9 May 2017 COMPULSORY TENDER BRIEFING SESSION: OPEN TENDER : AGSA/14/2017– Appointment of a service provider to render information security managed services framework for a period of three (3) years
Reputation promise/mission The Auditor-General of South Africa has a constitutional mandate and, as the Supreme Audit Institution (SAI) of South Africa, exists to strengthen our country’s democracy by enabling oversight, accountability and governance in the public sector through auditing, thereby building public confidence.
CONTENTS Important Points on the Tender Tender Evaluation Process Eligibility/Pre-qualification criteria Mandatory Requirements Administrative SCM Requirements Technical Evaluation Criteria BBBEE and Price Evaluation Disqualification from Tender
1. Important Points on the Tender CLOSING DATE: 23 October 2017 TIME: 15H00 VENUE TO SUBMIT TENDER: Corporate Legal and Provisioning Services, Brooklyn Gardens, East Wing , First Floor, 235 Veale Street (corner Veale and Middel Streets), New Muckleneuk, Brooklyn, Pretoria All requirements above the value of R1 mil (including VAT) go through a bid process The bid will be evaluated using the 80/20 preference point system Any clarifications required by the bidder regarding the bid should be requested in writing to the officials mentioned below on or before 15H00, Friday, 13 October 2017 - General Enquiries – Celia Mabusela, E-mail: MabuselaC@agsa.co.za - Technical Enquiries – Moses Segaetsho: moses.segaetsho@agsa.co.za Sphiwe Mbatha E-mail: sphiwe.mbatha@agsa.co.za
2. Tender Evaluation Process Eligibility/Pre-qualification process Refer to slide below 2. Mandatory requirements 3. SCM administrative requirements Refer to slides below 4. Technical evaluation criteria (100%) 5. Price (80%) and BBBEE (20%)
3. Eligibility/Pre-qualification criteria Partner with small and medium enterprise with BBBEE level 1 or 2 Provide proof that the company is a managed service Attendance of compulsory briefing session
4. Mandatory requirements Bidders are required to submit a valid tax clearance certificate (TCC) or unique personal identification number (pin) issued by SARS to enable the AGSA to view the bidders tax status Bids where consortium/joint ventures/sub-contractors/partners are involved, each party must submit a separate proof of valid Tax clearance certificate or Unique Personal Identification number (PIN) to allow the AGSA to verify the Tax status of the bidding entities. Partner with small and medium enterprise with BBBEE level 1 or 2 Provide proof that the company is a managed service Attendance of compulsory briefing session
5. Administrative SCM requirements Pty) Ltd companies must submit the following documents: Latest copy of certificate of confirmation as issued by CIPC Copies of Share Certificates of unlisted companies, where applicable Formal approval letter from the JSE of listed companies Bidders without share certificates should submit a list of their shareholders on a letter with the company’s letterhead CC companies must submit the following documents: Partnerships must submit the following documents: A partnership agreement must be submitted ID copies of each partner must be submitted Joint Ventures (JVs)Consortiums must submit the following documents (In addition to the (Pty) Ltd and CC requirements): In the case of consortium/JV/subcontractors, bidders are required to provide copies of signed agreements stipulating the work split and Rand value A consolidated B-BBEE scorecard for the JV/Consortium
5. Administrative SCM requirements cont.. Trust must submit the following documents: A copy of a registered Deed of Trust and the Letter of Authority from the relevant Master of the High Court Please note that incomplete copies of the registration documents will not be acceptable and in cases where a name of an organization has been changed since it was incorporated kindly provide the name change certificates
5. Administrative SCM requirements cont. All bidders must submit the following documents; Copy of cancelled cheque / Letter from a financial institution (not older than 3 months) Certified copies of Directors/Trustees/Members of Close Corporation original ID`s whose names appear on the company registration documents (certified copies must not be older than 3 months) Copy of latest audited full set of annual financial statements (2014/2015) and (2015/2016 or 2017) independently reviewed or signed by an accounting officer. In the case that the bidder cannot provide financial statements in respect of the 2015/2016, please submit the 2014/2015 set of financial statements. Copies of group company/holding company and/or international company financial statements are not acceptable; NB All sets must be submitted inclusive of the income statement, balance sheet, cash flow statement, directors report, statement of changes in equity (where applicable), accounting policy and notes to the financial statements. Signed audit report on both financial years required, where applicable. The financial statements are important for AGSA to determine the financial viability of the bidders Original and valid B-BBEE status level verification certificate or a certified copy thereof, substantiating their B-BBEE rating issued by a Verification Agency accredited by SANAS. In the case of EME's and QSE's, a certified affidavit is to be submitted.
5. Administrative SCM requirements cont.… BBBEE form Declaration of bidders past SCM practices Declaration of Interest form General terms and conditions of contract/bid (AGSA) Declaration in terms of fronting practices Certificate of Independent Bid Determination All pages of bid document are initialled One original bid document submitted including supporting documents Electronic copy of the bid documents
6. Technical evaluation criteria Total weight is 100% Technical evaluation criteria Weighted score Number of years experience in providing the licensing, support and services for the proposed solution. Minimum of 5 years experience is required, where 5 years = 50%, 6-10 years = 80% and 10 or more = 100%. 10% List at least three contactable references for the implementation of similar security solutions/services, value of the contract, type of work and size of the company
6. Technical evaluation criteria cont. Weighted score Training, skills and knowledge transfer to AGSA ICT employees 10% Level of support services for up to 3 years for proposed solution The solution is required to be available 24/7. Comply with AGSA working hours from 07h30 to 16h30 15% Compliance with technical specifications and on premise managed service Linked to the detailed evaluation spreadsheet under managed service worksheet 5%
6. Technical evaluation criteria cont. Weighted score Best practice architectural design (diagrammatic depiction) of the DLP, SIEM, VPN, penetration testing, vulnerability, antivirus and data governance solution Linked DLP, SIEM, VPN, penetration testing, vulnerability scan, antivirus and Data Governance worksheets 35% Level of partnership with DLP, SIEM, VPN, vulnerability, penetration testing, antivirus and data governance vendors, where: silver = 50% gold = 70% platinum = 100%. Equivalent of the above partner grading system is required 10%
6. Technical evaluation criteria cont. Weighted score Bidders must achieve a minimum qualifying score of 70 points (70%) to be considered further for price and BBBEE evaluation Bidders that fail to achieve the minimum qualifying points will be disqualified Technical evaluation criteria Weighted score Project management implementation methodology. The AGSA has standardised on PRINCE2 5% Total 100%
7. BBBEE and Price Evaluation Only the pricing schedule issued with the bid document must be used BBBEE (20%): Bidders must submit an original and valid B-BBEE status level verification certificate or a certified copy thereof, substantiating their B-BBEE rating issued by a Verification Agency accredited by SANAS. In the case of EME's and QSE's, a certified affidavit is to be submitted.
8. Disqualification from the Tender Process Non compliance with the eligibility/pre-qualification criteria elements Failure to meet the technical evaluation threshold Bidders which do any one or more of the following, and such disqualification may take place without prior notice to the offending bidder: Bidders which failed to submit all the mandatory requirements and administrative SCM requirements as per the RFP Bidders which submitted incomplete documentation as per ALL requirements of this RFP Bidders which submitted information that is fraudulent, factually untrue or inaccurate, for example memberships that do not exist, BEE credentials, experience, etc. Bidders, which received information not available to other bidder that may result in such vendor having an unfair advantage over other bidders
Question and Answer Session
Question Answer Would you kindly confirm if the department is looking to own the different technologies for the below security controls then outsource managed services for each component? Or is the department looking to outsource the full managed services without owning the technology? AV VPN DLP SIEM VM The AGSA seeks to outsource the full managed services without owning the technology, essentially this is managed service wherein a bidder would own the technology and provide services to AGSA.
Thank you Follow the AGSA on Twitter: @AuditorGen_SA www.agsa.co.za Auditor-General of South Africa Follow the AGSA on Twitter: @AuditorGen_SA