Response to Technical Requirements Approach - the Department of ...

marlinlineInternet and Web Development

Oct 31, 2013 (3 years and 11 months ago)

90 views















Template
J

Technical Requirements Approach

Instructions for
RFP

Respons
e



RFP

#

Agency of Human Services

RFP #

Integrated Eligibility Solution

Template J


Technical Requirements Approach


Page |
i

Table of Contents


1.0

Architecture and Policy Requirements

................................
................................
................

3

1.1

Service Oriented Architecture (SOA)

................................
................................
...............

3

1.2

Interoperability and Interfaces
................................
................................
..........................

3

1.3

Scalability and Extensibility

................................
................................
..............................

4

1.4

Performance

................................
................................
................................
.....................

4

1.5

Regulatory Policies

................................
................................
................................
..........

4

1.6

Audit Compliance

................................
................................
................................
.............

4

1.7

Usability

................................
................................
................................
............................

4

2.0

Product Requirements

................................
................................
................................
.........

5

2.1

Enterprise Service Bus and Mess
aging Architecture

................................
......................

5

2.2

Data Integration and Extraction, Transformation and Load (ETL)

................................
.

5

2.3

Master Data Management

................................
................................
...............................

6

2.4

Security
................................
................................
................................
.............................

6

2.5

Consent Management

................................
................................
................................
......

6

2.6

Business Intelligence and Reporting

................................
................................
...............

6

2.7

Rules Engine

................................
................................
................................
....................

6

2.8

Portal Architecture
................................
................................
................................
............

7

2.9

Application Server

................................
................................
................................
............

7

2.10

Database Management System

................................
................................
......................

7

2.11

SOA Governance Infrastructure (SGI)
................................
................................
.............

8

2.12

Business Process Management (BPM) and Case Management
................................
....

8

2.13

Transaction Monitoring and Logging

................................
................................
...............

9

2.14

Document Management
................................
................................
................................
...

9

2.15

Identity Management / Single
-
Sign
-
On
................................
................................
............

9

3.0

Solution Requirements
................................
................................
................................
.......

10

3.1

Inte
grated Eligibility Infrastructure

................................
................................
.................

10

3.2

Shared Analytics Infrastructure
................................
................................
......................

10

4.0

Technical Standards

................................
................................
................................
..........

11

5.0

Software and Hardware Components

................................
................................
...............

12

5.1

Proposed Packaged Software Technical Specifications

................................
...............

12

5.2

P
roposed Hardware Technical Specifications

................................
...............................

13

5.2.1

Server Architecture

................................
................................
................................
.

14

Agency of Human Services

RFP #

Integrated Eligibility Solution

Template J


Technical Requirements Approach


Page |
ii

5.2.2

Client Architecture
................................
................................
................................
...

14

5.2.3

Data Storage Architecture

................................
................................
......................

14

5.2.4

Tools
................................
................................
................................
........................

14

5.2.5

Peripheral Architecture

................................
................................
...........................

15

5.2.6

Network Architecture
................................
................................
...............................

15

6.0

System Administration and Support

................................
................................
..................

16

6.1

System Administrati
on:

................................
................................
................................
..

16

6.2

Audit Logs
................................
................................
................................
.......................

16

6.3

Data Archival

................................
................................
................................
..................

16

6.4

Technical Documentation

................................
................................
..............................

16

6.5

Technical Environments
................................
................................
................................
.

17

7.0

System Security and Disaster Recovery

................................
................................
...........

18

7.1

Security Architecture and Design

................................
................................
..................

18

7.2

Identity and Access Management (IAM)
................................
................................
........

18

7.3

Application Encryption
................................
................................
................................
....

19

7.4

Privacy and Consent

................................
................................
................................
......

19

7.5

Security Audit

................................
................................
................................
.................

19

7.6

Database Security

................................
................................
................................
..........

20

7.7

Software and Hardware Security

................................
................................
...................

20

7.8

Data Backup

................................
................................
................................
...................

20

7.9

Disaster Recovery

................................
................................
................................
..........

21

8.0

System Performance, Availability and Capacity
................................
................................

22

8.1

Performance Requirements

................................
................................
...........................

22

8.2

System Availability

................................
................................
................................
.........

22

8.3

IT Component Capacity Planning

................................
................................
..................

22

8.4

Performance Monitoring and Management

................................
................................
...

23

9.0

Technical Requirements Assumptions

................................
................................
..............

23


Agency of Human Services

RFP #

Integrated Eligibility Solution

Template
J



Technical Requirements Approach


Page |
3



1.0

Architecture and Policy Requirements

The
Vendor

must
provide a narrative overview of how the proposed solution will meet the
Integrated

Eligibility Solution

p
roject requirements.

The following questions pertaining to
Technology
and Application Architecture
Requirements and
Policy

and
must be answered

by
the
Vendor
.

Instructions:
Describe the
Vendor
’s proposed approach in
addressing the
requirements
for
Product and Solutions

categories
, either by leveraging and modif
ying off
-
the
-
shelf technology
components
or building from the ground
-
up.

Please u
se these response sections to provide specific details of the proposed approach to
meeting
Ver
mont AHS

requirements in each area. Responses should, when necessary,

reference requirements using the appropriate
RFP

Requirement Numbers from
Attachment 3,
Template

I

-

RFP

Non
-
Functional

Requirements.

Also, include one or more diagrams where necessary t
hat detail the
proposed design and the
relationships between key technical components.

Responses in this section must be highly
-
focused on
the
specific
r
equirements and must not
simply provide generic or marketing descriptions of
technology or product

capa
bilities
.

1.1

Service Oriented

Architecture

(SOA)

Instructions:

Describe the
Vendor
’s proposed approach to SOA. The
Vendor
’s approach, at a
minimum, must take the following topics into consideration while providing the details




Distribution of Services



Integr
ation of Services



Ease of Maintenance



Administration and Security



Support for various Protocols


<Response>

1.2

Interoperability and Interfaces

Instructions:
Describe the system integration approach between the
Vendor
’s proposed
solution, Interfa
ced Systems and any other proposed third party products.

Describe the
interoperability features and capabilities of the
Vendor
’s proposed solution.

The approach must,
at a minimum, provide details on how the proposed Solution intends to meet or exceed the
Interoperability
-
Interface Requirements set forth in the document ‘Non
-
Functional
Requirements, Tab
A.2. Interoperability
-
Interface Requirements’


<Response>

Agency of Human Services

RFP #

Integrated Eligibility Solution

Template
J



Technical Requirements Approach


Page |
4



1.3

Scalability and Extensibility

Instructions:

Describe
the
Vendor
’s
approach
to Scalab
ility and Extensibility of the proposed
Solution
.
The
Vendor
’s approach, at a minimum, must take the following topics into
consideration while providing the details




Ability to meet Future Growth



Configurability



Flexibility to keep up with changing Techno
logy and Regulatory needs



Ease of Maintenance


<Response>

1.4

Performance

Instructions:

Describe
the
Vendor
’s approach
for the proposed solution to meet
Performance
standards
. The approach must, at a minimum, provide details on how the proposed S
olution
intends to meet or exceed the Performance Requirements set forth in the document ‘Non
-
Functional Requirements, Tab A.4.

Performance Requirements’


<Response>

1.5

Regulatory Policies

Instructions:

Describe
the
Vendor
’s approach for the pro
posed solution to
adhere to or enable
the

listed federal and local regulations


<Response>

1.6

Audit Compliance

Instructions:

Describe
the
Vendor
’s approach for the proposed solution to meet Audit
and
Compliance

requirements


<Respon
se>

1.7

Usability

Instructions:

Describe the
design approach and the characteristics of the
user interface
for the

proposed solution
.
The System must be designed to utilize a

browser based or a Rich Internet
Application that

can
provide feature rich applicati
ons that can be updated over the Wide Area
Network and the Internet, and should deliver a consistent user experience to
Vermont

Citizens
and
HHS

employees and contractors,

and partners.


<Response>

Agency of Human Services

RFP #

Integrated Eligibility Solution

Template
J



Technical Requirements Approach


Page |
5



2.0

Product Requirements

The following questions

pertaining to
Product R
equirements must be answered.

2.1

Enterprise Service Bus and Messaging Architecture

Instructions:

Describe
the
Vendor
’s approach to meeting the Enterprise Service Bus
requirements as well as the
messaging approach for server
-
to
-
server
and client
-
to
-
server
communications,
if

applicable.

The
Vendor
’s approach, at a minimum, must take the following
topics into consideration while providing the details




SOA Architecture



Integration Mechanism



Routing and Orchestration Mechanism



Synchronous
and Asynchronous Communication



Reliability of Message Delivery



Support for Industry Standard Messaging and Interfaces



Administration and Security


<Response>

2.2

Data Integration and Extraction, Transformation and Load
(ETL)

Instructions:

Descri
be the
Vendor
’s proposed approach to Data Integration and supporting
technologies for Data Extraction, Transformation and Load into appropriate target systems.

VT’s

requirement for Enterprise Data Management is to have a mixture of OLTP (Online
Transaction

Processing), ODS (Operational Data Store), Data Warehouse, and Data Mart
technologies that support transaction processing systems, information integration and reporting,
enterprise analysis and decision support, and f
unctional analysis.

The design approac
h for the System must
take into account the following

four major types of
shared data:



Online Transaction Processing (OLTP)

databases must be the read
-
write stores of
AHS’s

transactional services and systems, and must be the primary point of data
creation

within
AHS
.



Operational Data Store (ODS)

databases should be used to support operational and
tactical
data consolidation and data access
needs of
AHS
. The data contained in an
ODS must originate in one or more OLTP databases.



Data Warehouse

databases shou
ld primarily support managerial and strategic decision
making for
AHS
. A data warehouse
may

contain summarized data rather than detailed
data as in an ODS.



Data Mart databases

should support departmental decision making for
AHS
. The scope
of information st
ored within a data mart should be generally much smaller than within a
data warehouse, and is limited to the needs of its audience.


Agency of Human Services

RFP #

Integrated Eligibility Solution

Template
J



Technical Requirements Approach


Page |
6



<Response>

2.3

Master Data Management

Instructions:

Describe
the
Vendor
’s proposed approach to implementing the M
DM
technologies to build a Master Client Index / Enterprise Master Person Index to meet the State’s
requirements in each phase of the implementation.


<Response>

2.4

Security

Instructions:

Describe
the Security Architecture and Managem
ent approach supporting the
Vendor
’s solution
.


<Response>

2.5

Consent Management

Instructions:

Describe
the Consent Management approach supporting the
Vendor
’s solution
.


<Response>

2.6

Business Intelligence and Reporting

Instructions:

Describe
Vendor
’s proposed approach to
the

Business Intelligence (BI) platform
that should deliver a balanced set of capabilities across three areas: information delivery,
analysis, and development and integration with certain fundamental capabilities tha
t need to be
provided as part of
the shared analytics and
a user
-
driven BI strategy.

Additionally, describe the
Reporting approach for both canned and ad
-
hoc reports and the ability of the pr
oposed solution
to provide Dash
boarding capabilities. The
Vendor

s approach, at a minimum, must take the
following topics into consideration while providing the details




BI Infrastructure



Scalable Data Architecture



Data Integration Tools


<Response>

2.7

Rules Engine

Instructions:

Describe
the Business Rules E
ngine technology that will enable and support the
Vendor
’s solution for both Integrated Eligibility as well as support of other programs
.

The
Vendor
’s approach, at a minimum, must take the following topics into consideration while
providing the details




R
ules Engine Architecture



Validation, Calculation, Decision and Generation Rules

Agency of Human Services

RFP #

Integrated Eligibility Solution

Template
J



Technical Requirements Approach


Page |
7





Performance Tuning and Debugging



Rule Storage and Versioning


<Response>

2.8

Portal Architecture

Instructions:

Describe the
Vendor
’s proposed approach to
using the

Po
rtal
technologies to
enable access for the variety of internal and external end users of the proposed solution. The
Vendor
’s approach, at a minimum, must take the following topics into consideration while
providing the details




Multiple Channel Support



Se
arch Capabilities



Accessibility considerations



Personalization



Usability best practices and Federal guidance

<Response>

2.9

Application Server

Instructions:

Describe
the Application Server technology and approach supporting the
Vendor
’s solution
.

The
Vendor
’s approach, at a minimum, must take the following topics into
consideration while providing the details




Enterprise Ready and Scalable



Clustering



Store
-
and
-
Forward



Administration



Security

<Response>

2.10

Database

Management System

Ins
tructions:

Describe the
Vendor
’s proposed solution approach to Metadata management,
load balancing and/or clustering for extended scalability and performance, performance in
transaction processing and report processing, Security and Audit.

The design appro
ach for the
solution

shall address three

major sets of shared data:



Real
-
time Integrated / Centralized Database


Data regarding the Applicant’s status,
Participant's profile, benefits records / account, and financial records must be stored in a
centraliz
ed operational database for real
-
time access and subsequent follow
-
up and
reporting.



Data Warehouse and Data Marts


Data
extracted
from the Real
-
Time
operational

database
s

and other external sources must be integrated, aggregated and optimized
Agency of Human Services

RFP #

Integrated Eligibility Solution

Template
J



Technical Requirements Approach


Page |
8



in
to physic
al data warehouses and marts

a timely fashion to support reporting and
business intelligence needs.



Document Repository


The
Solution

must have the capability to centrally manage all
documents throughout their lifecycle and share documents between various

stakeholders


<Response>

2.11

SOA Governance Infrastructure (SGI)

Instructions:

Describe
the approach to designing and deploying the appropriate Service
Oriented Governance infrastructure technologies supporting the
Vendor
’s solution
.

The
Vendor

s solution and approach, at a minimum, must take the following technology sub
-
categories into consideration while providing the details




SOA policy Management



Service Portfolio Management



Compliance Engine



Service Repository



Service Registry



SOA Monitorin
g



SOA Policy Enforcement


<Response>

2.12

Business Process Management (BPM) and Case
Management

Instructions:

Describe
the Case Management and Business Process Management
technologies and design approach supporting the
Vendor
’s solution
.

The
Vendo
r
’s approach, at
a minimum, must take the following topics into consideration while providing the details




Rules Engine



Registry



Process modeling support



Workflow and task management



Administration


<Response>

Agency of Human Services

RFP #

Integrated Eligibility Solution

Template
J



Technical Requirements Approach


Page |
9



2.13

Transaction Monitoring and Logg
ing

Instructions:

Describe
the Monitoring and Logging capabilities of the proposed
Vendor
’s
solution
.

The
Vendor
’s approach, at a minimum, must take the following topics into
consideration while providing the details




Fault Monitoring



Performance Monitori
ng



Configuration Monitoring



Security Monitoring



Management and Reporting



Root Cause Analysis


<Response>

2.14

Document Management

Instructions:

Describe the
Vendor
’s proposed approach to
leveraging

Document Management
technologies for Eligibility
Determination process. The
Vendor
’s approach, at a minimum, must
take the following topics into consideration while providing the details




Store Electronic Forms



Scan and Store Imaged Documents



Searching of Documents



Digital Rights Management Capabilities


<Response>

2.15

Identity Management / Single
-
Sign
-
On

Instructions:

Describe
the
Vendor
’s approach to Identity Management supporting the
Vendor
’s
proposed solution and how a Single
-
Sign
-
On solution will be achieved
.


<Response>

Agency of Human Services

RFP #

Integrated Eligibility Solution

Template
J



Technical Requirements Approach


Page |
10




3.0

Solution Requirements

The following questions pertaining to
Solution

Requirements must be answered.

3.1

Integrated Eligibility Infrastructure

Instructions:

Describe the Vendor’s approach to meet Integrated

Eligibility
Infrastructure
Requir
ements
. The
Vendor
’s approach, at a minimum, must take the following topics into
consideration while providing the details




Business Rules Engine, Rule Management and Repository



Integration with H
BE

and Verification Data Sources



P
erformance and Scalabilit
y


<Response>

3.2

Shared Analytics

Infrastructure

Instructions:

Describe the
Vendor
’s
Shared Analytics approach supporting the proposed
Solution
.
The
Vendor
’s approach, at a minimum, must take the following topics into
consideration while providi
ng the details




Shared Analytics Architecture and Design



Integration and Data Quality



Metadata

and Data Quality



Availability

and Security



Performance



Connectivity



Scalability



Compliance



Deployment



Application Support



Administration and
Backup
-
Archiving


<Response>

Agency of Human Services

RFP #

Integrated Eligibility Solution

Template
J



Technical Requirements Approach


Page |
11



1.11.


4.0

Technical Standards

Instructions:

Please describe the language environment(s), standards, relational databases,
channels supported, hardware platforms supported, and other aspects of the technical direction
for the
solution
. Pleas
e also
discuss

the timetable for migration of the
solution

to new
technologies, product sets, or standards.


<Response>

Agency of Human Services

RFP #

Integrated Eligibility Solution

Template
J



Technical Requirements Approach


Page |
12



5.0

Software and Hardware Components

Th
e following questions pertaining

to
any additional
Software and Hardware components

be
yond what has already been deployed by Oracle
Professional Services
must be answered.

Please refer to the General System Design,
list of planned or existing SOA infrastructure
components,
other reference

documents in the procurement library for additional
details.

5.1

Proposed Packaged Software
Technical

Specifications

Instructions:

Please list all the specifications of the proposed Packaged Software in the table below.

Respondents are not to change any of the completed cells in the following table. Any chan
ges to the completed cells in the
following table could lead to the disqualification of a respondent.


Table

1.

Proposed Packaged Software


<The
Vendor

may insert additional rows as required>

Soft
ware
Item #

Soft
ware Item


Environment
(e.g.,
Develop
ment,
Test, Training,
Production)


Manu
facturer


License
Type

(e.
g.,
enterprise,
per user, per
server)



Brand
Name


Module
Name


Version

Number


Utility/
Systems
Mgmt
Software,
DBMS, Data
Warehouse,
Other


Detailed
Description

(e.g.,
functionality,
purpose)

OS


Earliest
Proposed
Purchase
Date

1

Item 1





















2

Item 2





















3

Item 3





















Agency of Human Services

RFP #

Integrated Eligibility Solution

Template
J



Technical Requirements Approach


Page |
13




5.2

Proposed Hardware Technical Specifications

Instructions:

Please list all the specifications of the proposed
additional
Hardware
in the table below.


Respondents are not to change any of the completed cells in the following table.


Table

2.

Proposed Hardware

Hard
-
ware
Item #

Hardware

Item


Environment (e.g.,
Develop
ment, Test,
Training, Production)


Manu
facturer


Detailed Description

(e
.g., number of processors, amount and type of storage and
memory, type of network card)


Operating
System


Earliest
Proposed
Purchase Date

1

Item 1











2

Item 2











3

Item 3












<The
Vendor

may insert additional rows as required>



The
Vendor

may insert additional rows as required>

Agency of Human Services

RFP #

Integrated Eligibility Solution

Template J



Technica
l Requirements Approach


Page |
14



5.2.1

Server Architecture

Instructions:

The
Vendor

is to d
escribe the supported OS platforms and Server Configurations for the
Vendor
’s proposed solution. Include
minimum recommended specifications to support

the proposed solution in all required environments (e.g., development, testing, training,
and production)


<Response>

5.2.2

Client Architecture

Instructions:
The
Vendor

must d
escribe the client (desktop) architecture for the
Vendor
’s proposed sol
ution, including
minimum
recommended specifications (e.g., RAM, video RAM, disk space, processor speed) to support the proposed solution, as well virt
ualized
configurations to improve manageability and reduce operational costs.


<Response>

5.2.3

Da
ta Storage Architecture

Instructions:

The
Vendor

is to p
rovide details on the data storage software and hardware components the
Vendor

proposes to use in their
system.


<Response>

5.2.4

Tools

Instructions:

The
Vendor

must provide

details on the too
ls and utilities used to design, build, test, deploy, report, monitor, and operate the
system and its components.


<Response>


Agency of Human Services

RFP #

Integrated Eligibility Solution

Template J



Technica
l Requirements Approach


Page |
15



5.2.5

Peripheral Architecture

Instructions:

The
Vendor

is to d
escribe the architecture of other devices such as printers,

electronic signature pads, smart card
reader/writer and attached disks, which are necessary or recommended for the
Vendor
’s proposed solution, including

minimum and
recommended specifications to support the proposed solution.


<Response>


5.2.6

Ne
twork Architecture

Instructions:

The
Vendor

is to d
escribe the proposed solution approach to network topology and hardware required to achieve this
architecture (e.g., load balancing utilizing hardware and software based load balancers ahead of the web ser
vers, Virtual Private Networks
(VPNs), creation of DMZs by firewalls).


<Response>

Agency of Human Services

RFP #

Integrated Eligibility Solution

Template J



Technical Requirements Approach


Page |
16



6.0

System Administration and Support

The following questions pertaining to
System Administration, Support and Maintenance

must be
answered.

Please refer to the G
eneral System Design, Security Planning and Capacity Planning
documents in the Procurement Library for additional details.

6.1

System Administration:

Instructions:

Describe the system administration tools and procedures that will be delivered for
the ongoing
support and maintenance, including customization of the
Vendor
’s solution.
Describe the proposed overall management framework, including proposed tools for:



Application management and monitoring



Web services management



Systems management and monitoring



Eve
nt management



Identity and Access Management



Network management and monitoring



Performance monitoring



Print Prioritization & Management



Workload Management

Describe any proposed third
-
party off
-
the
-
shelf management tools and include detailed
information re
garding provider, product and version.


<Response>

6.2

Audit Logs

Instructions:

Describe the audit trail capabilities of the
Vendor
’s proposed solution.


<Response>

6.3

Data Archival

Instructions:

Describe the processes used to archiv
e and restore data from operational
databases.


<Response>

6.4

Technical Documentation

Instructions:

Describe the technical documentation that comes delivered with the
Vendor
’s
proposed solution.

Agency of Human Services

RFP #

Integrated Eligibility Solution

Template J



Technical Requirements Approach


Page |
17




<Response>

6.5

Technical Environments

Instructions:

Vendors must describe the approach that will be taken to establish
-



Multiple environments (e.g., development, testing, training,
staging and production
readiness,
production
, and disaster recovery
)



Procedures used to migrate software from
one environment to another



Steps needed to maintain the synchronization between environments.


<Response>

Agency of Human Services

RFP #

Integrated Eligibility Solution

Template J



Technical Requirements Approach


Page |
18



7.0

System Security and Disaster Recovery

The following questions pertaining to
System Security and Disaster Recovery

must be
answered
.

Ple
ase refer to the
Proposed Solution Overview in the main RFP document
(
especially the

guiding principles, the

“Proposed Approach to Security” and

the

“Proposed
Approach to Data Privacy”), the non
-
functional requirements in Template I (especially tab A4


Pe
rformance and A5


Regulatory and Security) and the

General System Design

document in
the Procurement Library for additional details.

7.1

Security Architecture and Design

Instructions:
Describe the
Vendor
’s proposed approach to support
technical controls and

technology solutions that must be secured to ensure the overall security of the System
,
including:



Provide security
-
related input into IT infrastructure, system and application design.



Leverage published industry standards and models to apply security bes
t practices.



Support, enable and extend the security policy by providing specific security
-
related
guidance to decision makers



Contain the capability to provide user and site authentication



Support VPN access



Include the ability to recover from a failure o
f any single element



Be easily serviceable



Support the establishment and active management of data sensitivity levels



Include application and system hardening processes


<Response>

7.2

Identity and Access Management (IAM)

Instructions:
Describe t
he
Vendor
’s proposed approach to support IAM, including:



Enable
Vermont AHS

to identify users in different contexts so that
Vermont AHS

policies
and user preferences can be applied consistently.



Deliver an integrated login experience for users across
Vermo
nt AHS

systems and
channels.



Enable coherent audit trails and chain of custody records needed for security forensics
and compliance requirements.



Support the proactive management of user access to
Vermont AHS

resources including
de
-
provisioning when needed
.



Enable
Vermont AHS

to consistently identify Participants so that customer service can
be more effective.



Support the use of Microsoft Active Directory for identification and authorization

Agency of Human Services

RFP #

Integrated Eligibility Solution

Template J



Technical Requirements Approach


Page |
19




<Response>

7.3

Application Encryption

Instructions:
De
scribe the
Vendor
’s proposed approach to support Application Encryption,
including:



Encryption of database columns and indexes for data at rest.



Encryption of flat files at rest and in motion.



Network encryption at the session layer (or lower) to secure co
mmunication streams that
traverse un
-
trusted networks; and to provide encryption for sensitive data in motion
across any network.



Field
-
level encryption so custom applications can secure pertinent information within a
communication stream.



Key management f
or secure creation, storage, and retrieval of encryption keys.


<Response>

7.4

Privacy and Consent

Instructions:
Describe the
Vendor
’s proposed approach to support Privacy and Consent,
including:



Role
-
based access within the System must ensure th
at access to sensitive information
will conform
to
the State’s

policies
.



The System must be able to identify and delineate between internal and external users
(users outside the Agency) and must give them different levels of visibility to System
data. When

displaying data, identification information tying the records back to specific
Participants must be omitted where appropriate.


<Response>

7.5

Security Audit

Instructions:
Describe the
Vendor
’s proposed approach to support
an audit trail of all
pertinent
events, giving due consideration to storage space and performance constraints. Examples of
these events include:



System start
-
up and shutdown



Successful and unsuccessful login attempts



User actions to access files or applications (successful and
unsuccessful)



Actions taken by system administrators and security personnel



All administrative actions performed on the System



Permission changes

Agency of Human Services

RFP #

Integrated Eligibility Solution

Template J



Technical Requirements Approach


Page |
20





Creation of users and objects



Deletion and modification of system files



Registry key / kernel changes



Skipped

or rejected alerts (to provide insight into Clinic practice)



Changes, additions or deletions to data (including operational and security data) sets
identified by management



Out of normal System operations usage or user access


<Response>

7.6

Dat
abase Security

Instructions:
Describe the
Vendor
’s proposed approach to ensure the confidentiality, integrity
and availability (CIA) of the Database Management Systems responsible for managing data
related to the proposed System.


<Response>

7.7

Software and Hardware Security

Instructions:
Describe the
Vendor
’s proposed approach to development and implementation of
security measures that will provide security and protection for the system, including:



Server OS Security



Client OS Security



Mobile De
vices Security



Web Server Security



Browser Security



POS Terminal Security


<Response>

7.8

Data Backup

Instructions:
Describe the
Vendor
’s proposed approach to support Data Backup, including:



Database and application backup procedures must be upda
ted to include backups for
the

System.



Full online data backups must occur, as well as offline backups using tape storage


<Response>


Agency of Human Services

RFP #

Integrated Eligibility Solution

Template J



Technical Requirements Approach


Page |
21



7.9

Disaster Recovery

Instructions:

Describe the
Vendor
’s general approach to reestablishing operations in th
e event
of a catastrophe, as well as its approach to providing
Vermont AHS

with a disaster recovery
plan. Provide specifications on any hardware and software components utilized by the

proposed security and disaster recovery solutions.
Include

the require
d components,
configurations and procedures to enable a recovery
.


<Response>

Agency of Human Services

RFP #

Integrated Eligibility Solution

Template J



Technical Requirements Approach


Page |
22



8.0

System Performance, Availability and Capacity

The following questions pertaining to
System Performance, Availability and Capacity

must be
answered.

Please refe
r to

the General System Design and other related

documents in the
Procurement Library for additional details.

8.1

Performance Requirements

Instructions:

Describe the ability of the
Vendor
’s proposed solution architecture to support:



Internal Case Workers, and e
xternal participants



Mission
-
critical services/Service Level Agreements



Ease of management



Ability to upgrade (ease and compatibility)



Virtualization and resource management



Network Performance Requirements



Meeting
System response time

requirements



The Sys
tem must provide data dashboard capabilities to facilitate real time graphical
display of technology performance metrics with drill
-
down capability aligned with IT
Operations user’s role and permissions


<Response>

8.2

System Availability

Instruc
tions:

The
Vendor

is responsible for delivering a cost
-
effective, high
-
availability
environment that minimizes the frequency and impact of system failures, reduces downtime,
and minimizes recovery time in the event of catastrophic failure. In this section
, provide details
on the
Vendor
’s approach to providing a highly available system.


<Response>

8.3

IT Component Capacity Planning

Instructions:

In this section, provide details on the proposed approach to planning, sizing and
controlling the sys
tem as IT Component Capacity needs change.



Data Base Storage Capacity



Real
-
time Integrated / Centralized Database



Data Warehouse and Data Marts



Knowledge Base



Document Repository


Agency of Human Services

RFP #

Integrated Eligibility Solution

Template J



Technical Requirements Approach


Page |
23



<Response>

8.4

Performance Monitoring and Management

Instructions
:
Describe the
Vendor
’s proposed methodology for monitoring and reporting
system performance, as well as the
Vendor
’s proposed approach to technology management.
This includes the methods for centrally managing system resources such as servers, backup,
ar
chiving, and recovery equipment, databases and applications. Address methods for auditing,
tracing and scanning the system. Provide details on the use of specialized tools the
Vendor

will
use to automate and track monitoring and management activities.


<Response>

9.0

Technical Requirements Assumptions

Document the assumptions related to the Technical Requirements in
Table
1
.

Table
1

Project Organization and Staffing Assumptions

ITEM
#

REFERENC
E
(Section,
Page,
Paragraph)

DESCRIPTION

RATIONALE

1.





2.





3.





<Vendor may add rows as appropriate.