1. No category

CCS requirements Appendix A RFP

UNCLASSIFIED
Request for Proposal (RFP)
DSF01-022
FCO Services Website Transition
APPENDIX A – CUSTOMER SPECIFICATION
This document forms Appendix A to the Request for Proposal (RFP) for Digital Services Framework
Agreement – RM1043, along with Pricing Matrix (Appendix B) and an Award Questionnaire (Appendix C).
CONTENTS
PROJECT START DATE AND TIMEFRAME
CURRENT SITUATION/ BACKGROUND INFORMATION
REQUIRED OUTCOMES
USER NEEDS
CAPABILITIES AND ROLES
PRICING MODEL
CUSTOMER LOCATIONS
TEST & DEVELOPMENT REQUIREMENTS
Digital Services Framework Agreement - RM1043
Document1
Page 1 of 11
UNCLASSIFIED
UNCLASSIFIED
Request for Proposal
Digital Services Framework Agreement – RM1043
p
PROJECT START DATE AND TIMEFRAME
Key delivery dates
PROJECT PHASES
START DATE
COMPLETION DATE
RFP (Including presentation and
award)
08/04/2014
12/05/2014
Discovery
14/05/2014
11/06/2014
Alpha (the discovery stage will
confirm this)
[TBC]
[TBC]
Beta (the discovery stage will
confirm this)
[TBC]
[TBC]
Live
01/09/2014
[TBC]
CURRENT SITUATION / BACKGROUND INFORMATION
FCO Services has a public facing external website (www.fcoservices.gov.uk). The purpose of this project is to
move to a new web agency to provide design, build and support services for a new FCO Services website.
The website is intended to promote our products and services (including case studies and examples), attract
customers, and publicise our corporate information.
The intended audiences include FCO staff, other UK government departments, public sector organizations,
foreign governments, suppliers and potential employees.
The website will be hosted on GSAE (Government Secure Application Environment), our cloud solution.
Digital Services Framework Agreement - RM1043
Document1
Page 2 of 11
UNCLASSIFIED
UNCLASSIFIED
Request for Proposal
Digital Services Framework Agreement – RM1043
VPN
Firecrest
General
Public
Website Provider
Administrators / Support
Staff
FCO Services
Administrators
Internet
Hosting Platform
Hosting Servers
CMS
FCO Services
Hosting
Support Staff
FCOS Website
Current artifacts
FCO Services already has a public-facing website. The contract is up for renewal, and a refresh and a new
provider is required. The existing website is a little dated in look and feel, and limited in that it doesn’t include
any sound or video, recruitment, extranet/intranet facilities, sharing capability, interactive communication or
social media. It is anticipated that current internal secure restrictions will ease at some point in the future to
allow the adoption of social media such as twitter, blogs etc.
Management

The website is owned by FCO Services

Content management is owned by FCO Services assigned staff, with permissions-based access to
the content areas

A third-party agency is contracted to provide underlying changes to the design, build and website
support

Platform and hosting is currently provided by Rackspace but will move to GSAE
Service Description
FCO Services public-facing web site is not location dependent and can be used by anyone anywhere. It is
used by:

Potential customers searching the web for any of our services

Potential customers who have learned we exist – perhaps at an event – and would like to know more
Digital Services Framework Agreement - RM1043
Document1
Page 3 of 11
UNCLASSIFIED
UNCLASSIFIED
Request for Proposal
Digital Services Framework Agreement – RM1043

Current customers who want to find out latest news and updates

FCO Services Sales team requiring web access to visual information

Media looking for news and contact

Potential employees looking for recruitment information and job advertisements

Internal staff updating the content
User Stories
This section provides an overview of the types of user expected on the website, their behavior and responses.

Potential customer has undertaken a search of the internet on a service and FCO Services has
appeared in the results. They click on the website to find out more about our services, our
organisation and how to contact us.

Potential customer had visited our stand at an event. They want to find out more information on a
product we offer and would like to contact us via our website.

Customers want to know our latest news, and when we will next be exhibiting at an event.

Sales team are with customers and want to show them our website using a tablet or mobile device.

Media want information on our organisation, or come to our website following the launch of a new
product or service.
 Potential employee wants to find out about working here and job vacancies.
Current Roles and Responsibilities of the Customer
FCO Services Staff
All permissions to access the website for editing will be for FCO Services editing team. The CMS should be
able to assign permissions-based access to a small group of FCO Services staff who will manage the content
and the content authors.
Administrators: with full access to edit all parts of the website and approve workflows from publishers. They
will also be able to add/remove users and amend permissions as required and back up the entire site.
Publishers, who would have restricted access to certain pages to edit and would submit pages to a workflow
for approval before a page could be made live.
Authors/Contributors: Can login to:
1) create new content for a web page, potentially including illustrations, photographs, video, sound.
2) update existing content.
3) Upload content from their environment.
4) Backup a page.
Current Technologies and Languages
The website is currently hosted by Rackspace and the CMS we use is Reddot.
Digital Services Framework Agreement - RM1043
Document1
Page 4 of 11
UNCLASSIFIED
UNCLASSIFIED
Request for Proposal
Digital Services Framework Agreement – RM1043
This development should be considered a ‘Green Field’ site regarding choice of CMS and delivery
technology. The Existing FCO Services Web Site will be closed down and no system or processes for the
existing platform will be re-used. There are no restrictions on Development tools or languages used to deliver
the FCO Services Web Site, as long as requirements can be met.
The Solution will be deployed on the FCO Services GSAE Platform, and tere is a strong Preference for use of
the GSAE Platform as a Service (PaaS) servers to be used, this will restrict the Operating System Platform to
either Microsoft Windows Server or CentOS Linux.
REQUIRED OUTCOMES
The aim of this tender document is to set out FCO Services detailed requirements of all aspects of the project
to facilitate: scale, resource, costing, testing and delivery.
Scope includes all aspects of the design and build of the FCO Services renewed website.
The platform requirements will be addressed and provided by FCO Services GSAE Team. To secure frontend website creation, management, content, functionality, support with the overall project aims:

Design, build and support services.

Content Management System/System Requirements

Quality assurance, performance and technical standards

Technical administration

Availability and Capacity Planning

Backups, resilience and Business Continuity.

Service management, support, and service level agreements

Security
Each of these categories is addressed in detail below.
Design, Build and Support Services Success Criteria

Website creative ‘look and feel’ agreed

Documented technical design

Fulfillment against quality and standards accreditation

Content management requirements fulfilled

Website creation

Validated construction against design. (System Tests)

Validated construction against Requirements (Acceptance Tests).

Agreed SLA

Agreed support agreement
Digital Services Framework Agreement - RM1043
Document1
Page 5 of 11
UNCLASSIFIED
UNCLASSIFIED
Request for Proposal
Digital Services Framework Agreement – RM1043
Design Criteria
The Provider will be responsible for:

the creative user centric design (in collaboration with FCO Services);

the technical design (in agreement with FCO Services technical architects);

the build and deployment of the website (in collaboration with GSAE).
The design proposals must follow FCO Services Brand Guidelines and ethos, including colours, typeface and
principles. Must supply a flexible variety of templates fit for content pages, landing pages, news pages and
events. Wire frames should be provided for each template.
The design proposals must follow the government digital by default standard. We have been granted
exemption from the .GOV.UK project on the grounds of our commercial nature, but the Provider should
demonstrate that they have the capability to meet the relevant criteria of the Digital by Default standard (those
of the 26 criteria that are relevant to the FCO Services website)
The design must demonstrably fulfill all of the requirements of this document, including test, verification and
validation against each agreed requirement. The Service Provider must work with FCO Services project team
to maintain these requirements, and to track, control and agree changes to requirements within this
document.
Initially, the site must be designed with a view to hosting up to 500 pages, with up to 50 concurrent users with
no degradation of performance.
The website must be designed for any of the main browsers: Internet Explorer, Safari, Firefox and Google
Chrome, with backward compatibility to at least IE7.
The website must also present appropriately when viewed from a mobile phone or tablet, with bespoke
navigation and interaction for mobile devices.
The design must include metrics on user numbers and user behaviours when they are navigating the website
in order that we can manage capacity, performance and design changes on the basis of trends over time.
Analytics should be provided on, for example: unique browsers, page impressions, visitor numbers, visit
duration, click through rates , usage rates/times, most and least visited/sticky pages, User profile, and so on.
Note that this requirement will require collaboration with the GSAE and the monitoring and reporting
capabilities they bring to the platform level.
The design must include documented consideration for future embracing of social media, blogging and shared
areas for secure collaborative work across the internet. Ideally, this will be a (potential) function of the CMS,
but the agency must present their plan for how their proposed design will engage with these capabilities at
some future date.
The agency should conduct research around the user journey and reflect the results in the design.
Content Management System /System requirements
The Provider shall be responsible for

recommending and specifying an appropriate content management system (CMS).

installing and configuring the content management system.

ongoing maintenance and support of the approved CMS, the terms of which are to be
captured in a mutually agreed support agreement.
Digital Services Framework Agreement - RM1043
Document1
Page 6 of 11
UNCLASSIFIED
UNCLASSIFIED
Request for Proposal
Digital Services Framework Agreement – RM1043
Please note, the chosen CMS must be Open Source as stipulated by the Cabinet Office
The agency must justify their proposed CMS taking into account future requirements for embracing social
media and a blogging capability. The CMS must at least not preclude these future requirements and ideally
will facilitate them.
The CMS support agreement must include:
a. Statements defining the responsibilities of the agency in the context of their
boundaries/working relationship with GSAE. For example, how would a CMS software update
take place?
b. Clear communication channels for FCO Services to contact agency-provided help and
support within agreed and defined SLA time parameters, response times, fix times and so on.
c.
Defined capabilities for backup and recovery of content as distinct from platform-level backup
and recovery.
d. It should be a part of the standard functionality for an editor/administrator to revert the
published page to a previous version.
The CMS should be able to assign permissions-based access to a small group of FCO Services staff who will
manage the content and the content authors.
a. Administrators (x 10): with full access to edit all parts of the website and approve
workflows from publishers. They will also be able to add/remove users and amend
permissions as required.
b. Publishers/Advanced Editors (x 3): with restricted access to certain pages to edit and
submit pages to a workflow for approval before a page could be made live.
c.
Authors/Contributors (x many): Can login to:
 Create new content for a web page, potentially including illustrations, photographs,
video, audio.

Update existing content.
 Upload content from their environment.
The agency must specify the user numbers by type included in the bid price licensing.
Digital Services Framework Agreement - RM1043
Document1
Page 7 of 11
UNCLASSIFIED
UNCLASSIFIED
Request for Proposal
Digital Services Framework Agreement – RM1043
The CMS should include a ‘dashboard’ for overall management, facilitating the addition and removal of
widgets to add functionality without the need to alter the actual website structure (also allows you to build and
install your own).
The CMS should be able to manage opinion polls/mini-surveys. View past surveys and integrate with wider
scale surveys through e.g., Survey Monkey.
The Service Provider is to provide training on the use of the CMS. As part of their proposal, the agency is to
give details of the type of training offered as part of the bid price, and any other training options available.
The CMS should be able to provide CSS (Cascading Style Sheets) or an equivalent which allows the
definition and enforcement of a ‘house style’ with regard to presentation; e.g., colours, fonts and layout. The
website must be capable of storing and using a full range of media: pictures, video, sounds, animations, and
in a full range of formats which must be defined and documented. Any limitations or excluded common
media/formats must be documented. The CMS must be able to work with these media and formats. Ability to
upload, edit, share reuse, distribute, archive and delete assets, such as, images, MS word, PDF, RTF
documents and rich media libraries on the CMS.
The CMS must include an audit trail of activity, providing reports on content changes by user, date, nature of
change, pages affected and changed content. It should be possible to reverse individual updates easily.
Standard editorial functions must be available ‘out of the box’; anchors, spell-check, font and size change,
insert media, and specifically hyperlinks, for example, to link to third party websites to highlight case studies
The CMS should be able to edit and change, add and remove navigation tabs/buttons/pages as well as page
content.
The CMS should include an ability to capture metadata for a knowledge base and for use in improving the
search criteria both within the website and for finding the web site when the public insert search strings into
e.g., Google.
A search capability must be included, on two levels;
 Internal to the website, a user should be able to search the site for specified strings.
 External to the website, the FCO Services website must be easily found when certain search
strings are placed into internet search engines. For example, a Google search of ‘Cloud
computing’ should ideally return FCO Services’ website on the first page. (FCO Services staff to
provide the agency with a complete list of search strings.)
The agency must show precisely how they propose to promote FCO Services’ web pages in
Google search results for a given set of search strings.
The service must provide output validation controls to prevent unauthorized data/information from being
exported to external entities and services.
The service must provide network segregation controls that prevent:
Digital Services Framework Agreement - RM1043
Document1
Page 8 of 11
UNCLASSIFIED
UNCLASSIFIED
Request for Proposal
Digital Services Framework Agreement – RM1043

external entities from discovering internal vulnerabilities.

external entities and services from having direct access (or sending direct requests) to internal
resources.

intrusion from external entities.

unauthorised entities from connecting to external facing services.

unauthorised communications between internal resources in different network segments.

unauthorised communications between external and internal resources.
The Provider must ensure that access to the service by their staff is only permitted from their secure areas
(premises within scope of Service Provider security policy and ISO27002 controls) and never from a home
location.
The service must provide secure remote diagnostic and configuration port protection to prevent unauthorised
entities from gaining access.
Quality Assurance
The website must comply with GOV.UK accessibility standards.
The Service Provider should have an Information Security Policy that reflects the control objectives as
specified within the ISO27002 control set.
The service identity strength should conform to the specifications within the Requirements for Secure Delivery
of Online Public Services.
Technical Administration
It is assumed that all technical administration will be the responsibility of GSAE up to and including the OS
and network and with the Service Provider for the website/CMS i.e. everything above the OS level.
The requirement is to ensure that all aspects of technical administration have appropriate ownership.
Backups, Resilience and Business Continuity
Although these aspects are primarily going to be a function of the system and network provision (GSAE) and
the CMS (Service Provider), it is important that we in FCO Services state our requirements for them to scope
against.
We therefore need to identify our needs in terms of:
a)
Availability and capacity.
b)
Backups and recovery times.
c)
Business Continuity Planning.
This requirement should be addressed in conjunction with the GSAE On-Boarding Requirements as there will
be some ‘off-the-shelf’ offerings from the GSAE services.
Service Management and Support SLA’s
Support agreements and SLAs are to be agreed between the FCO Services management team and:

The Service Provider.
Digital Services Framework Agreement - RM1043
Document1
Page 9 of 11
UNCLASSIFIED
UNCLASSIFIED
Request for Proposal
Digital Services Framework Agreement – RM1043

GSAE Cloud Services.
Security Requirements
The Service Provider must appoint a Security Manager who is responsible for the provision of technical,
personnel, process and physical security aspects for the service. His actions and decisions to be approved by
a representative from FCO Services.
Future Considerations
The design is to make allowance for the potential to include a Recruitment page for advertising available
roles. This component must be able to integrate with the existing interactive capability to apply for jobs online;
a software capability called ENGAGE, provided by People Solutions (see www.fcoscareers.co.uk ).
Engage is a browser-based application that allows anyone with access to the web page to create an account
and apply on-line for an advertised position. The application stores personal information in a dedicated
database.
Currently, Engage has its own domain (applications.fcoscareers.co.uk) to which all online applications are
directed from the page featuring the advertised position.
It is envisaged that the online application capability will become an integrated component of the
FCOServices.gov.uk website, although this is still subject to internal agreement and approval. If this element
proceeds, it will involve creating a subdomain within the fcoservices.gov.uk website which will host the
Engage capability and pages.
Again, subject to approval to proceed, the Service Provider must be prepared to work with FCO Services and
People Solutions to integrate this capability into the FCO Services main web-page.
Providers should note that the timing of the amalgamation of the two websites is not yet known but not
anticipated to occur within the initial 18 months of the contract.
CAPABILITIES AND ROLES
CAPABILITY
CUSTOMER’S REQUIRED OUTCOME
Software Engineering and
Ongoing Support
Provide optimized and efficient delivery platform making optimum use of
commodity services and open standards. Platform must be supportable and
arrangements in place for integration with FCO Services support systems
and processes.
Product Development and
Service Design
Provide a coherent, modular product portfolio to deliver FCO Services
requirements and ongoing operational needs. Service must seamlessly
integrate with GSAE Service models.
Front-end Design and
Interaction Design
Provide an excellent User experience for both the General users of the
system and the FCO Services publishers. Fully meeting all requirements
and providing a modern and flexible service
Content Design and
Development
Provide a optimized CMS with logical information architecture, designed for
performance and flexibility.
User Research
Provide a comprehensive and thorough requirements gathering exercise
consulting a number of key stakeholders, but also leverage current trends
and industry thinking to provide a modern and innovative user experience
Digital Services Framework Agreement - RM1043
Document1
Page 10 of 11
UNCLASSIFIED
UNCLASSIFIED
Request for Proposal
Digital Services Framework Agreement – RM1043
PRICING MODEL
Customer’s preferred pricing model or models, for SOWs that may be awarded as a consequence of this
Further Competition, are shown in the following table:
PRICING MODEL
PROJECT PHASES
Time and materials
Capped time and materials
Fixed price
Fixed price required as limited development required
– this is iteration of current website and providers
should be able to assess how much work is required
to produce new version.
Price per story point
Hybrid of any of the above
CUSTOMER LOCATIONS
UK REGION
CUSTOMER LOCATIONS: CITIES OR TOWNS
London and South East of England
FCO Services offices: Hanslope Park, Milton Keynes
and King Charles Street, London
TEST & DEVELOPMENT REQUIREMENTS
FCO Services GSAE Platform should be used for all hosting requirements of the CMS project, including
Development, Test and Production systems. The supplier should specify appropriate Platform Specifications
for each environment to FCO Services in the response to this RFP, such that the GSAE costs can be
calculated by FCO Services.
Suppliers should also state the required access to the various environments in order to support their
responsibilities and deliverables
Digital Services Framework Agreement - RM1043
Document1
Page 11 of 11
UNCLASSIFIED

 Download  Report

Paperzz.com

Your Paperzz

© Copyright 2026 Paperzz