NSW Government

Telecommunications: Internet Protocol

Telephony Services Standard

Version 1.0

August 2016

Telecommunications – IP Telephony Services

CONTENTS

1. CONTEXT 3

1.1. Background 3

1.2. Purpose 3

1.3. Scope and application 3

1.4. Policy context 3

1.5. The ICT Services Catalogue 4

2. KEY PRINCIPLES 4

3. REQUIREMENTS 5

3.1. IP Telephony Services 5

3.2. Call Centre Services 5

3.3. Requirements table 5

3.6 . Elements of this standard 7

3.6.1 IP Telephony and Video Services 7

3.6.2 Call Centre Services 8

3.6.3 Service Management requirements 8

DOCUMENT CONTROL 10

APPENDIX A – DEFINITIONS 11

APPENDIX B – ABBREVIATIONS 12

APPENDIX C – REFERENCES 13

APPENDIX D – STANDARDS 14

Developing technical standards 14

Management and implementation 14

Telecommunications – IP Telephony Services

1. CONTEXT

1.1. Background This is a technical standard developed by the NSW ICT Procurement and Technical Standards Working Group. The standard contains technical and functional requirements that agencies should consider when procuring IP Telephony services.

By defining the necessary and common elements across agencies, the standard provides an opportunity to leverage the buying power of Government as a whole, improve procurement efficiency and increase interoperability.

1.2. PurposeThe purpose of this standard is to assist NSW Government agencies to develop, procure and implement Telecommunications - Internet Protocol Telephony Services (TIPTS), as well as take full advantage of their benefits. This standard also helps agencies procure in a strategic manner that reflects the NSW Government’s priorities as outlined in the NSW Government ICT Strategy.

This standard details the issues that need to be considered so each agency can identify the available options that best suit their business requirements, helping agencies achieve value for money through cost savings and improved flexibility of service offerings.

1.3. Scope and applicationThis standard applies to all NSW Government departments, statutory bodies and shared service providers. It does not apply to state-owned corporations, but is recommended for their adoption.

For the purpose of this standard, TIPTS is defined as having the elements set out at section 3.1.

This standard sets out service definitions as minimum requirements that vendors must meet to be able to offer their services through the NSW ICT Services Catalogue. Agencies should consider any specific operational or regulatory factors that impact their requirements, and specific requirements they have in addition to those detailed in this standard.

1.4. Policy contextThe NSW Government ICT Strategy and Digital + 2016 Final Update set out the Government’s plan to: build capability across the NSW public sector to deliver better, more customer-focused services that are available anywhere, anytime; and to derive increased value from the Government’s annual investment in ICT.

Developing whole of NSW Government ICT technical standards is a key initiative of the NSW Government ICT Strategy, driven by the ICT Procurement and Technical Standards Working Group. These standards leverage principles defined in the NSW Government ICT Strategy and the NSW Government Cloud Policy, and they support the NSW ICT Services Catalogue.

The standards set out service definitions as minimum requirements that vendors must meet to be able to offer their services through the NSW Services Catalogue. This helps achieve consistency across service offerings, emphasising a move to as a service sourcing strategies in line with the NSW Government ICT Strategy, and it signals government procurement priorities to industry.

Solutions should also assist agencies in their alignment with the NSW Government Enterprise Architecture (NSW GEA), which encompasses all aspects of enterprise architecture activity at the business, information, application and technology infrastructure layers. The NSW GEA is

Telecommunications – IP Telephony Services

about providing direction and practical guidance to accelerate the development of agency EA capability and enabling a common, intra and inter agency approach to the design of digital government.

This standard should be applied along with existing NSW Government policies and guidance, including the NSW Digital Information Security Policy. More information on the process for the development of standards that populate the ICT Services Catalogue is at Appendix D – Standards.

1.5. The ICT Services CatalogueThis catalogue provides suppliers with a showcase for their products and services, and an opportunity to outline how their offerings meet or exceed standard government requirements. The standards, together with supplier service offerings, help to reduce red tape and duplication of effort by allowing suppliers to submit service details only once against the standards. The offerings are then available to all potential buyers, simplifying procurement processes for government agencies.

Implementing this category management approach embeds common approaches, technologies and systems to maintain currency, improve interoperability and provide better value ICT investment across NSW Government.

2. KEY PRINCIPLES The following key principles underpin this standard:

Fit for purpose: Standards should meet agency business requirements, and provide sufficient bandwidth for current and future applications.

Information security: Meet any applicable requirements of the NSW Digital Information Security Policy and ISO 27001.

Facilitating as a service: TIPTS should facilitate the agency transition to as a service, and ensure agency alignment with broader NSW ICT Strategy.

Interoperability: TIPTS should meet applicable recognised open standards to support interoperability.

Business continuity: TIPTS should meet business continuity requirements (see the NSW Digital Information Security Policy and ISO 27031-2011 for guidance on business continuity).

Value for money: TIPTS procurement should deliver value for money, in line with the investment principles set out in the NSW Government ICT Investment Policy and Guidelines.

3. REQUIREMENTS

Telecommunications – IP Telephony Services

Definitions for items discussed below can be found in Appendix a - Definitions It is recommended that agencies looking at using the IP Telephony and Call Centre Standard also review the Infrastructure as a Service & Platform as a Service standards.

3.1. IP Telephony ServicesIP Telephony Services (for the purpose of this standard) are technologies that use the Internet Protocol's packet-switched connections to exchange voice, video (two way video and audio), fax, and other forms of information.

3.2. Call Centre ServicesContact Centre Services (for the purpose of this standard) is the provision of a suite of multimedia Contact Centre tools.

3.3.Requirements tableThe following table sets out the recommended business and technical requirements for NSW Government. It provides a consistent approach for all NSW Government agencies regardless of their size. Explanations for each element of table are provided at section 3.x.

Required Optional, but beneficial

Telecommunications – IP Telephony Services

‘Use cases’ for Telecommunications – IP Services that are anticipated in agencies are included in the table below. The corresponding requirement sections of this standard are marked in the columns.

Use Case / Scenario – Silver Service

Telecommunications – Internet Protocol Telephony Service Service Management

VOIP

Han

dset

s

Pagi

ng o

ver I

P

Softp

hone

s

Smar

tpho

nes r

epla

ce o

ffice

ha

ndse

ts

Brin

g Yo

ur O

wn

Devi

ces

Uni

fied

Com

mun

icati

ons,

au

dio

and

vide

o c

onfe

renc

e se

rvic

es

Link

age

to tr

aditi

onal

PAB

X

Qua

lity

of S

ervi

ce

Web

-cha

t

Colla

bora

tion

with

e-m

ail a

nd

UC

solu

tions

Self-

serv

ice

adm

inist

ratio

n

Full-

serv

ice

adm

inist

ratio

n

Clou

d co

mpl

iant

hos

ting

faci

lity

NSW

Gov

ernm

ent D

ata

Cent

re

Ons

hore

/offs

hore

m

anag

emen

t

Serv

ice

leve

l man

agem

ent

Mul

ti-se

rvic

e br

oker

pro

visio

n

Perf

orm

ance

and

late

ncy

Disa

ster

reco

very

IP Telephony and Video Services

Call Centre Services

6

Telecommunications – IP Telephony Services

Use Case / Scenario – Gold Service

Telecommunications – Internet Protocol Telephony Service Service Management

VOIP

Han

dset

s

Pagi

ng o

ver I

P

Softp

hone

s

Smar

tpho

nes r

epla

ce o

ffice

ha

ndse

ts

Brin

g Yo

ur O

wn

Devi

ces

Uni

fied

Com

mun

icati

ons,

au

dio

and

vide

o c

onfe

renc

e se

rvic

es

Link

age

to tr

aditi

onal

PAB

X

Qua

lity

of S

ervi

ce

Web

-cha

t

Colla

bora

tion

with

e-m

ail a

nd

UC

solu

tions

Self-

serv

ice

adm

inist

ratio

n

Full-

serv

ice

adm

inist

ratio

n

Clou

d co

mpl

iant

hos

ting

faci

lity

NSW

Gov

ernm

ent D

ata

Cent

re

Ons

hore

/offs

hore

m

anag

emen

t

Serv

ice

leve

l man

agem

ent

Mul

ti-se

rvic

e br

oker

pro

visio

n

Perf

orm

ance

and

late

ncy

Disa

ster

reco

very

IP Telephony and Video Services

Call Centre Services

7

Telecommunications – IP Telephony Services

3.6. Elements of this standard

3.6.1 IP Telephony and Video Services

VOIP Handsets

Provision of VOIP handsets as part of the service as required by the commission agency. A full description of the handsets available should exist in the form of a catalogue. All responses to market engagements should describe how their solutions will deliver services and any known limitations.

Paging over IP

Provision of ‘paging over IP’ as required by Agencies that have a need to alert staff members to a situation. Solutions should identify how these services are delivered and what if any limitations exist in the provision of said services.

Softphones

Solutions to provision ‘soft phone’ outcomes that work seamless with all common operating environments and with both wired and wireless connectivity options. Solutions should identify how these services are delivered and what if any limitations exist in the provision of said services.

Smartphones replace office handset

Solutions to permit the usage of mobile smartphones as replacements for office based VOIP handsets. When devices enter a defined ‘geo-fence’ the device becomes a replacement for VOIP handset numbers without the need to ‘forward to external’. When outside of the ‘geo-fence’ the number can optionally be ‘call forwarded’ to device.

Bring Your Own Devices

Solutions should be able to support ‘Bring Your Own Devices’ (BYOD) options in meeting the above element. Please also refer to the ‘Mobile Device and Application Framework’ for additional information support for BYOD requirements.

Unified Communications, audio and video conference services

Solutions to provide the ability to support two video/audio conference services that are linked with agency Unified Communications (UC) platform(s). Responses to any market engagement(s) need to articulate the UC platforms they can integrate with together with other additional information on other third party devices the solution can use to meet the requirements of this element.

Linkage to traditional PABX services

Solutions must provide appropriate linkages to traditional PABX services either for the purposes of transition away from these services or as an on-going requirement. Responses to any market engagement must describe how their solution achieves this outcome together with known limitations in terms of PABX systems they can connect with.

Quality of Service

Solutions are to ensure appropriate Quality of Service (QoS) exist to ensure services are delivered to the required service standard either as defined in the service description or as agreed between the agency(s) and the solution provider. Responses to any market engagement must describe how their solution delivery this requirement including provision of a sample table.

8

Telecommunications – IP Telephony Services

3.6.2 Call Centre Services

Web Chat

Solutions to provide the ability to conduct ‘web chat’ functionality to ensure real-time communications via all commonly used web browsers and operating platforms . Responses to any market engagement must describe how their solution delivery this requirement and any known limitations.

Collaboration with e-mail and Unified Communications platforms

Solutions to provide the ability to seamlessly integrate with all common e-mail and/or unified communications platforms/solutions. Responses to any market engagement must describe how their solution delivery this requirement and any known limitations.

3.6.3 Service Management requirements

Self-service administration

The ability to automatically provision and de-provision for all agency resources within the system, together with other appropriate administration and management tasks that can be delegated from the service provider that do not impinge on the solution being provided to other customers.

Full-service administration

All provisioning, de-provisioning, together with all other administration and management tasks required to operate the environment, are provided as part of the service offering. The only exception will be service management of the provider which remains the sole responsibility of the initiating agency.

Cloud compliant hosting facility

All relevant cloud services for the solution may be provisioned from a compliant hosting facility. Compliant hosting is defined as having the following attributes and/or capabilities:

The location of the hosting facility must be identified either by name and/or location (city and country) in any response.

The hosting location cannot be changed without first informing the agency concerned.

The service provider undertakes, maintains and provides access to SSAE 16 Service Organization Control (SOC) Type II reports (or equivalent) for the services and facilities in scope for the engagement.

The hosting facility must comply with minimum Tier 3, as defined by the Uptime Institute, ANSI TIA-942, or an equivalent industry standard.

The hosting facility must be certified against ISO 27001; compliance with the following international standards is desirable:

o ISO 9001

o ISO 27002

o ISO 20000-1:2011

o ISO 14001

Other desirable certifications may include, but are not limited to:

o PCI-DSS v3.0 or later

o Australian Signals Directorate

o ASIO-T4

9

Telecommunications – IP Telephony Services

o Uptime Institute

o CSA

Also consider contractual obligations relating to the service provider allowing security assessments and treatment of outcomes as agreed with the client.

If the hosting facilities changes to a location that is deemed unacceptable either to NSW Government or to the agency and/or loses attributes and/or capabilities identified above, the agency may need to consider termination of services.

NSW Government Data Centre

All relevant services for the solution may be provisioned from one or both NSW Government Data Centres (GovDC). Depending on the service offering and agency requirements, it may be possible to ‘burst’ some elements of services to other location(s) subject to agreement with the commissioning agency.

Burst data centres must be deemed ‘compliant’. If the ‘burst’ data centre facilities change to a location that is deemed unacceptable either to NSW Government or to the agency, the agency may need to re-examine the ‘burst’ service or the full service.

Onshore/offshore management

All solution providers must be able to articulate where their services will be provided from, including any remote support services. For example, with a ‘follow the sun’ support model, the locations of each of their support sites around the globe need to be identified. Any changes to these need to be communicated to the customer agency promptly and if this causes issues, the agency has the right to cancel the service with appropriate notification.

Service level management

Agencies will retain ultimate responsibility for service level management in any solutions engagement, which would ordinarily be covered by a SLA. Agencies, service-brokers and solution providers need to agree all SLA reporting and other related activities as part of any transition-in process.

Multi-service broker provision

Any solution provider must work within the confines of a multi-service provider environment where either the agency or nominated provider will perform broker service provision. This will be defined as one provider being made accountable for the provision of all associated services, whether these are provided by the provider itself, or other third-party providers.

Performance and latency

The solution will provide appropriate built-in redundancy to achieve agency required levels of service. Typically this may be not less than 99.99% availability 24 hours 7 days per week. Bandwidth and latency expectations are to be defined and agreed up front.

Disaster recovery

The solution is to have appropriate levels of disaster recovery (eg high availability) built in to minimise downtime or disruption to the service. This element could include anything from a duplicated solution that is available immediately if the primary site fails, to a fully documented process for restoring services within Service Level Agreement (SLA) defined times.

10

Telecommunications – IP Telephony Services

DOCUMENT CONTROL

Document historyStatus: Final

Version: 1.0

Approved by:

Approved on:

Issued by: IDG Policy & Innovation, ICT & Digital Government Division, Department of Finance, Services & Innovation (DFSI)

Contact: IDG Policy & Innovation, ICT & Digital Government Division, Department of Finance, Services & Innovation (DFSI)

Email: standards@finance.nsw.gov.au

Telephone: (02) 9372 7445

Review This standard will be reviewed as required.

11

Telecommunications – IP Telephony Services

APPENDIX A – DEFINITIONS

Term Definition

Federated VoIP packetized voice telephony that uses voice over IP between autonomous domains in the public Internet without the deployment of central virtual exchange points or switching centres for traffic routing.

Internet Protocol’s packet switched connection

digital networking communications method that groups all transmitted data into suitably sized blocks, called packets.

12

Telecommunications – IP Telephony Services

APPENDIX B – ABBREVIATIONS

AIIA Australian Information Industry Association

AMQP Advanced Message Queuing Protocol

APN Access Point Names

ASCII American Standard Code for Information Interchange

ASD Australian Security Directorate

ASIO Australian Secret Intelligence Organisation

BCM Business Continuity Management

BLE Bluetooth Low Energy

BYOD Bring Your Own Device

CMIS Content Management Interoperability Services

CMS Content Management System

CSA Canadian Standards Association

FTP File Transfer Protocol

GovDC Government Data Centre

ICT Information & Communication Technology

IoT Internet of Things

ISO/TC International Organization for Standardization / Technical Committee

IT Information Technology

LDAP Lightweight Directory Access Protocol

MQTT Message Queuing Telemetry Transport

NFC Near Field Communications

OCR Optical Character Recognition

OS Operating System

PCI-DSS Payment Card Industry – Data Security Standard

PoF Pool of Funds

PTS Procurement & Technical Standards

QR Quick Response

SOA Service Oriented Architecture

SOAP Simple Object Access Protocol

SSO Single Sign On

VoIP Voice over Internet Protocol

13

Telecommunications – IP Telephony Services

APPENDIX C – REFERENCES Agencies should have regard to the following statutes, NSW Government policies and standards:

AS/NZS ISO 31000 Risk management – Principles and guidelines Electronic Transactions Act 2000 Government Information (Public Access) Act 2009 Health Records and Information Privacy Act 2002 ISO 27031-2011 Information technology – Security techniques – Guidelines for information and

communication technology readiness for business continuity ISO 27001 Information technology – Security techniques – Information security management

systems – Requirements ISO 24762 – IT Security Techniques – Guidelines for ICT Disaster Recovery Services NSW Government Digital Information Security Policy NSW Government Open Data Policy NSW Government Cloud Policy NSW Government Standard for Data Quality Reporting NSW Government ICT Strategy NSW Government Implementation Update 2013-14 NSW Government Digital + 2016 Final Update NSW Government Information Classification, Labelling and Handling Guidelines NSW Government Investment Policy and Guidelines NSW Procurement: Small and Medium Enterprises Policy Framework Privacy and Personal Information Protection Act 1998 Public Finance and Audit Act 1983 Public Interest Disclosures Act 1994 State Records Act 1998 TPP 09-05 - Internal Audit and Risk Management Policy for the NSW Public Sector

14

Telecommunications – IP Telephony Services

APPENDIX D – STANDARDS

Developing technical standardsDevelopment of a standard begins with identifying the need for a new standard, which is followed by the development of the standard in consultation with the industry and experts groups, including the Australian Information Industry Association (AIIA).

The following diagram outlines the process.

The ICT Procurement and Technical Standards Working Group (PTS Working Group) is chaired by the Department of Finance, Services & Innovation (DFSI) and includes senior representation from across NSW Government.

Agencies engage with the PTS Working Group concerning services for inclusion in the ICT Services Catalogue. This drives the development of technical standards, where none exist. The PTS Working Group has the leading role in reviewing and endorsing the technical standards developed in response to agencies’ requirements.

The PTS Working Group is supported by two sub-groups responsible for the areas of Telecommunications and Services and Solutions. The sub-groups are responsible for initial development and review of standards relating to their areas of responsibility.

Management and implementationThere is scope to modify standards through the NSW Government ICT governance arrangements as necessary. Standards are designed to add value, augment and be complementary to, other guidance, and they are continually improved and updated.

This standard does not affect or override the responsibilities of an agency or any employee regarding the management and disposal of information, data, and assets. Standards in ICT procurement must also address business requirements for service delivery.

NSW Procurement facilitates the implementation of the standards by applying them to the goods and services made available through the ICT Services Catalogue.

15

Need for new or amended standard

identified

Standard developed (Industry/agencies

consulted)

Standard approved and released by PTS

Working Group

Market engagement for services which meet the standard

Services added to Catalogue

Business requirements change