA base to build the SOCC capability.PROFESSIONAL SERVICES (AS-AND-WHEN REQUIRED)Additional hours for development and support must be procured. This will ensure that our solution continuously provides and supports the business requirement while at the same time conforms to the OEM’s development requirements.The intention is to procure the total of up to 1665x5x5=41 625 hours over the five (5) year period for the duration of the contract and will be utilised as the need arises.The following principles will be applied for development support:The number of man hours can be accumulated if no specialised support is required and used in bulk on a specific development environment;The development support hours will only be paid for hours worked per month all hours not utilised at the end of the contract will be forfeited;Hours not utilised per year might be carried forward to the next year;All existing development in the system is immediate supported as part of the existing base therefore will become part of maintenance.ADDITIONAL LICENCES (AS-AND-WHEN REQUIRED)This SOCC service being developed is intended to be available for all of government uptake – National, Provincial, Municipal and SOCS.All the growth figures below are based on Estimates and are therefore only projections for growth. Growth requirements are dependent on actual customer take on with accepted proposals and government orders.The licenses for the core solution, as well as, the deployment of the SITA environment / virtual private networks (VPNs) was used to scope the future growth as indicated below.SITA is deemed as a medium client therefore it is projected to require 40,000 events per second. The following categorisation is used per customer size to project growth:Large = 80,000 EPS Medium = 40,000 EPSSmall = 20,000 EPSThe estimated growth are based on one (1) large <or> two (2) medium <or> four (4) small customers per year:GROWTHUnit of measureYear 1Year 2Year 3Year 4Year 5Goods/Service descriptionQty Qty Qty Qty Qty Events Per Second (EPS) - Collected ea080,00080,00080,00080,000Events Per Second (EPS) - Correlated ea01 to 10 events1 to 10 events1 to 10 events1 to 10 eventsSummary:NoServiceContracting ModelRationale1Application maintenance and supportLump Sum per financial year for the procured SOCC core solution including SITA footprintApplication maintenance and support is required for SOCC core solution and SITA footprint licences. Payment will be made annually in the beginning of each year for license maintenance of that respective year. All licences procured under growth must be included in the projection of maintenance from the time procured.2Professional services (as-and-when required)Rate based.Monthly payment per hours of professional service delivered in that month.A maximum of 41 625 hours of professional services is contracted over the five-year contract period. The number of professional service hours rendered per month depend on the operational requirements therefore payment will be done at the end of each month for the hours of service delivered in that month.3Additional License (as-and-when required)Lump sum per license extension for the number of licenses required at that stage with additional application maintenance and support feesAs the procurement of more licenses is dependent on contracting with new SITA customer for this service, the contracting model caters for license growth in terms of as and when required. For this reason, the growth projected in this tender is not guaranteed and is only used for budget projection and tender sizing. SITA makes no commitment for growth over the five (5) year period.HIGH LEVEL OVERVIEWThis section provides a high-level overview of the SITA environment required in support of the in-scope requirements. The SOCC must facilitate the collection of events and alerts from the SITA network, segregated into eleven (11) Virtual Private Networks (VPNs) from seven (7) Data centres, twenty-seven (27) switching centres and nineteen (19) geographic location offices:5000 NetworkCisco routersCisco switchesHuawei switchesXyplex switches650 ServersMicrosoftLinux / UnixOracle LinuxDatabases16 x Oracle150 x SQLDB2 (client environments)4,500 End user devicesMicrosoft Windows 7Microsoft Windows 10Applications Microsoft productivity suite (including DNS and DHCP)Microsoft Exchange mailOracle EBSPersalDomain name servicesWeb sitesSecurity protection solutions / toolsEnd point protectionVulnerability managementIntrusion prevention / detectionFirewalls / next generation firewallsImplementation prioritisation for solution deployment anticipated as:SIEM solution at Centurion data centreCenturion data centre DMZ (demilitarisation zone)Tier one switching centres, national deployment simultaneouslySolutions integration between SIEM and ICT servicesIncident response procedure, reporting and dashboardingThe SIEM solution must support a variety of collection methods including:Passive log collection,OPSEC (open platform for secure enterprise connectivity),SDEE (security device event exchange),XML (extensible mark-up language),ODBC (open database connectivity),Encrypted collection validated to FIPS 140-2 level 2, andAuthenticated log collection.The following table lists SITA’s national footprint of switching and data centres (including Internal IT data centres).Table-1 SITA switching and data centresProvinceSwitching CentersData Centers GautengCenturion Switching CenterCenturion & ErasmuskloofNumerus Switching Center-Bureau Beta Switching CenterBeta Bedfordview Switching Center-LimpopoPolokwane Switching Center-Modimolle Switching Center-MpumalangaNelspruit Switching Center-Middelburg Switching Center-Western CapeCape Town Switching CenterCape Town George Switching Center-Worcester Switching Center-Eastern CapeEast London Switching CenterEast London Bhisho Switching Center-Mthatha Switching Center-Port Elizabeth Switching Center-Northern CapeKimberley Switching Center-Upington Switching Center-Free StateBloemfontein Switching CenterBloemfonteinWelkom Switching Center-North WestPotchefstroom Switching Center-Mmabatho Switching Center-KwaZulu NatalDurban Switching Center-Pietermaritzburg Switching CenterPietermaritzburg Ulundi Switching Center-TECHNICAL AND FUNCTIONAL REQUIREMENTFUNCTIONALITY OF THE SOCCThe mandate, functions and services of a SOCC are structured around five core process groups, namely Identify, Protect, Detect, Respond and Recover, which constitute the lifecycle flow of a SOCC. It is crucial to recognise that a SOCC cannot function in isolation and is highly dependent on information and input received from various divisions within the organisation, as well as from credible external sources such as Government and in certain instances the private sector.The SOCC will render functions and services as stipulated below.Act as the approving authority for security,Act as a communication hub for security personnel and relevant stakeholders,Have a centralised approach to information security,Have the ability to collate systems, application and network devices,Have single accountability for information security,Render a 24/7/365 monitoring, detection, reaction and defensive service, Protect Government information assets and services with the best-of-breed security technology,Provide positioning, tracking and identification of information and assets,Provide a focal point for continuity and recovery operations,Ensure that physical and operational security is maintained for assets, humans, environment and utilities,Manage and coordinate the Critical Security Incident Response Team,Coordinate applicable regulatory bodies in terms of information security,Coordinate external stakeholders such as SAPS, the SSA and the Department of Communication during SOCC activities,Proactive, early detection of security incidents, events and breaches through effective monitoring,Track incidents that may lead to potential security exploits,Defend and guard off any cyberattack, resolve and mitigate security incidents and events,Perform threat and vulnerability analysis,Perform cyber security investigations (limited to information security events and alerts, exclude forensic investigations),Monitor and report on SITA and Government cyber security postures,Provide alerts and notification of threats, incidents and exploits,Maintain a database of internal threats, incidents and exploits,Reduce the recovery and response time to react on incidents,Provide regular communication and reporting to management, the user community, and network and systems administrators, andRaise and conduct awareness of information security.SOCC ARCHITECTURE AND CONFIGURATION A high-level SOCC capability establishment plan for the duration of the contracted period must be included as deliverable of the acquisition. The high-level plan must include implementation and operational handover of capability to SITA.The SOCC solution must be based on the capability for data collection and correlation to support the SITA and client’s network geographic architecture.A SOCC SIEM must provide a centralised dashboard at the selected SITA SOCC facility.The SOCC solution should be designed with the capability to scale on demand (including licensing and data collecting capability) to onboard services of small, medium and large network environments of SITA clients. The SOCC solution must be an enterprise solution with clear multi-tenant capabilities without a requirement for separate installation of the SOCC core solution.The SOCC solution must provide standard and customisable reporting with processing in rapid time in support of incident notification and response.The SITA Security Operation Centre Capability (SOCC) must follow a structured security event and incident management process that comply with principles defined in the Information Security Forum, Standard of Good Practice.The system must be integrated into the SITA ITSM solution (BMC Remedy, version 9 and above) to ensure incident automation.TECHNICAL REQUIREMENTSHigh level technical requirements that the solution must adhere to are defined below.HIGH LEVEL TECHNICAL REQUIREMENTSReduced total cost of ownership – Ensure there is no additional cost and no data collection restriction when the events per second (EPS) threshold is reached (i.e. no data loss or packet drops). Ensure the SOCC solution is capable to scale vertically and horizontally when SITA needs to onboard new clients.Threat detection and risk management - Utilise machine learning technologies / artificial intelligence (AI) to monitor and report on issues detected based on the 'time to detect' and the 'time to respond'. Reduce detection and assessment time limits to determine risk exposure of emerging threats rapidly. Detect unusual behaviour patterns to reduce time to respond to potential security pliance - Report compliance from the solution supported with search and dashboard functionality. Provide historical analysis for post mortem investigations and analysis of root cause. Technologies to support critical infrastructure systems, enabling implementation of security in SITA and in client environments.Architecture and design – The solution must be agile in design and integration, whilst enabling rapid deployment and data collection. The architecture must be flexible and capable to scale linear for large and complex implementations. The software must be capable to be deployed in a physical or virtual environment and on premise or in the SITA cloud. The underpinning solution architecture must be based on SIEM functionality with the ability to unify, simplify and automate security workflows and enable better information-sharing and incident prevention procedures.License model – SITA owned perpetual licenses. Behavioural analytics – The solution must provide visibility into attacks, including analysis of abnormal patterns and activities in support of incident management throughout the stages of the kill chain, with the ability to connect abnormal activity together in terms of accounts, machines, files and applications. The service must enable security analysts to quickly validate and action the event/alert and enable fast and accurate response.SOCC solution architecture - Include at minimum SIEM (Security Incident and Event Monitoring), SOAR (Security Orchestration and Response), Response AI (artificial intelligence), and Cyber incident management. SITA prefers a single end-to-end solution using one technology stack supported or delivered by a single OEM.Facilities –SITA will provide the SOCC infrastructure (office facilities and desks).Data Ownership - Data will remain the property of SITA. SECURITY INCIDENT AND EVENT MONITORING SERVICE CAPABILITYThe Security Incident and Event Monitoring (SIEM) service must be capable to deliver:work flow automation of information security events, alerts, threat and risk notifications,information security threat analysis intelligence and integration with local and third-party threat intelligence services, internal threat intelligence to improve the management of end user device threat landscape, with the capability to identify and prioritise threats, automate threat intelligence sharing between different solutions with the capability to freeze attacks manually and/or automatically, rapid (i.e. critical real-time) event and alert correlation with automated incident identification and reduced response time, to enable incident automation and integration to the ITSM system,integration of data and processes with advanced analytics (including static and dynamic behavioural analysis), information to identify, triage, scope, and respond to emerging threats, enabling threat hunting, remediation and removal at a single point and/or across the entire organisation,capability to produce configuration management guidelines in support of secure infrastructure configuration for information and communication technologies, and must be cost effective, with rapid deployment time.INFRASTRUCTURE CONFIGURATIONThe SOCC technologies must be certified to be hosted on cloud infrastructure as it will be deployed on the Government Private Cloud Ecosystem (GPCE).Infrastructure must make provision for the following items:The SOCC service must be virtualised as far as possible and leverage from the Government Private Cloud Ecosystem (GPCE) capacity.Local network data collectors must be virtualised as far as possible. In the event that usage of an appliance is mandatory it must be capable to store adequate volumes of event and alert data (based on the scoping requirements).Data collectors (virtually and/or physically) must be able to cache all collected data locally and preserve data in the event of a network communication error and/or service outage to the centralised SIEM solution.BID EVALUATION STAGESThe bid evaluation process consists of several stages that are applicable according to the nature of the bid as defined in the table below.StageDescriptionApplicable for this bidStage 1Administrative pre-qualification verificationYESStage 2ATechnical Mandatory requirement evaluationYESStage 2BTechnical Functionality requirement evaluationYESStage 2CTechnical Proof of Concept requirement evaluationYESStage 2DTechnical Site Visit requirement evaluationYESStage 3Special Conditions of Contract verificationYESStage 4Price / B-BBEE evaluationYESThe bidder must qualify for each stage to be eligible to proceed to the next stage of the evaluation.ADMINISTRATIVE PRE-QUALIFICATIONADMINISTRATIVE PRE-QUALIFICATION REQUIREMENTSADMINISTRATIVE PRE-QUALIFICATION VERIFICATIONThe bidder must comply with ALL of the bid pre-qualification requirements in order for the bid to be accepted for evaluation.If the Bidder failed to comply with any of the administrative pre-qualification requirements, or if SITA is unable to verify whether the pre-qualification requirements are met, then SITA reserves the right to – Reject the bid and not evaluate it, orAccept the bid for evaluation, on condition that the Bidder must submit within 7 (seven) days any supplementary information to achieve full compliance, provided that the supplementary information is administrative and not substantive in nature.ADMINISTRATIVE PRE-QUALIFICATION REQUIREMENTSSubmission of bid response: The bidder has submitted a bid response documentation pack – that was completed and uploaded on the GCommerce system within the stipulated date and time as specified in the “Invitation to Bid” cover page.Attendance of briefing session: If a briefing session is called, then the bidder has to sign the briefing session attendance register using the same information (bidder company name, bidder representative person name and contact details) as submitted in the bidder’s response document. The attendance of the briefing session is compulsory.Site Visit: A site visit will be compulsory for the qualifying bidders after POC (Proof of Concept) as determined by the POC stage.Registered Supplier. The bidder is, in terms of National Treasury Instruction Note 3 of 2016/17, registered as a Supplier on National Treasury Central Supplier Database (CSD).TECHNICAL MANDATORY, FUNCTIONALITY AND PROOF OF CONCEPT REQUIREMENTSTECHNICAL MANDATORYINSTRUCTION AND EVALUATION CRITERIAThe bidder must comply with ALL the requirements by providing substantiating evidence in the form of documentation or information, failing which it will be regarded as “NOT COMPLY”.The bidder must provide a unique reference number (e.g. binder/folio, chapter, section, page) to locate substantiating evidence in the bid response. During evaluation, SITA reserves the right to treat substantiation evidence that cannot be located in the bid response as “NOT COMPLY”.The bidder must complete the declaration of compliance as per section REF _Ref455335890 \w \h \* MERGEFORMAT 6.3 below by marking with an “X” either “COMPLY”, or “NOT COMPLY” with ALL of the technical mandatory requirements, failing which it will be regarded as “NOT COMPLY”.The bidder must comply with ALL the TECHNICAL MANDATORY REQUIREMENTS in order for the bid to proceed to the next stage of the evaluation.No URL references or links will be accepted as evidence.TECHNICAL MANDATORY REQUIREMENTSThe bidder must provide unique reference to locate substantiating evidence in the bid response – see Annex BNB: SITA reserves the right to verify all information provided.TECHNICAL MANDATORY REQUIREMENTSSubstantiating evidence of compliance(used to evaluate bid)Evidence reference(to be completed by bidder)BIDDER CERTIFICATION / AFFILIATION REQUIREMENTSThe bidder must be a registered OSM/OEM partner, or reseller (Platinum level equivalent service provider) to provide Security Operations Centre Capability (SOCC) services.Platinum level equivalent service providerProvide a copy of documentation (valid certificate or, letter) indicating OSM/OEM partner, or reseller (Platinum level equivalent service provider) status to provide Security Operations Centre Capability (SOCC) services.Note: All letters or certificates must be dated and on a letterhead of the entity that issued it.Note: SITA reserves the right to verify if the partnership is valid at time of bid.<provide unique reference to locate substantiating evidence in the bid response – see Annex B, section 13.1>DECLARATION OF COMPLIANCEComplyNot ComplyThe bidder declares by indicating with an “X” in either the “COMPLY” or “NOT COMPLY” column that –The bid complies with each and every TECHNICAL MANDATORY REQUIREMENT as specified in SECTION REF _Ref455335758 \w \h \* MERGEFORMAT 0 above; ANDEach and every requirement specification is substantiated by evidence as proof of compliance. TECHNICAL FUNCTIONALITY INSTRUCTION AND EVALUATION CRITERIAThe bidder must complete in full all of the TECHNICAL FUNCTIONALITY requirements.The bidder must provide a unique reference number (e.g. binder/folio, chapter, section, page) to locate substantiating evidence in the bid response. During evaluation, SITA reserves the right to treat substantiation evidence that cannot be located in the bid response as “NOT COMPLY”.Functionality will be evaluated by conducting the following two (2) stages in the tender processes:Desk Top EvaluationProof of Concept PresentationWeighting of requirements: The score for functionality will be calculated as follows:Each Bidder will be evaluated on each individual criterion as indicated in the tables in sections 7.2.1 and 7.2.2 below.The value scored for each criterion will be multiplied with the specified weighting for the relevant criterion to obtain the marks scored for each criterion. These marks will be added and expressed as a fraction of the best possible score for all criteriaMinimum threshold. This score will be converted to a percentage and only bidders that have met or exceeded the minimum threshold of 80% for functionality for Desk Top Evaluation will be considered to proceed to the Proof of Concept Presentation Stage.Only Bidders that have met or exceeded the minimum threshold of 80% for functionality for Proof of Concept Presentation Stage will then be considered for further evaluation.Weighting of requirements: The full scope of requirements will be determined by the following weights:No.Technical Functionality requirementsWeighting1.EXPERIENCE15%PLEXITY10%3.CAPABILITY75%TOTAL100 %TECHNICAL FUNCTIONALITY REQUIREMENTSDESK TOP EVALUATION:TECHNICAL FUNCTIONALITY REQUIREMENTSSubstantiating evidence and evaluation criteria(used to evaluate bid)WeightingEvidence (Page No)ExperienceProvide Customers information where you have provided SOCC solutions. Detailed reference letter indicating services provided, possible, savings, contract periods, etc. SITA?reserves the right to contact any of these clients.The bidder must submit reference letters or completion certificates from previous /present clients where SOCC solutions were rendered. All letters must be on a letter head and signed by the client. The client must be contactable and the contact details provided.Scoring criteria: No letters submitted = 0 pointsLetters submitted with partial information = 5 pointsLetters submitted matching details of SITA requirements details = 10 pointsLetters submitted with contact details and additional information that exceed SITA requirements = 15 points 15%Complexity Technology stack and related complexity of deployment. Assessment of technologies included in solution related to the number of OEM’s / tools and number of integrations required.Scoring criteria: No information provided = 0 pointsMultiple OEM’s and tool integrations = 5 pointsMultiple OEM’s with out of the box integrations = 8 pointsSingle OEM with only out of the box integrations = 10 points10%Capability: Knowledge and Skills CapabilitySkills?- CVs of?Project LeadershipCapability to deliver on all requirements as the terms of reference. This component is costed as part of professional services and those rules will apply.All bidders must have the relevant knowledge, resources and capacity to deliver the services required. The following must be submitted in order to substantiate the above: Evidence of qualifications of individuals, number of skilled people to do the job and expertise (CVs, list of people and expertise). SOCC manager must have at least five (5) years’ experience in the Security ICT environment managing a SOCC. Individual team members must have at least three (3) years’ experience in the Security ICT environment and SOCC mercial capability to develop costing & pricing model for SOCC services to government entities.Scoring criteria: Very Good Response addresses and exceeds the functionality requirements = 10 pointsCompliant Response addresses all functionality requirements = 8 pointsRequires Attention Response partially addresses the functionality requirements = 4 pointsInadequate Response did not address the functionality requirements =0 points10%Capability: Solution Capability - Security Incident and Event Monitoring (SIEM)Bidders are requested to demonstrate the following:Data collection - Gathering and processing of complex event sequences with AI-powered investigation engine to make sense of alerts, and reduce false positive triggers against normal activities within near real-time;Data services - Powered by artificial intelligence investigation engine to gather and process complex events; andService integration - To enable multi-vector threat detection in networks, systems, cloud.Scoring criteria: Very Good Response addresses and exceeds the functionality requirements = 12 pointsCompliant Response addresses all functionality requirements = 10 pointsRequires Attention Response partially addresses the functionality requirements =6 pointsInadequate Response did not address the functionality requirements = 0 points12%Capability: Solution Capability - Security Orchestration Authentication and Response (SOAR)Bidders are requested to demonstrate the following:Facilitate automated, semi-automated and manual task workflows; andUse playbooks to resolve incidents with most up to date information possible when working with an incident.Scoring criteria: Very Good Response addresses and exceeds the functionality requirements =10 pointsCompliant Response addresses all functionality requirements = 8 pointsRequires Attention Response partially addresses the functionality requirements =4 pointsInadequate Response did not address the functionality requirements =0 points10%Capability: Solution Capability - Response AI (Artificial intelligence)Bidders are requested to demonstrate the following:Threat intelligence - With real-time intelligence and proactive showing attacks in progress so they can be stopped; Threats are presented in the system that is understandable, with prioritisation and actionability;Analytics - Combining incident, threat and vulnerabilities to provide a full kill-chain view of an attack, with real-time search capability; andDetection and time to resolve is reduced from months to minutes.Scoring criteria: Very Good Response addresses and exceeds the functionality requirements = 8 pointsCompliant Response addresses all functionality requirements =7 pointsRequires Attention Response partially addresses the functionality requirements =4 pointsInadequate Response did not address the functionality requirements = 0 points8%Capability: Solution Capability – Cyber incident managementBidders are requested to demonstrate the following:Defending against malware, stopping security breaches by combining incident, threat and vulnerabilities to,provide a full kill-chain view of an attack.Scoring criteria: Very Good Response addresses and exceeds the functionality requirements = 8 points Compliant Response addresses all functionality requirements =7 pointsRequires Attention Response partially addresses the functionality requirements = 4 pointsInadequate Response did not address the functionality requirements = 0 points8%Capability: Scalability – Multi-tenancyThe SOCC solution must be an enterprise solution with clear multi-tenant capabilities without a requirement for separate installation of the SOCC core solution.Scoring criteria: Inadequate Response did not address the functionality requirements = 0 pointsCompliant Response addresses all functionality requirements = 6 points 6%Capability: Scalability – Scale on demandThe SOCC solution should be designed with the capability to scale on demand (including licensing and data collecting capability) to onboard services of small, medium and large network environments of SITA clients. Scoring criteria: Very Good Response addresses and exceeds the functionality requirements = 6 pointsCompliant Response addresses all functionality requirements =5 pointsRequires Attention Response partially addresses the functionality requirements =3 points Inadequate Response did not address the functionality requirements = 0 points6%Capability: Service Management Integration (ITSM)The system must be integrated into the SITA ITSM solution (BMC Remedy) to ensure security incident automation.Scoring criteria: Very Good Response addresses and exceeds the functionality requirements =5 pointsCompliant Response addresses all functionality requirements =4 pointsRequires Attention Response partially addresses the functionality requirements = 3 pointsInadequate Response did not address the functionality requirements =0 points5%Capability: Skills TransferFull Skills Transfer including Technology, Class room and over the shoulder training of SITA employees over the contract period including:Skills transfer from onsite resources on a daily basis and this might even take the form of meetings and workshops. This training will not be costed and paid for. The time spend on site by vendor resources will be billed through the professional services component.Official information security skills training to ensure that security principles are learned and imbedded within the SITA team.Technical training across all technologies as delivered as part of the SOCC on this contract.Scoring criteria: Very Good Response addresses and exceeds the functionality requirements =10 pointsCompliant Response addresses all functionality requirements = 8 pointsRequires Attention Response partially addresses the functionality requirements =4 pointsInadequate Response did not address the functionality requirements = 0 points10%Note: SITA reserves the right to verify if the SOCC solution capability is valid at time of bid.PROOF OF CONCEPT Bidders which successfully obtain the minimum threshold for functionality Desk Top Evaluation of 80% or higher will be requested to illustrate and demonstrate via a POC (Proof of Concept) that their solution is capable of delivering as per the above requirements. The bidder must supply a fully simulated test environment to carry out the POC.INSTRUCTION AND EVALUATION CRITERIAAll of the Proof of Concept (POC) requirements must be demonstrated in full. Evaluation per requirement. The evaluation (scoring) of bidders’ responses for POC requirements will be determined by the completeness, relevance and accuracy of demonstration. POC demonstration of Technical Mandatory requirements will be evaluated Weighting of requirements: The full scope of POC demonstration on the technical functionality requirements will be determined by the following weights:No.Proof of Concept requirements (technical functionality)Weighting1.Proof of concept requirements100%TOTAL100 %Minimum threshold. To be eligible to proceed to the next stage of the evaluation, the bidder must, For the POC demonstration of Technical Functionality requirements achieve a minimum aggregate threshold score of 80%PROOF OF CONCEPT REQUIREMENTSEvidence and evaluation criteria(used to evaluate bid)WeightingFUNCTIONALITYThe product/solution must perform –Technology stack and related complexity of deployment. Assessment of technologies included in solution related to the number of OEM’s / tools and number of integrations required.Data collection - Gathering and processing of complex event sequences with AI-powered investigation engine to make sense of alerts, and reduce false positive triggers against normal activities within near real-time;Data services - Powered by artificial intelligence investigation engine to gather and process complex events; andService integration - To enable multi-vector threat detection in networks, systems, cloud.Workflow Automation -Facilitate automated, semi-automated and manual task workflows.Knowledge Base Automation - Use playbooks to resolve incidents with most up to date information possible when working with an incident.Threat intelligence- Threats are presented in the system that is understandable, with prioritisation and actionability.Analytics - Combining incident, threat and vulnerabilities to provide a full kill-chain view of an attack, with real-time search capability.Defending against malware, stopping security breaches by combining incident, threat and vulnerabilities to, provide a full kill-chain view of an attack.Demonstrate the SOCC solution multi-tenant capabilities without a requirement for separate installation of the SOCC core solution.Provide product indicating how the proposed solution meets the applicable requirements/functionalities.SITA Technical Evaluation Team Scoring Table:#Score AllocationScore(a)0,5,8,10(b)0,5,8,10(c)0,5,8,10(d)0,5,8,10(e)0,5,8,10(f)0,5,8,10(g)0,5,8,10(h)0,5,8,10(i)0,5,8,10(j)0,5,8,10Total100Score Allocation:Score of 0 points will be allocate where no evidence is providedScore of 5 points will be allocated if substantiating evidence is partially addressing the required functionality Score of 8 points will be allocated if substantiating evidence is fully addressing the required functionality Score of 10 points will be allocated if evidence offers exceeds the required functionality Score calculation:Score = sum of (a) to (j) = % Performance100%SITE VISIT Bidders which successfully obtain the minimum threshold for THE POC (Proof of Concept) of 80% or higher will be requested to arrange a physical site visit at an implemented SOCC that the bidder is responsible for. INSTRUCTION AND EVALUATION CRITERIAAll of the Site Visit requirements must be demonstrated in full. Evaluation per requirement. The evaluation (scoring) of bidders’ responses for Site Visit requirements will be determined by the completeness, relevance and accuracy of demonstration. Site Visit demonstration of Technical Mandatory requirements will be evaluated Weighting of requirements: The full scope of Site Visit on the technical functionality requirements will be determined by the following weights:No.Site Visit requirements (technical functionality)Weighting1.Site Visit requirements100%TOTAL100 %Minimum threshold. To be eligible to proceed to the next stage of the evaluation, the bidder must, For the Site Visit for the Technical Functionality requirements achieve a minimum aggregate threshold score of 80%SITE VISIT REQUIREMENTSEvidence and evaluation criteria(used to evaluate bid)WeightingFUNCTIONALITYThe product/solution must perform –Data collection - Gathering and processing of complex event sequences with AI-powered investigation engine to make sense of alerts, and reduce false positive triggers against normal activities within near real-time;Data services - Powered by artificial intelligence investigation engine to gather and process complex events; andService integration - To enable multi-vector threat detection in networks, systems, cloud.Workflow Automation - Facilitate automated, semi-automated and manual task workflows.Knowledge base automation / Use of Playbooks - Use playbooks to resolve incidents with most up to date information possible when working with an incident.Threat intelligence- Threats are presented in the system that is understandable, with prioritisation and actionability.Analytics - Combining incident, threat and vulnerabilities to provide a full kill-chain view of an attack, with real-time search capabilityFull kill-chain view of an attack - Defending against malware, stopping security breaches by combining incident, threat and vulnerabilities to, provide a full kill-chain view of an attackDemonstrate the SOCC solution multi-tenant capabilities - without a requirement for separate installation of the SOCC core solution.SOCC Facility, visual monitoring walk through – with enclosed/zoned facility, access control and isolated visual monitoring per client(s).Provide product indicating how the proposed solution meets the applicable requirements/functionalities.SITA Technical Evaluation Team Scoring Table:#Score AllocationScore(a)0,5,8,10(b)0,5,8,10(c)0,5,8,10(d)0,5,8,10(e)0,5,8,10(f)0,5,8,10(g)0,5,8,10(h)0,5,8,10(i)0,5,8,10(j)0,5,8,10Total100Score Allocation:Score of 0 points will be allocate where no evidence is providedScore of 5 points will be allocated if substantiating evidence is partially addressing the required functionality Score of 8 points will be allocated if substantiating evidence is fully addressing the required functionality Score of 10 points will be allocated if evidence offers exceeds the required functionality Score calculation:Score = sum of (a) to (j) = % Performance100%SPECIAL CONDITIONS OF CONTRACT (SCC)SPECIAL CONDITIONS OF CONTRACTINSTRUCTIONThe successful supplier will be bound by Government Procurement: General Conditions of Contract (GCC) as well as this Special Conditions of Contract (SCC), which will form part of the signed contract with the successful Supplier. However, SITA reserves the right to include or waive the condition in the signed contract.SITA reserves the right to –Negotiate the conditions, orAutomatically disqualify a bidder for not accepting these conditions. In the event that the bidder qualifies the proposal with own conditions, and does not specifically withdraw such own conditions when called upon to do so, SITA will invoke the rights reserved in accordance with subsection REF _Ref455588837 \n \h \* MERGEFORMAT 8.2(2) above.The bidder must complete the declaration of acceptance as per section REF _Ref455338474 \w \h \* MERGEFORMAT 8.4 below by marking with an “X” either “ACCEPT ALL” or “DO NOT ACCEPT ALL”, failing which the declaration will be regarded as “DO NOT ACCEPT ALL” and the bid will be disqualified.SPECIAL CONDITIONS OF CONTRACTCONTRACTING CONDITIONSFormal Contract. The Supplier must enter into a formal written Contract (Agreement) with SITA (internal). Right of Award. SITA reserves the right to award the contract for required goods or services to multiple Suppliers.Right to Audit. SITA reserves the right, before entering into a contract, to conduct or commission an external service provider to conduct a financial audit or probity to ascertain whether a qualifying bidder has the financial wherewithal or technical capability to provide the goods and services as required by this tender.DELIVERY ADDRESS. The supplier must deliver the required products or services The physical locations as specified in section 2.2.SCOPE OF WORK AND DELIVERY SCHEDULEThe Supplier is responsible to perform the work as outlined in Scope of work specified in section 2.1.SERVICES AND PERFORMANCE METRICSThe Supplier is responsible to provide the following services as specified in the Service Breakdown Structure (SBS). A call centre in support of the technologies deployed and supported by the bidder for the SOCC solution: SBSService ElementService LevelCall Centre24h x 7days x 52weeksIncident ResponseMaximum 1 hours A response time of one (1) hour on all calls logged for support is to be adhered to (response time refers to the time that elapses from a call is logged with the supplier until receipt of the call is officially acknowledged, normally by providing a call reference number.Incident RestoreMaximum 4 hoursA resolve time of four (4) hours on all calls logged for support is to be adhered to (resolve time refers to the time that elapses from a call is logged with the supplier until the call is resolved – resolve time includes response time).Service availability98% AvailabilityThis is a 24h x 7days x 52weeks service and it is therefore required that this system is supported on this basis.All Preventative, Corrective maintenance must be preapproved and follow the formal SITA change process.SUPPLIER PERFORMANCE REPORTINGBidders are required to meet with SITA and provide implementation/project plan and scope of work before commencing with any work.Bidders are required to submit full or all documentation upon completion of the project.Definitions of maintenance versus professional services:LICENSE MAINTENANCEMaintenanceKeep system operating according to agreed standardsTrouble shooting / investigationImplement standard system upgradesIdentify root causeApply standard OEM suggested patch or fix existing base Implement permanent fixService level related as per requirements as in point (4) aboveNegotiated time linesPROFESSIONAL SERVICEMaintenanceSupportKeep system operating according to baseline Trouble shooting / investigationIdentify root causeOEM to develop a patch or Custom development to be done in system by vendorApply standard OEM suggested patch or fix existing base Implement Permanent fixCERTIFICATION, EXPERTISE AND QUALIFICATIONThe Supplier represents that, it has the necessary expertise, skill, qualifications and ability to undertake the work required in terms of the Statement of Work or Service Definition;it is committed to provide the Products or Services; andperform all obligations detailed herein without any interruption to the Customer.The Supplier must provide the service in a good and workmanlike manner and in accordance with the practices and high professional standards used in well-managed operations;The Supplier must perform the Services in the most cost-effective manner consistent with the level of quality and performance as defined in Statement of Work or Service Definition;SITA reserves the right to verify if the OSM/OEM partnership is valid at time of contracting.Original Equipment Manufacturer (OEM) or Original Software Manufacturer (OSM) work. The Supplier must ensure that work or service is performed by a person who is certified by Original Equipment Manufacturer or Original Software Manufacturer.LOGISTICAL CONDITIONSHours of work. The hours will be normal working days, 07h00 am to 17h00 pm, unless instructed by SITA to work outside normal working hours which will be arranged by SITA personnel.In the event that SITA grants the Supplier permission to access SITA's Environment including hardware, software, internet facilities, data, telecommunication facilities and/or network facilities remotely, the Supplier must adhere to SITA's relevant policies and procedures (which policy and procedures are available to the Supplier on request) or in the absence of such policy and procedures, in terms of, best industry practice.Tools of Trade. The Supplier must supply its own tools of trade.On-site and Remote Support. The Supplier must provide both on-site and remote support (Skype/TeamViewer session and Telephone support) 365, 24 hours a day, seven days a week.Support and Help Desk. The Supplier must provide service portal that provide SITA staff access to information relating to the service support 365, 24 hours a day, seven days a week.SKILLS TRANSFER AND TRAININGThe Supplier must provide training on the proposed solution or product to technical staff to enable SITA to operate and support the product or solution after implementation.The nature of the training must be REGULATORY, QUALITY AND STANDARDSThe Supplier must for the duration of the contract ensure compliance with ISO/IEC General Quality Standards, ISO27001, and Protection of Personal Information Act (POPIA).PERSONNEL SECURITY CLEARANCEThe Supplier personnel who are required to work with information related to NATIONAL SECURITY must have a valid South African security clearance or must apply within 30 days of the signed contract for a security clearance to the level of SECRET at the expense of the Supplier from the South African State Security Agency or duly authorised Personnel Security Vetting entity of SA Government.The Supplier personnel who are required to work with GOVERNMENT CLASSIFIED information or access government RESTRICTED areas must be a South African Citizen and at the expense of the Supplier be security vetted (pre-employment screening, criminal record screening and credit screening).The Supplier must ensure that the security clearances of all personnel involved in the Contract remain valid for the period of the contract.CONFIDENTIALITY AND NON-DISCLOSURE CONDITIONSThe Supplier, including its management and staff, must before commencement of the Contract, sign a non-disclosure agreement regarding Confidential Information.Confidential Information means any information or data, irrespective of the form or medium in which it may be stored, which is not in the public domain and which becomes available or accessible to a Party as a consequence of this Contract, including information or data which is prohibited from disclosure by virtue of:the Promotion of Access to Information Act, 2000 (Act no. 2 of 2000);being clearly marked "Confidential" and which is provided by one Party to another Party in terms of this Contract;being information or data, which one Party provides to another Party or to which a Party has access because of Services provided in terms of this Contract and in which a Party would have a reasonable expectation of confidentiality;being information provided by one Party to another Party in the course of contractual or other negotiations, which could reasonably be expected to prejudice the right of the non-disclosing Party;being information, the disclosure of which could reasonably be expected to endanger a life or physical security of a person;being technical, scientific, commercial, financial and market-related information, know-how and trade secrets of a Party;being financial, commercial, scientific or technical information, other than trade secrets, of a Party, the disclosure of which would be likely to cause harm to the commercial or financial interests of a non-disclosing Party; andbeing information supplied by a Party in confidence, the disclosure of which could reasonably be expected either to put the Party at a disadvantage in contractual or other negotiations or to prejudice the Party in commercial competition; orinformation the disclosure of which would be likely to prejudice or impair the safety and security of a building, structure or system, including, but not limited to, a computer or communication system; a means of transport; or any other property; or a person; methods, systems, plans or procedures for the protection of an individual in accordance with a witness protection scheme; the safety of the public or any part of the public; or the security of property; information the disclosure of which could reasonably be expected to cause prejudice to the defence of the Republic; security of the Republic; or international relations of the Republic; or plans, designs, drawings, functional and technical requirements and specifications of a Party, but must not include information which has been made automatically available, in terms of the Promotion of Access to Information Act, 2000; and information which a Party has a statutory or common law duty to disclose or in respect of which there is no reasonable expectation of privacy or confidentiality;Notwithstanding the provisions of this Contract, no Party is entitled to disclose Confidential Information, except where required to do so in terms of a law, without the prior written consent of any other Party having an interest in the disclosure;Where a Party discloses Confidential Information which materially damages or could materially damage another Party, the disclosing Party must submit all facts related to the disclosure in writing to the other Party, who must submit information related to such actual or potential material damage to be resolved as a dispute;Parties may not, except to the extent that a Party is legally required to make a public statement, make any public statement or issue a press release which could affect another Party, without first submitting a written copy of the proposed public statement or press release to the other Party and obtaining the other Party's prior written approval for such public statement or press release, which consent must not unreasonably be withheld.GUARANTEE AND WARRANTIES. The Supplier warrants that:The warranty of goods supplied under this contract remains valid for twelve (12) months after the goods, or any portion thereof as the case may be, have been delivered to and accepted at the final destination indicated in the contract, or for eighteen (18) months after the date of shipment from the port or place of loading in the source country, whichever period concludes earlier;as at Commencement Date, it has the rights, title and interest in and to the Product or Services to deliver such Product or Services in terms of the Contract and that such rights are free from any encumbrances whatsoever; the Product is in good working order, free from Defects in material and workmanship, and substantially conforms to the Specifications, for the duration of the Warranty period;during the Warranty period any defective item or part component of the Product be repaired or replaced within three (3) days after receiving a written notice from SITA;the Products is maintained during its Warranty Period at no expense to SITA; the Product possesses all material functions and features required for SITA’s Operational Requirements;the Product remains connected or Service is continued during the term of the Contract;all third-party warranties that the Supplier receives in connection with the Products including the corresponding software and the benefits of all such warranties are ceded to SITA without reducing or limiting the Supplier’s obligations under the Contract;no actions, suits, or proceedings, pending or threatened against it or any of its third-party suppliers or sub-contractors that have a material adverse effect on the Supplier’s ability to fulfil its obligations under the Contract exist; SITA is notified immediately if it becomes aware of any action, suit, or proceeding, pending or threatened to have a material adverse effect on the Supplier’s ability to fulfil the obligations under the Contract;any Product sold to SITA after the Commencement Date of the Contract remains free from any lien, pledge, encumbrance or security interest;SITA’s use of the Product and Manuals supplied in connection with the Contract does not infringe any Intellectual Property Rights of any third party; the information disclosed to SITA does not contain any trade secrets of any third party, unless disclosure is permitted by such third party;it is financially capable of fulfilling all requirements of the Contract and that the Supplier is a validly organized entity that has the authority to enter into the Contract; it is not prohibited by any loan, contract, financing arrangement, trade covenant, or similar restriction from entering into the Contract;the prices, charges and fees to SITA as contained in the Contract are at least as favourable as those offered by the Supplier to any of its other customers that are of the same or similar standing and situation as SITA; andany misrepresentation by the Supplier amounts to a breach of Contract. INTELLECTUAL PROPERTY RIGHTS SITA retains all Intellectual Property Rights in and to SITA's Intellectual Property. As of the Effective Date, the Supplier is granted a non-exclusive license, for the continued duration of this Contract, to perform any lawful act including the right to use, copy, maintain, modify, enhance and create derivative works of SITA's Intellectual Property for the sole purpose of providing the Products or Services to SITA pursuant to this Contract; provided that the Supplier must not be permitted to use SITA's Intellectual Property for the benefit of any entities other than SITA without the written consent of SITA, which consent may be withheld in SITA's sole and absolute discretion. Except as otherwise requested or approved by SITA, which approval is in SITA's sole and absolute discretion, the Supplier must cease all use of SITA's Intellectual Property, at of the earliest of: termination or expiration date of this Contract; the date of completion of the Services; and the date of rendering of the last of the Deliverables. If so required by SITA, the Supplier must certify in writing to SITA that it has either returned all SITA Intellectual Property to SITA or destroyed or deleted all other SITA Intellectual Property in its possession or under its control.SITA, at all times, owns all Intellectual Property Rights in and to all Bespoke Intellectual Property. Save for the license granted in terms of this Contract, the Supplier retains all Intellectual Property Rights in and to the Supplier’s pre-existing Intellectual Property that is used or supplied in connection with the Products or Services.TARGETED PROCUREMENT/TRANSFORMATIONSITA, in terms of the PPPFA Regulation 2017 section 4(1), has an obligation to advance certain designated groups for the supply of certain ICT goods or services. The following criteria applies for this tender/bid/quotation:This tender/bid/quotation shall be for the exclusive participation of bidders?? with a B -BBEE status Level One (1) to Four (4). Bidders will not be allowed to dilute their minimum B-BBEE Level four (4) through joint ventures, consortiums and subcontracting.This implies that the bidder may not enter into a joint venture, consortium agreement or subcontracting agreement with any supplier that does not have minimum B -BBEE status Level four (4).? The successful tenderer must subcontract a minimum of 30% of the value of the contract (Maintenance & Support, Training and Professional services components) to EME or QSE; which is at least 51% owned by black people, or to EMEs and/or QSEs which are at least 51% owned by black women and/or to an EME or QSE which is at least 51% owned by black youth.SUPPLIER DUE DILIGENCESITA reserves the right to conduct supplier due diligence prior to final award or at any time during the Contract period and this may include pre-announced/ non-announced site visits. During the due diligence process the information submitted by the bidder will be verified and any misrepresentation thereof may disqualify the bid or Contract in whole or parts thereof.DECLARATION OF ACCEPTANCEACCEPT ALLDO NOT ACCEPT ALLThe bidder declares to ACCEPT ALL the Special Condition of Contract as specified in section REF _Ref455589162 \w 8.3 above by indicating with an “X” in the “ACCEPT ALL” column, ORThe bidder declares to NOT ACCEPT ALL the Special Conditions of Contract as specified in section REF _Ref455589162 \w 8.3 above by - Indicating with an “X” in the “DO NOT ACCEPT ALL” column, and;Provide reason and proposal for each of the conditions that is not accepted. Comments by bidder:Provide reason and proposal for each of the conditions not accepted as per the format:Condition Reference:Reason:Proposal:VALUE PROPOSITION AND PRICINGCOSTING AND PRICING EVALUATIONIn terms of Preferential Procurement Policy Framework Act (PPPFA), the following preference point system is applicable to all Bids:the 80/20 system (80 Price, 20 B-BBEE) for requirements with a Rand value of up to R50 000 000 (all applicable taxes included); or the 90/10 system (90 Price and 10 B-BBEE) for requirements with a Rand value above R50 000 000 (all applicable taxes included).This bid will be evaluated using the preferential point systems of 80/20 or 90/10, subject to the following conditions –If the lowest acceptable bid price is up to and including R50 000 000 (all applicable taxes included) then the 80/20 preferential point system will apply to all acceptable bids; or If the lowest acceptable bid price is above R50 000 000 (all applicable taxes included) then the 90/10 preferential point system will apply to all acceptable bids;The bidder must complete the declaration of acceptance as per section REF _Ref455597629 \w \* MERGEFORMAT 9.4 below by marking with an “X” either “ACCEPT ALL”, or “DO NOT ACCEPT ALL”, failing which the declaration will be regarded as “DO NOT ACCEPT ALL” and the bid will be disqualified. Bidder will be bound by the following general costing and pricing conditions and SITA reserves the right to negotiate the conditions or automatically disqualify the bidder for not accepting these conditions. These conditions will form part of the Contract between SITA and the bidder. However, SITA reserves the right to include or waive the condition in the Contract.COSTING AND PRICING CONDITIONSThe bidder must submit the Pricing Schedule(s) in the attached Excel spreadsheet provided as well as the relevant enclosed Standard Bidding Document SBD 3.1, 3.2 or 3.3.SOUTH AFRICAN PRICING. The total price must be VAT inclusive and be quoted in South African Rand (ZAR).TOTAL PRICEAll quoted prices are the total price for the entire scope of required services and deliverables to be provided by the bidder.The cost of delivery, labour, S&T, overtime, and OEM call out costs etc. must be included in this bid.All additional costs must be clearly specified.SITA reserves the right to negotiate pricing with the successful bidder prior to the award as well as envisaged quantities.BID EXCHANGE RATE CONDITIONSThe bidders must use the exchange rate provided below to enable SITA to compare the prices provided by using the same exchange rate:Foreign currencySouth African Rand (ZAR) exchange rate 1 US Dollar14,151 Euro16,681 Pound19,49RATE OF EXCHANGE PRICING INFORMATIONProvide the TOTAL BID PRICE for the duration of Contract and clearly indicate the Local Price and Foreign Price, where –Local Price means the portion of the TOTAL price that is NOT dependent on the Foreign Rate of Exchange (ROE) and;Foreign Price means the portion of the TOTAL price that is dependent on the Foreign Rate of Exchange (ROE).Exchange Rate means the ROE (ZA Rand vs foreign currency) as determined at time of bid.DECLARATION OF ACCEPTANCEACCEPT ALLDO NOT ACCEPT ALLThe bidder declares to ACCEPT ALL the Costing and Pricing conditions as specified in section 9.2 above by indicating with an “X” in the “ACCEPT ALL” column, orThe bidder declares to NOT ACCEPT ALL the Costing and Pricing Conditions as specified in section REF _Ref455341462 \w \h \* MERGEFORMAT 9.3 above by - Indicating with an “X” in the “DO NOT ACCEPT ALL” column, and;Provide reason and proposal for each of the condition not accepted. Comments by bidder:Provide the condition reference, the reasons for not accepting the condition.DECLARATION OF ACCEPTANCE FOR PROTECTION OF PERSONAL INFORMATION ACTALLOWDENIEDThe bidder declares consent to ALLOW SITA to process personal identifiable information “X” in the “ACCEPT ALL” column, orThe bidder declares consent to DENIED SITA to process personal identifiable information. Indicating with an “X” in the “DENIED”, and;Provide reason the “DENIED” condition. Comments by bidder:Provide the condition reference, the reasons for not accepting the condition.SBD 3.1PRICING SCHEDULE – FIRM PRICES(PURCHASES)NOTE:ONLY FIRM PRICES WILL BE ACCEPTED. NON-FIRM PRICES (INCLUDING PRICES SUBJECT TO RATES OF EXCHANGE VARIATIONS) WILL NOT BE CONSIDEREDIN CASES WHERE DIFFERENT DELIVERY POINTS INFLUENCE THE PRICING, A SEPARATE PRICING SCHEDULE MUST BE SUBMITTED FOR EACH DELIVERY POINT Name of bidder: …………………………………………………………Bid number: Closing Time: 11:00 Closing date: OFFER TO BE VALID FOR 90 DAYS FROM THE CLOSING DATE OF BID._______________________________________________________________________________ITEMQUANTITYDESCRIPTIONBID PRICE IN RSA CURRENCYNO. ** (ALL APPLICABLE TAXES INCLUDED)_______________________________________________________________________________Required by: THE STATE INFORMATION TECHNOLOGY AGENCY SOC LTD-At:459 Tsitsa Street Erasmuskloof-Does the offer comply with the specification(s)?*YES/NOIf not to specification, indicate deviation(s)………………………………….Period required for delivery………………………………….*Delivery: Firm/not firmDelivery basis ……………………………………Note:All delivery costs must be included in the bid price, for delivery at the prescribed destination.** “all applicable taxes” includes value- added tax, pay as you earn, income tax, unemployment insurance fund contributions and skills development levies.*Delete if not applicableSBD 3.2PRICING SCHEDULE – NON-FIRM PRICES(PURCHASES)NOTE: PRICE ADJUSTMENTS WILL BE ALLOWED AT THE PERIODS AND TIMES SPECIFIED IN THE BIDDING DOCUMENTS. IN CASES WHERE DIFFERENT DELIVERY POINTS INFLUENCE THE PRICING, A SEPARATE PRICING SCHEDULE MUST BE SUBMITTED FOR EACH DELIVERY POINT Name of Bidder: ……………………………………………………………Bid number: Closing Time 11:00Closing date: OFFER TO BE VALID FOR ……… DAYS FROM THE CLOSING DATE OF BID.________________________________________________________________________________ITEM QUANTITYDESCRIPTIONBID PRICE IN RSA CURRENCYNO.**(ALL APPLICABLE TAXES INCLUDED) ________________________________________________________________________________Required by: THE STATE INFORMATION TECHNOLOGY AGENCY SOC LTD-At:459 Tsitsa StreetBrand and modelErasmuskloof-Does the offer comply with the specification(s)?*YES/NOIf not to specification, indicate deviation(s)………………………………………….Period required for delivery………………………………………….-Delivery: *Firm/not firm** “all applicable taxes” includes value- added tax, pay as you earn, income tax, unemployment insurance fund contributions and skills development levies.*Delete if not applicableSBD 3.3PRICING SCHEDULE(Professional Services)NAME OF BIDDER: ………………………………………………………………BID NO:CLOSING TIME: 11:00 CLOSING DATE: OFFER TO BE VALID FOR ………… DAYS FROM THE CLOSING DATE OF BID._______________________________________________________________________________________ITEM DESCRIPTIONBID PRICE IN RSA CURRENCYNO**(ALL APPLICABLE TAXES INCLUDED)_______________________________________________________________________________________1.The accompanying information must be used for the formulationof proposals.2.Bidders are required to indicate a ceiling price based on the totalestimated time for completion of all phases and including allexpenses inclusive of all applicable taxes for the project. R………..…………………………………………………...3.PERSONS WHO WILL BE INVOLVED IN THE PROJECT AND RATES APPLICABLE (CERTIFIED INVOICES MUST BE RENDERED IN TERMS HEREOF)4.PERSON AND POSITIONHOURLY RATEDAILY RATE-----------------------------------------------------------------R-------------------------------------------------------------------------------------------------------R-------------------------------------------------------------------------------------------------------R--------------------------------------5.PHASES ACCORDING TO WHICH THE PROJECT WILL BECOMPLETED, COST PER PHASE AND MAN-DAYS TO BE SPENT-----------------------------------------------------------------R---------------------------------------- days-----------------------------------------------------------------R---------------------------------------- days-----------------------------------------------------------------R---------------------------------------- days-----------------------------------------------------------------R---------------------------------------- days5.1Travel expenses (specify, for example rate/km and total km, classof air-travel, etc). Only actual costs are recoverable. Proof of theexpenses incurred must accompany certified invoices.DESCRIPTION OF EXPENSE TO BE INCURREDRATEQUANTITYAMOUNT…………………………………………………………………………………………………..R………………….…………………………………………………………………………………………………..R………………….…………………………………………………………………………………………………..R………………….…………………………………………………………………………………………………..R………………….TOTAL: R………………………..**” all applicable taxes” includes value- added tax, pay as you earn, income tax, unemployment insurance fund contributions and skills development levies.5.2Other expenses, for example accommodation (specify, e.g. Threestar hotel, bed and breakfast, telephone cost, reproduction cost,etc.). On basis of these particulars, certified invoices will be checkedfor correctness. Proof of the expenses must accompany invoices.DESCRIPTION OF EXPENSE TO BE INCURREDRATEQUANTITYAMOUNT…………………………………………………………………………………………………..R…………………..…………………………………………………………………………………………………..R…………………..…………………………………………………………………………………………………..R…………………..…………………………………………………………………………………………………..R…………………..TOTAL: R………………………….6.Period required for commencement with project afteracceptance of bid………………………………………………………………7.Estimated man-days for completion of project……………………………………………………………….8.Are the rates quoted firm for the full period of contract?*YES/NO 9.If not firm for the full period, provide details of the basis on whichadjustments will be applied for, for example consumer price index.……………………………………………………………….……………………………………………………………….……………………………………………………………….………………………………………………………………. *[DELETE IF NOT APPLICABLE]TECHNICAL SCHEDULESTechnical SchedulesInclude the schedules that that are referenced in the technical specifications sections.LOCATION SCHEDULEEQUIPMENT AND QUANTITY SCHEDULESOLUTION ARCHITECTURESERVICES AND PERFORMANCE SCHEDULEPROJECT AND DELIVERY SCHEDULE Terms and definitionsABBREVIATIONSEPSevents per secondDNSdomain naming serviceDHCPdynamic host configuration protocolICTInformation and Communication TechnologyOEMOriginal Equipment ManufacturerPPPFAPreferential Procurement Policy Framework ActSIEMSecurity Incident and Event MonitoringSOCCSecurity Operations Centre CapabilityVPNVirtual Private NetworksDEFINITIONSTerms and DefinitionsDescriptionPay-As-You-Use model (PAYU)Is a model commonly used for cloud services that encompasses both subscription-based and consumption-based models, and is different from traditional IT cost models that requires up-front capital expenditures for hardware and software. Platinum level equivalent service providerBe registered OEM provider capable to provide 24/7/365 support to service a minimum of 80,000 events per second. A supplier which is certified in the SOC Service Technologies and is an authorised Platinum level equivalent service provider, certified by the OEM to implement, support and maintain the solution.Security Incident and Event MonitoringSecurity Incident and Event Monitoring provides correlated real time analysis of events generated by different network devices and applications on the network. It help organizations detect and mitigate security breaches and to comply with relevant regulationsANNEX B BIDDER SUBSTANTIATING EVIDENCEMANDATORY REQUIREMENT EVIDENCE BIDDER CERTIFICATION / AFFILIATION REQUIREMENTSAttach a copy of documentation (valid certificate or, letter) indicating OSM/OEM partner, or reseller (Platinum level equivalent service provider) status to provide Security Operations Centre Capability (SOCC) services here. ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download