Purchasing Services Mailing address: PO Box 5350 Stn Terminal, Vancouver BC V6B 5L5 Location address: 6951 Westminster Hwy, Richmond, BC V7C 1C6 Phone 604.276.3344 | 1.844.276.3344 | Fax 604.276.3260 | [email protected] worksafebc.com WORKERS’ COMPENSATION BOARD OF BC (WORKSAFEBC) NOTICE OF INTENT (NOI) TO DIRECT AWARD SaaS Ecosystem based on Public PaaS Offering Issued August 27, 2014 Solicitation #046-2014 Salesforce.com Canada Corporation Overview: Notice is hereby given by the Workers’ Compensation Board of BC (WorkSafeBC) of its intent to contract with Salesforce.com Canada Corporation for an enterprise Software as a Service (SaaS) ecosystem based on a public Platform as a Service (PaaS) offering. It is not anticipated that a Competitive Bid process would result in identification of other vendors who could provide all of the required services with an equivalent or higher level of expertise and experience. WorkSafeBC has chosen not to call for vendor qualifications for the following reasons: 1. WorkSafeBC requires the products and services of a market leading vendor with proven Cloud computing industry expertise to provide an enterprise-level tripartite solution; a vibrant SaaS ecosystem with multiple enterprise-grade solutions from a variety of vendors; a diverse, fullfeatured development environment to build, connect and extend SaaS solutions; and an established presence in Canadian government organizations. 2. The vendor must be able to comply with Canadian and British Columbian Freedom of Information and Protection of Privacy Laws. Further information is available regarding this requirement at: http://www.cio.gov.bc.ca/cio/priv_leg/foippa/index.page. 3. Salesforce has an extensive list of SaaS applications from Salesforce and its development partners. 4. Continued research, development, and innovation as proven by Salesforce’s acquisition of Heroku and its broad portfolio of capabilities to create applications that are mobile, social and scalable, with identity management, flow control and portal capabilities. Saas Ecosystem (0) Final page 1 of 4 5. This vendor has unique expertise and knowledge of the Cloud application delivery industry and has built up a long and successful reputation within this industry. 6. This vendor has an extremely high level of qualification in this Cloud Service/SaaS/PaaS development field and is a leading-edge provider of these services. 7. This vendor is an established SaaS provider in Canada. 8. This vendor has the capabilities as listed on pages 3 and 4. Contract Details & Term: The anticipated contract has an estimated value of $500,000.00 The anticipated contract term is 24 months, WorkSafeBC reserves the right to increase or decrease scope of work and /or modules as required, Requirements may include long term maintenance, if applicable. Vendors who wish to object to this decision should contact Kathy English, Procurement Analyst, Purchasing Services by facsimile at 604-276-3260 or by email at [email protected] on or before 2:00 P.M. Pacific Time on September 16, 2014 presenting specific reasons for their objections. If justified, WorkSafeBC will convene a meeting with its representatives and the vendor to receive vendors’ representations concerning this contract. Note: Any vendor objecting to this NOI should provide all relevant qualifications and the reasons for objecting, such as your ability to meet and/or exceed the requirements listed in this NOI. To be considered a valid objection, vendors must demonstrate through related experience and ability to provide these services, based on anticipated timeframe, with the same level of expertise and value. Saas Ecosystem (0) Final page 2 of 4 Capabilities Hosting platform – the vendor offers a full development platform and a rich eco-system of business and technology partners. The platform must demonstrate: o An existing, single vendor managed, enterprise-centric, application channel delivering thousands of ready SaaS products used in millions of installations. The vendor must fully endorse, support and govern such an application store and the reliability and quality of its partners’ applications on the platform. This rich and growing eco-system of enterprise-grade, market leading SaaS applications should include, but not limited to, these types of products: Enterprise resource planning (ERP) systems, Dashboards, business intelligence, and analytics engines, Business-to-business information sharing systems, Customer relationship management (CRM) suite, Customer service tools (e.g. survey), Mapping and geo-location services, and Cloud integration tools with our on-premise assets. o Multi-language development and runtime platform for applications to be designed and deployed as a service in the cloud by WorkSafeBC. The tool set must be able to cover the design of user interfaces, business logic, business logic flow (workflow) and the data model. o Extensibility and scalability in a share-everything platform. Applications written for the platform and the platform itself must be able to scale for large deployments; high volume of transactions and high number of simultaneous users. o Support for a rich, active and diverse developer community: solution must provide a robust developer community to share code, best practices, etc. o Solutions built around a common, cloud-native database that underlies its platform applications; an integration strategy built with standard objects on a common schema. Industry Leader – the vendor is an industry leader, innovator, and influencer in the SaaS and PaaS development space. The vendor must demonstrate: o Ability to provide a minimum of three recognized references with platform in production-use by government entities in BC and/or Canada. Confirm how these relationships address FIPPA requirements (see Platform Security section). o Ability to provide a varied support strategy i.e. user support, administrator support and multilanguage code level development/integration support for applications being developed or integrated. Platform Compatibility/Infrastructure – The platform must significantly reduce WorkSafeBC’s infrastructure and support requirements while maintaining, if not exceeding, application non-functional requirements. The platform must demonstrate: o The platform must have high reliability and should be down a minimal amount of time for scheduled maintenance. o Multiple levels of data redundancy; No single point of failure for network architecture; and no single point of failure in server architecture. o The vendor must have disaster recovery and business continuity plans in place. o Minimal infrastructure support and maintenance requirements from WorkSafeBC. This includes servers, server clusters, technology stacks, server software, patches, and end-user software. Saas Ecosystem (0) Final page 3 of 4 Development and Integration – A rich set of development and integration patterns, best practices, and reference architectures to ensure the highest level of integration, reliability, and integrity. The solution must provide: o Platform’s functionality exposed through an API layer; ability for easy access to code through a metadata API, provides an IDE (coding and no-code options), and provides a sandbox environment. o Support for a variety of integration and messaging mechanisms that the platform interface supports. o A service lifecycle management facility (e.g. version control, staging, etc.) o Well documented data model including entity-relationship diagrams. A rich set of standard objects on the development platform. Platform Security – The platform must fully meet or exceed WorkSafeBC’s Information Security Controls Standards for Service Providers. The following is a partial summary: o FIPPA Compliance: All storage or processing of Personal Information on behalf of WorkSafeBC must comply with British Columbia Freedom of Information and Personal Privacy Act. o Vendor shall implement administrative, physical and technical safeguards to protect WorkSafeBC's information assets, services, and systems that are no less rigorous than accepted industry practices. At a minimum, vendor safeguards shall include: Limiting access of WorkSafeBC's information assets, services, and systems to Authorized Persons; Securing business facilities, data centers, paper files, servers, back-up systems and computing equipment, including, but not limited to, all mobile devices and other equipment with information storage capability; Implementing network, device application, database and platform security; implementing authentication and access controls within media, applications, operating systems and equipment; Complying with the Payment Card Industry Data Security Standard (“PCI DSS”) requirements; Use and reuse of any of WorkSafeBC's information assets, services, and systems shall be done expressly and solely for the purposes enumerated in the potential Contract. Encrypting WorkSafeBC's data transmitted over public or wireless networks; Encrypting all electronic files that contain WorkSafeBC data must use a FIPS 140-2 certified algorithm when stored on any removable media or portable device; Appropriately segregating WorkSafeBC's data from information of its other customers; Implementing appropriate personnel security and integrity procedures and practices, including, but not limited to, conducting background checks consistent with applicable law; Systems processing and/or storing WorkSafeBC's information assets must have a documented change control procedure; Systems processing and/or storing WorkSafeBC's information assets must have at least an annual system security risk/vulnerability assessment/review; Physical and electronic media, including backup tapes, containing WorkSafeBC data must be disposed of securely, physically destroyed, erased, or rendered unrecoverable; Establishing a documented plan to enable continuation of critical business processes and security of WorkSafeBC's information assets in the event of an emergency; and Establishing documented procedures to backup WorkSafeBC data to maintain retrievable exact copies of information. Saas Ecosystem (0) Final page 4 of 4
© Copyright 2024 ExpyDoc
