Information Technology Services Management (ServiceNow ... A Scope of... · Scope of work document Page 1 Information Technology Services Management (ServiceNow): Scope of Work: Upgrades,

Scope of work document

Page 1

Information Technology Services Management (ServiceNow):

Scope of Work: Upgrades, Enhancements, Support, and Maintenance


Page 2

Glossary and Abbreviations

Acronym Description

ACE Automated Configuration Evaluation.

ACSA Airports Company South Africa SOC Ltd

AD Active Directory.

Approver User Approver user is any user that can modify requests for approval routed to them. They also have all capabilities of Requesters.

BRS Business Requirements Specification.

CI Configuration Item.

CMDB Configuration Management Database.

DMZ Demilitarized Zone.

End User Any user without an ITIL role who uses the IT service on a day-to-day basis.

FAQ Frequently Asked Questions.

Fulfiller User Refers to any user given a role in the subscription service by ACSA. A Fulfiller User can access all functionality based on assigned roles. Fulfillers have one or more roles other than the approver user role.

GUI Graphical User Interface.

HP Hewlett Packard.

IM Instant Messaging.

IT Information Technology.

ITIL Information Technology Infrastructure Library.

ITSM Information Technology Service Management.

LDAP Lightweight Directory Access Protocol.

Normal Working Hours

Normal Working Hours are (8h00 – 17h00, Mon - Fri), excluding holidays.

OEM Original Equipment Manufacturer.

PMBOK Project Management Body of Knowledge.

PMO Project Management Office.

PRINCE 2 Projects IN Controlled Environments.

RACI Responsible, Accountable, Consulted, Informed.

Requester User Refers to any user that can submit requests and manage their own requests, access public pages, take surveys, and use live feed and chat. Requesters are typically End Users who access the instance through an employee self-service portal. Requesters have no associated roles.

ROI Return on Investment.

SLA Service Level Agreement.

SOC State Owned Company.

User Means any employee or contractor given access, by ACSA, with a unique username and password to the subscription service.

PID Project Initiation Document


Page 3

TABLE OF CONTENTS

1 Introduction __________________________________________________ 5

2 Scope _______________________________________________________ 6

3 Current System Configuration __________________________________ 10

4 Business Requirements _______________________________________ 12

5 Support and Maintenance ______________________________________ 18

6 Respondents Quote Information _________________________________ 30

7 Approvals ______________________________ Error! Bookmark not defined.


Page 4

TABLES

Table 1: ITSM Challenges ............................................................................................................... 5 Table 2: ITSM High Level Requirements ......................................................................................... 8 Table 3: Additional Reporting Business Requirements .................................................................. 12 Table 4: Service Catalogue Business Requirements ..................................................................... 13 Table 5: Technical Support and Knowledge Transfer Business Requirements .............................. 14 Table 6: HP Monitoring Solution Integration Requirements ........................................................... 16 Table 7: I.T. PMO Deliverables Requirements .............................................................................. 17 Table 8: RACI Matrix ..................................................................................................................... 17 Table 9: Maintenance timeframe coverage parameters................................................................. 18 Table 10:Incident management priority levels, response and resolution times .............................. 23 Table 11:Incident management priority levels, response and resolution times .............................. 23 Table 12:SLA breaches and penalty for P1 and P2 ....................................................................... 25 Table 13: SLA breaches and penalty for unresolved incidents ...................................................... 25 Table 14: Failure to Provide Maintenance ..................................................................................... 25 Table 15: Reporting Matrix ............................................................................................................ 28 Table 16: Meetings Matrix ............................................................................................................. 29 Table 17: Capex Cost Schedule .................................................................................................... 31 Table 18: Opex Costs Schedule .................................................................................................... 32


Page 5

1 Introduction

1.1 Purpose 1.1.1 Airports Company South Africa SOC Ltd hereby invites proposals for the

Implementation of additional modules, Installation, Configuration, Upgrades,

Enhancements, Maintenance, and Support Service for the existing Information

Technology Service Management solution, ServiceNow.

1.1.2 The project aims to introduce new modules, as required by IT, and ensuring

that Configuration, Maintenance, and Support Services are secured from an

ITSM ServiceNow OEM certified local partner.

1.2 Current Challenges within IT Service Management 1.2.1 The IT Service Management and Operations department require an upgraded

ITSM solution with additional functionality/modules coupled with exceptional

technical support from an OEM Certified IT Service Provider to contribute

towards providing world class IT Service Management to ACSA. The

challenges the project aims to address are:

# Challenge Description

1 Reporting

challenges

There is no reporting tool available to provide real time performance

business intelligence.

Please refer to Section 3(Business Requirements) for more details on

business requirements relating to this challenge.

2

Technical

Support and

Knowledge

transfer.

The current Support Service is managed in-house with the OEM

providing third party Software Support. The challenge is that the in-

house capability is limited to basic administration. There is little

knowledge transfer currently happening with regards to the ServiceNow

ITSM solution.

Please refer to Section 3 (Business Requirements) for more details on


3 Service

Catalogue

The current service catalogue is not optimal for business use as it does

not list all services that IT offers. Enhancement is required on this

module to overcome this challenge.

Please refer to Section 3 (Business Requirements) for more details on


Table 1: ITSM Challenges


Page 6

2 Scope

2.1 In Scope

The following is in scope for this tender:

BUSINESS

REQUIREMENT

NUMBER

HIGH LEVEL

REQUIREMENT

DESCRIPTION

BR1

Performance

Analytics

Reporting

Requirements.

1.1 Implement and configure new module for ITSM Advanced

Reporting module (Performance Analytics).

1.2 IT Service Management requires enhancements of a

reporting tool to provide real time performance business

intelligence capabilities in order to make informed business

decisions.

1.3 The configured module should provide access to key

performance indicators and metrics. The Out of the Box and

customized KPI’s should be represented in a graphical user

interface that will enable quality and efficiency in service

delivery.

BR2

Service

Catalogue

Module

Configuration

2.1 Service catalogue will provide an interface of available

services and product offerings. This will include both

business and technical services provided by IT. GUI will be

structured in a manner which will encourage ACSA’s users to

access catalogues for IT services they require.

2.2 ACSA requires a service catalogue that provides:

2.2.1 A self-service opportunity for users within ACSA.

2.2.2 A single portal to present all services and product

offerings (Business and Technical Services).

2.2.3 An ACSA standardized approach will be workshopped

and agreed to between the successful Bidder and ACSA

before implementation and configuration.

BR3

Technical

Support and

Knowledge

transfer.

3.1 Technical support and maintenance services are required

and this entails:

3.1.1 Appointment of an OEM Certified ServiceNow Partner

capable of providing ITSM technical support services to

ACSA including identifying and remediating all Issues

and Problems that may arise within the deployed

ServiceNow ITSM solution.


Page 7

3.1.2 A dedicated onsite (based at O R Tambo International

Airport) OEM certified resource with minimum 3 years’

experience for the contract period, working normal hours

(08h00 – 17h00). This resource’s responsibility includes

addressing any unforeseen eventualities or specific

deliverables (e.g. implement fixes and customization,

refine workflows, enhancements, etc.) that may be

requested by ACSA.

3.1.3 Continuous Knowledge Transfer to Technical

Administrators for ServiceNow ITSM. This involves on-

the-job knowledge transfer/training, ‘hand-holding’ where

the consultant shows ACSA ITSM administrators step-by-

step how to carry out various administration and

configuration tasks and sharing known resolution to

problems and research information with ACSA ITSM

administrators. ACSA will assess the quality of

knowledge transfer done and if inadequate, Service

Provider to resolve.

BR4

Enhancements

to existing

modules

4.1 The following modules are currently installed and would

require enhancements upon ACSA’s request:

4.1.1 Asset Management

4.1.2 Change Management

4.1.3 Configuration Management Database

4.1.4 Contract Management

4.1.5 CreateNow Development Suite

4.1.6 Demand Management

4.1.7 Field Service Management (Work Management)

4.1.8 Incident Management

4.1.9 IT Cost Management

4.1.10 IT Governance, Risk and Compliance (IT GRC)

4.1.11 Knowledge Management

4.1.12 Mobile

4.1.13 Problem Management

4.1.14 Project Portfolio Management

4.1.15 Release Management

4.1.16 Reporting

4.1.17 Request Management

4.1.18 Resource Management

4.1.19 Service Catalogue

4.1.20 Service Desk Call (with Computer Telephony Integration)


Page 8

4.1.21 Software Development Lifecycle (SDLC)

4.1.22 Test Management

4.1.23 Vendor Performance Management

BR5

Microsoft Active

Directory

Integration and

Plugins

5.1 Modify the integration between Active Directory and

ServiceNow.

5.2 Modify user groups from Active Directory into ServiceNow.

5.3 Configure and activate key plugins for all modules

BR6

HP Monitoring

Solution Plug-in

and

Configuration

6.1 Configure and administer the relationship between

ServiceNow ITSM and ACSA HP Monitoring Solution (only

on ServiceNow) in order to push, pull and use data from

Universal CMDB, Operations Bridge and HP Operations

Orchestration

6.2 The Universal CMDB and Operations Bridge are the core

required modules. The remainder of the modules maybe

requested on an ad hoc basis.

BR7 IT PMO

Deliverables

7.1 This project is to be delivered in line with ACSA IT Project

Management Office’s Methodology which is based on ITIL

Version 3, PRINCE2 and PMBOK. Key deliverables that must

be traceable and tangible in terms of signed-off

documentation will be required as proof of delivery on the

business requirements.

Table 2: ITSM High Level Requirements

2.2 Out of Scope

The following are out of scope of this project:

2.2.1 Purchasing of any IT infrastructure as this is a cloud based solution.

2.2.2 The supply of software licensing for any of the modules within ServiceNow ITSM.

2.3 Training and Knowledge Transfer

The Service Provider will:


Page 9

2.3.1 Develop and document training and knowledge database requirements to facilitate

knowledge transfer to ACSA resources;

2.3.2 Develop and implement knowledge transfer procedures to ensure that more than

one individual understands key components of the business and technical

environment;

2.3.3 Develop and document training requirements that support the ongoing provision of

the Services, including refresher courses as needed and instructions on the new

functionality;

2.3.4 Develop, implement, and maintain ACSA accessible knowledge database/portal;

2.3.5 Provide training materials for ACSA technical staff for Level 1 Support of In-Scope

Services;

2.3.6 Provide training to ACSA IT personnel and end-users on request when there are

substantive technological changes introduced into the ACSA environment to

facilitate full exploitation of all relevant functional features of In-Scope Services;

2.3.7 Design and develop assessment tests to assess ACSA resources to ensure

successful knowledge transfer.

2.4 Resourcing Below are the minimum requirements for resourcing for this project:

2.4.1 Bidders are required to provide ACSA with a dedicated team of resources:

Solution Specific SME,

Solution Specific Support Specialist; and

IT Project Manager.

(Please note that resourcing for the project is not limited to the 3 identified

roles, Bidders are welcome to propose larger teams).

2.4.2 A dedicated onsite (based at O R Tambo International Airport) OEM

certified resource with minimum 3 years’ experience for the contract period,

working normal hours (08h00 – 17h00).

2.4.3 Should the dedicated onsite and or Solution Specific SME and or Solution

Specific Support Specialist be the same resource, please indicate clearly.

2.5 Special Instruction to Bidders

2.5.1 The Service Provider will be required to obtain access permit for their resources.


Page 10

3 Current System Configuration

3.1 Modules Currently Installed or Licensed at ACSA:

3.1.1 Asset Management

3.1.2 Change Management

3.1.3 Configuration Management Database

3.1.4 Contract Management

3.1.5 CreateNow Development Suite

3.1.6 Demand Management

3.1.7 Field Service Management (Work Management)

3.1.8 Incident Management

3.1.9 IT Cost Management

3.1.10 IT Governance, Risk, and Compliance (IT GRC)

3.1.11 Knowledge Management

3.1.12 Mobile

3.1.13 Problem Management

3.1.14 Project Portfolio Management

3.1.15 Release Management

3.1.16 Reporting

3.1.17 Request Management

3.1.18 Resource Management

3.1.19 Service Catalogue

3.1.20 Service Desk Call (with Computer Telephony Integration)

3.1.21 Software Development Lifecycle (SDLC)

3.1.22 Test Management

3.1.23 Vendor Performance Management


Page 11

The existing and the upgraded ITSM solution will be operating within the following business context as depicted:

IT OPERATIONS

IT SERVICE MANAGEMENT SYSTEM (SERVICENOW)

ACSA IT INFRASTRUCTUREITSM SERVICE PROVIDER

ACSA IT APPLICATIONS

EVENTS & ALERTS

MANAGEMENT INFO REQUESTS

EVENTS & ALERTS

MIS REPORTS LOGGED INCIDENTS

LOGGED INCIDENTSLOGGED INCIDENTS

TECHNICAL SUPPORT

ACSA IT ELECTRONIC SERVICESLOGGED

INCIDENTS

EVENTS & ALERTS

Figure 1: Business Context Diagram depicting interfaces and information flows


Page 12

4 Business Requirements

The Service Provider is responsible for the upgraded IT Services Management solution that must conform and

address the following requirements:

Requirement

Number Requirement Description

BR1 Performance Analytics Reporting Requirements.

BR 1.1 1.1.1 Configuration and customisation of the Performance Analytics module to meet

ACSA requirements as and when required

Table 3: Additional Reporting Business Requirements

Requirement


BR2 Service Catalogue Module Configuration Requirements.

BR 2.1 2.1.1 Creating of customizable catalogue portal pages with identified catalogue items and

specific request fulfilment workflows on a specific work schedule.

BR 2.2

2.2.1 Ensure the accuracy and availability of the items within the catalogue to enable

ACSA to define and manage all aspects of its service catalogue.

2.2.2 The catalogue is ever changing within business. These changes will be addressed

as and when required and implemented accordingly.

BR 2.3

2.3.1 Customize Self-service portal page per ACSA requirements as and when required.

The customized self-service page should enable the users to log incidents without

requiring input from the ACSA IT Service Desk team.

2.3.2 The following should form part of the portal page:

2.3.2.1 List of value (LOV):

When a user logs a call he/she will select fields from different lists of values based

on the example below:

● Assignment group e.g. Oracle Module owner (Oracle System Administrator,

Database Administrator, etc.)

● Category E.g. Oracle Modules (EAM, Payables, Purchasing etc.)

● Call Type E.g. Incidents or Service Requests.

2.3.2.2 Workflows:

Assignment group require basic workflow types for example when a Call is logged

for System Administration then the system should trigger a workflow to notify the

“System Administration” Group

2.3.2.3 Specific SLAs: Assignment groups have defined specific SLAs and the requirement

is that the system should send reminders/updates based on the specific SLAs and

not the generic Service Desk SLA.


Page 13

2.3.2.4 Reporting:

Assignment groups require basic reports based on their Calls such as:

● Call response time against set SLA

● Calls that breached SLA.

● Incidents vs Service requests logged.

Table 4: Service Catalogue Business Requirements

Requirement Number Requirement Description

BR3 Technical Support and Knowledge transfer.

BR 3.1

The Service Providers onsite resource must provide ongoing OEM certified training as

stated in training requirements below. The ORTIA personnel will receive face to face

training and the rest of the personnel will receive training using the video conferencing

facilities on premise.

Resource Type Type of Training Required / Description of Training

Required

3.1.1 Field Service Agents Fulfiller User Training required to familiarize the user with

functionality of the ITSM solution and how to use it.

3.1.2 Service Desk Manager Fulfiller and Approver User Training required to

familiarize the user with functionality of the ITSM solution

and how to use it.

3.1.3 IT Infrastructure Fulfiller and Approver Training required to familiarize the

user with functionality of the ITSM solution and how to use

it.

3.1.4 Service Desk Agent Fulfiller User Training required to familiarize the user with


3.1.5 IT Operations Coordinator Fulfiller User Training required to familiarize the user with


3.1.6 Incident Controllers Fulfiller User Training required to familiarize the user with


3.1.7 IT Applications Fulfiller and Approver Training required to familiarize the

user with functionality of the ITSM solution and how to use

it.

3.1.8 IT Projects Requester User Training required to familiarize the user

with functionality of the ITSM solution and how to use it.


Page 14

3.1.9 ITSM Administrators Administrator training including technical training to do

minor configuration changes. Knowledge Transfer to also

accompany the training offered to administrators and

includes amongst others conducting on-the-job training,

‘hand-hold’ administrators to complete configuration

tasks, have knowledge sharing sessions where

administrators are tested about their understanding of the

ITSM solution, sharing of research information, etc. The

Service Provider to assess the outcomes of the

knowledge transfer. ACSA to decide the outcome of the

required training.

BR 3.2

3.2.1 Provide technical support and incident management for the installed ITSM solution in

line with the SLA requirements as contained in section 4 (Support and Maintenance)

of this document.

BR 3.3

3.3.1 Carry out enhancements, configuration, database clean-up for the following modules, as and when required by IT Operations:

3.3.3.1 Asset Management

3.3.3.2 Configuration Management Database

3.3.3.3 Contract Management

3.3.3.4 Service Requests

3.3.3.5 Change Management

3.3.3.6 Release Management

3.3.3.7 Any other minor configuration of ServiceNow ITSM modules that ACSA may require assistance with.

3.3.3.8 The maintenance and support contract must cover all enhancements and requirements.

Table 5: Technical Support and Knowledge Transfer Business Requirements

Requirement


BR4 Enhancements to Existing Modules

BR 4.1 4.1.1 Update existing modules to include SMS notification functionality, based on defined business

rules. This must be implemented on ACSA’s SMS infrastructure.

BR 4.2 4.2.1 Update existing modules to include Instant Message (i.e. Skype For Business) notification

functionality.

BR 4.3 4.3.1 Integration of Change and Release modules to allow for pre-implementation Release approval,

Change approval and post-implementation Release review.

BR 4.4 4.4.1 Updating of SLA’s within the Incident module and Service Request module.

BR 4.5 4.5.1 Updating of business services, categories, and sub-categories in various modules.

BR 4.6 4.6.1 Mobile ITSM portal application to be modified, configured and assistance provided to ACSA IT

Service Desk personnel in deploying it to mobile end user devices where necessary.


Page 15

BR 4.7 4.7.1 Remove and reconfigure Knowledge Management with new business rules. The business rules

will be provided to the successful Bidder.

BR 4.8 4.8.1 Upgrade to the latest version of the ServiceNow instance on appointment of the successful

Bidder.

BR 4.9 4.9.1 Run an ACE report and update findings with necessary fixes prior to the upgrade.

Table 6: Existing Modules Enhancement Requirements

Requirement


BR5

Microsoft Active Directory Integration and Plugins

Note: Current integration between ServiceNow and AD involves a ‘Read-Only’ domain

controller that sits in the DMZ; ServiceNow has access through the firewall from the internet.

ServiceNow does an LDAP query to obtain user details and synchronize these to its own

database.

BR 5.1 5.1.1 Refine the type of AD users that should be excluded when pulling information into ServiceNow.

BR 5.2 5.2.1 Exclude AD groups’ information from being pulled into ServiceNow.

BR 5.3 5.3.1 Configure and activate key plugins for Incident, Change, and Request modules.

Table 7: Active Directory Integration Requirements

Requirement Number Requirement Description

BR6

HP Monitoring Solution Integration

BR 6.1 6.1.1 Automatically log incidences for events that are pushed through filters from the HP Monitoring

Solution.

BR 6.2

6.2.1 Map events to CI’s in the ServiceNow CMDB and setup rules that may be applied to trigger automated actions.

6.2.2 HP Universal CMDB to be the primary source for CI information. Synchronisation of information needs to occur from HP Universal CMDB to ServiceNow CMDB and the selected bidder should maintain the ServiceNow CMDB ensuring that it is up to date and in sync with the HP Universal CMDB as part of the technical support services offered.

BR 6.3 6.3.1 Monitoring and analysing services and their components, analysing past failures, and planning

ahead to avoid future failures. Providing trend analysis reports.

BR 6.4

6.4.1 Bi-directional integration between HP Monitoring Solution and ServiceNow involves:

6.4.1.1 Events as generated from the HP Monitoring Solution should be logged as Incidences in ServiceNow and automatically assigned to specified user groups.

6.4.1.2 After an incident, has been logged in ServiceNow, an incident number must be updated automatically on the HP Monitoring Solution.

6.4.1.3 Referenced events closed on the HP Monitoring Solution must resolve with correct categorisation on ServiceNow.

6.4.1.4 The SLA’s that are pre-configured on ServiceNow and the HP Monitoring Solution should be configured and aligned with each other.


Page 16

BR 6.5

6.5.1 The Service Provider will be expected to collaborate and work closely with the HP Monitoring Solution Service Provider to deliver successfully on the required integration work as and when required.

Table 6: HP Monitoring Solution Integration Requirements

Requirement


BR7

IT PMO Deliverables

It is important to note that the requirements as listed below (BR7.1 to BR7.4) do not provide

an exhaustive list of deliverables/work packages that must be produced as part of the ACSA

IT project management methodology; however, the listed ones (BR7.1 to BR7.4) are critical

to the successful delivery of this project.

BR 7.1

INITIATION

7.1.1 7.1.1 This project is to be delivered in line with ACSA IT Project Management Office’s

Methodology which is based on ITIL version 3, PRINCE2 and PMBOK.

7.1.2 Scoping and designing of new business requirements and workflows within existing and

new modules.

7.1.3 Conduct On-site (ORTIA and Corporate Office) workshop(s) to verify any business and

technical requirements pertaining to the ServiceNow ITSM solution that might have been

misunderstood or require clarification.

7.1.4 Conduct Gap Analysis between the ‘As-Is’ ITSM configuration and the ‘To-Be’ ITSM

configuration and architecture; and produce a needs analysis report.

BR 7.2

PROJECT PLANNING

7.2.1 Produce a High-Level Project Implementation Plan, as part of the submission

7.2.2 Tightly manage the various knowledge areas of Project Management such as Cost, Scope,

Quality, Risk, Time, Communication, Resources, etc. to ensure project is delivered as per

ACSA’s expectations.

BR 7.3

IMPLEMENTATION

7.3.1 Implementing of new business requirements and workflows within existing and new modules.

7.3.2 Conduct, review and rectify the ACE Report including resolving issues as highlighted by the

report.

7.3.3 Application development for the ITSM solution including customization on any module for

the customer as and when required.

7.3.4 7.3.4 Carry out administration on ServiceNow as specified for AD and HP Monitoring

Solution.

7.3.5 7.3.5 Version upgrades and release checks, testing and roll-out, as and when required.

7.3.6 7.3.6 Produce any Customer Specific Documentation such as periodic reports,

Implemented fixes and configuration write-up, technical administration manuals and user

manuals.


Page 17

7.3.7 7.3.7 Testing and roll-out of the solution by stakeholders including approval of acceptance

testing.

7.3.8 7.3.8 Certified User Training and Proof of Knowledge Transfer on each module deployed

(e.g. Research Information shared, Known Problem resolution information shared;

attendance registers for Knowledge Sharing sessions attended), as per BR3

BR 7.4

PROJECT CLOSURE

7.4.1 Formally hand-over the delivered ITSM solution to ACSA using the ACSA IT PMO

Methodology templates (to be disclosed to successful Service Provider).

7.4.2 Conduct analysis to measure and demonstrate ROI and Benefit Realisation from all

implemented modules.

Table 7: I.T. PMO Deliverables Requirements

The following table defines who is Responsible, Accountable (i.e. for actions taken & completing assignments),

Consulted or Informed (RACI) about delivery of a certain business process/requirement as captured in Section

3 (BR1 to BR7 above):

Table 8: RACI Matrix

HIGH LEVEL BUSINESS REQUIREMENTS

ACSA IT PMO ACSA IT OPS

LOCAL SERVICE

PROVIDER

OEM END USERS

BR1

(Performance Analytics

Reporting)

C R A C I

BR2 (Service Catalogue)

C R A C I

BR3 (Tech Support)

C R A C I

BR4 (AD Integration)

R R A C I

BR5

(Enhancement to existing

modules)

R R A C I

BR6

(Monitoring Integration) R R A C I

BR7 (IT PMO deliverables)

R R A I I


Page 18

5 Support and Maintenance

This section describes what support and maintenance entail in general and further describes what

preventative and corrective maintenance entails for ACSA.

5.1 General

5.1.1 The Bidders must provide a detailed proposal on how they are going to provide

Maintenance and Support of the installed and upgraded ITSM solution within

ACSA.

5.1.2 Service Providers are expected to work in conjunction with ACSA IT and other

Service Providers within ACSA when performing preventative and corrective

maintenance. The Service Provider will be responsible for the full implementation

of the modules requested including support and maintenance. The Bidders must

make provision for a standby resource to be available 24x7x365 to attend to

incidents within the SLA.

5.1.3 Call-Out rates shall be applicable on any engagement that falls outside normal

working hours, but this needs to be pre-approved by ACSA.

Coverage parameters:

Days Coverage

Monday 24 Hours

Tuesday 24 Hours

Wednesday 24 Hours

Thursday 24 Hours

Friday 24 Hours

Saturday 24 Hours

Sunday 24 Hours

Public Holiday 24 Hours

Table 9: Maintenance timeframe coverage parameters

5.1.4 The response and resolution of incidents should be in line with the priority of

incidents as defined in this scope of work document.


Page 19

5.1.5 The proposal must include after-hours telephone numbers as well as the detailed

escalation process. The number of resources allocated should take into account

the SLA requirements as stipulated below to ensure that SLA will be met.

5.2 Preventative Maintenance Services

The following are the preventative maintenance services/activities that will be

required and they are non-exhaustive:

5.2.1 Once a month, basic performance testing such as testing how long carrying

out same activity takes on different computers or using different browsers.

Testing network, application server, and browsers for different computers will

assist in anticipating ServiceNow performance issues before they become

issues.

5.2.2 Once a month, activate client transaction timings feature, which provides extra

information on the amount of time spent by the client, server, browser, and

network. This feature helps find long-running processes and provides

information on where in the process the performance issue occurs.

5.2.3 Once a month run tests that can point if there are network issues (e.g.

monitoring Ping Times) to resolve or enhancements to be made. One clear

indicator of a network issue is if users in one location have very good

performance while users in another location have very poor performance. This

indicates that the application server is fine. If the browser settings are

identical for these users, the only meaningful difference is the network.

5.2.4 Once a month run ‘Trace Route’ function if one is observing slow ping times,

to identify network bottlenecks.

5.2.5 Once a month clear unused inactivity monitors from application logs, which

can adversely impact the performance of the event processing engine.

5.2.6 Find areas of improvement at least once every three months, such as

considering the impact that filters and queries have on the system and try to

optimize them where possible.

5.2.7 Produce monthly report on preventative maintenance tasks undertaken to

improve system performance, stability, fault tolerance and robustness.

http://wiki.servicenow.com/index.php?title=Client_Transaction_Timings


Page 20

5.2.8 Clone the Development and Quality Assurance environment with production

instance, as and when required.

5.2.9 Run any recommended system or hot fixes as and when required

5.3 Corrective Maintenance

5.3.1 Corrective maintenance which includes all activities following Preventative

Maintenance;

5.3.2 Breakdown maintenance which includes maintenance that is unforeseen and is

necessary to restore the serviceability of the infrastructure; and functionality of the

System. Some of this break down maintenance could be requested after hours on

weekend and public holiday. The Service Provider will be expected to respond and

attend to all the faults;

5.3.3 The Service Provider will be held liable for any failure to the System that should

have been prevented during preventative maintenance. Therefore, the Service

Provider should include any further preventative maintenance recommendations,

which in its opinion are necessary for the specific and other failure prevention;

5.3.4 The Bidder’s proposal must make provision for enough personnel at each airport,

during normal working hours (Mon – Friday: 07h00-17h00) to perform maintenance

and support of ITSM ServiceNow Systems. The number of resources allocated

should take into account the Service Level Agreement (“SLA”) requirements as

stipulated below Table 19: SLA Breach and Penalties to ensure that SLA targets

are met;

5.3.5 The Bidders’ proposal must make provision for after hours, weekends and public

holidays support on a callout basis for incidents that impacts the systems. Hourly

rates and call-out fees if applicable must be provided in the pricing schedule;

5.3.6 The Bidders’ proposal must also cater for short notice call-out in an emergency

where the supported system may be affected by other interruptions or change

processes within the airport (e.g. power). This Bidders must provide a call-out basis


Page 21

and hour rate at the specific site. For planned activities advance notice will be given

to the Service Provider;

5.3.7 The Bidders’ proposal must include after-hours telephone numbers, where support

personnel are reachable. It is the responsibility of the Service Providers to ensure

their resources are available and reachable at all times;

5.3.8 The Services shall be delivered in terms of SABS standards, OHS Act,

manufacturer’s specifications, and other statutory regulations;

5.3.9 Corrective Maintenance includes the successful restoration of Services by the

Service Provider. This is in response to faults identified by ACSA employees /

ACSA ServiceNow users or identified by monitoring tools where applicable or

incident identified during routine maintenance activities as stated above. ACSA

expects the Service Provider to give priority to faults and ensure that all faults are

resolved within the SLA time stipulated below.

5.3.10 Faults logged via the IT Service desk will be carried out as specified by this SLA).

5.3.11 The following list is included as corrective maintenance:

5.3.11.1 Monitor fault logs;

5.3.11.2 Frequently report on progress of repairs/installations;

5.3.11.3 Request permissions prior to implementing changes made on the IT

operational environment in line with the ACSA Change Advisory

Board processes;

5.3.11.4 Implement the changes/repairs;

5.3.11.5 Certify repairs/changes via tests;

5.3.11.6 Update documentation if required;

5.3.11.7 Hand over to IT ACSA system administrator;

5.3.11.8 Diagnose the causes of Outages and Faults;

5.3.11.9 Resolve Outages and Faults within specified time frames as per SLA;

5.3.11.10 Rectifying errors/findings on Automated Configuration Evaluation

report.


Page 22

5.4 Support services

5.4.1 This requirement refers to day to day support activities performed to resolve

incidents/faults that are logged by the users and those faults that are caused by

system upgrades and maintenance activities. The Service Provider will be required

to attend to and resolve all incidents in line with ACSA’s incident management

processes and agreed SLA’s.

5.4.2 The following response and resolution times must be adhered to. This will form part

of the Agreement that will be signed between the Service Provider and ACSA.

5.4.3 With regards to the incident logging procedure, all incidents must be logged

internally via IT service desk using email, telephone or on the self-service web

portal. The incident must be updated regularly depending on the priority of the

incidents until resolution.

5.5 Implementation and Configuration Services

5.5.1 The Service Provider will render Implementation and Configuration Services to

implement new ServiceNow Modules as and when required.

5.5.2 Service Provider must take into account the configuration requirements as

requested by ACSA. There are existing ServiceNow ITSM modules installed and

these may require configuration changes or optimization from time to time e.g. once

a quarter, or as and when required.


Page 23

5.6 Definition of Incidents Priorities and SLA’s

List of Priorities:

Priority 1: Total System Failure/Head-End Down.

Priority 2: Multiple devices/ computers are unable to use part of the ServiceNow system down

simultaneously in different area or levels in close proximity.

Priority 3: One device/computer/ ServiceNow module failure or components of systems.

Priority 4: Request for enhancements: Time taken to deliver the enhancement as requested

depends on complexity, availability of resources and skills, budget, scope clarity etc.

thus this will differ depending on what is requested.

Incident management response and resolution (Office Hours)

Response Restoration Update Feedback Resolution

(permanent fix)

P1 15min 2hrs 15min To be agreed

upon


upon

P3 60min 8hrs 2hrs Within 5 days

P4 4hours 24hrs 8hrs Within 5 days


Table 10:Incident management priority levels, response and resolution times

Incident management response and resolution times (After

Hours, Weekends and Public Holidays)

Response Restoration Update Feedback Resolution

(permanent fix)


upon


upon

P3 60min 8hrs 2hrs Within 5 days



Table 11:Incident management priority levels, response and resolution times


Page 24

5.7 Incident Management Response and Resolution Times

5.7.1 ACSA IT Service Desk processes to be followed in determining the severity of the

problem, do basic troubleshooting & logging incidents. ITSM Service Provider to

have an online portal where ACSA can log and track ITSM related incidents.

5.7.2 Functionality currently exists where ACSA can directly log incidents via a web

portal with the OEM, and this functionality must continue to be in place, even after

appointment of the new Service Provider.

5.7.3 ServiceNow ITSM solution is a cloud based solution, thus it is accessible from any

ACSA airport/office and the only consideration for high availability is internet

connectivity which is a network related aspect managed by a different Service

Provider. Resolution times are as per section 6 above.

5.8 Breach and Penalties

The following penalties as detailed out in the next sections shall apply in an event of

breach of service levels as agreed:

5.8.1 Penalties

5.8.1.1 The Service Provider shall repair all faulty equipment within the times

specified in the SLA;

5.8.1.2 The Service Provider will be allowed a grace period of three (3) months

(to familiarise itself will the operations at all airports) before the

implementation of penalties can commence;

5.8.1.3 The following penalties shall apply for failure to resolve incident within

the agreed timeline:

SLA breach Penalty

P1 Incidents are resolved within one hour

after SLA time lapsed for two consecutive

times in a measuring period.

20 % of the monthly fee will be deducted per

invoice up to 60% in one contractual year thereafter

termination procedures will be implemented.

Incidents are resolved within two hours and

beyond after SLA time lapsed for three

consecutive times.

30 % of the monthly fee will be deducted up to 60%

in one contractual year thereafter termination

procedures will be implemented.


Page 25

If a Service Provider misses SLA’s in any 3

consecutive months

50 % of the monthly fee will be deducted.

Fourth missed SLA in one month– will be

deemed as a material breach, and the

contract will be referred for performance

management and termination procedures

50 % of the monthly fee will be deducted.

Table 12:SLA breaches and penalty for P1 and P2

Table 13: SLA breaches and penalty for unresolved incidents

Failure to perform Maintenance and/or services in accordance with the scheduled dates or

Priority list and SLA agreements shall result in the following penalties:

Table 14: Failure to Provide Maintenance

SLA Breach Penalty

Incidents not resolved completely or proof of

resolution thereof not submitted.

No payment

Maintenance Penalty

Maintenance not done or proof of carrying

maintenance out not submitted.

No payment of invoice.


Page 26

5.9 Reporting

5.9.1 As part of ongoing performance management, ACSA requires that the

Service Provider provides the reports contained in the table below.

5.9.2 ACSA reserves a right to change a list of reports as requested and will

review these on an annual basis, and such changes should not attract

additional costs.

5.10 Weekly & Monthly Reports # Report name Frequency Content Submitted to

Format

1. Call Management:

status of each

incident logged with

the Service

Provider.

Every last day of the

week and a

consolidated version

for all 4 weeks on the

last day of the month

end.

Updates on all

incidents.

Problems and

issues arising.

Technical Lead & IT

Ops Coordinator: IT

Operations

Department

Report to be

submitted in Excel

and PDF.

2. SLA: number of

incidents resolved

within SLA and out

of SLA


week and a




end

Number of incidents

resolved within SLA

and out of SLA.

Technical Lead & IT

Ops Coordinator: IT

Operations

Department

Report to be

submitted in Excel

and PDF.

3. Service Request

Status


week and a




end

Status of new

enhancements,

fixes, requests.

Technical Lead & IT

Ops Coordinator: IT

Operations

Department

Report to be

submitted in Excel

and PDF.

4. Weekly Service

Review Reports for

open, closed

incidents, status of

each incident in

terms of SLA.


week and a




end.

Open and closed

incidents.

Status of each

incident in terms of

SLA.

Reason of SLA

breaches if any and

measures that will

Technical Lead & IT

Ops Coordinator: IT

Operations

Department

Report to be

submitted in Excel

and PDF.


Page 27

be put in place to

avoid breach.

5. Weekly reports on

problems; re-

occurring incidents

and root cause

analysis and

preventions.


week and a


on the last day of the

month end.

Recurring incidents.

Root cause analysis.

Preventative

measures.

Technical Lead & IT

Ops Coordinator : IT

Operations

Department

Report to be

submitted in Excel

and PDF.

6. Maintenance

reports: report

against the

maintenance

schedule. This will

include issues

picked up during

their maintenance.


week and a




end

Modules worked on.

Issues discovered

per module and how

they were resolved.

Details on any

general maintenance

work carried out.

Technical Lead & IT

Ops Coordinator: IT

Operations

Department.

Report to be

submitted in Excel

and PDF.

7. Financial Reports Last day of the month Invoices paid the

previous period.

Invoices outstanding

or amounts.

Any penalties due to

SLA breaches.

Senior Manager: IT

Operations, ACSA IT

Project Manager and

Service Desk

Manager.

Report to be

submitted in Excel

and PDF.

8. Monthly Systems

Availability Report

against the ACSA

required target of

99.9 % uptime.

Last day of the month System availability

System downtime

Technical Lead & IT

Ops Coordinator: IT

Operations

Department

Report to be

submitted in Excel

and PDF.

9. Monthly Average

Incident Report,

SLA Status

Last day of the month Average of

Monthly Incidents.

SLA status.

Technical Lead & IT

Ops Coordinator: IT

Operations

Department

Report to be

submitted in Excel

and PDF.

10. Service Request

that are pending or

that have been

completed.


week and a


on the last day of the

month.

Pending service

request.

Completed service

request

Technical Lead & IT

Ops Coordinator: IT

Operations

Department

Report to be

submitted in Excel

and PDF.

11. Preventative work

done.

Monthly (i.e. 4th of

the following month).

Report on various

preventative work as

Technical Lead & IT

Ops Coordinator: IT

Report to be

submitted in Excel

and PDF.


Page 28

per section 4.2

above.

Operations

Department

12. Issues for ACSA’s

attention.

Last day of the month Any relevant issues

that needs to be

brought to ACSA’s

attention by the

Service Provider.

Technical Lead & IT

Ops Coordinator: IT

Operations

Department

Report to be

submitted in Excel

and PDF.

13. Knowledge

Transfer / Training

Impact Assessment

Report

Last day of the month Details on what IT

Operations areas

and resources

require more training

and knowledge

transfer.

Proof that training or

knowledge sharing

has occurred e.g.

signed training

register, Known

Incidents resolution

docs, etc.

Senior Manager: IT

Operations and

Service Desk

Manager

Report to be

submitted in Excel

and PDF.

14. ACE Report Quarterly report, Last

day of the last month

in a quarter.

Availability and

System health-

check report

including

performance

reporting.

Senior Manager: IT

Operations and

Service Desk

Manager

Report to be

submitted in Excel

and PDF.

15. Needs Analysis Report

16. Adhoc As and when

required

Adhoc, depending

on the request at

hand.

Technical Lead & IT

Ops Coordinator: IT

Operations

Department

Report to be

submitted in Excel

and PDF.

Table 15: Reporting Matrix


Page 29

5.11 Meetings As part of ongoing performance management and project delivery, ACSA requires that the Service

Provider attend monthly and weekly meetings.

Frequency Meeting

Name

Standing

Agenda

Participants and

Role

Prior

Documents to

be submitted by

the Service

Provider

Documents to be

produced after

meeting

Monthly for

the

duration of

the project

Project

Board

Meeting

7.2.1 Discuss all

aspects of

Monthly reports

as stated in Table

16.

7.2.2 Discuss

Project Costs,

Timeline, Risks,

Issues,

Resources, etc.

7.2.3 Discuss all

deliverables

produced to trace

successful

delivery on

Business

Requirements.

IT PMO

Service

Provider

ACSA

contract

owner

ACSA

Technical

Lead

Project

Sponsor

Other

Stakeholders

per Invitation

Project

Board Pack

including

Planned

Presentation.

Previous

Minutes.

Monthly

Reports.

Attendance

Register

Minutes of

meeting

including

updated

Action items,

Decisions

Made, Risk &

Issue Log

Acceptance of

deliverables

Weekly Progress Meeting

7.2.4 Action Items, Progress Made. 7.2.5 Planned tasks for next week, Issues and Risks

ACSA IT PMO (Project Manager, Business Analyst), Technical Lead, Service Provider

Minutes of Previous Meeting.

Updated Risk and Issue Log.

Attendance

Register.

Minutes of

Meeting.

Acceptance of

deliverables.

Adhoc Adhoc 7.2.6 Adhoc Stakeholders as and when required

Adhoc As agreed by all parties

Operational Meetings

Once a month

Review system operations, vendor performance

Supplier & IT Operations Department

Operational reports

Minutes, attendance register.

Table 16: Meetings Matrix


Page 30

5.12 Documentation

5.12.1 The Service Provider is expected to produce detailed and updated documentation

including but not limited to the following:

5.12.1.1 Technical architecture diagrams.

5.12.1.2 Technical Design Specifications.

5.12.1.3 System Administration manuals.

5.12.1.4 List of modules installed and configured.

5.12.1.5 Maintenance report template

5.12.1.6 Training manuals.

5.12.1.7 Standard operating procedures.

5.12.1.8 Module manuals including documentation of specific ACSA module

configurations at a particular point in time.

5.12.1.9 The Service Provider is expected to provide written proof of their

partnership status with the OEM or any form of accreditation that

certifies that the Service Provider has the necessary resources and

skills to work on the specific technologies or devices.

6 Respondents Quote Information

6.1 Maintenance Price Schedule

6.1.1 ServiceNow ITSM is a cloud-based solution which does not require scheduled

maintenance on the part of the Service Provider who will be supporting the ACSA

instance of ServiceNow.

6.1.2 The OEM usually carries out the scheduled maintenance of the ServiceNow

version; but the Service Provider will support the instance. Monthly Maintenance

fees are for scheduled maintenance of any solution in accordance with an agreed

monthly rate however in this instance the monthly maintenance fee is not

applicable.


Page 31

6.2 Pricing Schedule

6.2.1 Modules licensing will be sourced directly from the OEM however the configuration,

enhancement, integration, implementation, support, and maintenance thereof will

be the responsibility of the appointed OEM certified service provider as per

requirements of this Scope of Work.

PRICING SCHEDULE

Item

No Item Description QTY

Unit

Price

Total (R)

1

Performance Analytics Reporting,

including Configuration and

Implementation.

Unit

R R

2 Service Catalogue Module

Configuration and Implementation.

R R

3 Enhancements to Existing Modules.

R R

4 Active Directory Integration and Plugins.

R R

5 HP Monitoring Solution Plug-in,

Configuration and Implementation.

R R

Total price of items R

Table 17: Capex Cost Schedule


Page 32

Support and Maintenance Item Year 1 Year 2 Year 3 Year 4 Year 5

Annual Monthly Annual Monthly Annual Monthly Annual Monthly Annual

5 year Fixed Charges

R R R R R R R R R

R R R R R R R R R

Total R R R R R R R R R

Table 18: Opex Costs Schedule