RFP For ISO 20000 Service Desk Implementation-Final-backup

SIDF
ISO 20000:2011 (SMS), Service Desk

Tool and Service Center Team
Implementation and Certification
Request For Proposal (RFP)
SIDF/ITD/SMS/02/01
Version 1.0
04-09-1433H (23-07-2012G)
1.0 Document SIDF/ITD/SMS/02/01
Version
RESTRICTED
Date 04-09-1433H(23-07-2012G) Owner ITD/CQD
Document Control
Revision History
Prepared Reviewed Approved Owner Version Date of Date of

/ Updated By By Approval Implementation
By
Harun Marwan Fahad SIDF/ITD/CQD/ 1.1 04/09/1433 H 04/09/1433 H
Rashid Al-Saleem Al-Mawash IT Security 23/07/2012 G 23/07/2012 G
Bhaijee
Changes made (from previous version)
N/A
Related Artifacts
Sr. No Related Artifacts
Copyrights @ SIDF, All rights reserved

The material or any portion of it may not be copied in any form or by any means without the express prior written permission of the
SIDF, Riyadh KSA.
The information in this document is subject to change without notice. If you find any problem in the documentation, please report
them in writing. SIDF does not warrant that this document is error-free.
ISO 20000:2011 (SMS), Service Desk Tool Implementation and Certification Request For Proposal Page 2 of 53
Copyright 2012 SIDF. All rights reserved. Unauthorized copy or use of this document is strictly prohibited
Version
RESTRICTED
Table of Contents
Abbreviations Used ................................................................................................................. 5

1. Introduction .................................................................................................................... 6
1.1. Overview ........................................................................................................................ 6
1.2. Purpose of the Tender Specification .............................................................................. 6
1.3. Term of the Contract ...................................................................................................... 6
1.4. Subcontracting ................................................................................................................ 6
1.5. Confidentiality................................................................................................................ 7
1.6. Discharge of Liability..................................................................................................... 7
1.7. Preparation of Responses ............................................................................................... 7
1.8. Contract .......................................................................................................................... 8
2. Business Background ..................................................................................................... 9
2.1. SIDF Information Technology Department (ITD) ......................................................... 9
2.1.1. Application Development Division:............................................................................... 9
2.1.2. User Support Division: ................................................................................................... 9
2.1.3. Technical Support Division:........................................................................................... 9
2.1.4. Consulting & Quality Division: ................................................................................... 10
2.2. Current and Expected Future Environment .................................................................. 10
2.3. Current processes ......................................................................................................... 11
2.4. Current Help Desk Software Used ............................................................................... 12
2.5. Purpose of RFP and Project (Project Objectives) ........................................................ 13
3. Scope of Work.............................................................................................................. 15
3.1. Service Desk Tool Requirement ............................................................................... 15
3.2. Bar Code Requirements ............................................................................................ 30
4. Detailed Response Requirements ................................................................................. 31
4.1. Executive Summary ..................................................................................................... 31
4.2. Scope and Delivery Approach...................................................................................... 31
4.3. Project Management Approach .................................................................................... 33
4.4. Deliverables .................................................................................................................. 33
4.5. Assumptions: ................................................................................................................ 35
4.6. Detailed and Itemized Pricing ...................................................................................... 36
4.7. References .................................................................................................................... 37
4.8. Project Team Staffing................................................................................................... 37
4.9. Company Overview...................................................................................................... 37
Version
RESTRICTED
4.10. Support ......................................................................................................................... 38

4.11. Hardware ...................................................................................................................... 38
4.12. Additional Requirements (Optional) ............................................................................ 38
4.13. Proposal Format and Structure ..................................................................................... 38
5. Project Management Requirements ............................................................................. 39
5.1. Project Plan .................................................................................................................. 39
5.2. Project Organization ..................................................................................................... 39
6. Vendor Requirements ................................................................................................... 40
6.1. Supplier Profile ............................................................................................................ 40
6.2. Organization ................................................................................................................. 40
6.3. Location ........................................................................................................................ 40
6.4. Experience .................................................................................................................... 40
6.5. Growth .......................................................................................................................... 41
6.6. Other Information ......................................................................................................... 41
7. Selection Process .......................................................................................................... 42
7.1. Objective ...................................................................................................................... 42
7.2. Timetable...................................................................................................................... 42
7.3. Selection Criteria .......................................................................................................... 42
7.4. Evaluation Criteria ....................................................................................................... 43
8. Related ITD Services / Processes Details .................................................................... 45
8.1. ITD Services ................................................................................................................. 45
8.2. Security policies and procedures in place .................................................................... 45
8.3. Policies and procedures not fully developed ................................................................ 46
8.4. Related Systems Issues................................................................................................. 47
8.4.1. Hardware Environment ................................................................................................ 47
8.4.2. Network Environment .................................................................................................. 49
8.4.3. Software Environment.................................................................................................. 49
9. General Instructions ..................................................................................................... 50
9.1. Deadline for submission of proposals: ..................................................................... 50
9.2. Date of Opening of envelopes .................................................................................. 50
9.3. Validity of proposals ................................................................................................ 50
9.4. Points of Contact ...................................................................................................... 50
9.5. Proposals are to be addressed to ............................................................................... 51
9.6. Governing Law ......................................................................................................... 51
Version
RESTRICTED
9.7. Documentation and information required to be submitted by vendors .................... 51
Abbreviations Used
ADD Application Development Division

CAB Change Advisory Board
CI Configuration Item
CMDB Configuration Management Database
CMMI Capability Maturity Model Integration
CQD Consulting & Quality Management Division
DLP Data Leakage Prevention
GUI Graphical User Interface
ITD Information Technology Department
ITIL Information Technology Infrastructure Library
ITSM Information Technology Service Management
KB Knowledgebase
KPI Key Performance Indicator
OLA Operational Level Agreement
OOB Out Of Box
PIR Post Implementation Review
RACI Matrix Responsibility, Accountability, Consulted, Informed Matrix
RFP Request For Proposal
SIDF Saudi Industrial Development Fund
SIEM Security Incident Event Management
SLA Service Level Agreement
SMS Service Management System
SR Saudi Riyal
TL Team Leader
TSD Technical Support Division
TTP Transfer To Production
USD User Support Division
WBS Work Breakdown Structure
Version
RESTRICTED
1. Introduction
1.1. Overview
The Saudi Industrial Development Fund (SIDF), wholly owned by the Government of Saudi
Arabia and affiliated to the Ministry of Finance, is an independent institution established by
Royal Decree No. M/3 on 26 Safar 1394 H (20 March 1974). SIDF aims at supporting the
private industrial development in the Saudi economy through:
1. Provision of medium and long-term soft loans to private industrial projects

newly established in the Kingdom.
2. Provision of medium and long-term soft loans to existing private industrial

projects to help them expand their objectives, replace machinery and equipment,
and introduce modern technologies.
3. Provision of economic, technical, administrative, financial and marketing advice

to industrial institutions in the Kingdom.
1.2. Purpose of the Tender Specification

This Request for Proposal (RFP) is in response to Saudi Industrial Development Fund's
(SIDF) needs and contains specific requirements to be met by the vendors proposed service.
The objective of this RFP is to seek proposals to perform an Implementation of the standard
ISO 20000:2011(SMS) based on the ITIL v3 Framework. SIDF aims to implement the
standard and achieve the certification within the timeframe of this project. The other major
components of the project are the successful implementation of a Service Desk Tool (Full
Information Technology Service Management (ITSM)/Service Management System (SMS)
compliance), automation of ITD services/processes and to aid in the formation of a Service
Desk Team.
1.3. Term of the Contract

The Contractor shall carry out all Contractual works within the agreed upon time frame. The
time required for provision of the contract requirements is considered a part within the term
of the Contract.
1.4. Subcontracting
The awarded Contracted Party shall neither subcontract the execution, entirely or in part, of
the works and services the subject of the Contract, nor subcontract, unless the Contract is
otherwise provided, execute part of the works or services without written consent of SIDF.
Such SIDF consent shall not discharge the vendors of his contractual liabilities and
Version
RESTRICTED
obligations, and the vendors shall remain liable for any act, mistake or negligence committed
by any subcontractor, his agents, employees or workers.
1.5. Confidentiality
This RFP, plus any other documents released, information provided, discussions held, etc.,
as part of the selection process, are strictly confidential and should not be divulged to anyone
who is not directly involved in preparation of the response. Additionally, all information
within this RFP or gained during the response to RFP phase should be treated as confidential
by the vendor. No information or publicity will be allowed to any third party unless specific
written authorization is obtained from SIDF.
It is a condition of this RFP that the information provided herein is for the purpose of
allowing vendors to submit proposals to SIDF. It may not be used in any other context nor
revealed to any other party not directly involved in the submission of proposal.
1.6. Discharge of Liability

SIDF shall not be liable, whatsoever, to vender who shall acknowledge and accept the SIDF
decision of acceptance or rejection of the proposal, entirely or in part, is decisive and
irrevocable and the vendor is thus not entitled to claim for any compensation or damage,
whatsoever, as the purpose of all information provided in respect of RFP is to facilitate
assessment of the quotation submitted by the vender. SIDF shall not be liable for any
misinformation provided or modification made to the proposal during the term of the
Contract.
1.7. Preparation of Responses

The preparation and submission of the proposal shall be made without obligation to acquire
any items included in the proposal, or to discuss the reason why the proposal is accepted or
rejected. SIDF will notify the vendor of acceptance or rejection in writing.
The requirements specified in this RFP reflect those presently known. SIDF reserves the
right to vary, in detail, the final requirements.
SIDF will not be responsible for or pay any expense incurred in the preparation of any
proposal or in SIDF's evaluation of it.
SIDF may require that all or part of the successful proposal be included in the contracts.
All prices shall be consistently in Saudi Riyals (SR).
Respondents should provide a clause-by-clause response to the RFP as specified.
Version
RESTRICTED
General information, which is not specifically requested, should be attached separately and
clearly labeled "Supporting Material".
1.8. Contract
This document does not constitute an offer to sell, or a solicitation of an offer to purchase.
SIDF reserves the right to accept all or part of the proposal.
SIDF requires that contracts covering the provision of services requested in this RFP be
negotiated to the satisfaction of SIDF.
All vendors are required to acknowledge that they agree to the conditions set out in this
section.
It is required that the proposals be separated in two constituent parts. The 1st part should
contain the proposal to implement ISO 20000:2011. The 2nd part the acquisition and
implementation of a service desk tool according to the processes drawn up in part 1 and
acquisition and implementation of a Bar code system. The costs for both parts should also
be separated.
SIDF reserves the right to select an ISO 20000 implementer from one proposal and a tool
implementer from another proposal. It is incumbent on the two parties to agree on terms that
will suit them both. SIDF will only deal with the ISO 20000 implementer and they in turn
will deal with the tool implementer. The ISO 20000 implementer will be responsible for the
project management (planning, adhering to timelines, resource allocation etc) and for
SIDF obtaining the certification.
Version
RESTRICTED
2. Business Background
2.1. SIDF Information Technology Department (ITD)
ITD consists of four main Divisions and a newly created Project Management Office. The
four Divisions main objectives are as follows:
Establish and manage all divisional activities to provide professional level

services to the users.
Liaise with all departments to establish effective communications for
identifying business applications requirements to meet their objectives.
2.1.1. Application Development Division:

Some of its main objectives are:
Identify optimum ways to integrate departmental business needs, in order to
streamline fund operations.
Research, recommend and develop the necessary business applications to
support agreed objectives, within budget and to acceptable quality standards.
Re-engineer the legacy business applications to accommodate emerging
Information Technology trends.
2.1.2. User Support Division:

Support all users in their operational business applications.
Provide support to users for the maintenance and required enhancement of
operational business applications.
Assist and train users in current business applications.
Secure and maintain the integrity of corporate data.
2.1.3. Technical Support Division:

Research, evaluate and implement state of the art technologies as appropriate
to the Funds requirements.
Define and implement the necessary policies, standards and procedures to
ensure the security, integrity and availability of the Funds hardware, software
and data.
Provide and manage the technical environment and services to support the
objectives of the Fund and other divisions within the department.
Identify IT user training requirements and plans and co-ordinate with the
Human Resources-Training & Development Division.
Version
RESTRICTED
2.1.4. Consulting & Quality Division:

Provide chargeable Information Technology consultancy services, to the
Fund.
Ensure the quality of delivered business applications and services.
Liaise with other divisions within the department to develop and ensure
adherence to policies, standards and procedures.
Define and implement the necessary processes, policies, standards and
procedures to ensure the security, confidentiality, integrity and availability of
the Funds services.
Manage the Information Security Management System (ISO 27001).
Manage the Quality Management System (ISO 9001) (Being Implemented).
Research, evaluate and implement state of the art security technologies as
appropriate to the Funds requirements.
The ISO 20000:2011 Implementation project will be led by Consulting & Quality
Management Division (CQD) of Information Technology Department.
2.2. Current and Expected Future Environment

SIDF has one main building with a remote workshop (maintain SIDF housing units and
vehicles) and a remote Disaster Recovery site which are both connected to the Local Area
Network via leased lines. There are approximately 700 desktop users and approximately 30
users of the service desk tool.
The current scope of the project is ITD and its processes in line with ISO 20000:2011, with
all ITD related calls being logged.
SIDF has a Microsoft Enterprise Agreement, and is a CISCO based network environment
with Aruba for wireless network coverage. Various tools are used to monitor the status of
the network (See Section 8.4.2).
SIDF is planning on implementing a leading SIEM & DLP solution in 2012 which is
expected to integrate with the selected Service Desk tool.
SIDFs future vision is to move towards virtualization, so the selected Service Desk tool
should run under a virtual environment.
Version
RESTRICTED
2.3. Current processes

The following processes briefly document the step-by-step handling of an incoming
inquiry / complaint by the current SIDF ITD help desk.
USD - User Support Process
a) A Fund user generates a request for an issue by filling and submitting a User Support
Services form to the USD or through email for minor issues.
b) The User Support Manager will review and assign the request to one of the 3 User
Support Teams.
c) The assigned TL categorizes it as Bug / Issue or Enhancement / Modification.
d) If issue is related to Application and estimated to be greater than 50 man hour job, TL
forwards it to the ADD.
e) Then the TL assigns it to a USD Personnel who enters the issue in BMC-Remedy.
f) Assigned USD personnel changes status of the issue to Work in Progress, fixes the
issue and informs the requesting user about the fix through an email.
g) Then the fix is moved to the Testing Area where the User tests it and sends the
confirmation back to USD.
h) In case if the fix is not working as per the requirements of the user, he rejects it and
sends the confirmation back to the USD, who again works on it, fixes it and send it
back to him, until he approves the fix.
i) Once approved, the Issue is marked as Resolved in BMC-Remedy. The fix is moved
to the Production and TTP is sent to the requesting user.
j) After verification, the Issue is marked as Closed in BMC-Remedy.
k) The records of the help ticket, forwarding to another team, approval and review shall
be maintained.
TSD Help Ticket Process
a) A Fund user raises an issue by calling the Helpline number or sending an email to the
TSD relevant division. Alternatively a TSD personnel can raise a detected issue
proactively.
b) The assigned TSD division personnel enters the issue in BMC-Remedy and mark its
status as Assigned. Once he starts working on it he changes its status to Work in
Progress.
c) Team Leader categorizes it as an internal Issue or an external issue.
d) If the Issue is related to an external vendor, the Issue is forwarded to the External
Vendor who fixes the issue.
e) After receiving the fix from the external vendor, the issue is checked and verified by
TSD.
Version
RESTRICTED
f) Assigned TSD personnel verifies the fix and if the fix is working as per the
requirement, then he informs the requesting user about the fix through an email or a
phone call and marks the issue as Resolved in BMC-Remedy.
g) In case if the assigned TSD personnel finds that the fix is not working as per the
requirements, then he sends the issue back to the external vendor for fixing again.
h) In case if the issue is an internal issue then the assigned TSD personnel fixes the issue
and informs the requesting user about the fix through an email or a phone call and
marks the issue as Resolved in BMC-Remedy.
i) Then the requesting user tests the fix and approves/rejects it.
j) In case of rejection by the user, issue is sent back for fixing, either to the external
vendor or the assigned TSD personnel.
k) In case of approval by the user, assigned TSD personnel informs the TSD TL about
it.
l) After verification, TSD TL marks the issue as Closed in BMC-Remedy.
m) The records of the help ticket, forwarding to an external vendor, approval and review
shall be maintained.
2.4. Current Help Desk Software Used
Number of
Description
Licenses
Remedy Help Desk Application & Action Request Server v6.3 1
Remedy Help Desk User Floating 10
Action Request User Floating 10
Remedy Help Desk User Fixed 3
Version
RESTRICTED
2.5. Purpose of RFP and Project (Project Objectives)

The goals of this Implementation project are to provide SIDF and its users with the
following:
Identify the current state and the gaps with regards to the ISO/IEC
20000:2011(Service Management System) standard. Gaps should be highlighted
keeping in mind the current state and ideal future state based on current ITD
structure
Develop a road map with a listing of initiatives for ensuring that SIDF Service
Management System processes are effective and efficient and to ensure that they
cater to the needs of SIDF IT users. Process flow diagrams for the expected
approach aligned with ISO 20000:2011 and ITILv3.
Also, the road map should identify the gaps in terms of resources and training
required, and identify the roles and responsibilities along with RACI matrix
Implement an IT Service Management Process application to automate the relevant
ISO 20000:2011 SMS processes in compliance with the ITILv3 best practice
requirements (the service desk tool should be fully compliant with ITSM/SMS)
Enhance the IT Service organization in line with the ISO 20000:2011 requirements
Automate all SMS processes (ISO 20000:2011) using the recommended tool as part
of this project
Identify what KPIs are required
Automate 2 to 3 remaining processes out of scope of ISO 20000:2011 in line with
ITIL v3 and industry best practice whilst training an internal development team to
be able to effectively continue to automate all remaining processes
Full documentation for ISO 20000:2011 and ITILv3 related processes, forms,
templates, checklists, metrics and KPIs
Alignment of SIDF corporate strategy and IT services (better customer service and
customer satisfaction)
A framework for existing service improvement program and assist in building the
business cases for new programs in line with ISO 20000:2011 & ITIL v3
Demonstrate how ITD services really compare to best practices and best in breed
service providers
Help SIDF management by requiring ownership and responsibility at all levels of
the Service Management Systems processes
Reduced risk and thus reduced cost in using external service arrangements.
Integrate bar code system with service desk tool asset management.
Provide a comprehensive reporting facility with flexible categorization (e.g. by
staff, team, division, department, application, device, problem type etc) with
graphical and chart reporting types.
The vendor has to provide the services with minimum impact to the funds current systems
and networks. SIDF currently uses the industry leading service desk application BMC
Remedy v6.3 and will either upgrade or replace it as part of this project.
Version
RESTRICTED
IT Department (ITD) provides various support services to SIDF user departments. The
SIDF management aims to make these ITD services effective and efficient in line with the
ISO 20000:2011 standard so as to achieve the following benefits:
Continuous Process Improvement: Driven by senior management, focused on

critical process areas with explicit improvement goals
Customer Focus: Recognizing both internal and external customers and their
needs and providing value to the users of the services
Defect and Non-compliance prevention: Seeking to prevent non-conformance

issues arising with products and services early in the development cycle and being
proactively engaged in prevention
Universal responsibility: Recognizing that quality is not only the responsibility of

quality assurance teams or reviewers, but should be totally pervasive in all aspects
of the business, with everyone seeking ways to improve the quality of their own
products and services.
Reliable, consistent and cost-effective services, giving competitive advantage
Improve overall reputation and perception of IT
Shift the balance towards proactive processes
Improves inter-departmental relationships by giving clarity on who does what and

common goals
A framework for staff training for automation of service management.
Getting certified from third party certification body (ISO 20000:2011)
Reduce the time it takes to resolve a call
Provide intelligent and meaningful reporting to management
Measurable Key Performance Indicators.
Version
RESTRICTED
3. Scope of Work
The scope of the Implementation project will be the IT Department (ITD) and the various
services it provides to SIDF user departments. The SIDF management aims to make these
ITD Service Management Systems and related processes effective and efficient in line
with the ISO 20000:2011 standard so as to achieve the benefits mentioned in Section 2.5:
3.1. Service Desk Tool Requirement
A Service Desk Tool which meets SMS requirements and is suitable for a small to
medium enterprise. The following requirements matrix for the Service Desk Tool must
be completed. Please provide your response in detail as separate where ever we have
requested to provide the response in detail for our requirements.
Criteria Level of Criteria Met
A. General Requirements Full Partial None Reference / Evidence
Compliant with ISO 20000:2011 standard and based on

A.1 ITIL v3 best practices
A.2 Based on Web Architecture.
Capable of handling non-IT service requests (possible
A.3
future requirement)
The application should provide excellent out-of-the-
A.4 box business processes, forms and views in order to
jump-start deployments
Is the service desk tool capable of running in a
A.5
clustered environment?
The application should automate and integrate all
A.6
Service Management System (SMS) Processes
Accommodate process workflows, procedures and
A.7 configuration based on ITIL v3 best practices that span
across all modules
Solution must include a help facility, which provides
context sensitive help, which can be easily customized
A.8 or modified to add additional help features. Should
provide Field Level help by using a quick key on each
field.
The automation should include the following functions:
automation of information sharing between all the
A.9
modules
A.10 automation of analysis, dynamic dashboards etc.
automation of ticket creation via events from
A.11
Enterprise
The application should have the ability to integrate
A.12 with email gateway for sending alerts and notifications
to administrators and end-users
Version
RESTRICTED

The application should have the ability to integrate
with SMS gateway for sending alerts and notifications
A.13
to administrators and end-users (possible future
requirement)
Does the tool / system must carry a portfolio of tightly
integrated products (for our future roadmap) for
A.14
application quality management and project and
portfolio management.
Ability to create a processes from scratch using drag &
A.15
drop tools
Ability to define Unlimited processes in the out of box
A.16
solution
Ability to create & personalize unlimited dashboards
A.17
and user interface.
Integrate with SIDFs Active Directory system and
SIDFs database (SQL Server) to retrieve all related
A.18
employee and service information. (As described in the
integration section) .
A.19 Easy customizable reports.
A.20 Automated ticket generation via SIEM solution.
A.21 Which SIEM solution is supported OOB?
A.22 Automated ticket generation via DLP solution.
A.23 Which DLP solution is supported OOB?
Does the Solution provide executive scorecard and
A.24
Dashboard providing analytic and metric views
A.25 Does it cater for role based interface?
Is programming required to modify the GUI? Does the
A.26 interface allow for some fields to be restricted from
view?
Can the system be scaled over time to support an
A.27
increase in users.
Does the system Integrate with other applications such
A.28 as ERP ? How many integration interfaces are available
OOB?
Auto ticket creation from outside
A.29
applications/interfaces/monitoring tools. Etc.
A.30 Must provide comprehensive audit trail capabilities
Must not rely on proprietary hardware or software for
A.31
operation. Describe supported OS and DB.
A.32 Support enterprise single sign-on
Describe the Tool Architecture - Please explain in
A.33
detail
Escalation based upon business rules, such as Service
A.34 Level Agreement (SLA), response time, or level of
criticality.
A.35 Escalation at the team, sub-team, or individual level.
Aging reminders based strictly on age of case and
A.36
priorities.
Version
RESTRICTED

Routing and escalation of ticket extends to associated

A.37
tickets. Reassign tickets to other group / individual.
B. Service Desk Management Full Partial None Reference / Evidence
The application should automate the service desk

B.1
management.
Which of the following SMS processes are automated?

B.2 Service Management System
B.3 Establish and Implement SMS
B.4 Governance of Processes Operated by Other Parties
B.5 Document Management
B.6 Resource Management
B.7 Financial Management
B.8 Design & Transition
B.9 Supplier Management
B.10 Service Level Management
B.11 Business Relationship Management
B.12 Service Reporting
B.13 IT Service Continuity & Availability Management
B.14 Capacity Management
B.15 Information Security Management
B.16 Incident Management
B.17 Problem Management
B.18 Configuration Management
B.19 Change Management
B.20 Release Management
The application should keep track of every stage of the
activities, from initiating the activity to closing of the
B.21 activity. E.g.: Details of individuals or groups opening,
updating and closing records; dates and time stamp of
status and activities updates, types of activities.
B.22 All closed activities should be archived and retrievable.
C. Supplier Management Full Partial None Reference / Evidence
Application should be able to keep track of Supplier

C.1
Contract Details for each Configuration item.
Version
RESTRICTED

C. Supplier Management Full Partial None Reference / Evidence
C.2 Manage supplier relationships

C.3 Manage supplier performance
C.4 Manage supplier and contractor database
C.5 Manage supplier and contractor categorization
Manage supplier and contractor evaluation and
C.6
selection
C.7 Negotiation and agreement of contracts
C.8 Contract review, renewal and termination
C.9 Maintenance of standard contract terms and conditions
D. Configuration/Asset Management Full Partial None Reference / Evidence
The application should be able to maintain the details

D.1
of IT's clients in the CMDB.
Describe the functionality of your Asset Management
module including hardware inventory, warranty
D.2
periods, maintenance agreement management,
hardware lifecycle and end of lease management.
It should be possible to maintain parent/child, peer-to-
D.3 peer, upstream / downstream relationships between the
assets.
Does the tool manage lease, license, maintenance and
D.4
warranty contracts ? Please explain
Does the tool map assets to business processes and
D.5
services ?
A powerful search engine should be provided to
D.6
browse through and track the assets
Enable tracking of asset downtime, incidents and
D.7 problems to identify issues that impact quality of
service and total cost of ownership.
Application should allow generation of labels and keep
D.8 track of what configuration items are labeled and which
are not.
Application should allow for auto discovery of
D.9
configuration items and their locations.
Does the tool should facilitate the verification of the CI
data with the actual physical infrastructure by automated
D.10
or manual means? For example, the use of Systems
management tools to validate real time vs. static
Should have capability to discover IT assets on the
D.11
network
It should maintain CI Life cycle Status Management.
For e.g. planned, ordered, under development, in test,
D.12
implementation, and production, in repair /
maintenance
Version
RESTRICTED
It should support data federation and reconciliation

D.13
with other sources of CI data
D. Configuration/Asset Management Full Partial None Reference / Evidence
It should track variety of CI like software, Hardware,

D.14
Network, Contracts etc.
It should facilitate the recording of CI attributes. For
e.g. serial number, version, location and others. It
D.15
should also provide the features to extend and create
additional attributes as and when required
It should be able to establish CI relationship for Impact
D.16 analysis of IT actions such as configuration changes or
routine maintenance and root cause analysis
It should be able to display CI relationship either
D.17 through logical relationships or physical relationships
or both and hierarchy graphically
It should be able to populate CI information from
D.18
diverse source of information in IT environment
It should have standard OOB CI Classification and
D.19
Categorization
E. Service Requests Full Partial None Reference / Evidence
The application should provide a Web based self-
E.1
service facility to log the service requests.
E.2 Is the Self Service interface available in Arabic.
Can SIDF define its own categories for calls by end
E.3
users.
Service requests may come through email, telephone
E.4
etc. also.
E.5 Screens should be available to input these requests.
Service requests may be for PC hardware/software,
E.6
applications etc
Major activities in managing Service Requests
E.7 create, view, update or cancel service request
issue a ticket for each service request for follow up
E.8
purpose.
automatic/manual assignment of tickets to support
E.9 staff based on availability, roster, holiday, leave,
work load, expertise etc.
Should be able to escalate ticket to higher level
E.10
support staff if required
notify support staff and end users. It should allow
users to track the fulfillment activities (for example,
E.11 a service request requires 5 steps to fulfill, and steps
2 and 3 have been completed). Does the user have
visibility into this fulfillment status?
Version
RESTRICTED
enable the user to answer a satisfaction survey

before closing the request. Only if the request is
E.12
completed to the satisfaction of the requester, it
can be closed by the service desk.
E. Service Requests Full Partial None Reference / Evidence
Send messages to the Support Manager on overdue

E.13 tickets at any stage of the ticket life cycle, well in
advance based on SLA.
The application should enable the end-users to search
E.14 the knowledge base and to resolve the problem
themselves.
Approval/Reject of Created Service Request by
E.15
Support Manager
F .Incident Management Full Partial None Reference / Evidence
Raise Incidents by Console or Self Service Portal or

F.1
through email sent by end users
Provision to differentiate the logged incidents raised by
F.2 different methods (Self-service portal, Console or by
email)
The tool should record the name of the Service Desk
F.3
Personnel who recorded the incident
The solution should facilitate searching the knowledge
F.4 base for similar incidents to assist in the resolution of
current incidence and suggest a work around
F.5 Ability to relate configuration items and changes
Application should allow committing known errors
F.6 into the known error database and ability to lookup
incident
It should be possible to classify incidents into multiple
F.7
levels.
If a problem ticket has been created referring to the one
or more incidents, tool should have facility to correlate
F.8
each of those incident tickets with referring problem
ticket.
The application should automatically trigger actions as
F.9 per the underlying workflow when SLAs are in danger
of being breached.
Trigger email to users and support groups on incident
F.10
creation, incident assignment and incident resolution
Record the total resolution time (including a feature to
F.11
stop the timer when waiting for user, etc.).
Ability to close multiple incidents of same nature with
F.12
a parent child relationship
Categorize incidents according to defined groups and
F.13
set priorities
Version
RESTRICTED
Ability to create multiple Incident process and to move

F.14
from one process to another process
Ability to view the status of incident graphically for
F.15
each incident
F .Incident Management Full Partial None Reference / Evidence
Ability to detect potential incidents before they occur

F.16
through integration to a variety of monitoring tools.
Must have the capability to automatically assign
incidents to a resolution group and notify monitoring
F.17
groups, based on established rules, with the ability for
the operator to override when necessary
Incident management solution should be fully
F.18 integrated with change, configuration item, service
level, and problem management solutions
The tool should seek user confirmation before closing
the incident ticket (the system should automatically
F.19 close the incident if the user fails to respond within a
reasonable time, which should be mentioned in the
communication sent to the user).
G. Problem Management Full Partial None Reference / Evidence
It should be possible to assign the service request to the

G.1 problem management group without disturbing the
original assignment to the support staff.
Root Cause Analysis of Problem Management should

G.2
be System based or Procedure based
The system should assist in making use of the

G.3
knowledge base in resolving the problems.
Move from Problem Management to Change
G.4 Management/Release Management from a single
Process
Confirmed resolutions should be posted in the
G.5
knowledge base.
Can the solution automatically identify potential
G.6
problem management cases?
Tool should automatically update the resolution and the

G.7 problem in the Knowledge Base when the problem
ticket is updated after the resolution has been found.
Ability to detect potential incidents before they occur
G.8
through integration to a variety of monitoring tools.
Version
RESTRICTED
Must have the capability to automatically assign

incidents to a resolution group and notify monitoring
G.9
groups, based on established rules, with the ability for
the operator to override when necessary
The tool should record the progress of problem ticket
G.10 from Problem Error -Resolution and the time taken in
each stage
G. Problem Management Full Partial None Reference / Evidence
Provision to automatically update the resolution and
G.11 the problem in the Knowledge Base when the problem
ticket is updated after the resolution has been found
Must be able to relate and link problems to specific
G.12 incidents. Can multiple incidents be linked to a single
problem?
Problem management solution should be fully
G.13 integrated with change, configuration item, service
level, and Incident management solutions
H. Change Management Full Partial None Reference / Evidence
Major activities in change management:

H.1 Identification of required change
Impact assessment, Risk assessment on configuration
H.2
items.
H.3 Planning and scoping, Resource Planning
Notification to the Change creator when the Request
H.4 For Change is approved / rejected from each one of
the approvers
Does the tool provide for workflow system to enable
electronic notifications and approval from the required
H.5 list of approving authorities. This feature may require
integration with the organizations standard email
system.
Sequencing the tasks/change-requests involved in the
H.6
change
H.7 Scheduling and Implementation
Track prerequisite activities that should be completed
H.8
prior to implementing the change
H.9 Post change review
It should be possible to track changes made to a given
H.10
asset.
H.11 Ability to mention below data in change management
H.12 Assets and services affected by the change
H.13 Change type, impact, risk level and urgency
Version
RESTRICTED
H.14 Resource allocation, vacations, holidays

Impact analysis (how many are affected by the change?
H.15
where are they located?)
Ability to approve, retract or reschedule a change
H.16
online during a CAB meeting
Ability To record CAB minutes and decisions taken on
H.17
a change
H. Change Management Full Partial None Reference / Evidence
Ability to support release and deployment management
H.18
as part of the change process?
Ability to track change with the help of a rule based
H.19 workflow system through the lifecycle of with the
ability to add and modify details throughout the cycle.
Does the tool automatically update configuration
H.20 management data, so changes to the IT infrastructure
are accurately reflected in the CMDB.
Post Implementation Review (PIR) report to be
H.21
available against the RFC
Ability to relate configuration items, Problem and
H.22
incident records.
I. Release Management Full Partial None Reference / Evidence
Key components of Release Management include:

I.1 Planning and Scheduling
I.2 Testing
I.3 Approvals and notifications
I.4 Training and documentation
I.5 Rollout
I.6 Post-rollout review
The tool should maintain the integrity of a Release
Package and its components throughout transition
I.7
activities and recorded accurately in the Configuration
Management System (CMS)
The Tool should have the ability to facilitate the
building of different types of Release packages for
I.8
deployment. For e.g. ( full, phased, push, pull &
packaged releases).
Release management should work hand in hand with
Change management and interface with CMDB to
I.9
gather required information for release builds,
distributions, and implementations
J. Availability & IT Service Continuity Full Partial None Reference / Evidence
Management
J.1 Ability to record availability metrics (downtimes).
Version
RESTRICTED
Ability to define key performance indicators (KPIs) to

J.2
ensure availability.
Workflow and escalation process to monitor and
J.3 proactively notify managers of availability shortfalls
and flag opportunities to improve.
The tool should link problems/solutions to other
J.4 management processes such as incident, problem,
release, service level, availability, and knowledgebase

J. Availability & IT Service Continuity Full Partial None Reference / Evidence
Management
The tool should be able to monitor, measure, analyze
J.5 and report Availability, Reliability, Maintainability,
and Serviceability
K. Workflow Full Partial None Reference / Evidence

The applications involves number of business
processes for automating the service management. The
K.1 application should have been built with standard work-
flows based on best practices so that it can be
implemented with least effort.
User friendly and flexible workflow tool should be
K.2
available to create/customize business processes.
Is it compatible with Captaris/MS SharePoint
K.3
Workflow?
L. Service Catalogue Full Partial None Reference / Evidence
The application should provide facilities to maintain
L.1 Service Catalogue with information about the various
services offered by IT for reference.
Does the tool gives option to maintain both business
L.2
catalogue and technical catalogue?
Service Catalogue should be available to end user. The
tool should have the ability for the users to access the
L.3
service catalogue electronically over intranet or web
service.
It should have feasibility to tailor service catalogue
content to meet business requirements. Should be
L.4
having pre-packaged Service Catalog content and
configurable service definition templates?
Ability to define approval for service catalogue to meet
L.5
business requirement
Does the tool facilitate the ability to design a structured
content such as:
Service Category Types such as Professional Services
L.6
(Support, Consulting, Service Management)
Technical Services (Business Services Loan Services,
L.7
Payroll, Accounts Payable
Version
RESTRICTED
Service Offerings (ordering a laptop, on-boarding a

L.8
new employee).
Does the tool enable a view of the service catalogue
L.9
(with links and dependencies)?
Solution should provide service definitions and
L.10
categorizations, service nomenclature and numbering
Does the tool integrate with service request fulfillment
L.11
such that user orders can be placed electronically?
The application should provide facilities to maintain
L.12
services
L. Service Catalogue Full Partial None Reference / Evidence
Does the tool provide the ability to define and manage
L.13 Business Agreements against the Services contained in
the Service Catalog?
Does the tool support and manage the service status?
E.g.: requirement definition, analysis, approved,
L.14
chartered, design, development, build, test, release,
operational/live, retiring, retired?
M. Service Groups Full Partial None Reference / Evidence
The application should be able to define Service

Groups (PC-Support, Networking, Application Support
M.1
etc.) and the catalogue of services provided by each
group.
Staff within each service group and the skills of each
staff also should be available. This data is useful to find
M.2
the required support staff for attending to service
requests, incidents and problems.
It should be possible to maintain the roster, leave and
holidays of supporting staff so that the application will
M.3
know the availability of support staff for automatically
assigning the service requests to them.
It should be possible to view the tickets on which a
M.4
support staff is working at any moment.
N. Service Level Agreements (SLA/OLA) Full Partial None Reference / Evidence
The application should provide customizable SLA

N.1 templates to cater for various services performed by IT.
Possibly provide Wizards to help set up new SLAs
The application should enable to define SLAs between:
N.2 IT and Internal/External Customers
N.3 IT and internal support groups (Purchasing Dept etc.)
N.4 IT and vendors (as part of service contracts)
Following information is mandatory in an SLA:
Version
RESTRICTED
N.5 Time to respond, Time to resolve, Business Hours

The application should automatically trigger actions as
N.6 per the underlying workflow when SLAs are in danger
of being breached.
The application should provide reports comparing
N.7 actual service level measurements with the SLA for
measuring the performance of support staff.
The tool should show immediate status of tickets for
N.8 e.g.: How many are achieving SLAs? How many are
pending resolution? How many have breached?
N. Service Level Agreements (SLA/OLA) Full Partial None Reference / Evidence
Does the tool manage the scheduling of the review
N.9
cycle and life span of an SLA?
Does the tool facilitate the development and
monitoring of Underpinning Contracts with third party
N.10
vendors as well as internal Operational Level
Agreements?
The application should enable the users to view
N.11 SLAs/OLAs and agreements, check service level
targets, identify compliance misses
The solution should provide reports showing which
N.12
services breached SLAs/OLAs/UCs
O. Knowledge base Full Partial None Reference / Evidence
The application should maintain a library of reusable

O.1 solutions that are useful in resolving future incidents
and problems.
Strong search engine to search the knowledge base
with key-words should be available. Should provide
O.2 advanced search support - e.g. using Boolean
expressions <AND>, <OR>, along with filter on
category and knowledge base to refine content results
Does the tool has a customizable thesaurus of
O.3
synonyms/acronyms/ words to ignore while searching?
Should allow service desk agents to search
O.4 knowledgebase directly from within the incident
management screens?
O.5 Can the knowledgebase be both English and Arabic?
O.6 Is the Arabic text searchable?
Provides tools to distribute knowledge without leaving
O.7
the application (print, e-mail, copy/paste)?
Should allow linking between documents, both inside
the knowledgebase and in external locations. Can
O.8
report on relationships of existing links, and broken
links?
Version
RESTRICTED
Should have an automated workflow component for

document creation, review and promotion.
O.9 Accommodates different processes for different
document types, user groups? Customizable?
Configurable from GUI?.
Unapproved solutions should be kept as draft
documents in the knowledge base. They should be
O.10
converted to formal status after going through the
approval process.
P. Historical Data Full Partial None Reference / Evidence
All completed activities should be kept in the CMDB

P.1
as historical data.

P. Historical Data Full Partial None Reference / Evidence
The historical data provides valuable clues when

P.2
similar problems are encountered.
The search engine should enable searching of the
P.3
historical data.
Q. Audit Trails Full Partial None Reference / Evidence
Must provide comprehensive audit trail capabilities.
Q.1 Audit Trails of all changes to important data across
different modules should be available.
R. User Access Control Full Partial None Reference / Evidence
Adequate facilities to grant access to the users based on

roles and scopes should be available to define access to
R.1
application modules, functionality within modules, and
underlying data.
S. Reports, Graphs, Dashboards, Score Full Partial None Reference / Evidence
Cards, KPIs etc
Predefined reports, Graphs, Dashboards, Score Cards
S.1 and KPIs should be available covering all functions
performed by IT and the SLAs governing IT's services.
All reports, metrics and KPIs must be made
S.2
dynamically and online
User friendly Reporting Tools should be available for
S.3
generating custom reports and dashboards.
Automatic emailing of reports on a scheduled basis to

S.4
predetermined distribution lists should be possible.
Reports should be exported to other formats, such as
S.5
PDF, images, Excel or text.
Flexible ad hoc customizable reporting including
S.6
capability to extract data from the tool database.
High level Management Reports including Statistical
S.7
reports , graphical reports.
Version
RESTRICTED
T. Download/Upload facilities Full Partial None Reference / Evidence
The application should provide procedures to load data

T.1 into CMDB from text/excel files without violating its
integrity.
T.2 Downloading facilities should be available.
U. Customization of application Full Partial None Reference / Evidence
Customization of the application should be possible at

U.1 the user interface level without changing the program
code.
The administrator or any user with the appropriate
U.2 authorization should be able to modify workflows or
create new workflows
U. Customization of application Full Partial None Reference / Evidence
The solution should have form based tools to add
U.3 database and Web / GUI fields without the need for
scripting.
V. Integration with Enterprise Systems Full Partial None Reference / Evidence
Management
Integration with Systems Management tool to give
V.1
SINGLE CONSOLE interface to IT Support users
Integrate with Systems Management tools to populate
V.2
inventory both hardware and software
Integrate with Systems Management tool to Take
V.3 control and View Remote Control of End User
Machines
Integrated with Systems Management solution to
V.4 Distribute Software and Deploy OS to End Points with
efficient Bandwidth Utilization
Integrate with Systems management tools to check for
V.5 vulnerabilities on end user machines and deploy
requisite patches
Integrate with Systems Management Tool to chat with
V.6
End User through Remote Control Console
W. Consultancy and Training Full Partial None Reference / Evidence
The vendor should provide details of consultancy and
W.1
training that they will deliver.
Training for Help Desk team and Technical Support
W.2
team is mandatory.
The vendor should have the ability to go beyond
W.3 normal trainings, like ITIL awareness for IT staff, ITIL
for Management etc.
The vendor should provide the details of Consultants
W.4 and Trainers including their qualification and
experience.
Version
RESTRICTED
Complete the table below to indicate what endorsements the proposed service desk tool has
received:
OGC OGC OGC Pink Pink Verify Other

GOLD SILVER BRONZE Verify 3.1 3.0
Process
Availability

Management
Problem

Management
Capacity

Management
Release &
Deployment
Management
Change

Management
Request

Fulfillment
Event

Management
Service Asset &
Configuration
Management
Financial

Management
Service Catalog

Management
Version
RESTRICTED
Incident

Management
Service Level

Management
IT Service
Continuity
Management
Service Portfolio

Management
Knowledge

Management
3.2. Bar Code Requirements

Print barcode and write fixed asset no. or location no.
Imports fixed asset files to handheld device.
Scans barcode for room number or location.
Scan assets for physical counting.
Export transactions to Fixed Asset Management System (Service Desk Tool).
When new Batches of PCs are purchased, rather than doing manual entry to add each
PC details, we wish to utilize the Barcode system to enter the data into the Asset
Management system.
For disposal of batches of PCs we need the same function but allow us to remove the
assets from the Asset Management System.
Any Asset information updates using the Bar Code system should be reflected in the
Asset Management system.
Solutions should include all hardware, software and training.
Deliverables have been listed down in Section 4.
Version
RESTRICTED
4. Detailed Response Requirements

4.1. Executive Summary
This section will present a high-level synopsis of the vendors responses to the RFP. The
Executive Summary should be a brief overview of the engagement, and should identify
the main features and benefits of the proposed work.
4.2. Scope and Delivery Approach

Vendors should include their approach and methodology that will be employed for the
project Implementation. This should be presented in a very clear and easy to understand
manner. Each process area must contain assessment discovery and analysis for the
following areas:
IT Service Management Policies Rules and definition on how to think and act
when operating the process
Relevant ISO 20000 related Processes Describes the steps involved in the process,
roles and responsibilities, and interrelation to other processes. Inputs and outputs of
all processes, KPIs for all processes and flow diagrams.
Relevant ISO 20000 related Procedures Detail of each process area, including
description of each process step, RACI, job descriptions
Detail on how the proposed Service Process Management platform will meet the
requirements of ITIL and ISO 20000.
Relevant ISO 20000 related Work Instructions How the process is implemented in
the tool, and is usually described with screen shots and text to illustrate how
operators of the tool should enter and use data
Review and confirm the ISO 20000 certification scope.
Assessing the current IT Processes against ISO 20000 standard with consideration
for the following:
o Project preparation
o Select ITIL Roles & determine role owners
o Definition of the current AS-IS Process
o Definition of the To-Be Process structure
o Definition of process interfaces
o Establish process metrics (KPIs)
Version
RESTRICTED
o Design the processes in detail

o Tool implementation and process implementation
o Train IT staff
Implementation against current missing Gaps
Implement Service Desk tool and Configure and Automate SMS processes within
the Scope using the new Service Desk Tool standard with consideration for the
following:
o Project definition workshops
o OOB implementation (Vanilla)
o Customization
o Tuning phase
o User acceptance phase
o Monitoring
o Training
Automate other SIDF ITD processes (See Section 8). It is expected that a
project/development team will be created (within ITD) and that the chosen vendor
will conduct workshops where 2-3 processes will be automated from Section 8 as
part of the knowledge transfer exercise, and once the project/development team feel
that they are fully capable to conduct this exercise on their own then this specific
engagement will be closed.
Acquire and implement barcode management system and fully integrate with the
Service desk tool.
Pre-certification audit and gap analysis.
Auditing after eliminating the gaps in order to achieve the ISO 20000:2011
certification.
In case of failure, re auditing required.
Delivery of required training.
The following areas and their processes of the Service Management System lifecycle
should be covered in terms of design, documentation and establishment as required by the
ISO 20000:2011 Standard:
1. Service Management System

2. Establish and Implement SMS
3. Governance of Processes Operated by Other Parties
4. Document Management
5. Resource Management
6. Financial Management
7. Design & Transition
8. Supplier Management
9. Service Level Management
10. Business Relationship Management
11. Service Reporting
Version
RESTRICTED
12. IT Service Continuity & Availability Management

13. Capacity Management
14. Information Security Management
15. Incident Management
16. Problem Management
17. Configuration Management
18. Change Management
19. Release Management
4.3. Project Management Approach

Include the method and approach used to manage the overall project and client
correspondence.
Briefly describe how the engagement proceeds from beginning to end.
Also see section 5
4.4. Deliverables
The following deliverables should be provided:
1. An awareness session or presentation to SIDF senior management (including assistant
director generals and user department managers) during the beginning of the project in
order to explain to them the goals of the project, take their inputs into consideration and
to secure management support.
2. Road map along with objectives of each initiative, timelines and priorities. This should
also contain the benefits assessment of each initiative, timelines and dependencies on
other initiatives. Additionally, a business impact analysis/cost benefit analysis narrative
of each initiative should be provided.
3. Documenting the certification scope for ISO 20000:2011
4. A detailed project plan, with WBS, duration estimates, critical chain, gantt chart, with
resource schedule for the project
5. Help in Appointment of SMS Management Representative and SMS Implementation
Team as well as process owners
6. Information, knowledge, procedures and trainings delivered by the chosen vendor to the
SIDF's selected staff. The transfer of knowledge shall follow a process that includes: on
the job training, through documentation and other course material and walk through of
solution during knowledge transfer workshops.
7. Awareness sessions to Team leaders, User Support Division and Technical Support
Division staff (for up to 30 attendees)
8. ITIL Foundation Training/exam for up to 30 attendees (dependent on the GAP analysis.
See assumptions)
9. ISO 20000 lead auditor for 4 attendees (dependent on the GAP analysis. See assumptions)
10. ISO 20000 Implementer for 5 attendees (dependent on the GAP analysis. See
assumptions)
Version
RESTRICTED
11. It is expected that workshops will be conducted for the knowledge transfer to allow SIDF
staff to be able to develop workflows, reports, processes etcafter the implementation
has been completed.
12. Service Management System training Foundation level for 10 attendees (dependent on
the GAP analysis. See assumptions)
13. Awareness and training sessions for end-users on how to use Service Desk Tools (Self-
service, knowledgebase etc)
14. Gap analysis report against the set scope and identifying the gaps, justification or rationale
of the gap and recommendations. This report will clearly identify the as is state (i.e. the
current state), to be state (i.e. future state) and the gaps.
15. Service Desk Maturity Assessment pre implementation and post implementation.
16. Service Process Maturity Assessment and recommendations as per the gap analysis of
gathered data should be performed and process maturity should then be scored on a scale
of 0 5, based upon the Capability Maturity Model (CMM) developed by the Carnegie
Mellon Software Engineering Institute. (i.e.) 0 Absence, 1 Initiation, 2 Awareness,
3 Control, 4 Integration, 5 Optimization pre implementation and post
implementation.
17. Acquisition and implementation of ITSM compliant Service Desk Tool and all necessary
modules and licenses (hardware, additional software etc)
18. Acquire and implement a Bar Code Management System for managing IT Assets, and
fully integrated with the Service Desk Tool.
19. Service desk implementer will arrange for tool vendor to certify the implementation of
the tool (Quality Assurance). Any additional cost will be borne by the implementer.
20. ISO 20000 implementation team will sign off on the correct implementation of the service
desk tool and all ancillaries according to ISO 20000:2011 standard.
21. The required documentation (including policies, forms, templates, checklists, user guides,
job descriptions and procedures/processes and process fact sheets) related to the ISO
20000:2011 processes as per ITIL V3 and ISO 20000 guidelines and best practices and
taking into account SIDF/ITDs documentation standard
22. Suggested organization structure and RACI related to ISO 20000.
23. Implemented Service Process Management application to meet the requirements of ITIL
v3 and ISO 20000:2011 for the following processes / functions:
CMDB & Asset Management
Service Management System
Establish and Implement SMS
Governance of Processes Operated by Other Parties
Document Management
Resource Management
Financial Management
Design & Transition
Supplier Management
Service Level Management
Business Relationship Management
Version
RESTRICTED
Service Reporting
IT Service Continuity & Availability Management
Capacity Management
Information Security Management
Incident Management
Problem Management
Configuration Management
Change Management
Release Management
24. Weekly Progress/Status Reports
25. Internal Audit Report
26. Assistance in External Audit (The consulting company will nominate a list of certification
bodies, and SIDF will choose which one will conduct the external audit)
27. Cost of Certification from third party
28. Test environment and Live environment for the SMS
29. All necessary documentation and related information uploaded to SharePoint document
library (environment will be provided)
30. Complete Business process documentation
4.5. Assumptions:
The scope of this project is limited to the Information Technology Department and
will not be covering any other SIDF Departments unless dictated as a requirement by
the ISO 20000:2011 standard (such as user services like self-service portal).
All ITIL v3 processes, which are contained in ISO 20000:2011 framework, are
operating within an acceptable level.
The Gap Analysis will be conducted by the consulting company as part of the initial
phase.
All process managers, owners, and practitioners are available during audit activities.
Any change request to the project should be communicated to the Project Manager and
approved by the Project Team.
The training indicated above is for guidance purposes. Please give a detailed breakdown
of what training is required and the level of the trainers that will conduct the training.
Service desk tool implementers are recognized and authorized implementers from the
vendors of the recommended tool (training and support has to be evidenced also).
Evidence pertaining to this will have to be presented.
Advance payment can be facilitated against a bank guarantee.
Payment will be made after key milestones are achieved. Proposed schedule below:
Phase Milestone %
GAP Analysis, Project plan, awareness
Phase 1 15
Training (ISO 20000:2011)
Version
RESTRICTED
ISO 20000:2011 process documentation

Hardware acquisition & setup
Phase 2 20
Training (For Service Desk Tool etc...)
Tool implementation
Phase 3 ISO 20000:2011 Process implementation 25
Convert in-house processes
Phase 4 Successful ISO 20000:2011 certification by external auditor 40
4.6. Detailed and Itemized Pricing

Include a fee breakdown by project phase as follows:
ISO 20000:2011 Implementation & Certification with all ancillaries (broken down
where ever possible)
Service Desk Tool Implementation and Process Automation with all ancillaries
(broken down where ever possible). It is viable to quote for up to two service desk
solutions.
Provide quotes for 1 year support & maintenance and for an additional 2 years
(optional) broken down by year.
Provide separate quotes for 6 Months / 1 Year (As appropriate and needed) for
providing post Implementation Support for ISO20000 and SMS tool with an onsite
dedicated resource at SIDFs office
It is expected that all charges and costs applicable to this proposal will be included in this
section. All costs are to be provided in Saudi Riyals. Any charges applying to the proposal
should be included with a full and itemized description.
All costs and prices quoted in the proposal are assumed to be valid until the
Implementation project is completed.
Example of breakdown. Please ensure more granularity:
Item Cost
GAP Analysis, Project plan, awareness sessions
Training (ISO 20000 - Lead Auditor, Implementer, ITIL Foundation)
ISO 20000:2011 implementation
Hardware acquisition & setup
Training (Tool - Admin etc...)
Tool implementation
Process automation and implementation
Cost of separate modules (software, implementation, license, support)
Version
RESTRICTED
1st year license cost

2nd year license cost
3rd year license cost
1st Year Support & Maintenance
2nd Year Support & Maintenance
3rd Year Support & Maintenance
Convert in-house processes (automate)
Successful ISO 20000:2011 certification by external auditor
4.7. References
Three (3) current corporate references, including company name, contact name, title, E-
mail address, telephone number, and client relationship synopsis.
4.8. Project Team Staffing

Include CVs of relevant experience of key staff and management personnel. List the
personnel who would work on this project along with their qualifications and relevant
experience.
It is required that CVs be submitted for staff who will conduct the ISO 20000
implementation and CVs for the team that will implement the service desk tool. Also
submit the CVs of the project manager and training staff.
4.9. Company Overview

The following details should be provided as applicable: Official registered name
(Corporate, D.B.A., Partnership, etc.), Dun & Bradstreet Number, Primary and secondary
SIC numbers, address, main telephone number, toll-free numbers, and facsimile numbers.
Key contact name, title, address (if different from above address), direct telephone and fax
numbers.
Person authorized to contractually bind the organization for any proposal against this RFP.
Brief history, including year established (also when setup in Saudi Arabia) and number of
years your company has been offering ISO 20000 implementation and implementation
services for the selected service desk tool.
Version
RESTRICTED
4.10. Support
Please detail the available support structure within Saudi Arabia (number of dedicated staff,
hours of support etc), and what the expected SLAs would be between the service desk
implementer/vendor and SIDF.
4.11. Hardware
SIDF is adopting virtualization where ever possible regards server utilization. Therefore,
it is expected that the implemented solution will be installed in a virtual environment for
both stages (development/testing and production).Where it is felt that virtualization may
impact performance, please provide the optimum hardware requirements and also add a
separate cost for this hardware.
4.12. Additional Requirements (Optional)

If it is felt that additional software/hardware may benefit or add value to the
implementation, then please specify the additional requirements with their cost (for example,
the network monitoring tool that we currently have does not integrate with the proposed
service desk tool, so it is felt we should consider using another tool). Please bear in mind,
that this will be wholly optional and will not impact the main proposal.
4.13. Proposal Format and Structure

All vendors are required to provide the information as specified in the previous sections in
MS Word format. Any other additional information that may be relevant to our decision
making process must be supplied as addenda.
The following sections should be present in the proposal as a minimum:

Executive Summary
Company Profile
Scope & Approach
Project Management Approach
Implementation Approach
Provide your approach and method of handling such a project with focus on:
ISO 20000:2011 certification
Clarify and explain the available certification body options attached with your recommendation.
Timelines and Deliverables
Team Profile
Client References
Assumptions and Risks
Appendix
Fees & Payment Schedule
Sample contract / terms and conditions
Version
RESTRICTED
5. Project Management Requirements

5.1. Project Plan
Vendors should submit a project plan with timelines for each activity at the beginning of
the project. The plan must indicate the specific tasks involved and their timelines.
There might be minor changes in the project plan post discussion with SIDF management.
5.2. Project Organization

Vendor will provide details of the proposed project strategy and structure identifying key
individuals, e.g., Project Manager and his role, including number and location of proposed
analysis personnel who would working remotely (if any). Due to the sensitivity of the
exercise and process, it is extremely important that SIDF obtain a thorough understanding
of the vendor team organization and individuals proposed for the project and the roles
which SIDF staff would be expected to be involved in. Vendors should provide details of
sub-contractors likely to be involved (if any). Indicate the number of full time equivalent
staff that will be required. Resumes or a personal profile must be provided for two key
personnel in the project. SIDF retains the right to choose the consultants following
personal meetings with each individual.
Provide estimates of the required number of SIDF staff and identify the skills desired
including details for the following:
Number of Full Time Equivalent (separate IT and Business) required for project
Key roles to be included from the business
Key roles to be included from IT
Provide details of expertise of consultants selected to work on this project including:

Relevant and appropriate certifications
Tangible and demonstrable experience of working in projects of similar
requirements, size and complexity in the Kingdom of Saudi Arabia
Provide an estimate of the infrastructure required at SIDF for your implementation team:
Number of work desks
Version
RESTRICTED
Number of telephones
Number of computers
Other requirements
SIDF reserves the right to interview all proposed consultants to gauge their levels of
experience and expertise in relevant project area.
6. Vendor Requirements
6.1. Supplier Profile
All vendors must give a comprehensive profile of their organization in the following
format and order (for ISO 20000 implementation and service desk implementation as well
as any other partners that may be used).
6.2. Organization
Organization concerns the structure and size of the companies both in terms of its head
office and other worldwide regional locations. Please provide:
Information as to whether the organization is independent or part of a larger
conglomerate. If the latter, please provide details of the holding company.
Corporate mission statement and strategic direction.
Information of your organizations performance against others in the industry.
6.3. Location
Location concerns the location and size of operations at the head office and any regional
offices.
For each location please state:

Number of employees.
Whether the offices are wholly owned subsidiaries of the main head office or if it is
a third-party managed operation (VARs).
Also indicate the office from where the Implementation project would be
managed.
6.4. Experience
Experience concerns the relative experience vendor has in terms of Implementation of
this size related to the business activity (for ISO 20000 implementation and service desk
implementation).
Please provide information as to the experience of your consultants and retention rate of
your staff in the last two years.
Vendor should meet the following minimum requirements:

Version
RESTRICTED
Team assigned to SIDF must include members who are certified as follows:
ISO 20000 (whether ISO 20000:2005 or ISO 20000:2011) / ITIL v3 Certified
Service Manager or Expert Certification
Should have been involved in ISO 20000:2011 (differentiate between the two
different version 2005 and 2011) / ITIL v3 implementations
Should have implemented a full suite of relevant service desk tool with integrations
Be fully trained/certified in relevant service desk software
Have minimum ITILv3 foundation certification
6.5. Growth
Growth concerns the manner in which the company has progressed since its inception.
Please provide information:
The year when the company was first established.
The place where the company was first established.
The size of the company per year since its inception in terms of locations and staff
numbers and within this, the number of consultants.
If the company has been in operation for a number of years, please summarize up
until the last five years, then provide detailed information from this period.
The history in sales and consulting revenue over the last five years: product sales,
personal growth (local, regional and global) and R&D expenditure (money and
man-hours).
6.6. Other Information

Please also provide us with any other information, which you see as relevant.
Version
RESTRICTED
7. Selection Process
7.1. Objective
The objective of the evaluation process is to select a reliable and experienced vendor,
capable of performing this Implementation project because of their experience in ITIL V3
implementations or SMS projects according to the specification required by SIDF, within
the time frame identified.
7.2. Timetable
The key dates for the RFP issue, receipt, evaluation and awarding of contract are currently
as follows:
Completed By Key Milestones Comments

14/10/1433H Deadline for Pre Bid Question & SIDF will try to respond to queries
01/09/2012G Answer within 2 days of their receipt
21/10/1433H Submission of proposals in Final date for submission of
08/09/2012G response to RFP by vendors proposals along with all
requirements.
SIDF retains the right to amend this schedule as it deems appropriate.
7.3. Selection Criteria

Vendor selection may be based upon a number of criteria, examples of which are detailed
below. The vendors are required to consider how their proposed solution / service fits in
with any of the criteria listed and clearly indicate this in their response document.
Understanding of the projects requirements. Proposed method to be approached in

providing the required services successfully. Whether Consulting Company has adopted
ISO 20000:2011/2005 and been successfully certified. (Attach the copy of ISO
20000:2011/2005 certificate)
On site consultant background, ideally Computer Science Engineering degree with ISO
20000:2011 / ITILv3 certifications, experience on projects of similar nature, size, and
business type (minimum three references are required)
Availability of sufficient and capable personnel with the required qualifications and
experience dedicated to the project (vendor team structure to be submitted)
The details, adequacy and timetable of the project plan for the key activities of the project.
List all successful ISO 20000:2011 Implementation Studies and successful ISO
20000:2011 certifications. (Also list ISO 20000:2005 in Saudi Arabia. May also list any
ISO 20000 implementations conducted outside of Saudi Arabia but within the GCC).
Also include which service desk tool the certification was done with.
Experience of the technical staff in relation to implementing the proposed Service Desk
tool
Version
RESTRICTED
Detailing the qualifications of the implementation staff and what training or certifications
have been achieved in relation to the proposed tool
Provide evidence of successful Service Desk Tool implementation in conjunction with
ISO 20000 or ITIL v3
List all successful implementations where the proposed Service Desk Tool has been
implemented with contact details so that a site visit may be arranged if required (May
also list implementations conducted outside of Saudi Arabia but within the GCC)
7.4. Evaluation Criteria

The vendor must cover all the requirements mentioned and any missed requirements will
affect the evaluation score. However, the offer will be treated as incomplete if the vendor
failed to submit the requirements for any of the major deliverables. The Vendors
Proposals will be evaluated based on the below criteria (sample):
Criteria Comments
Vendor Profile
Consultant Experience in Project Management
Diversity in Experience (Financial/Government Sector)
Years of Experience
Middle East Experience (References)
International Experience (References)
Quality of CV's
Suitability & Location
Number of Consultants
Turnover
Number Of Employees
Years of Presence
Communications and Relationships
Contacts and communication channels are defined
Vendor Mobilization Period (less is preferred)
Vendor Approach
Proposal is clear and understandable
Sample Gap Implementation Approach with clear Plan
Proposal Presentation
Quality of Project Plan
Resource Plan (Showing Resources, on-site, off-site, time etc.)
Project Requirements fulfillments
Scoping and Gap Analysis
Approach & Scope included
Assessment Template or Sample
Version
RESTRICTED
Sample Roadmap for fulfilling the missed gaps

Approach included
Roadmap Outline and Details
Service Process Management Application meets ISO0 & ITIL
requirements
Training
Training Quality
Training covers the required areas
Training Approach
Other
Optional Deliverables
Raise New Concepts and Recommendations
Project Documentation
Time
Project Time : Reasonable Implementation time
Financial
Financial Offer
It is expected that there will be a period of time (during the submission process or the evaluation
process) where a proof of concept will be required for the proposed Service Desk with all the
necessary modules enabled for relevant stakeholders to assess the viability of the tool. Most of
the requirements listed in the table under Scope (Section 3) will be assessed and addressed.
Version
RESTRICTED
8. Related ITD Services / Processes Details

8.1. ITD Services
Application Development
Support Of The Application Till Handover To USD
Support Of The Application By USD
Enhancement Of The Application By USD /ADD
Modification Of The Application By USD / ADD
Business Continuity Policy
Asset Management
Data Classification
Database Backup
Database Recovery
Database Request
Database Audit
Database Design Review
Internet/Intranet Policies & Procedures
Internal/External Audit Process
Annual Budget Process
IT Consulting for Fund Users
Monitoring and Updating of Budget
Procedure Development/Revision of Procedures, Forms or Standards
The Review/Assessment Process
Review of Operational Forms
Walk-Through of a Processes, Product or Application
Independent Testing of Products, Processes or Application
8.2. Security policies and procedures in place
Confidentiality of Information
Appropriate Use of Resources
Computer Room Access
On-Off Site Backup Storage Access
ITD Staff Working After Hours
Resignation, Dismissal, Redeployment of SIDF Staff
Loan of Equipment and External Use of Laptops
Disposal of Equipment
Disposal of Computer Reports
Biometric & Password Security Policy
Operating Systems Audit
Firewall Audit
Network Audit
User Account Maintenance
Data Backup, Storage and Retention
User Server File Restoration
Version
RESTRICTED
Anti-Virus Operations
Appropriate Use of E-mail and Internet
Remote Dial-in Access
File & Disk Quota
PCs Remote Accessing
Application Transfer to User Test and Production
Access to Development, User-Test and Production Files
User Authorization for Application Access
Access and Modification to Database Tables
Database Security Reporting
Quality Management Assessment Process
ITD Internal Audit
New Join staff procedure
New staff induction to SIDF & ITD
Resignation of employee procedure
Network security
Email security
Internet Security
Intranet Security
Disaster Recovery
Inventory management
8.3. Policies and procedures not fully developed
Security Incident Event Management
Data Leakage Prevention
Database Performance
Database Fine Tuning
Database Upgrade
SharePoint Upgrade
SharePoint Policies & Procedures
Active Directory Audit
PCs, Printers, scanners etc. allocation policy
Help desk policy
Incident, Alert & Event management policy
Change Management Policy
Purchasing policy
Configuration Management Policy
Release Management Policy
Service Measurement
Outsourcing (Any Project/Service)
3rd Party Support
3rd Party Hardware/Software Installation
Licensing Policy
Patch Management
Version
RESTRICTED
Regulator / government policies and procedures

Visitor control policy
8.4. Related Systems Issues
8.4.1. Hardware Environment

Servers
~60 Microsoft Windows Servers (2003-2008)
Workstations
~700 Desktops running Microsoft Windows 7 SP1 or Windows XP SP3
Security Related Devices
2 IPS/IDS
2 Firewalls (Palo Alto)
1 Anti-Spam
1 Paketeer
2 Fiber Internet connections
1 Switch (DMZ)
Classification of Assets based on Criticality (a Risk Factor)
Server
# Application/ Database & Version & Role Classification
Role
1 File Server File, print server & Domain Controller Critical
2 Database Vault 2007 Critical
3 File Server Trend Micro ServerProtect Management Console Critical
4 File Server Biasness intelligent Critical
5 File Server CAPTARIS Critical
6 File Server Domain Controller Critical
7 File Server DPM Critical
8 File Server DR Critical
9 File Server DR Critical
10 File Server EPM Critical
11 File Server RightFax High
15 File Server MS Exchange Server 2007 Critical
Version
RESTRICTED
17 File Server Virtual Critical

18 File Server Realsecure IDS Critical
19 File Server Sql 2005 and Realsecure IDS Critical
20 File Server MS Forefront Server Protection Critical
21 File Server MS Forefront Server Protection Critical
22 File Server E-Learning High
23 File Server ISA 2006 Critical
24 File Server KMS-Host Critical
25 File Server Library System & AutoCAD Critical
27 Application MS Exchange Server 2007 Cluster Critical
28 Application MS Exchange Server 2007 Cluster Critical
29 Database SQL 2008 Critical
30 Database SQL 2008 Critical
31 File Server SQL 2008, powerpath 5.2.1 Critical
32 File Server Ciscoworks v 4.0 Critical
33 File Server ISA 2006 Critical
34 File Server WEB High
35 File Server Remedy Helpdesk server High
36 File Server RMS High
37 File Server SAPERION Version 6.0,Project Server 2002 Critical
38 File Server System Center Operations Manager 2007 R2,Sql 2008,sql R High
40 File Server MS SQL Server 2008,MS Visual Studio 2008 Critical
MS SQL Server 2008,MS SharePoint Developer Tools 9.0,
41 File Server Critical
SharePoint2007
42 File Server MS Visual Studio 2008,MS SQL Server 2008 Critical
43 File Server Secure Perfect, SQL Server 2000 Critical
44 Database SQL Server 2005,Visual Studio 2005 Critical
47 File Server EMC PowerPath, Office 2003, SQL Server 2005 & Visual Studio 2005 Critical
48 File Server SharePoint Critical
49 File Server SharePoint Critical
50 File Server SharePoint 2007& Forefront for Sharepoint, SQL 2005 Critical
51 File Server DR Domain Controller Critical
52 File Server DR Exchange server Critical
Version
RESTRICTED
8.4.2. Network Environment

Routers, Switches and Hubs
Device Quantity
Cisco Catalyst 4000E 2
Cisco Catalyst Switches 35
Cisco routers 13
Wireless Access Points 55
Wireless Access Controller 2
Firewall (team1) 4
Network Monitoring Tools

Cisco Works 4.0
Cisco Network Assistant 5.4
Wireless Network Monitoring Tool
Airwave (Aruba) 7.0.5
8.4.3. Software Environment

Operating Systems
Servers
Microsoft Windows Server 2003, 2008
Workstations
Microsoft Windows 7 SP1, Windows XP SP3
Relational Database Environment
Microsoft SQL Server 2005 (planned upgrade to SQL Server 2008 in 2012)
Microsoft SQL Server 2008
Development Environment
Sybase PowerBuilder v8
Sybase PowerBuilder v10
MS SharePoint 2007 (planned upgrade to MOSS 2010 in 2012)
Microsoft .Net 2005
Saperion (Document Management)
Microsoft Access 2000
Version
RESTRICTED
Hot Docs
Captaris 6.5 (Workflow)
Microsoft Office 2003, 2007, 2010
9. General Instructions
9.1. Deadline for submission of proposals:
a) Technical and financial proposals shall be submitted in two separate sealed
envelopes on which the name of the project and the vendor shall be clearly
shown.
b) Vendors are required to submit their technical and financial proposals in one
signed original and two copies and an editable electronic format in two sealed
envelopes at time no later than 2:00 pm (Kingdom of Saudi Arabia time) of
21/10/1433H (Saturday 8th September 2012G). Proposals submitted or
delivered after the expiry of the specified date shall not be accepted. Proposals
are to be submitted to the following address:-
Saudi Industrial Development Fund
P. O. Box 4143
Riyadh 11149
Attention: Mr Adeeb Al-Shamas
Deputy Department Manager (Acting), Operations and
Administration
9.2. Date of Opening of envelopes

Sealed envelopes submitted by the vendors shall be opened on 22/10/1433H (Sunday
9th September 2012G) at 10am (Kingdom of Saudi Arabia time) in the 4th floor
conference room of the SIDF premises.
9.3. Validity of proposals
Proposals shall continue to be valid and open for acceptance for no less than 90 days
from the date of opening of envelopes, and bidders are required to state in their
proposals continued validity of proposals throughout such period. Proposals and any
documents or data attached thereto in response to RFP shall be the property of SIDF
and not returned to vendors.
9.4. Points of Contact
For any inquires, technically or financially, in respect of content of this RFP or the
submitted proposals, vendor may coordinate by contacting either of the following
officials:-
Mr Harun Rashid Bhaijee
Quality Management Consultant
Consulting & Quality Management Division
Information Technology Department
Version
RESTRICTED
Telephone # 01 4774002 extension 383

Fax # 01 4790165 extension 383
Email: h.bhaijee@sidf.gov.sa
P.O. Box 4143
Riyadh 11149
Kingdom of Saudi Arabia
Mr Marwan Al-Saleem
Team Leader, Information Technology Security
Consulting & Quality Management Division
Information Technology Department
Telephone # 01 4774002 extension 353
Fax # 01 4790165 extensions 353
Email: m.saleem@sidf.gov.sa
P.O. Box 4143
Riyadh 11149
Kingdom of Saudi Arabia
9.5. Proposals are to be addressed to
Proposals shall be clearly addressed as follows:-
Proposal submitted to Saudi Industrial Development Fund for provision of
services (ISO 20000:2011) (Service Management System) with respect to
application of the Services Centre Team and Tool for Technical Support Office.
Proposals are to contain the name and telephone number of the contact person
responsible for replying SIDF inquiries.
SIDF should be contacted for obtaining further information on the subject
proposal through the above mentioned contact address. Proposals may also be
emailed.
9.6. Governing Law

The contractual relationship between SIDF and the successful bidder shall be subject to
the Government Bids and Procurement Law, enacted by the Royal Decree No. M/58 on
4/9/1427H.
9.7. Documentation and information required to be submitted by vendors
Bidders are required to enclose to their financial and technical proposals the following
documents, and comply with the conditions regulate the submission of proposals:
Submit as attachment a copy of the balance sheet of the company or establishment

1 and the profit and loss account for the last two years certified by cognized and
chartered accountants firm.
Version
RESTRICTED
Submit as attachment a certified statement listing the contracts the company or

2 establishment has executed in the same required business field, along with a list
showing contracts currently under execution approved by the competent authorities.
Submit explanatory information on the companys or establishments field of specialty,
3 activities, and the references for assertion of activity and efficiency.
Attach to the proposal a preliminary guarantee ranging from (1%) to (2%) (from one
to two per cent) of the value of the proposal, and such preliminary guarantee shall be
valid for no less than 90 days (ninety days) from the date specified for opening the
envelopes. The successful company or establishment upon reward of work is required
4 to submit a final guarantee of (5%) of the total value of the proposal within ten days
from the date of authorizing such company or establishment to perform the work. The
final guarantee shall remain valid until the date specified and agreed upon for the
complete execution of the work.
Following documents and licenses are required to be submitted to SIDF:
Commercial registration or regulatory license in the business for which is applied.
Certificate of membership of the Chamber of Commerce and Industry.
Certificate of payment of Zakat or tax.
5 Certificate from the General Organization for Social Insurance (OSI) evidencing
registration of the organization with OSI and attesting to payment of the insurance
entitlements.
Certificate of compliance with the specified Saudization rate.
Documents and licenses mentioned above must be valid.
Bidders shall submit detailed description reflecting their understanding of the scope of
6 the proposed work and their capabilities to fulfill the requirements stated in the tender
specifications.
Quotations must be submitted according to the conditions and specifications set for the
execution of the work required. Proposals non-compliant to such conditions and
7 specifications shall be excluded. The total value of the proposal shall be inclusive and
cover all costs of the execution of the proposal, including fees and taxes paid by the
company or establishment.
Total prices and any increase or decrease made thereto must be specified in the original
proposal letter. No consideration shall be given to any reduction submitted by a virtue
of a separate letter even if such letter is an attachment to the proposal. With the
8 exception of negotiable cases provided for in the provisions of the Government Bids
and Procurement Law, changes of prices of proposals by increase or decrease are not
permitted after the submission of proposals.
Version
RESTRICTED
SIDF is entitled to exclude any item described in the stipulated conditions and
9 specifications and deduct the equivalent sum from the costs.
Proposal shall be submitted at the time and place specified. Proposals submitted or
10 received after the submission deadline shall be rejected.
Bidders of submitted proposals who offer to execute the works should investigate, prior
to submission of his proposal, the nature of the business he bids for, the circumstances
11 associated with execution of the work, having obtained all data and details, and being
aware of potential impacts on categories of his proposal and involved risks of
obligations.
Submissions of costs of execution of the required work and payments of such costs
12 shall be in Saudi Riyal.
Contracts for execution of the required work, the documents and appendixes thereof
shall be drafted in Arabic language. In addition, it is required to submit the required
13 proposal in English to the Arabic language which shall be the approved language for
interpretation and implementation of the contract and stating the specifications, plans
and correspondence pertaining to the contract.

RFP For ISO 20000 Service Desk Implementation-Final-backup

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

RFP For ISO 20000 Service Desk Implementation-Final-backup

Загружено:

Авторское право:

Доступные форматы

SIDF

ISO 20000:2011 (SMS), Service Desk

Prepared Reviewed Approved Owner Version Date of Date of

Changes made (from previous version)

Sr. No Related Artifacts

Copyrights @ SIDF, All rights reserved

Abbreviations Used ................................................................................................................. 5

4.10. Support ......................................................................................................................... 38

9.7. Documentation and information required to be submitted by vendors .................... 51

ADD Application Development Division

1. Provision of medium and long-term soft loans to private industrial projects

2. Provision of medium and long-term soft loans to existing private industrial

3. Provision of economic, technical, administrative, financial and marketing advice

1.2. Purpose of the Tender Specification

1.3. Term of the Contract

1.6. Discharge of Liability

1.7. Preparation of Responses

All prices shall be consistently in Saudi Riyals (SR).

Respondents should provide a clause-by-clause response to the RFP as specified.

SIDF reserves the right to accept all or part of the proposal.

Establish and manage all divisional activities to provide professional level

2.1.1. Application Development Division:

2.1.2. User Support Division:

2.1.3. Technical Support Division:

2.1.4. Consulting & Quality Division:

2.2. Current and Expected Future Environment

2.3. Current processes

USD - User Support Process

TSD Help Ticket Process

2.4. Current Help Desk Software Used

Remedy Help Desk User Floating 10

Action Request User Floating 10

Remedy Help Desk User Fixed 3

2.5. Purpose of RFP and Project (Project Objectives)

Continuous Process Improvement: Driven by senior management, focused on

Defect and Non-compliance prevention: Seeking to prevent non-conformance

Universal responsibility: Recognizing that quality is not only the responsibility of

Reliable, consistent and cost-effective services, giving competitive advantage

Improve overall reputation and perception of IT

Shift the balance towards proactive processes

Improves inter-departmental relationships by giving clarity on who does what and

A framework for staff training for automation of service management.

Getting certified from third party certification body (ISO 20000:2011)

Reduce the time it takes to resolve a call

Provide intelligent and meaningful reporting to management

Measurable Key Performance Indicators.

Compliant with ISO 20000:2011 standard and based on

Criteria Level of Criteria Met

Criteria Level of Criteria Met

Routing and escalation of ticket extends to associated

B. Service Desk Management Full Partial None Reference / Evidence

The application should automate the service desk

Which of the following SMS processes are automated?

B.22 All closed activities should be archived and retrievable.

C. Supplier Management Full Partial None Reference / Evidence

Application should be able to keep track of Supplier

Criteria Level of Criteria Met

C.2 Manage supplier relationships

The application should be able to maintain the details

It should support data federation and reconciliation

It should track variety of CI like software, Hardware,

enable the user to answer a satisfaction survey

Send messages to the Support Manager on overdue