Select Page

Module 05 Content

Module 05 Course Project – RFP Part V
Working off the same Request for Proposal.docx, continue to use your imagination and the fictional website hosting service provider you previously created to complete the following sections of the RFP Response Template.docx that you were developing in the previous week.

Request for Proposal.docx

RFP Response Template.docxWith this fictional business in mind complete the following sections of RFP Response Template:

Section 4.5.1: Include the services needed as a response to this RFP, then add in service offerings for Credit Card transaction services.
Section 4.5.2: Include bulk service discounts for the cloud-service provider of your choosing. Be sure to address web application development and credit card transaction services.
Section 4.5.3: Include information about how your fictional organization is consistently growing and as such, the price points for services do change year over year. Draft a paragraph including how these cost savings are evaluated quarterly, and any cost savings are passed to the customers as a credit for services annually.
Request for Proposal

Information Technology
Centralized Web Management Console

XYZ Technology Services

XYZ Technology Services
555 West Main Street
Orlando, FL 32830

The information in this RFP is confidential and proprietary and shall not be duplicated, used or disclosed in whole or in part for any purpose other than to prepare an appropriate response. This RFP may not be forwarded to any third party for evaluation or for any other purpose without the expressed written consent of XYZ Technology Services.

Statement of Work
1.1 Purpose
The purpose of this RFP is to invite prospective Website Hosting Service providers (Providers) to submit proposals to supply a centralized management console for its Internet of Things (IoT) automatic door locking system to XYZ Technology Services. 
XYZ Technology Services already had developed the door locking system and the connect web-app that would be used primarily by its customers.
The RFP outlines the relevant requirements for the required website hosting services. 
1.2 Coverage & Participation
XYZ Technology Services reserves the right to add and/or delete elements, or to change any element of the coverage and participation at any time without prior notification and without any liability or obligation of any kind or amount.
Upon receipt of this RFP, Recipient shall have previously submitted a signed copy of a Nondisclosure Agreement (“NDA”) with XYZ Technology Services. The NDA shall be applicable to this RFP, your response, and all future dealings between the Recipient and XYZ Technology Services until the NDA termination.
1.3 Proposal Costs; No Obligation to Contract
All costs and expenses associated with reviewing this RFP or preparing a response thereto is solely the responsibility of the Provider. XYZ Technology Services will not reimburse the Provider for any costs or expenses incurred by the Provider regarding the response to this RFP. Nothing in this RFP shall obligate, or be deemed to obligate, XYZ Technology Services to purchase any products or services from any Provider or to enter into any business arrangements of any kind with any Provider.
1.4 Provider Obligations and Responsibilities
By the act of submitting a response, the Provider will be held accountable for having informed him or herself of the following:
1. The conditions under which the services provided by the Provider will meet XYZ Technology Service’s requirements, including those outlined within this document,
2. The conditions that satisfy the contents of this and all other applicable contracts and documents, and
3. The conditions that satisfy all prevailing law, ordinances, provisions, rates and labor conditions.
Any failure or omission to so inform him or herself will not relieve the Provider from the obligation to successfully execute and deliver the terms therein.
General Information
2.1 About XYZ Technology Services Corporation

XYZ Technology Systems was founded in 2016 originally as a centralized monitoring application for use with smart phones. As the variety of various Internet of Things (IoT) devices grew, XYZ Technology Services sought to expand its app development opportunities. Therefore, in August of 2016, XYZ Technology Services purchased TS Security Systems, a manufacturer of door locking systems for homes and businesses.
After this acquisition, XYZ Technology Services ventured into physical manufacturing of its own IoT device, the XYZ Smart Door Lock. The XYZ smart door lock attaches to any existing door and uses the same internal mechanics as any standard door lock uses today. The advantage is that hidden within the lock are the electronics to connect this lock with your home’s Wi-Fi network, Bluetooth identification, and smart home devices. Allowing for any homeowner to increase the scale and functionality of who has access to their home without the need for creating additional keys. However, this is a technology tool and does require electricity to function. This is why there are automated alerts built within the door lock letting the homeowners know when the batteries need to be replaced. Additionally, if the batteries do happen to lose their charge before being replaced, the door lock also comes with two standard issue keys that can be used to manually unlock the door.
XYZ Technology Corporation now has 5 locations and approximately 175 employees of staff. With its headquarters right here in Orlando, Florida. The organization primarily works within normal business hours, but also has a 24 x 7 tech support call center which consist of 10 employees divided among all three day and nighttime working shifts.
2.2 Existing Situation
Based on customer reviews, and feedback by its employees, a piece seems to be missing in the technology ecosystem of this product; the web-based central management console.
This falls in-line with the strategic goals of the organization, as they would also like to have these devices managed from remote locations, even overseas, where cell phone connectivity is less available, but internet connectivity can still be gained in select locations.
2.3 Scope of Services
Scope, requirements, and information specified in this document are believed to be accurate. More detailed information may be available prior to SOW execution.
The following in-scope areas are targeted for outsources and proposals for a centralized management console to the specified requirements being requested.
· Application & Technology Stack Management for the centralized management console
· Support should include the implementation of new modules and configurations as needed, support for XYZ Technology Service administrators, user training, etc.
· Datacenter Hosting (Cloud-Based Hosting is preferred)
· Network Management including a guaranteed up-time commitment
· Information Security Management
2.4 Agreement Term
XYZ Technology Services is seeking to partner with a hosting service provider for 5 years with annual renewal options. Flexibility for XYZ Technology Services to change major products if desired.

2.5 Schedule of Events
XYZ Technology Services will award the deal and begin contract negotiations 60 days after the receipt of all RFP responses. Once the contracts are executed, the onboarding of the centralized management console should be available for beta testing are expected to be completed in six (6) months.
Proposal Preparation Instructions
3.1 Provider’s Understanding of the RFP
In responding to this RFP, the Provider accepts the full responsibility to understand the RFP in its entirety, and in detail, including making any inquiries to XYZ Technology Services as necessary to gain such understanding. Client reserves the right to disqualify any Provider who demonstrates less than such understanding. Further, XYZ Technology Services reserves the right to determine, at its sole discretion, whether the Provider has demonstrated such understanding. This right extends to cancellation of award if award has been made. Such disqualification and/or cancellation shall be at no fault, cost, or liability whatsoever to XYZ Technology Services.
3.2 Good Faith Statement
All information provided by XYZ Technology Services, in this RFP is offered in good faith. Individual items are subject to change at any time. XYZ Technology Services, makes no certification that any item in this RFP is without error.
Note – All RFP communications between XYZ Technology Services and Provider solicited for the RFP are considered confidential and shall not be distributed outside of these audiences.
3.3 Communication
Provider’s inquiries, questions, and requests for clarification related to this RFP are to be directed in writing (email) to:
Attention: [This Courses Instructor]
E-mail: [This Courses Instructor Email Address]
Formal Communications shall include, but are not limited to:
· Questions concerning this RFP must be submitted in writing (email) and be received prior to 30 days of the RFP release.
· Errors and omissions in this RFP and enhancements should be brought to XYZ Technology Service’s attention prior to 60 days of the RFP release.
· Verbal and/or written presentations and pre-award negotiations under this RFP.
3.4 Proposal Submission
Responses to the RFP are to be delivered via both electronic and hardcopy format. Electronic copies should be delivered via email in PDF or Word formats and should be constructed as a single primary document that may have links to supporting or reference material.
Attention: [This Courses Instructor]
E-mail: [This Courses Instructor Email Address]
Telephone: 212-555-3628
Hardcopy responses should be delivered to the address below:
XYZ Technology Services
Attention: [This Courses Instructor]
555 West Main Street
Orlando, FL 32830
3.5 Provider Contact
Please provide a single point of contact for subsequent conversations and potential negotiations. This contact should have the ability to develop project arrangements (that is, assemble appropriate staffing and develop necessary contracts) as well as have the authority to negotiate and approve contracts. Please provide us with the following information for this contact:
· Name
· Phone
· Title
· Company
· E-mail
· Address
3.6 Method of Evaluation
The evaluation of each response to this RFP will be based on its demonstrated competence, compliance, format, and organization. The purpose of this RFP is to identify those Providers that have the interest, capability, and financial strength to provide Client with a Premier Data Center Hosted environment and associated Services.
Evaluation Criteria:
1. Capability of Provider to meet or exceed requirements set forth in Scope of Work (Section 5).
2. Financial stability of Provider.
3. Demonstrated successful partnerships with current clients.
4. Competitive pricing.
5. Ability and skills of technical support staff.
6. Client references.
3.7 Selection and Notification
Providers determined by XYZ Technology Services to possess the capacity to compete for this contract will be selected to move into the negotiation phase of this process. Written notification will be sent to these Providers via mail and/or email. Those Providers who were not selected for the negotiation phase will also be notified via mail and/or email.
Provider Information
Please supply the information requested in the following sections for all service areas for which Provider is submitting a quote. The Provider Company Overview section should be completed if Provider is submitting a quote for any of the service areas. The Data Center Hosting Facility section should be completed if Provider is quoting the Mainframe services andor Intel Server-based Computing services.
The section number and subsection number should be included as part of the response to facilitate evaluations.
4.1 Provider Company Overview
4.1.1. Full legal name of the company, corporate address, phone numbers, contacts.
4.1.2. Year business was established. Company history Summary
4.1.3. Business or Industry focus
4.1.4. Number of people currently employed
4.1.5. Income statement and balance sheet for each of the two most recently completed fiscal years certified by a public accountant
4.1.6. Outline of Service Offerings
4.1.7. List of partnerships
4.1.8. Total number of current clients
4.2 Scope of Support Capabilities
Please complete the following support capabilities grid to identify whether the Provider has the capabilities to deliver the requested scope of services. Indicate with an ‘X’ andor provide explanation.

Provider has the capability

Provider will deliver the capability through another partner? Who?

Do not provide the capability.

Website Hosting Infrastructure

Website Authentication Services

Maintenance of Industry accepted security standards (PCI-DSS Compliance)

Electronic payment and tracking services

4.3 ProviderCustomer Relationship Management
4.3.1. Do you provide dedicated account management for your services relationship?
4.3.2. Describe your approach to service change management. Do you use change orders to modify services?
4.4 Managed Hosting Services
4.4.1. Provide a description of your data center hosting facilities.
4.4.2. Provide details on number of servers and other key metrics associated with servers and storage currently hosted in data center facilities managed by Provider.
4.4.3. Provide descriptions of services (e.g. Monitoring, Backup, Disaster Recovery, Security, etc.) available today under managed services offering. Include the number of clients or similar measure of the quantity of services being performed for external clients.
4.4.4. Provide description of available service levels.
4.4.5. Provide options for software licensing ownership for services, particularly Microsoft server and database software licensing.
4.5 Procurement, Contract Negotiation & Asset Management Services
4.5.1. Provide descriptions of services available today under managed services offering.
4.5.2. Do you offer technology contract negotiation capabilities? Are their consortium or bulk- buying discount opportunities that you leverage for multiple clients?
4.5.3. Provide description of available service levels including sourcing financial objectives. How do you pass financial benefits, e.g. cost savings to your client?
4.6 Project Management & Support
4.6.1. Provide example descriptions of two large technology projects that Provider has managed on behalf of its clients.
4.6.2. Does Provider have shared resources who can provide project management services?
4.6.3. Would Provider have available ad-hoc technology resources for technology projects? How would you allocate time for project services versus operational managed services for resources dedicated to the XYZ Technology Services account?
Managed Hosting
5.1 Required Services
The Provider should include the necessary capacity or hardware acquisition costs in the managed services proposal to operate. Data Center infrastructure is not expected to be purchased by XYZ Technology Services. Provider should also include necessary costs to host the required hardware in a Provider-managed data center as part of the managed service offering.
5.2 Scope of Services to Include:
Services to be provided include but not limited to:
· Hardware, operating system, and virtual server management, including installation and configuration
· System administration including patching and upgrades
· Security administration, including user account provisioning and access management
· Backuprestore management
· Antivirus administration
· Change Management
· Problem management and reporting
· Performance Monitoring
5.3 Network Requirements
Access to Data center hosted applications will require up to 100MB of bandwidth
5.4 Disaster Recovery
A disaster recovery plan has not been identified for the current solution. Production data should be backed up daily and maintained in an off-site recovery location with at least 7 days retention. The recovery location should have at least 60% capacity of the production server capacity.
5.5 Service Level Agreements
· Systems have required availability to users of > 99.6% during operating hours – 24 x 7 x 365.
· System maintenance windows are coordinated around the XYZ technology Services operating schedule. Impact to XYZ technology Services operations must be minimized.
5.6 Project Management & Support
Provider management and support should be provided on an ad-hoc basis with a predefined capacity of resource hours. The collective project resource hours (aka “bucket of hours”) should be agreed upon on a quarterly basis with XYZ Technology Services stakeholders. Certain resources dedicated to the XYZ Technology Services account may be used for projects where a percentage of their time will be reserved for projects; the Provider should specify the allocation by resource.
Services should include:
Project Management
· Project scope definition
· Project timeline and resource effort estimating
· Project scheduling and tracking including activity status, resource management, risk and issue management.
Business Analysis
· Business analysis and facilitation of solution design
Technology Resources
· Solution Design
· Technology Implementation effort
Responsibilities and Staffing Model
Provide a recommended staffing model including quantity of resources by service area. Identify whether the resources will be on-site or remote, dedicated or shared, skill level and the % of dedicated resource capacity allocated for providing the managed services vs project work.
Provide a representative high-level RACI (ResponsibleAccountableConsultedInformed) or equivalent description of the various roles between the Provider and the Customer in your standard or typical services relationship.
Pricing
All Providers must provide pricing information for the scope of areas of services outlined in Section 4 for which they would be able to provide services. The Providers must agree to keep these prices valid for 180 days starting on RFP close date. Providers may use their own forms for providing price quotes. Methods of price calculations and assumptions should be noted on the form.
Providers should provide monthly pricing for a 5-year term for the respective Service scope areas.
A rate card for ad-hoc Project Management and Technology consulting services should be provided for Project Management & Technology Resources.
References
All Providers must provide a minimum of three client references. At least one client must subscribe to each of the in-scope service areas that are being quoted by the Provider. We prefer the providers who are using similar products.

Contract
XYZ Technology Services standard terms and conditions are included in Appendix A. The Provider must review and indicate acceptance via a Yes or No response to the Client’s terms and conditions as part of the RFP response.
Please also provide a copy of your standard agreement including any specific terms and conditions related to services included in the RFP.
XYZ Technology Services is seeking an agreement for a 5-year term.
Person[s] authorized to negotiate on behalf of this firm for purposes of this RFP are:
Name: Title:
Signature: Date:
Name: Title:
Signature: Date:
Signature of Authorized Officer:
Name: Title:
Signature: Date:

Appendix A – Client Standard Terms and Conditions
Please specify whether the following terms are agreeable in the RFP response indicating Yes or No.
1. The contract shall be governed by the laws of the State of Florida.
2. Provider warrants that it owns and possesses all rights and interests in the licensed software and hardware necessary to enter into the contract, and shall indemnify and hold licensee, its agents, officers and employees harmless from any loss, damage or liability for infringement of any patent right or copyright or other property right with respect to the use of the licensed software and hardware.
3. Provider will have submitted a copy of its standard warranties and representations for its products that apply to this RFP, including optional warranties available for those products, which will have been submitted with the RFP response.
4. Provider shall indemnify licensee, its agents, officers and employees for damages resulting from negligence or misconduct of Provider, its agents, officers and employees.
5. XYZ Technology Services may assign the contract without the prior consent of the Provider to a present or future affiliate, subsidiary or successor.
6. Provider may not assign the contract without XYZ Technology Services prior written consent.
7. XYZ Technology Services information must be kept confidential.
8. Provider will not solicit employment of XYZ Technology Services personnel with whom Provider comes into contact.
9. Provider will permit XYZ Technology Service sits auditors and regulators access to Provider’s books and records relating to the contract.
10. Provider will have returned a signed copy of the Non-Disclosure Agreement with the RFP response.
11. Provider will have submitted a copy of its standard licensing and maintenance agreements that apply to this RFP, which will have been submitted with the RFP response.
12. Payment terms shall be Net 45 days. Client shall reserve the right to withhold payment on disputed amounts until resolution.
XYY Technology Service Page 4 of 12 Confidential

Running head: RFP Response 1
RFP Response 20

XYZ Technology Services – RFP Response Part 4
Jude Akassap
Rasmussen College

RFP Response
Response to RFP Requested Information
The following sections include responses to questions from the RFP. The section numbers from the RFP have been reused to correlate the responses.
Introduction
Cloudy is a cloud hosting provider that focuses on containers. Each instance is launched in its own Docker container as a result. A service is a component of your architecture, such as a back-end application, database, queue, or cron worker.
This adds a layer of abstraction that allows you to go beyond the server or cloud idea. You can view the hardware configuration using Cloudy, but you don’t have to worry about setting up Nginx or obtaining an SSL certificate. All of this is taken care of by us. As a result, Cloudy is an excellent choice when you need to quickly deploy your project.
3.5 Provider Contact
John Nick
800-125-693 Ext: 012
CIO
HostMan
[email protected]
Street 1, New York

4.1 Provider Company Overview
Cloudy is a web app and website hosting service that allows you to host any web app or website without having to manage servers, spend days setting up, or hire an entire engineering team. Connect your repository, deploy your app or website in a few clicks, and Cloudy takes care of the rest. When your app is launched, Cloudy automatically installs an SSL certificate for all of your domains and a content delivery network (CDN) to ensure that your content is delivered as quickly as feasible. As soon as you push a new commit to the repository, Cloudy automates CI/CD, pulling, building, and launching code.

4.1.1 Full legal name of the company, corporate address, phone numbers, and contacts.

List of Primary Contacts

Name of Contact

Title

Phone Number

Smith

Server Administrator

800-125-693 Ext: 013

William

Network Administrator

800-125-693 Ext: 014

Stark

Web Application Manager

800-125-693 Ext: 015

Pepper

Database Administrator

800-125-693 Ext: 016

Bruno

Software Quality Analyst

800-125-693 Ext: 017

4.1.2 Year business was established. Company history summary
Cloudy was established in August 2013. Cloudy reduces costs to DevOps teams, making it the ultimate product for your business.

4.1.3 Business or Industry focus
Our main focus is on our customers and their development. As their needs vary, so does our attention.
4.1.4 Number of people currently employed
Currently 2000 employee are working with us.

4.1.5 Income statement and balance sheet for each of the two most recently completed fiscal years certified by a public accountant
At this moment, cloudy can supply 1 year of audited financial statements for the last 8 years. Before that moment. The 9th annual audit of cloudy is presently underway, and the financial statements will be accessible after August of this year.
4.1.6 Outline of Service Offerings

Capability

Description of Service

Cloud-Based Storage

Our pricing starts at 3 TB of storage, go up to 6 TB of storage with the Plus service, and 10 TB of storage with the Enterprise Premium membership.

Bandwidth Capabilities

Unlimited

Current Number of Hosted Domains and Sub-Domains

250

Database Support

SqlLite 3.2.0

Framework Support

Node.Js

Tech Support

Online 24/7 availability

Web-Application Development

Both

Supported Languages

English, Turkish, Chinese

4.1.7 List of partnerships
Cloudy is proud to provide services through in-house capabilities; however, we will occasionally partner when strategically advantageous. A few of our partners include Godaddy, Monsters Host and Aws cloud hosting.
4.1.8 Total number of current clients.
Cloudy is currently partnering with more than 120 clients each with unique objectives and challenges they’ve partnered with Aws cloud hosting to solve each of these.

4.2 Scope of Support Capabilities

Provider has the capability

Provider will deliver the capability through another partner? Who?

Do not provide the capability.

Website Hosting Infrastructure

X

Website Authentication Services

X

Maintenance of Industry accepted security standards (PCI-DSS Compliance)

X

Electronic payment and tracking services

X

4.3 ProviderCustomer Relationship Management
4.3.1 Do you provide dedicated account management for your IT managed services relationship?
Yes, Cloudy provides an assigned account manager to oversee the website hosted services relationship. The partner manager will work with, John Nick who will continue to oversee the partnership.
4.3.2 Describe your approach to service change management. Do you use change orders to modify services?
Yes, Cloudy uses Service Change Orders to modify the scope of services we provide to our partner. Such a change order would be used to amend the contract hosted website services and would be initiated using a request form that identifies the nature of the request and requires sign-off by an authorized representative of the client partner. After reviewing the impact of the change request, Cloudy subsequently completes a proposed change order that details the impact of the service change, timing for implementation, and any associated financial impact. Both parties are required to authorize the Service Change Response form before the services are adjusted.
4.4 Managed Hosting Services
4.4.1. Provide a description of your data center hosting facilities.
The data center hosting facilities houses multiple servers as well as offices for the data organization’s workers. A security staff performs continuous checks within and without the building to keep an eye on things. You will have the right credentials to enter the server room, as well as complete a two-step verification system, one of which is a biometrics. Server professionals execute checks on all servers on a daily basis and update as necessary to keep that systems are always up to the latest.

4.4.2. Provide details on number of servers and other key metrics associated with servers and storage currently hosted in data center facilities managed by Provider.
Every network infrastructure has 1000 servers, allowing it to store 450 gigabytes of data. Cloudy has ten data centers throughout the world. The organization has a storage capacity of 5 gigabytes.

4.4.3. Provide descriptions of services (e.g. Monitoring, Backup, Disaster Recovery, Security, etc.) available today under managed services offering. Include the number of clients or similar measure of the quantity of services being performed for external clients.
Cloudy provides the following services:
· Monitoring – We keep track of all accesses to and from all servers and clients’ domains.
· Backup – All client files are stored in a separate business data center so that copies are not damaged if the servers go down due to an emergency. Backup generators are installed in all data centers to ensure that the facility has continual power. A UPS power backup is also included in each server room.
· Incident Management – Each data center has a detailed recovery plan that specifies which customers use the computing infrastructure and where the backup are kept.
· Physical security patrols are provided both in and out of site. Every entrance requires a key card that tracks time spent into or out of the area. To obtain access to computers and storage rooms, a two-step validation was necessary, one of which was biometric.
· Website hosting – All websites can be completely customized.

4.4.4. Provide description of available service levels.
Depending on the type of package configuration required, all customers offer the same level of support. No consumer is more unique than the next.

4.4.5. Provide options for software licensing ownership for services, particularly Microsoft server and database software licensing.
Genuine Microsoft Server 2017 is installed on all servers, and it is updated on a regular basis. Commercial licenses for Microsoft Office apps are available through Cloudy Protocols.
However, we do not offer web server license rights at this moment.

4.5 Procurement, Contract Negotiation & Asset Management Services
4.5.1. Provide descriptions of services available today under managed services offering.

4.5.2. Do you offer technology contract negotiation capabilities? Are their consortium or bulk- buying discount opportunities that you leverage for multiple clients?

4.5.3. Provide description of available service levels including sourcing financial objectives. How do you pass financial benefits, e.g. cost savings to your client?

4.6 Project Management & Support
The project leader is almost always the CIO when it comes to project management. It will depend on the nature of project to identify who will be participating. To make every component as safe as possible, all projects have restricted rights until they are completed. Everyone associated with project accepts and agrees to a non-disclosure agreement (NDA). A detailed report is sent to the customer and stakeholders when each project hits a milestone. A weekly progress report is written and provided to the customer and stakeholder to keep them informed about the project’s progress. When it is accomplished and the customer is satisfied with the service the project leader stamps off on the project as completed.
Cloudy has a three-tiered support system. By using this support chain benefits all parties involved, when a customer has a problem with their product .A customer support complaint is written up and sent to the client with the cooperation of each layer. When the issue is resolved, a report is written, and a copy is sent to the customer for their information, as well as a copy to the customer’s file at Cloudy.
Layer 1 -consists of the customer service desk, which is open 24 hours a day. The great majority of difficulties will be resolved at this level.
Layer 2 – The software and application teams make up this tier. These people are those who become engaged if the customer support desk is unable to fix the issue.
Layer 3- If the two previous levels of teams are still unable to fix the dispute, the CIO (Chief Information Officer) will be contacted. The CIO (Chief Information Officer) and the IT Manager become involved and resolve the issue.
Cloudy’s Security Concepts data is break down to the user access levels as the tier structure utilized to resolve client complaints. Employees on the lowest level of the organization do not require the same level of access as the IT manager. Also, an accounting person does not require the same level of access as an IT technician. Employees that are higher up in the hierarchy have more accessibility to firm data. No one in the organization has complete access to all information, which is for the corporation’s and the client’s protection.
4.6.1. Provide example descriptions of two large technology projects that Provider has managed on behalf of its clients.
It was a huge undertaking to take on the Army Inc. project. The client required a website with many subpages and hyperlinks to various company departments. They also required a lot of data storage for the main office and all of the satellite offices. Army Inc. required a cloud solution that would allow them to share and access files from anywhere in the world especially when they had access to the internet.
Trojan Inc. required a huge website with several tabs and drop downs to reach all of the company’s retail items. They also required a payment gateway for online shopping, which is linked to their website. Adding a payment processor also required linking their shipping service to the retail site.

4.6.2. Does Provider have shared resources who can provide project management services?
Cloudy has various shared resources that can be used to assist with project management. This firm will assist in laying the groundwork for the project and provide guidance on what is required and what the customer should do to ensure success.

4.6.3. Would Provider have available ad-hoc technology resources for technology projects? How would you allocate time for project services versus operational managed services for resources dedicated to the XYZ Technology Services account?
Cloudy does not support ad-hoc resources since it is not in the company’s best interests because a last-minute project can be rushed and fall short of what the client actually need or desires. The time allotted for project services is based on a time frame specified during planning phase. The time allotted to operational management system is based on what is required and where it is required.

Scope of Services
5.1 Required Services
Cloudy security concepts leverages cloud-based data center hosting services through Azure. The data center infrastructure will be generated within virtual environments on existing physical appliance used by the cloud-based provider. Costs will be detailed in the pricing section below.
Pricing

Initial Website Hosting and Development

Year 1

Year 2

Year 3

Dedicated Virtual Appliance Yearly Cost

Website Development

NA

NA

Website Deployment to the Internet

NA

NA

Backup/Restore Services

Antivirus Protection Services

Account Administration including: Change Management, Maintenance, Patching, Upgrades, Problem Management, Reporting, and Performance Monitoring

Total

5.2 Scope of Services
1. Version 6.0 EP 05 of VMware ESXi using the VMWare management system.
2. Administration of the servers is regularly monitored, with patching upgrades occurring on the systems each 4th Friday of every month from 12am – 6am. If emergency changes are necessary based on risk, communication will be sent out to the customer representative and a reasonable maintenance window will be established.
3. Microsoft Azure provides cyber security for hosted websites, with Microsoft and Cloudy Security Concepts continuing to monitor them.
4. Backups occur on the system every 15 minutes internally, and then are stored to a backup server each evening from 10pm – 12am.
5. Antivirus software is installed on each server where the server role accommodates such installation. Understanding in some cases database servers do not function correctly when active antimalware is installed on the virtual device.
6. Change management is controlled through a change control board, and any changes affecting the production environment of the hosted website, notification of the change control boards review will be delivered to our partners prior to any changes occurring.
7. Monthly reporting will be supplied to each partner, and performance monitoring is on-going with alerting setup in the event there are any outages, a support buzzline is established, along with notification to all partners.
5.3 Network Bandwidth
Based on the data supplied within the RFP, Cloudy recommends the use of at least 100MB of its existing 10GB bandwidth. The use of bandwidth within our environment is dynamic and if the need arises that our organization has a need for additional bandwidth it is provided on-demand.
5.4 Disaster Recovery
Introduction
This Disaster Recovery Plan (DRP) compiles all of the facts on Cloudys’ ability to resist a disaster, as well as the procedures to be followed to achieve disaster recovery, into a centralized location.
Disasters are defined as follows by Cloudy Security Concepts:
· One or more critical systems stop working.
· Although the building will be unavailable for a prolonged period of time, all systems within it are operational.
· The structure is up and running, but all of the systems are broken.
· The structure and all of its systems are inoperable.
The following occurrences may cause a disaster:
· Pandemic of fires and flash floods
· Outage of Electricity
· War
· Theft
· Attack by Terrorists
Purpose of Recovery Plan
It should be noted that in the event of a calamity, Cloudy’s first concern is to prevent the loss of lives. Cloudy will ensure that all employees, as well as any other people on the organization’s facilities, are secure and safe before taking any secondary precautions. After all persons have been transported to safety, Cloudy Security Concepts’ next objective will be to implement the measures indicated in this DRP to promptly return all of the institution’s teams and departments to business as usual. This includes the following:
· Keeping the company’s resources, including as hardware, data, and physical IT assets, safe.
· Keeping IT downtime to a minimum
· Maintaining business operations in the case of a catastrophe
Scope of recovery plan
The Cloudy’s DRP takes into account all of the following factors:
· Servers for Network Infrastructure
· Storage Space and Back – up Systems Infrastructure
· Telecommunication System
· Devices for Data Output
· Computers for end users
· Database Systems Organizational Software Systems
· Information Technology Documentation
· Portable Electronics
Changes and Version Details
This is where you’ll keep track of all the modifications, adjustments, and updates you make to the DRP. It is the Disaster Response Lead’s obligation to keep all present versions of the DRP up to date. When the DRP is modified, Cloudy needs that the version number be updated to reflect the change.
Teams and Responsibilities
Different groups will be required to support the IT department in their efforts to restore regular operation to Cloudy employees in the case of a crisis. The following are the several groups and their responsibilities:
· Disaster Recovery Lead(s)
· Disaster Management Team
· Facilities Team
· Server Team
· Applications Team
· The Operations Team
· Management Team
· Communications Team
· Finance Team
· Data and Backup Team are all members of the Operations Team.
Cloudy compiled the lists of roles and duties in this section, which reflect the duties that team members are likely to be assigned. All of the duties listed below will be performed by members of the Disaster Recovery Team. Members of the Crisis Recovery Team may be called upon to do activities not discussed in this section in certain emergency situations.
Recovery Lead
All decisions pertaining to the Disaster Recovery operations must be made by the Disaster Recovery Lead. In the event of a disaster at Cloudy, this person’s primary function will be to guide the catastrophe recovery, and all other personnel involved in the disaster recovery process will report to this person, irrespective of their division or present managers.
To make his/her judgments unbiased, every effort will be taken to keep this person distinct from the remaining of the disaster management groups; the Disaster Recovery Lead would not be a participant of other Cloudy’s Disaster Response groups.
Task and Duties
1. Be the primary point of contact for all of the DR Teams and supervise them.
2. Throughout the disaster, organize and convene frequent meetings of the DR Team leads.
3. Present the state of the disaster and the decisions that must be made to the Management Team.
4. All DRP tests should be organized, supervised, and managed, and all DRP updates should be written.
Contact Information

Name

Role

Phone Number

William

Disaster Lead

333-123-568

Disaster management team

The Disaster Management Team is in charge of overseeing the full recovery process in the event of a disaster. In the case of a disaster, they will be the first to respond. This group will assess the disaster and identify what steps must be done to restore the organization’s operations.
Task and Actions
1. After the Disaster Recovery Lead has declared a disaster, activate the DRP.
2. Determine the disaster’s size and category.
3. Identify which systems and processes have been harmed as a result of the tragedy.
4. Notify the other disaster recovery teams of the disaster.
5. Determine what the catastrophe recovery teams’ first steps should be.
6. Keep the disaster recovery teams on track by setting objectives and goals ahead of time.
7. Keep track of all expenses incurred during the catastrophe recovery phase.
8. Ensure that all choices are made in accordance with Cloudy’s DRP and policies.
Contact Information

Name

Role

Phone Number

Smith

CIO

333-123-568

Facilitates team
The Network Team will be in charge of diagnosing any network infrastructure damage and establishing voice and data connectivity, including WAN, LAN, and any internal telecommunication with the outside community.
Tasks and Actions
1. The team will decide which service providers are not operating at the primary facility in the case of a disaster that does not necessitate a migration to standby sites.
2. If different networks services are affected, the team will prioritize customer services in the manner that will have the lowest effect on companies.
3. In the standby facility, install and configure any tools, hardware, software, and systems that are required.
4. In the primary facility, install and implement any equipment, hardware, software, and systems that are required.
5. After Cloudy has returned to normal, this team will review all costs and submit a report to the Catastrophe Recovery Lead detailing their operations throughout the disaster.

Contact Information

Name

Role

Phone Number

Smith

Server Administrator

333-123-568

Server Teams
In the case of a disaster, the Server Team will be in charge of supplying the physical server infrastructure essential for the organization to run its IT activities and apps. They will be in charge of providing basic server operation and may be called upon to support other IT DR Teams as needed.
Tasks and Actions
1. Verify that system patches are kept up to date on secondary servers in standby facilities.
2. Verify that application patches are kept up to date on backup servers in standby facilities.
3. Ensure that the data backups are kept updated on backup servers in standby sites.
4. Verify that the backup servers in the backup facility are properly backed up.

Contact Information

Name

Role

Phone Number

Peeper

Server Administrator

333-123-568

Communication Team
Throughout a disaster, there will be the team in charge of all communication. They will interact with Cloudy’s workers, clients, suppliers and customers, banks, and, if necessary, the media.
Roles and Responsibilities
1. Inform all Cloudy’s employees about the occurrence of a disaster and the severity of the disaster.
2. Notify authorities of the occurrence of a disaster and the extent of the disaster, as required.
3. Inform all of Cloudy’s partners, customers and vendors about the occurrence of a calamity and the severity of the tragedy.
Contact Information

Name

Role

Phone Number

Stark

HR President

333-123-568

Data backup Team
Cloudy’s servers are kept in a biometrically secured room in the facility, with just three people having access. Access will be granted to the CEO, CIO, and IT Manager.
Two backups are kept on hand by the company. One is onsite backup using a server-style SSD disk, while the other is cloud-based backup. Except for the customer financial documents, all of the company’s files are held in both locations.
Dealing with a Disaster
The first responsibility in the event of a crisis at Cloudy is to guarantee that all personnel are safe and accounted for. Following that, efforts must be made to prevent future damage to the facility and to lessen the disaster’s impact on the company. Dealing with a disaster can be divided into the following steps, irrespective of whatever category it fits into:
· Identifying and declaring disasters
· Activation of DRP
· Notifying people about the disaster
· Assessment of existing and potential damage, as well as prevention of further harm
· Activation of the standby facility
· Set up IT operations
· The principal facility is being repaired and rebuilt.
Disaster Identification
Because it’s nearly difficult to foresee when and how a disaster will strike, Cloudy must be ready to learn about disasters from a number of sources. These can include the following: First-hand findings,Security personnel Facilities staff ,End users .3rd Party Vendors Environmental and Security Alarms in the Primary Facility.
After determining that a disaster has happened, the Disaster Recovery Lead must proclaim the company to be in an official state of crisis. The Incident Recovery Lead must confirm that anybody who was in the primary facility at the time of the incident has been tracked for and has already been evacuated to protection in accordance with the company’s Evacuation Policy during this period.
Current Damage Assessment and Prevention
After a disaster, authorized authorities must first establish that the premises are safe to open before any Cloudy’s staff can enter. The Facilities Team would be the first to inspect the primary infrastructure once it has been determined that it is safe to do so.
Within 24 hours following the original disaster, all teams must generate an initial report on the damage and submit it to the Disaster Recovery Lead. Each team must examine any places where further damage can be avoided and take the appropriate measures to protect Cloudy assets throughout their examination of their relevant areas. To secure the facilities, any essential repairs or preventative measures must be implemented; these expenses should first be accepted by the Disaster Recovery Team Lead.
Restored IT Infrastructure
This part will be resorted to regularly if a disaster occurs and Cloudy needs to use this plan. It will include all of the documentation that details how Cloudy’s information system will be restored. Once the building is up and running again, the hardware can be reinstalled. The first order of business is to restore the company’s files and software. Then the client files must be restored and made operational again. All consumers have been contacted and assured that the company is fully operational again.

5.5 Service Level Agreements
Most managed network solutions are designed and operated with availability service levels that exceed 99.9% availability. Non-redundant systems are offered at a lower level of availability.
Maintenance windows are pre-established to be 4th Friday of every month from 12am – 6am. If emergency changes are necessary based on risk, communication will be sent out to the customer representative and a reasonable maintenance window will be established.
5.6 Project Management and Support
As predetermined in this RFP, Cloudy will be providing project management services through the initial phase of the site development and initial hosting. If the need arises with a service change order, the determination if additional project management service will be required will be determined between both Cloudy and XYZ Technology Services.

Weekly Status Report

Project Name

Overall

Report Date

Prepared By

RFP Response – XYZ Technology Services

2017-xx-xx
[Student Name]

Project Work Stream Status Overview

In this section please provide context to justify the Overall Color (Red, Yellow, Green) for the Work Stream. Highlight any critical issues, obstacles and risks associated with this Work Stream.

Top Issues, Obstacles & Risks

#

Work Stream

Type

Description

Owner

Status

Due

1.

Choose an item.

xx/xx/2017

2.

Choose an item.

xx/xx/2017

3.

Choose an item.

xx/xx/2017

Key Activities / Accomplishments

No

Work Stream

Description

Owner

Status

Due

1.

Choose an item.

xx/xx/2017

2.

Choose an item.

xx/xx/2017

3.

Choose an item.

xx/xx/2017