City & County of San Francisco Technology Purchasing Guidelines

Slides:

Advertisements

Similar presentations

Office Of Purchasing and Contracts Procurement Outreach Training Level II - Module C Specialized Agreements.

Advertisements

Process & Department Set-up How Marketplace works Roles Business Units Approvals)

The Gathering Cloud computing - Legal considerations David Goodbrand, Partner 28 February 2013 Aberdeen Edinburgh Glasgow.

Marcy Mealy Procurement Specialist CDBG Program

PROCUREMENT SERVICES DEPARTMENT “How We Do Business”

07/15/2007 eCAF SAA User Guide Slide 1 SAA User Guide for eCAF.

SB 20: DIR Implementation STATE AGENCY TOWN HALL | JULY 16, 2015 Texas Department of Information Resources.

Sole Source Training.

FILING REQUIREMENTS FOR THE SURPLUS LINE ASSOCIATION OF CALIFORNIA THE SURPLUS LINE ASSOCIATION OF CALIFORNIA CREATING A BATCH.

Cloud Computing. 2 A division of Konica Minolta Business Solutions USA Inc. What is Cloud Computing? A model for enabling convenient, on-demand network.

TECHNOLOGY SOLUTIONS FOR GOVERNMENT AND EDUCATION 1 Senate Bill 20: DIR Implementation STATE AGENCY WEBINAR| AUGUST 12, 2015 Texas Department of Information.

Module 2.1 Finance and Administration Cabinet Organizational Changes and Agency Impact March

SB 20: DIR Implementation VENDOR TOWN HALL | JULY 27, 2015 Texas Department of Information Resources.

TECHNOLOGY SOLUTIONS FOR GOVERNMENT AND EDUCATION 1 Senate Bill 20: DIR Implementation VENDOR WEBINAR| AUGUST 25, 2015 Texas Department of Information.

Multiple Award Contracts Training Presented by Jennifer Salts State of Utah - Division of Purchasing 1.

PURCHASING BASIC QUESTIONS TO ASK YOURSELF:  WHAT IS THE ESTIMATED COST OF THE SUPPLY OR SERVICE?  IS MY DEPARTMENT AUTHORIZED TO BUY THIS? (IE. IT RELATED.

Submitting IT Purchasing Statements of Work to DIR SB 20 COMPLIANCE FOR TEXAS STATE AGENCIES TECHNOLOGY SOLUTIONS FOR GOVERNMENT AND EDUCATION.

Category #2 Bundling and Unbundling Workgroup September 24, 2007.

Cloud Computing Security Keep Your Head and Other Data Secure in the Cloud Lynne Pizzini, CISSP, CISM, CIPP Information Systems Security Officer Information.

Procurement Policy Changes Currently only Board Resolution provides policy on purchases New policy defines purchases and procurement.

Agency and Enterprise-wide Procurement Strategies 2015 SEWP Acquisition Summit and Training December 8-10, 2015.

Websense SLP (Software Licensing Program) Sherri Conover Websense Business Unit Manager March 17, 2010.

Strategic Agenda We want to be connected to the internet……… We may even want to host our own web site……… We must have a secure network! What are the.

3/14/2016 © Crown Copyright. All rights reserved. Risk Managed Cloud Computing HMG IA Approach Ian McCormack TD IA Policy and Risk CESG.

OGS Procurement Services Group 2007 State Purchasing Forum IT Procurement.

Louisiana State University. IT GOVERNANCE LOUISIANA CONSTITUTION (allows us to purchase with state funds) LA REVISED STATUTES (provides the laws that.

PENNSYLVANIA’S STATE SYSTEM OF HIGHER EDUCATION

Procurement Policy Summary

Processes and Procedures for Contracting at UO

Systems Analysis and Design in a Changing World, Fifth Edition

Information Technology Services

Policy & Process November 29 & 30, 2016 Lori Donavant and Joe Croom

Chapter 6: Securing the Cloud

DCP Standard Operating Procedures / Procurement Overview

A Path to the Community Cloud Making Above Campuses Services a Reality

Deployment Planning Services

P2P Module: Ariba P2P REQUISITION AND APPROVAL

Processes and Procedures for Contracting at UO

Changing the Game – A Vision for Transforming Administrative Services

All IT Staff Meeting September 18, 2013

VIRTUALIZATION & CLOUD COMPUTING

Business and Pricing Models

Award Management Services

Harpers Ferry Center Office of Acquisition Management August 2010

IBM Marketplace: Business Partner Overview

City of Norfolk Office of the Purchasing Agent

Year End Training FY 2017.

External Sales & Agreements (Contracts)

NTC 406 Education for Service/snaptutorial.com

“How We Do Business”.

The Office of Procurement PURCHASING TRAINING MAY 2018

© 2017 Universal Service Administrative Co.

Microsoft Services Provider License Agreement Program reference card

Use of Oregon Statewide Electronic Records Management Systems (ERMS) Price & Services Agreements (PSA) DAS SPO Representative Lena Ferris DAS EISPD Representatives.

PENNSYLVANIA’S STATE SYSTEM OF HIGHER EDUCATION

Procurement Timelines Overview

Purchasing & IT Security Originally Presented at Fall ACCBO

Cambridge TECHNICALS- LEVEL 3

Microsoft Virtual Academy

SSE Guidance for CSI India

Policy & Process February 5 & 6, 2019 Lori Donavant and Joe Croom

Increase and Improve your PC management with Windows Intune

Fundamental Concepts and Models

Neopay Practical Guides #2 PSD2 (Should I be worried?)

Competitive Solicitations & Sole Source Justifications

STARTING FUNDING YEAR (FY) 2020

Microsoft Virtual Academy

Presentation transcript:

City & County of San Francisco Technology Purchasing Guidelines September 2019

Table of Contents City Policy on Technology Purchases II. Two Primary Considerations for Purchasing Technology for the City: Commodities v. Professional Services On Premise v. Cloud Computing III. City Policy on Cloud Computing IV. How does the City buy Technology?

I. City Policy on Technology Purchases All technology purchases must go through the Office of Contract Administration (OCA). May be subject to review by the City’s Department of Technology (“DT”). Can NEVER be completed using Departmental Delegated Authority (aka Prop Q), even if under $10,000.

II. Two Primary Considerations for Purchasing Technology for the City Before you begin thinking about a solution, consider the following two concepts because they will impact the what, why and how of your purchase. 1. Commodities v. Professional Services 2. On Premise v. Cloud Computing

Consideration 1: Commodities v. Professional Services Examples Hardware Software Standard software support Cloud computing software w/out technical services Non customized training Customizations Services Configuration Services Integration Services Cloud computing software w/ technical services Managed Services Customized Training Solicitation Model Low Bid Request for Proposals (RFP) Request for Qualifications (RFQ) Who Does the Solicitation? Low Bid: OCA RFP: Department RFQ: Department Solicitation Model:

Consideration 2: On Premise v. Cloud Computing The product is located within the physical confines of YOUR enterprise. Whether a software, network, data center or application, YOU maintain it. Most importantly, your data is under YOUR control. Cloud Computing: The product is hosted within the physical confines of the SERVICE PROVIDER’S enterprise and accessed using a web browser. The SERVICE PROVIDER is responsible for maintaining access to the cloud and storage of your data. Cloud Computing Models: Software as a Service (SaaS) Infrastructure as a service (IaaS) Platform as a service (PaaS) Desktop as a service (DaaS) Backend as a service (BaaS) IT as a service (ITaaS) PROCEED WITH CAUTION BECAUSE YOUR ARE GIVING UP CONTROL OF YOUR SYSTEMS AND/OR DATA!

On Premise v. Cloud: Who is in control? Private Cloud

III. City Policy on Cloud Computing Use of cloud services encouraged when: Cost-efficient; Potential risks are considered and mitigated; and Supports interoperable systems throughout City Departments must conduct a risk assessment to identify data security/privacy issues and how to mitigate them. If they cant be mitigated, a Cloud solution is not appropriate. Data/System Classification Potential Risk Level 1: Public None - Low Level 2: Internal Use Low Level 3: Sensitive Moderate Level 4: Protected Level 5: Restricted High

IV. How does the City buy Technology? Technology Marketplace Term Contracts Public Bid / Direct Contract Process Duration 1-4 weeks 3+ months Transaction Limits Tiers 1 & 2: $2.5MM Tier 3: Products: $110K, Services: $600K None Cloud Computing Ok? Yes, if data risk is at or below “Level 3-Low” (See slide 8). Must buy from Tier 1 suppliers only. Yes, in accordance with City policy on cloud computing. Ok to Name Manufacturer? Yes. You can name the product of your choice. No. Must provide specs or make No Substitute request to OCA. Solicitation Thresholds ≤ $25K: Bid not required > $25K Commodities: Bid out by OCA > $25K Services: Bid out by Dept (See slide 5) Exception: No bid required for Tier 3 if under $110K. May not request to waive solicitation requirements. ≤ $10K: Bid not required > $10K Commodities: Bid out by OCA > $10K Services: Bid out by Dept (See slide 5) Use OCA waiver portal to submit request to waive solicitation requirements. Guide to Request to Waive Solicitation Requirements.pdf Service Now Website Solicitation Audience Technology Marketplace resellers. Choose from one of three Tiers. All suppliers w/ a City Supplier ID, Business Tax License and be 12B compliant. 12B Exception: 21.30 Software Licenses/Maintenance purchases < $10MM Purchasing Method RQ to PO, through OCA, using OCA’s Term Contracts. PO issued by OCA, accompanied with non-negotiable term sheets. Department cannot sign any agreements. Department must abide by manufacturer use terms. Multi-year contract, regardless of amount. Department negotiates contract directly with supplier. Once contract has been approved, Department issues POs against it. Civil Service Approval (Professional Services) Not required. Submit request to Local 21. 10 day wait period. Required. Submit request to Civil Service. Expedited 7 day review if < $100K. Otherwise min. 30 days for union review, then full commission hearing. Other Agency Approvals DT: See DT CIO policy to determine if applicable. Submit request in DT ServiceNow. CMD: Forms 2A and 2B if Professional Services over $110K. Multiple agencies. Use OCA’s checklists as guide. For details on each item above, go to https://sfgov.org/oca/resources and download the latest version of OCA’s Technology Purchasing Guidebook.