· Web viewCan you please share the number of tables/views/triggers/functions/procedure counts with its complexity from existing Oracle database. ... No personalization is needed

STATE OF COLORADOGOVERNOR’S OFFICE OF INFORMATION TECHNOLOGY and DEPARTMENT OF

HUMAN SERVICES

REQUEST FOR PROPOSALS

Colorado Trails Modernization – Intake & Resource Modules

RFP Number: EGBA 2016000174

Vendor Questions and Answer Document

Procurement Office (Purchasing and Contracts) - 601 East 18th Avenue, Suite 150 - Denver, CO 80203

REQUEST FOR PROPOSALS QUESTION AND ANSWER DOCUMENTNumber Section &

Page(s)Question Response

1 1.23 Ownership of Contract Products, pg. 7

3.3.3 Global Technological Components, pg. 34

RFP, page 34, Final Acceptance - CDHS maintains ownership of system source code and all supporting documentation.

RFP, page 7, 1.23 Ownership of Contract Products - All products produced in response to the contract resulting from this RFP will be the sole property of the State. Any exceptions must be outlined in detail. This includes but is not limited to the retention of software ownership rights specified in 45 CFR 95.617, (a) and (b). Exceptions may serve as cause for rejection of the proposal.

For PaaS/SaaS solutions, a Cloud Services Provider would be responsible for maintaining access in terms of performance and availability to the State's data. The State's data would be owned by the State. The State would have access to its data and metadata, but not all of the PaaS/SaaS solution source code. The State would have full rights to extract their data at any time during the subscription service. However, PaaS/SaaS Cloud Services Provider does not typically offer system source code because it is inapplicable to software delivered as a service subscription through a multitenant architecture. While it is possible to provide the source code in an escrow account for a configured solution, the source code would only be able to operate in the Cloud Service Provider's PaaS/SaaS environment.Therefore, will the State adjust the requirement of “complete ownership of the system source code” for PaaS/SaaS solutions accordingly?

The State of Colorado understands that if a Cloud Services Provider is selected that ownership of the system source code and the products produced will need to conform to a slightly different model than described in the RFP.

The description provided supports current SACWIS and potentially future CCWIS requirements but does not limit or impose on the Offeror’s selection restrictions.

The contract would be properly worded to accommodate the required changes for a PaaS/SaaS solution. The State of Colorado’s contract adequately protects the Offeror’s Intellectual Property.

If selected, the PasS/SaaS solution would need to be able to support transfer of data in a compatible way should CDHS choose to move away from the PaaS/SaaS solution at a later date.

2

Number Section & Page(s)

Question Response

2 1.24 Proposal Pricing, pg. 8 and 2.5 Application Environment, pg. 17

To clarify Sections 1.24 and 2.5 should we prepare our bid with the assumption that any new components proposed as part of this bid will be hosted in the State secure hosted environment or in a federally approved environment?

Yes, if an Offeror is proposing a solution that doesn’t use the State’s secured hosted environment; the alternative must include a federally approved environment or has an existing federally approved waiver. Please include validation that the federally approved environment or federal waiver already exists.

3 1.24 Proposal Pricing, pg. 8

Given the state’s interest in utilizing an agile development method, the request to provide a “firm, fixed bid…” can create challenges. Agile practitioners, as you know, incorporate user/stakeholder input throughout the development effort, which often results in adjusted priorities and costs. Fixed price bids can impede the capacity of the team to incorporate that input and to prioritize solutions based on that input. Can the State provide guidance on how bidders should factor the significant benefits of an agile methodology into its pricing?

The State of Colorado’s interest in obtaining “firm, fixed” bids is primarily to allow comparable pricing for the evaluation phase of the RFP. It is understood that an Agile approach may produce variable pricing that will be resolved during contract negotiations. However, the purpose of bidding each module limits the Offeror’s exposure of risk for underestimating its portion of the project and should provide the State with fewer amendments than contracting a “firm, fixed” bid for the whole project.

4 1.24 Proposal Pricing, pg. 8, 1.37 Cloud Projects, pg. 9 and 2.5 Application Environment, pg. 17

Vendor hosted or State hosted solutionCould the State clarify its expectations around system location/vendor hosting? Several RFP Sections (for example, Section 1.24 requests vendors to provide firm fixed pricing for ‘ongoing hosting’, requirements surrounding Cloud Projects (section 1.37)) would be applicable if the vendor was hosting the solution, but the RFP Section 2.5 states to presume that the system will continue to reside within the State secure hosted environment. Can the State please clarify?

The CDHS does not want to limit Offerors in their solution offering. Thus, the language allows for an Offeror hosted solution, but presumes the Offeror will use the existing State secure hosted environment.

As stated in Question #2, an existing federally approved alternative is acceptable, but the bid must include the on-going price of an Offeror hosted environment if the Offeror proposes this solution

5 1.37 Cloud Projects, pg. 9

Does the state prefer Iaas or Paas No, there is no preference.

6 1.43 Audit, pg. 11

Section 1.43 Audit reserves the right for the State to require a process auditCan the State provide any additional information as to the type(s)/scope of these audits?

The State of Colorado typically does not conduct audits for this type of process. This language is included in the event that the Federal partners require audits.

7 2.1 Background and Overview, pg. 13

Please provide the number of users that will use the Intake, Resource, Staff Management, and System Administration modules.

Approximate User Counts are as follows:Intake – 3500Resource – 1200Staff-Org – 266System Administration - 10

3


Question Response

8 2.1 Overview and Objectives and Scope, pg. 15

Section 2.3 on page 15 of the RFP references in item 5 on this page "Plans to develop new interfaces with other organizations. . ." Does this include the five new bi-directional exchanges added (e.g., medical, education, courts) in the proposed CCWIS regulations from ACF? Is the intent to use electronic data exchange standards as referenced in the proposed CCWIS regulations?

Although the State’s decisions on interfaces are not driven by the proposed CCWIS regulations, an understanding of the ACF proposed direction will be considered.

As stated in the RFP, interface changes will be done in conjunction with the Interoperability project.

Offerors should not expect new interfaces other than that of the Trails Intake and Resource module interfacing with the current Trails at this time.

9 2.3 Technology and Architecture, pg. 14

The RFP mentions that there are 87 interfaces in TRAILS. Please clarify which interfaces are to be supported as part of the Intake and Resource modules. Additionally, please provide the technical details of these interfaces?

The Istonish study used a Deloitte produced interface count (prepared for a separate engagement but leveraged by Istonish). Included in the count of 87 were MS Excel spreadsheets, Access databases, and other not truly integrated data sources.

The information provided in 2.3 Technology and Architecture, pages 14-16 is what Offeror’s should be using as a basis for their response.CDHS expects the Intake and Resource modules to interface with current Trails via one of the existing interface protocols preferably Secure FTP, or Web Services. Technical details of the interfaces will be provided to the selected vendor.

A two-headed arrow indicates a bi-directional interface while a one-headed arrow indicates an interface from the tail to the system at the head of the arrow.

10 2.3 Technology and Architecture, pgs. 14-16

"Are the arrows (Uni and Bi-directional) indicated in Integration diagram consists of Integration interfaces in scope to be implemented in MuleSoft plaform.Please provide Integration Interface catelogue with compleixty guidelines(Simple, Medium, Complex) for the Integration services in scope (if available)for Intake and Resource module."

MuleSoft is a proposed but still undecided solution. As referenced in 3.4.5, page 39, that decision will be made in conjunction with the Interoperability project.

Offeror’s should consider the information provided in 2.3 Technology and Architecture, pages 14-16 as a basis for their response.

4


Question Response

11 2.3 Technology and Architecture, pg. 14

Are there plans to update the following?• Oracle 10g• Windows XP

Yes, scheduling has not yet been determined. If your proposed solution requires an upgrade include that need in your response.

The Windows XP upgrade is currently underway. Once again if this is problematic, include in your response.

12 2.4 Purpose of Request for Proposal, pg. 17

A stated objective of CDHS’ RFP is to “provide a system that supports online and offline mobile capabilities”. Can you please provide details on the specific functions that require offline capability?

Case workers should be able to record intake activities that cache locally and are automatically updated once connectivity is restored.


Section 2.4, page 17, objectives Item #2. "Develop an application that supports the data interfaces shown in the integration diagram found on page 16." Which of these data interfaces will be supported by the modules included in this RFP, Intake and Resource, and are within the scope of this RFP?

Please see the response provided in Question 9 of this document.


Does the State have a preference to “build” vs. incorporating pre-built software?

The CDHS has no preference.

15 2.5 Application Environment, pg. 17

Section 2.5 2nd paragraph states, "Proceed with the presumption that the system will continue to reside within the State secure hosted environment. New Services, applications and major revisions to existing applications may be supported in a federally approved cloud-based environment should the State elect to do so."

Can you please confirm our understanding that the State is open to a cloud-based solution for the Intake and Resource modules?

Please see the responses provided in Questions 2 & 4 of this document.

5


Question Response

16 2.5 Application Environment, pg. 17, 3.2.1 Treasury, Federal and Internal Revenue Service Data Security Requirements, pg. 19, and 3.3.3 Global Technological Components, pg. 28

Section 2.5, Application Environment and Section 3.3.3, technical aspects and feature, Item 1: Page 28 states "The solution must reside within the State secure hosted environment" while Section 2.5 states "CDHS requires the Trails system reside within the State secure hosted environment or on a federally approved environment"; Page 19 states "all rules, policies and guidelines related to secure cloud storage and the Federal Risk and Authorization Management Program (FedRAMP) apply."

Based on this (conflicting) information can we conclude that a FedRAMP compliant cloud solution would meet the state's requirements?

Please see the responses provided in Questions 2 & 4 of this document.

6


Question Response

17 2.5 Application Environment, pg. 17

RFP Page 17, 2.5 Application Environment - CDHS requires the Trails system reside within the State secure hosted environment or on a federally approved environment. Secure access by multiple users should be available over the network and through standard mechanisms that promote use by heterogeneous thin or thick client platforms (e.g., mobile phones, tablets, laptops, and workstations). Proceed with the presumption that the system will continue to reside within the State secure hosted environment. New services, applications and major revisions to existing applications may be supported in a federally approved cloud-based environment should the State elect to do so. RFP, Page 28, #1 - CDHS desires a solution with the following technical aspects and features:

The solution must reside within the State secure hosted environment. RFP Page 52, 3.5.2 Hosting, Ongoing Support, Maintenance, Upgrade, License Cost - The State requires an all-inclusive Cost Proposal including subscription/support of the product. Furthermore, total quoted pricing must be inclusive of software subscription, Licensing Cost, Ongoing Support, and should include any costs required to keep up-to-date with recent releases (e.g. updates, upgrades, patches, etc.). This section should include pricing for scalable licensing over the course of the agreement. Provide your Service Level Agreement (SLA) options (including service response times based on severity of the issue) and associated costs. Describe what is covered and not covered in your maintenance and support agreement. Describe the support you provide to your customers during a critical failure of the service. The State indicates on RFP page 28, item 1, “The solution must reside within the State secure hosted environment.” However, RFP Page 17, item 2.5 Application Environment indicates that the solution can reside “on a federally approved cloud-based environment.” Additionally, Section 3.5.2 - Hosting, Ongoing Support, Maintenance, Upgrade, License Cost, requires the inclusion of subscription licensing costs. These sections appear to be in direct conflict. Can the State please adjust RFP Page 28, item 1 to reflect that the solution can either reside within a State secure hosted environment or a federally approved cloud-based environment?

As stated in Question 2 - Yes, if an Offeror is proposing a solution that doesn’t use the State’s secured hosted environment; the alternative must include a federally approved environment. Please include validation that the federally approved environment already exists.

In addition, CDHS is looking for a comprehensive cost response. This includes all associated project costs as well as any licensing costs and associated ongoing support costs associated with the proposed solution.

7


Question Response

18 3.2 Mandatory Requirements, pg. 18

RFP, Page 18, 3.2 Mandatory Requirements

The following are regulatory requirements under this RFP.

Can the State please define how vendors are to respond to these Mandatory requirements? What regulatory requirements from this list are applicable to the software solution being implemented?

The state requires vendors to be in compliance with these requirements. As long as respondents have registered to do business with the Colorado Secretary of State’s office compliance should be met.

As stated in the last sentence of the first paragraph of item 3.2, the State of Colorado requests a statement of affirmation that the vendor meets the requirements.

19 3.2 Mandatory Requirements

Mandatory Requirements

Regarding the reference materials located in Table 2 section 3.2, National Institute of Standards and Technology (NIST) Publications, The Open Web Application Security Project (OWASP) for Top 10, Statement on Standards for Attestation Engagements 16, and Internet Security Hardening, what specific requirements are mandatory for this RFP?

Offeror’s need to acknowledge understanding and the willingness to comply with all listed security standards.

Choice of controls to meet compliance will be at the Offeror’s discretion and will be evaluated throughout the design process.

20 3.2.1 Treasury, Federal and Internal Revenue Service Data Security Requirements, pg. 19

RFP, Page 19, 3.2.1 Treasury, Federal and Internal Revenue Service Data Security Requirements - For this solicitation, all rules, policies and guidelines related to secure cloud storage and the Federal Risk and Authorization Management Program (FedRAMP) apply. This includes but is not limited to: industry recognized/best practices for securing sensitive information, industry recognized/best practices for securing health information, and the Internal Revenue Service Publication 1075 for securing federal tax information (FTI).

Does the State plan to store FTI data in the Trails solution? Will the State accept responses that propose an encryption solution to meet the IRS 1075 requirements in protecting FTI data? The encryption solution would encrypt all data in transit and at rest and which the keys could be managed solely by the State and not by the Cloud Services Provider.

Yes, plan for maintaining FTI data, and yes, the proposed encryption solution would be acceptable.

21 3.3 Technical Requirements, numerous

Section 3.3 of the RFP contains numerous references to Intake and Resource workflows. Can Offerors receive access to existing workflow or system documentation prior to submitting a response to the RFP? Will a “bidder’s library” be made available to Offerors?

See Attachment H – Workflow (Intake, Resource, Staff-Org, Sys Admin) document.

8


Question Response

22 3.3 Technical Requirements, numerous

Section 3.3 of the RFP lists an approximate number of fields for both the Intake and Resource modules. Will the State provide Offerors a data dictionary or data model documentation to help inform data migration estimates?

See Attachment I – Trails Data Dictionary

23 3.3.1 Technical Overview, Functionality and Use, pg. 20

Please provide details on the Hotline functionality that was in the FY2014-15 new development project as well as additional details on how the estimated architecture reuse (50%) was arrived upon (section 3.3.1.2)?

The middleware reuse estimates were developed using the same methodology described in the response to Question 30. In this instance the percentages presented were arrived at by the state technical resources responsible for Trails and the design of the 5 newly developed application components (Hotline, Safety/Risk, Red Team Framework, NYTD, and Human Trafficking)


Are there any Data Model available for the existing systems that include the table definitions?

These are not available.


Can you please share the number of tables/views/triggers/functions/procedure counts with its complexity from existing Oracle database

See Attachment D, complexity information is not available.


Are there any Data Modeling tools available? The only tool currently used is Toad.


What is the yearly data growth expected (in GB)? Yearly growth is expected to be 2 – 5%.


Are the following already implemented for the existing set of databases and needed for the target databases.(a) high Availability. If yes, please provide the HA approach(b) Disaster Recovery. If yes, please provide the approach(c) Replication. If yes, please provide approach and what are the features(d). Security. If yes, what features of security is needed

A. High Availability (HA) is not currently available, but a preferred solution would provide HA.B. The Disaster Recovery (DR) approach is an alternate warm data site recovery process (no more than 24 hr. data recovery point).C. Replication is not in place and lower environments are manually maintained.D. Security is of critical importance please see sections 1.35, 1.37, 3.2.1, 3.2.2, and Attachment F – State of Colorado System Security Plan of the RFP for additional details.

9


Question Response


Please define what "offline" capabilities are desired versus mandatory for the modernized TRAILS. If offline capabilities are mandatory, please provide the specific functional requirements that define expected user functionality.

Please see the response provided in Question 12


Given the interest in responses employing a reuse strategy, it would be helpful to understand what approach was used to determine the code reuse percentages listed in section 3.3.1 (“Technical Overview, Functionality and Use”). Can the State describe the approach used?

The reuse estimation approach was as follows: Used only assuming the strategy presented is a

C# / .net Framework using the existing Oracle database

Is not a required Offeror solution but provided as an estimate for reuse should it be offered as a solution

Was prepared by the Trails technical product owner and other Trails technical resources based on their understanding of the full 15-year evolution of the Trails system and its disparate technical components

Was based on technical evaluation of the existing system, the ability to leverage PowerBuilder code for development in C# as well as leveraging the code already developed using C#/net Framework for the 5 listed 2014/2015 development projects

As indicated, these are approximate / estimated figures and are provided for informational purposes only

In no way is this information meant to deter an Offeror from presenting alternative technical solutions

31 3.3.2 Implementation Phases, pg. 22

On Page 22 of the RFP, it is mentioned that RFPs will be released for additional modules in the Trails modernization effort. The following are mentioned: Assessment/Commitment, Case, Fiscal, and Mule ESB. Will there be a separate RFPs released for each module, or will modules be combined in some way?

Assessment/Commitment, Case, and Fiscal will each be released as separate RFPs. Handling of the integration (potentially Mule ESB) will be done separately as well.

32 3.3.2 Implementation Phases, pg. 22

Will the vendor who is awarded the contract for this RFP be precluded from bidding on the subsequent Trails modernization modules?

No, Offerors are welcome to bid on any and all of the Trails Modernization modules.

10


Question Response

33 3.3.2 Implementation Phases, pgs. 22-23

We applaud the State for considering a nimble, Agile project management SDLC to lower overall project risks. Submitting development materials to a waterfall approval process could prove mutually burdensome and blunt nimble efforts. Keeping in the goal of agility, would the state consider an alternate approval process for documents created collaboratively during a Sprint? State stakeholders would already be well aware of SDLC artifacts, via their visibility and engagement in the Spring process.

The project will be a combined Waterfall and Agile (Watergile) project.

The State’s EGC project management methodology is a Waterfall project management structure that keeps project stakeholders, the legislature, and other identified persons informed of the individual module milestones and budget as well as keeping those individuals informed about the 3-year master project progress as a whole (combined responsibilities for both the State OIT assigned Projects Manager as well as the selected vendor’s Project Manager)

CDHS is expecting that the selected vendor Offeror manage all software development lifecycle (SDLC) activities using Agile. Submission of development materials for approvals would be managed using the Agile methodology.

34 3.3.2 Implementation Phases, pg. 22, 3.4.13 Design, pg. 47, and 3.4.15 Fit/Gap Analysis, pg. 47

Agile development methodology

RFP Section 3.3.2 it states the CDHS’ preference that development be managed using Agile project management methodology, and this section further outlines Agile methodology deliverables. RFP section 3.4.13 and 3.4.15 appear to require more of a traditional waterfall approach. Can you please clarify?

Please see the response provided in Question 33.

35 3.3.3 Global Technological Components, pg. 24

Please elaborate AFCARS/NYTD file maintenance functionality that needs to be implemented as part of the Intake and Resource modules? Is the State expectation is to generate the AFCARS/NYTD files from System Administration module?

Yes, the data collection periods are October 1 - March 31 and April 1 – September 30


Please elaborate the functionality required to implement Administrative Research Division maintenance (Instrument, Heading, Question, and Response maintenance) in the System Administration module?

See Attachment K – CDHS ARD


Please provide the workflow details of Intake, Resource and System Administration modules?


11


Question Response


Section 3.3.3 on page 26 lists Child Abuse Hotline, Child Welfare, Department of Youth Corrections, and Department of Youth Corrections Senate Bill 94 under "f. Individual workflows / supported business processes" for the Resource module. What are the high level functional areas within these business processes? For example, recruitment, resource directory, foster care licensing, facility licensing, and contracting.



The scope of the RFP calls for modernizing 2 Trails modules – Intake & Resource. Intake was presented in sufficient detail to enable the reader to sufficiently identify the scope. However, the Resources module was presented at a high level and does not present sufficient detail to accurately scope the functionality that is being requested. Can the State provide a breakdown of the sub modules within Resources that are in scope for this RFP?

Additional information has been provided in Attachment H – Workflow (Intake, Resource, Staff-Org, Sys Admin).


RFP, Page 27 High Level Build Requirements for the web-based system, #2

The State uses the term “hotline” in this requirement and also refers to the “Child Abuse Hotline” (on page 25) as a component of the Intake module. Does the State wish to deploy call center functionality to address the needs of the child abuse hotline? Does the State currently have a centralized contact center? Or is the Child Abuse Hotline a different phone number for each county? Does the State have a desire to centralize this function and distribute referrals to the appropriate counties through the proposed system? Does the State have computer telephony integration (CTI) software currently? If so, what vendor/version(s)?

The call center system is already established and work on the Hotline phone network is out of scope for the Trails Modernization project.

Currently the call center functionality populates limited information in the Child Abuse Hotline application (C#/.net Framework), that information is passed on to Trails (PowerBuilder).

The intent is for the Child Abuse Hotline functionality to become just another component in Intake with the Trails Modernization project.


RFP, Page 27 High Level Build Requirements for the web-based system, #7

Does the State currently have call recording software? If so what vendor/version(s)?

Genesys Agent Desktop (GAD) and True Connect technologies are being used for the Child Abuse Hotline call center. Both systems have recording capabilities. As stated earlier, the Hotline phone network is out of scope.

42 3.3.3 Global Technological Components, pgs. 27, 30, 31

Can you please clarify if CDHS is seeking mobile applications that integrate with Trails in addition to an overall responsive mobile enabled solution? If so, can you please clarify the requested mobile use cases?


12


Question Response


Page 27, Encryption: "1. The proposed solution will include field level data encryption at rest and in motion."

Would encrypting everything in motion and encryption at rest for specific fields (social security number, etc.) meet this requirement?

Yes, it will meet the requirements. Specific field identification would be done with the selected vendor during requirements gathering activities.


"Please confirm the Enterprise security requirements in scope to be implemented in Integration Platform.- SSO with LDAP 3 for Authorization using SAML 2, OAuth 2.0 for authorization with MS AD or 3rd Party Identity management, SSL/TLS , Message encrption

In case of any other, please mention"

SSO with LDAP 3 for Authorization using SAML 2, OAuth 2.0 for authorization with MS AD or 3rd Party Identity management, SSL/TLS , and Message encryption are the only current Enterprise security systems identified at this time.


Technical aspects and featuresQuestion 4The authentication system must integrate with current CDHS LDAP systemsWhat is the current LDAP system used?

The current system used is LDAP 3.


The RFP states that the “[t]he solution must be written in a rapid web development language (e.g. Java and C#…)” and later in the same paragraph “… but Offerors are not required to submit solutions with this technology.” How will the state rank solutions using Java and C# versus those solutions that propose alternative rapid web development language?

Reuse is not a specific selection criterion. The evaluation will look at: is the offered solution web-based, does it allow for rapid development supporting ongoing operations and maintenance development work as well as new development for changing business needs.


Notifications to multiple internal e-mail systems

Section 3.3.3 requires the solution include notifications via multiple internal e-mail systems – what email systems are included in this requirement?

Google and Outlook are the two emails systems used.


Cyber Security CapabilitiesQuestion 8The system provides the ability to build and manage agency specific templates.

Can you please clarify what that means?

This is related to role based security. Details around agency templates will be confirmed during requirement gathering and development of use cases.


Please clarify and provide details regarding the State's expectation of system capability to import/export data.


The client ability to export should include but not limited to: .csv, MS Word, MS Excel, .pdf, XML, etc...

13


Question Response


Interface features and capabilitiesQuestion 14T Can you elaborate on the specific requirements?The system provides word processing functionality for text fields.

Spell checking, field type formatting, and conditional formatting are all examples of desired processing functionality.


On page 36, the State mandates <1 second page load times. If the solution is ultimately hosted in the State of Colorado’s data center and/or if the vendor must adapt to other constraints/conditions in the network and infrastructure, it would be difficult for any vendor to commit to this objective, given the State’s role. Can this be removed as a condition of contract completion since the vendor’s design is only one of many factors that will impact page load performance?

CDHS recognizes that external factors beyond the control of the selected vendor can impact performance. Performance will be measured for the module alone as well as an integrated solution with the current Trails. Should performance be degraded with the integrated solution, resolution options will be considered on a case-by-case basis.

The intent of this requirement is to make sure the actual programming / vendor hosted environment (if applicable with the selected vendor) is not causing load delays. Thus the independent and combined evaluations and collaborative troubleshooting efforts.


Please describe the current technical stack used to create forms, notices and/or templates in TRAILS?

PowerBuilder, .net Framework, and Crystal 11 are all currently being used. Offeror should include the cost to provide any upgrades or changes in technological components needed for their proposed solution.


Page 31, Hiding clients: "5. The system has the ability to “hide”/restrict clients from outside facing websites/reports and internal staff (e.g. high profile offenders, child fatalities, etc…)."

We understand this to mean that the application should restrict the display of sensitive information including the hiding of client records from users who are not authorized to view them. Is this correct?

Yes, that is correct. System restrictions would be for viewing functionality as well as information provided in reports and other system generated communications.


RFP, Page 31, #6 - The system has the ability to seal or expunge partial or whole offender records as defined in requirements (ability can be different based on organization and/or role)

Can the State expand on this requirement? Does the State require eligibility rules to be evaluated to determine whether or not an offender record can be expunged? Does the State have an existing business rules / eligibility rules engine that is involved in this determination? If so, what vendor/version(s)?

This occurs at the field and case level. Specifics around this are fairly complex and not managed with a rules engine. Requirements will be developed with the selected vendor based on the technological solution selected.

14


Question Response


#6 states, "Training will be developed and delivered by the Contractor to the Trails OIT support staff and the Contractor shall provide joint support for six (6) months post deployment to production."

Please provide the detailed services expected as described by “joint support".

It is CDHS’ intent for the selected vendor to train the existing Trails OIT team (BAs, SEs, Developers, Testers, Support, and Trainers), for 6 months after final acceptance, the selected vendor will provide Tier 4 support. This means should a support ticket be received that the OIT Technical Support team can’t address, the selected vendor will assist in troubleshooting the issue and then based on the required resolution assist as needed so the OIT Technical Support team can resolve the issue.

Tier support structure is as follows:1. Tier 1 – Trails OIT Help Desk2. Tier 2 – Trails OIT QA Portfolio3. Tier 3 – Trails OIT Development4. Tier 4 – Selected Vendor Post-Approval Support

Also see Questions 100 and 103 for additional information associated with the Tier 4 support expected from the selected vendor.


Page 31: "13. The system has autotype functionality"

Please define "autotype functionality."

Autotype is a function which fills in a field once you have typed in the first few letters. CDHS desires this functionality for designated fields using pick lists.


RFP, Page 31, #15 - The system has the capability to scan, store, retrieve, link, and delete paper documents and photos.

Does the State currently have a document scanning solution that must be re-used? If so, what vendor/version(s)?

The State does not have a document scanner that can be re-used.


Page 31: "18. The system has data quality controls."

Please elaborate - We are not clear as to what is meant by quality controls.

The data quality controls referred to are field level formatting and input rules.

15


Question Response


RFP, Page 31, #23 - The system allows for the capture of electronic signatures via computer and on mobile devices and has the ability to provide printed forms.

Does the State wish to capture a graphical e-signature (e.g., DocuSign) or is a text field-based electronic keyboard typed signature with an acknowledgement checkbox sufficient?

Either a graphical e-signature or a field-based electronic keyboard typed signature is acceptable.


Page 32: "19. The system can apply “date entered” rules by specific date field."

Please elaborate.

For each date field CDHS will designate date rules (e.g.) such as

Field can be back dated Field can be future dated Field can be left blank Field must record current date


RFP, Page 32, #23 - The system allows a point-in-time snapshot of records.

Can the State please expand on the term “point-in-time snapshot of records?” Does the State simply wish to be able to provide a report on a particular record (e.g., Intake, Referral, Contact, Case, Service Plan) that shows all activities, notes, attachments, and related information for a specific date or date range?

Yes, a point –in-time snapshot of records means the system needs to be able to display a particular record (e.g., Intake, Referral, Contact, Case, Service Plan) that shows all activities, notes, attachments, and related information for a specific date or date range?


Page 32: "23. The system allows a point-in-time snapshot of records."

Please elaborate. What potential problem is this requirement seeking to address?

See the information in Question 61.


Is creation of Reports on transactions passed through ESB gateway expected in MuleSoft layer. If yes, is it through MuleSoft API Analytics platform or Custom solutions?

MuleSoft is out of scope for this module (aligns with the Interoperability project, see page 39). Currently, report creation / transmission is supported via Broker.


The Data Migration section of the RFP states “it is expected that approximately 40% of the data can be repurposed.” How did the State arrive at this percentage?

All reuse estimates were developed using the process outlined in Question 30.


How many years of data should be retained in the target system? All historical data is maintained within the system.

16


Question Response


What is the current Data Archival Policy and method and what is the plan of migration for the archived data?

Although the State of Colorado has data archival policies, Trails data is not archived. Historical involvement is important information to know for providing the best outcomes to Colorado’s children and families.


Are there any semi structured or unstructured data processed? Yes, blob fields are used.


What is the size of Oracle Database (in GB)? 286.09 GB (See Attachment D)


Does current database use any multilingual feature? There are some reports/letters that are translated into Spanish but the application is English only.


Does current database has any encrypted/decrypted data column? If yes, does encryption is done at database layer or application layer?

The database does not have any encrypted/decrypted data columns.


Any prefered ETL tool for data migration? There are no preferred ETL tools for data migration.


How many databases are within scope of this Migration (including DEV, QA, STAGE, PROD)?

See 3.4.16 Build and Configure – the list is:

Development, Test, Quality Assurance (UAT), Staging, Training, and Production


Has the migration approach been decided already? Is this going to be Big Bang or a phased migration? Is this a 24*7 environment? What kind of an outage against the Production System would be feasible?

The migration approach will be a phased migration. It is a 24*7 environment with established maintenance windows.

17


Question Response


Heuristic ConsiderationsUsers often choose system functions by mistake and will need a clearly marked "emergency exit" to leave the unwanted state without having to go through an extended dialogue. Support undo and redo.

Given this would be a web-based solutions, under what specific use cases would you see support required for undo and redo functionality?

In this instance, “Support undo and redo.” refers to the application needing to have functionality that allows the users to undo or redo recent entries / key strokes. It is not referring to the selected vendor providing technical support on how to use undo and redo features.

75 3.4 Vendor Responsibilities and Compliance Requirements, pg. 36

Section 3.4. Many aspects of Section 3.4, particularly related to specific plans and work products, are more aligned to a typical waterfall project, than a true Agile process. Can the State please comment on, and confirm, the vendor will have flexibility with regard to deliverables and work products that align to an Agile approach? Further, please confirm these topics can be address as part of contract negotiation.

As answered in Question 33:

The project will be a combined Waterfall and Agile (Watergile) project.

The State’s EGC project management methodology is a Waterfall project management structure that keeps project stakeholders, the legislature, and other identified persons informed of the individual module milestones and budget as well as keeping those individuals informed about the 3-year master project progress as a whole (combined responsibilities for both the State OIT assigned Projects Manager as well as the selected vendor’s Project Manager)

CDHS is expecting that the selected vendor manage all software development lifecycle (SDLC) activities using Agile. Submission of development materials for approvals would be managed using the Agile methodology.

This can be addressed as part of contract negotiations.

18


Question Response

76 3.4.2 PMO Governance – Gating Process, pg. 37

Section 3.4.2 of the RFP notes that the Offeror will be responsible for contributing to delivery of “appropriate” gating line items. Section 3.4.9 lists eight specific project deliverables associated to the gate process. Does this list represent the only project deliverables that the contractor owns responsibility for delivering and including in the Detail Cost Proposal?

3.4.2 PMO Governance – Gating Process and 3.4.9 Offeror’s Project Management Plan (Final draft after award) address project management deliverables. This list along with the information provided in Attachment E – Executive Governance Committee (EGC) Gate Requirements is list of mandatory project management deliverables. Other deliverables may be required based on specific project management needs encountered throughout the project.

Completion of the Intake, Resource, System Administration, Staff and Organization design, development, testing, deployment, and support activities are the core deliverables and are addressed in 3.3 Technical Requirements.

77 3.4.4 Project Management, pg. 38

Section 3.4.4, Project Management: "CDHS’ preference that development activities be managed using an Agile methodology but support of the EGC project management activities will be managed in the more traditional Waterfall management methodology."

How does CDHS anticipate Agile planning constructs, such as development iterations and putting releases into production, to be taken into account from a project planning perspective? Will deliverables be managed in a waterfall or agile fashion to release product into production?

See Questions 33 & 35

78 3.4.7 Key Personnel, pg. 39

Section 3.4.7. At least one member of the development team will be required to have two years of experience implementing secure RESTful APIs. Given that secure APIs, including a token handshake on the back end, is a relatively new security paradigm, this requirement may well serve to unnecessarily limit the number of vendors who can participate in this procurement. Will the State please delete this very specific requirement, or reduce the requirement to a single year. The latter will reduce the qualification burden.

The State agrees to adjust this requirement to one year of experience.

19


Question Response


Section 3.4.7 Key Personnel requires that all contractor personnel on the project will be designated “Key Personnel”

Would the State consider limiting the designation of Key Personnel to the following positions – 1. Management Lead/Project Manager, Lead Developer, and Scrum Master? This will provide the needed flexibility for the Contractor to bring on the skilled resources in the timelines required by the WBS/project schedule as opposed to trying to identify specific resources several months in advance of the work, while still protecting the State by ensuring the commitment of the Contractor’s lead positions.

The State agrees to this adjustment. Key Personnel will be as follows:

1. Management Lead / Project Manager2. Lead Developer3. Scrum Master


Section 3.4.7. For two of the key roles (interaction Designer / User Researcher / Usability Tester Team, and Development Team), work on at least one Agile development project is required. If Agile is a preferred approach for Trails modernization, but not mandatory, will the State please update the Agile experience requirements to be preferred and maintain alignment with the rest of the RFP?

The Department and its federal partner, ACF, desires the Trails Modernization project use an Agile project management methodology for the development aspect of the project as such the use of an Agile project management methodology for the SDLC is a requirement. If the Offeror believes an alternative approach is more appropriate for their solution, present the reasoning why and the methodology being proposed. This is a single evaluation criterion of the Offeror’s proposal and an alternative approach would not by itself eliminate a vendor from contention.Refer to Questions 33 & 75 for additional information on this topic.


Is Contineous Integration using Jenkins/Hudson CI tools to be achived in MuleSoft layer

MuleSoft is out of scope for this module (aligns with the Interoperability project, see page 39). In addition, no Continuous Integration tool decisions have been made at this time.

82 3.4.8 Offeror’s Project Manager Responsibilities

What is the budget for the RFP?• Is hardware included as part of this figure or budgeted

separately?• Is software included as part of this figure or budgeted

separately?• Is IV&V included as part of this figure or budgeted separately?

The budget for this RFP is $6,824,567 – hardware, software, and IV&V are included in the budget. As stated in 3.4.5 Schedule and Milestones, integration activities that align with the State’s Interoperability project will be funded from the Interoperability budget; however, integration costs associated with integrating the Intake and Resource module to the existing Trails will be included in the total budget figure provided above.

20


Question Response

83 3.4.13 Design, pg. 47

Section 3.4.13 Will state please provide the Trails Detail Design Specification template for vendors to examine, or explain in detail what information the vendor needs to complete for this deliverable

The Trails Design template has been added as a separate attachment (Attachment J – Design template).

84 3.4.16 Build and Configure, pg. 47

Number of environments wanted: Is there a required number of separate environments? (Dev, test, SIT, UAT, Production)

See 3.4.16 Build and Configure – the list is:

Development, Test, Quality Assurance (UAT), Staging, Training, and Production

85 3.4.16 Build and Configure, pg. 47

Estimated size of environment? See Attachment D

86 3.4.16 Build and Configure , pg. 47and 3.4.21 Testing, pg. 48

Can we assume that there will be two QA environments (existing and post-migration QA environment) to run them in parallel for testing?

Yes, there will be two QA environments for development and testing purposes.

87 3.4.18 Version Control System, pg. 48

Version Control System

Is the State providing the Version Control System?

The version control system will be based on the selected solution. State your specific version control needs in your response.

88 3.4.20 Data Conversion and Migration, pg. 48

Estimated size of data provided from state? See Attachment D (286.09 GB)

89 3.4.21 Testing, pg. 48

Load and Performance: estimated load/concurrent users for testing?

Simulated load testing should represent 4,000 concurrent users.

Manual load testing should be 75 - 100 users,90 3.4.21 Testing,

pg. 48Please share inputs on how the activities related to QA Process are performed currently with respect to Reviews/Sign offs/Automation Test framework

Receive test request > perform testing > certification of test complete and pass forwarded to QA Manager > QA Manager approves and notifies CM Analyst > CM tool update and build is approved.

Process will be automated with the HP Tool.91 3.4.21 Testing,

pg. 48Acceptance testing would be performed by end-users/Business SMEs. And the vendor QA team would provide support in terms of issue resolution and defect retest if any. Please confirm.

Yes, that is correct. The selected vendor will be responsible for providing UAT workbooks and other documentation / instructions, etc…

21


Question Response

92 3.4.21.1 Automated Testing, pg. 48

Section 3.4.21 Testing states, "The awarded vendor shall develop a testing strategy and the execution and/or assistance with unit, regression/system, interfaces, performance and user acceptance testing. Subsection 3.4.21.1, #3 states, "The awarded vendor shall create and execute automated Product Owner Acceptance testing to verify all user facing functionality."

Please provide clarification of what is meant by Product Owner Acceptance testing and what phase of testing is it related to in the testing phases described in 3.4.21 referenced above.

Product Owner Acceptance testing is User Acceptance. This includes the necessary approvals / sign-off.

Not mentioned but included is load testing.

93 3.4.21.1 Automated Testing, pg. 48

Automated Testing

If these 5 areas represent the evaluation criteria that will be used by your evaluation team, how much is each area weighted to better understand how the proposal will be scored?

All phases of testing are weighted equally.

High-level scoring categories include: Qualifications & Experience Understanding of Scope Project Approach / Proposed Solution Training Project Costs

94 3.4.21.2 Load Testing, pg. 49

Is Load and Performance testing in scope of MuleSoft implementation team

MuleSoft is out of scope for this module (aligns with the Interoperability project, see page 39). Load and Performance testing will be aligned with existing interfaces (see pages 14-16).

95 3.4.22 Training, pg. 49

Section 3.4.22 references “execution of training plans, including content development and delivery to assist the State in meeting technical support staff and end-user training needs.” What number of Intake and Resource staff require end-user training? What number of technical support staff require end-user training and/or knowledge transfer?

Approximate User Counts are as follows: Intake – 3500 Resource – 1200 Staff-Org – 266 System Administration – 10

The Trails OIT team is approximately 50 persons (BAs, SEs, Developers, Testers, Trainers, and Support Staff), all System Administrators are included in the Trails OIT count.

96 3.4.22 Training, pg. 49

In the event that the Offeror implements a “reuse strategy”, does the training effort include development of new training materials or revisions to existing materials? Or both?

It is anticipated that it would be both.

22


Question Response

97 3.4.22 Training, pg. 49

Section 3.4.22 references the State providing a training environment. Who is responsible for training data entry and overseeing the updates/builds of the environment? How many environments will be required?

The State will provide the training environment and will maintain / update the training data. It is anticipated that it will be a collaborative effort between the State and the selected vendor to ensure training can be delivered in an efficient and effective manner supporting a variety of delivery methods.

The State will maintain the existing training environment and anticipates the build of a separate training environment for the Intake and Resource modules.

98 3.4.22 Training, pg. 49

How many training classrooms will be available for the classroom training?

There are eight locations already established but if needed, training locations could be temporarily established on a case-by-case basis.

ILT, WILT and WBT are all delivery possibilities.99 3.4.22 Training,

pg. 49Is there an expectation that the knowledge transfer referenced in Section 3.4.22 to technical support staff will be delivered post-implementation?

The expectation is that support staff will be trained so that they can assume responsibilities after final acceptance with the selected vendor providing the required 6 months of post-final acceptance support (see Question 100).

Training will occur both pre- and post- implementation.100 3.4.23

Deployment and 3.5.3 Implementation Cost Proposal

The initial contract period for the Intake and Resource Modules is July 1, 2016 through June 30, 2017. Section 3.4.23 Deployment indicates the vendor will provide support for 6 months after final-go-live and CDHS final project acceptance. This equates to an 18 month project. However, Section 3.5.3 Implementation Cost Proposal, requests pricing to be proposed over a three (3) year term. Please provide clarification as to the time period we are to price, or specific guidance as to what is required (scope) for the last eighteen months.

The development timeframe is expected to be one year (July 1, 2017 – June 30, 2018) a six month post deployment / final acceptance support period is required Tier support structure is as follows:

Tier 1 – Trails OIT Help Desk Tier 2 – Trails OIT QA Portfolio Tier 3 – Trails OIT Development Tier 4 – Selected Vendor Post-Approval Support

The contract will cover the full 18-month period and the 3-year reference was made in error. Pricing should be for the 18 month period.

23


Question Response

101 3.4.25 Service Level Requirements, pg. 50

"Is there any existing regression test suite available in the Test/automation test tools in use?(HP ALM, HP ART, and HP UFT)

Is there a benchmark on automation % to be achieved for System Testing"

Currently testing is done manually and with reusable test scripts. All critical path functionality use the reusable test scripts, manual testing is the exception.

The HP Tool will be in place for use during the Trails Modernization project but there will be no scripts developed that can be leveraged.

With the addition of the HP Tool we are targeting 75% automated and 25% manual.

102 3.4.25 Service Level Requirements, pg. 50

RFP, page 50, 3.4.25 Service Level Requirements - State specified service levels for System Availability, Production, 99.99%, Monthly

Support service levels are generally defined by the service provider and based on the level of support purchased by the customer. Cloud Service Provider offers a highly available and reliable multi-tenant cloud-based solution that supports hundreds of thousands of customers. We request that these requirements be adjusted to stipulate that they can be negotiated with the selected Cloud Service Provider to be more in alignment with commercial best practices for PaaS/SaaS. Please clarify if the support service levels are negotiable based on the service provider chosen?

As addressed in Questions 1 & 4, CDHS is trying not to limit proposed solutions. Should CDHS select a Cloud Service Provider, adjustments would be acceptable and negotiated during the contracting phase.

Once again, costs no matter the proposed solution need to be all inclusive so the proposed solution can be clearly and fairly evaluated.

103 3.4.25 Service Level Requirements, pgs. 50-51

Is Application Maintenance in Scope of this RFP . If yes, please provide expected Incident volume for Level 1, Level 2, Level 3, Level 4 with support window ( 24x7 or 8x5)

Application Maintenance is not in scope beyond the 6-month support window required and addressed in Question 100.

The Tier 4 support required will be 24x7 but the majority of requests will fall within the 8x5 window.

Base your response off of 100 Tier 4 support requests.104 3.5.2 Hosting,

Ongoing Support, Maintenance, Upgrade, License Cost, pg. 52

The State makes occasional references to software licensing costs within the RFP. This suggests that the state would be open to bids that contain a commercial off-the-shelf (COTS) component that could be configured, extended and integrated. How would the State evaluate such a bid?

The cost of the project along with costs for ongoing maintenance and support are included in the overall evaluation and selection process. The state is looking for Offerors to provide a comprehensive overview of the costs (development, licensing fees, ongoing support and maintenance). The state is trying not to limit an Offeror to a specific technology but needs overall detailed costs to evaluate one Offeror’s solution over another Offeror’s solution.

24


Question Response

105 3.5.3 Implementation Cost Proposal, pg. 52

Implementation Cost Proposal

Business process re-alignment was not previously discussed as a service to be provided by the implementation vendor. Please clarify the expectations related to business process re-alignment, including deliverable expectations as this is not listed in Exhibit E.

Any time a large application project is undertaken, the ultimate design leads to business process re-alignment and change management tasks. (e.g. – web-based tool will require new end-user logon practices), the majority of these will be addressed with training but if you anticipate an impact identify it in your response.

106 4.1 Proposal Submission, pg. 53

Section 4.1. Proposal Submission. Are electronic signatures acceptable, provided the signature is in blue ink?

No, electronic signatures are not acceptable at this time.

107 4.4 Size and Content Quality, pg. 54

The above referenced RFP contains a statement in section 4.4 4. Size and Content Quality (yellow highlighted) for which I am seeking some clarity.

· The State believes Offerors can submit a reasonably concise response that fully illustrates its proposed Solution. Therefore, the Offeror shall make every effort to limit the RFP response to 100 pages or less (this page count excludes the pages of the completed Technical and Business Requirements Tables submitted by Offeror in its response).

The highlighted section was from the original draft and should have been removed when the State moved to a modular RFP. The language should read:

The State believes Offerors can submit a reasonably concise response that fully illustrates its proposed Solution. Therefore, the Offeror shall make every effort to limit the RFP response to 100 pages or less.

This concern was addressed with a modification to the RFP and subsequently posted on the Colorado VSS website. (www.colorado.gov/vss)

108 5.2 Selection Committee, pg. 56

How will the RFP be scored? The RFP will be scored using a non-numeric vendor evaluation process. This evaluation process uses 4; color coded descriptive scores that range from Poor through Superior.

109 5.3 Basis for Award, pg. 56

Section 5.3 of the RFP states that Evaluation and Award will be based on five factors. Will the State weigh the five factors equally? If not, how will the individual factors be weighed in the basis for award?

Please see the response to Question 93.

110 Attachment A OIT Model Contract, pg. 59

Attachment A, Model Contract, Exhibit A, SOW RFP Section 3.4.7. Exhibit A states that all staff assigned to the project will be considered Key Personnel. This implies that all members of the development team would be considered key, and would have to meet the mandatory qualifications requirements in Section 3.4.7. Will the State confirm this understanding, or otherwise clarify the RFP if not all development staff are considered key and subject to the mandatory qualifications?

The clarification for Key Personnel is as follows (See Question 79)

The State agrees to this adjustment. Key Personnel will be as follows:

1. Management Lead / Project Manager2. Lead Developer3. Scrum Master

25


Question Response

111 Attachment D Trails Supporting Technology Details, pg. 62

Attachment D references “1401 mid-level requirements into 170 high-level requirements mapped to SACWIS-compliant Business Functional Areas captured in the Requirements-Scorecard.” Can Offerors receive access to this information prior to submitting a response to the RFP?

Attachment D was a document generated for another RFP to provide general Trails information.

The 1401 mid-level requirements and 170 high-level requirements associated with the SAWIS assessment does not apply to this project. Requirements gathering, development of use cases, and design of other system defining collateral will be addressed as part of the overall Trails Modernization project. These activities will occur in the Defining and Designing stages of the SDLC.

This information is not being provided in response to this question.

112 Attachment G Trails Reporting Usage Report, pg. 59

Please confirm if report rationalization of the existing 543 reports is in scope. Or would a new set of reporting requirements be implemented as part of the Modernization.

The intended approach is report rationalization with some new build (dashboards and other limited new reports). If the Offeror’s proposed solution requires new report development for all reports, that should be clearly stated and priced out.

113 Generic How are the Test Data needs of the Trails system currently managed? Is there a dedicated Test Data Management team handling test data generation, masking and subsetting?

Delphix is the current solution used by the development and testing teams. There is no dedicated Test Data Management team.

114 Generic Is the new Trails system expected to be section 508 compliant? If so, is accessibility testing in scope to validate this compliance?

Yes, the new Trails system is expected to be section 508 compliant. The State doesn’t have a tool to perform accessibility testing so unless validation can be performed manually, compliance testing would be out of scope.

115 Generic "Please let us know the MuleSoft enterprise version used for Integration platform along with it's hosting and component features in case already in place.

E.g - Anypoint Platform v3.7 On-Cloud for SOA, API with MQ"

MuleSoft is not currently being used (a potential tool to be used with future modules). Please refer to section 3.2 Technology and Architecture, pgs. 14-16 for the current integration information.

116 Generic "Is there any enteprise standard Message canonicals used ?

Eg HL7 message format for standard canonicals, EDI 4010/5010 etc ."

The standard used is the National Information Exchange Model (NIEM).

26


Question Response

117 Generic Is Infrastructure Sizing & Capacity planning of MuleSoft ESB Gateway in scope for the vendor? If yes, please provide volumetric information of the interfaces with System availability and no of environments

No, infrastructure sizing and capacity planning for MuleSoft is not in scope for this project.

118 Generic Is there any message broker (eg. ActiveMQ) available to support Pub-Sub design pattern in case unavailability of MuleSoft Anypoint platform for MQ

This is currently handled by Broker. As stated earlier, MuleSoft is out of scope for this project.

119 Generic The scope is to create a web application which would run on the browsers of the target smartphones, tablets & desktops & laptops. Please confirm the same

That is correct; the application needs to run on a variety of target smartphones, tablets, desktops and laptops.

120 Generic Creation of mobile apps (the ones that need to be downloaded and installed) is out of scope. Please confirm the same.

Yes, creating a mobile app is out of scope.

121 Generic "Considering that the solution would be multi device friendly in terms of UI, request you to confirm the different types of devices/screen sizes (range of form factors) for which the site will be redesigned and developed.Example:Platform: Desktop, Tablet, Smartphone;OS: iOS, Android, Blackberry, Symbian etc.Device: iPad 3; iPhone 4S, 5; Samsung Galaxy S2,S3; etc.Screen Size: 1024 X 768, 320 x 480, 640 x 960 etc."

Solution should be as inclusive as possible. Specifics to be defined with the selected vendor.

122 Generic Confirm browser compatibility requirement. Please confirm the browser versions and the OS. (Example: OS - Windows; Browsers: IE 7.0, IE 8.0, IE 9.0, Firefox, Chrome, Safari). Is support for legacy browser such as IE8 also to be considered in scope?

Browsers - current version and the two previous versions are supported by the State. Browsers are listed on pg. 27 of the RFP.OS - Windows is the supported system.

123 Generic Branding consistency ensures recognition and faster adoption through User acceptance. The look and feel is a part of the branding. Would the client share the branding guidelines, style guide if any exists currently and need to be followed?

Branding will comply with State standards (currently at the state level).

Yes, the Department will work with the awarded vendor on branding and style guidelines to help develop consistency throughout the development of the project.

124 Generic Is multiple language support required? If so, how many languages? There are some reports/letters that are translated into Spanish but the application is English only.

125 Generic What level of personalization is needed? (if at all it is required), Will different user types see different frontend UI?

No personalization is needed. Different user types will not see a different frontend UI.

126 Generic We recommend that the portal be made accessible universally for users with special needs. Accessibility - ADA/DDA/508 compliance is advised. Please confirm whether this would be in scope.

Yes, a system that supports users with special needs is in scope.

27


Question Response

127 Generic Is content creation in scope ? Or the content for the requirement would be provided by the client

Content will be provided by the state in collaboration with the selected vendor and various stakeholders.

128 Generic Are you planning to change User experience / Visual branding? or should we use the current UX and Visuals? Also, please confirm if all the required graphic and multimedia assets (product images, videos, audio, icons, logos, fonts etc.) will be provided in the necessary formats?

The vendor and the proposed solution selected will have a major impact on the look and feel of the system. State guidelines will be provided to the selected vendor.

129 Generic What are the break points that we need to considered for different handled devices?

The Department is unclear as to what the vendor is asking making it necessary to pass on answering this question.

130 Generic Is there any third party integration (Payment Gateway etc) that needed to be considered in scope?

No. There is no third party integration.

131 Generic Can we use ANY CSS frameworks like Twitter Bootstrap , foundation etc ?

Yes, any CSS framework can be proposed in an Offeror’s solution. The Department has no preferences.

132 Generic Can we use ANY Plugins from jQuery UI for building components like Slider, Accordions?

Yes, an Offeror can use Plugins. However, Plugins will be evaluated and must comply with the State of Colorado’s security requirements.

133 Generic Is there any client specific fonts to be used ? No.134 Generic What middleware and database would be used? This would be specific to your proposed solution. The

current solution uses Oracle 10g; see Attachment D for other specifics.

135 Generic What is the current Back-end technology? See Attachment D136 Generic Do you have Restful Web Services built for this application? No, there are no restful web services at this time.137 Generic How Many number of screens do we need to migrate? None, reuse is described in the RFP on pg. 20. This reuse

is not associated to screen migration.138 Generic Is the current application Mobile optimized? No, and this technology is desired with the new system.

28

Documents

· Web viewCan you please share the number of tables/views/triggers/functions/procedure counts with its complexity from existing Oracle database. ... No personalization is needed