PROTECT - COMMERCIAL
CALL-OFF CONTRACT
SCHEDULE 2.1
SERVICES REQUIREMENTS
Page 1 of 47
1. INTRODUCTION TO CUSTOMER REQUIREMENTS
This schedule 2.1 (Services Requirements) provides a description of the IT Managed services that shall be provided by Supplier to the Customer under this Contract.
2. AVAILABLE SERVICES
2.1 This schedule specifies:
2.1.1 The Ordered IT Managed Services
2.1.1.2 The Supplier shall provide if requested by the Customer Gartner Green ICT Scorecard information for all sites that host the Customer’s services and all the Supplier’s operations that support the Customer’s sites
3. GENERAL
The headings are for information and ease of use only, they have (or will have) no contractual significance.
Description
The Customer operates a wholly outsourced IT managed service but retains an intelligent customer function in the role of the NDA IT Manager.
The Customer’s IT infrastructure is based on a HMG "RESTRICTED" network design, and regulated by the ONR (CNS) (formerly known as the Office for Civil Nuclear Security, OCNS). All staff with access to the network requires security clearance to BPSS (Baseline Personnel Security Standard) level, and Supplier staff with domain administrator access are required to be SC cleared.
The Supplier will have the only domain administration accounts; however the NDA IT Manager has the authority, at his sole discretion, to delegate various administrative rights to Customer personnel. The list of delegations and level of administration rights would be provided to the Supplier. There are a limited number of the Customer’s users who have local administration rights to their computers, based on business requirements.
There is no remote administration of the Customer’s IT equipment available outside of the Customer's network and the Supplier would be expected to administer IT equipment on-site based primarily at the Customer's head office at Herdus House in West Cumbria.
There is a requirement for infrequent support to site offices which are located at each of the Customer's sites around the country. These typically are small offices for use by staff when visiting the site and offer hot desk and printing facilities. A number of the site offices are linked into the main Customer network. The list of IT supported Customer sites may be subject to change (see Appendix 2S to schedule 2.1 (Services Requirements)).
The external interfaces to the NDA network are VPN, provided by Barron McCann XKryptor, which can only be installed onto Customer hardware. There is also Outlook Web Access (OWA) for access to non-restricted emails from non-secured end-points and Blackberry devices, again for non-restricted emails only.
Page 2 of 47 The Customer’s network currently utilises either BT MPLS circuits or LES circuits, depending on the location.
The Electronic Document and Records Management system (EDRMS) is OpenText LiveLink.
The finance system is Sage Line 500, including Sage Business Intelligence.
Email is provided by Microsoft Exchange 2010
Other supported software systems include, but are not limited to, Citrix, SharePoint, Proquis, PeopleSoft, Cognos, Deltek Cobra, Primavera, AutoCAD, GoldSim, HSSE (IRIS) and Abaqus.
There are some additional elements of support to be provided that are included in Appendix 7S (Miscellaneous Support Elements) to schedule 2.1 (Services Requirements).
Project Services
Project Services shall be and, for the avoidance of doubt, these Services shall be provided as discrete services and subject to individual Supply Contracts. Upon acceptance by the Customer of such Services, the Managed Service shall be amended in accordance with the Change Control Process detailed in schedule 8.2 (Change Control Procedure).
Third Party Product Support Contracts
For the avoidance of doubt, Products procured by the Customer shall be subject to individual Supply Contracts. In the event that the Contractor is required by the Customer to manage any third party support contracts the Managed Service shall be amended in accordance with the Change Control Process detailed in schedule 8.2 (Change Control Procedure).
SERVICE ELEMENT 1 (FIRST LINE SUPPORT)
1.1 Scope of First Line Support Services
First Line Support will perform the following activities:
• A logical single point of contact for all IT Services; • Answering all Contacts; • Recording of all Incident and Requests electronically, with accurate and appropriate information; • Timely updating of Incident and Request data; • Incident and Request categorisation including Incident and Request type and severity level; • Incident and Request prioritisation; • Instigation of escalation procedures as appropriate; • Direct and immediate Resolution of as many Incidents as possible without recourse to third parties; • Passing and processing of Incident and Requests to/from external support groups;
Page 3 of 47 • Providing timely and accurate information to Users; • Obtaining User closure verification prior to the closure of any Incident or Request. The Incident or Request will be automatically closed after a minimum of seven days in the event that three attempts have been made by the Supplier over the course of a minimum of seven days to contact the User and it has not been able to verify closure with the User. • Active ownership, tracking and management of all Incident and Requests within agreed scope - to ensure Incident and Requests are resolved within SLA, irrespective of who the Incident or Request-resolving agent may be; • Incident analysis, trending and reporting. This must include pro-active root-cause analysis aimed at reducing the overall number of Incidents reported; • Where Incident and Requests are unlikely to be resolved within the agreed Service Level to keep the caller updated of the status of the problem within the agreed time as arranged with the caller; • To update appropriate IT and Customer management of the status of all high priority and service affecting Incident and Requests; • Provide timely and accurate management information and reporting, and the monthly report by the 4th Working day of the month; • Contact Users to discuss response to an eCSQ; • Alert Customer of identified fraud attempts. • Provide support for mobile phone and Blackberry devices as per Appendix 5S to schedule 2.1 (Services Requirements). • Provide support for bespoke applications as per Appendix 6S to schedule 2.1 (Services Requirements).
1.2 Service Description
First Line Support will handle all Contacts received from the Users and will record with accuracy the appropriate details of the Incident or Request on the SMTS Incident management system.
First Line Support will attempt to provide a remote first time resolution and assign all appropriate Incidents which remain unresolved to the applicable Customer or the Supplier’s resolver group by telephone or SMTS Incident management system (as applicable).
Allocation of priority levels and categorisation of Incidents will be performed by First Line Support. (Selecting priority levels of Incidents may be dictated by the Customer).
Incidents that are allocated to the Supplier or Supplier’s subcontractor will be managed from end to end by the Supplier, including the management of escalation procedures.
Incidents that are allocated to a Third Party Supplier will be managed from end to end by the Supplier with the exception of management and escalation procedures.
In the event of an Incident allocated to a Customer Third Party Supplier reaching an agreed escalation point (as defined in the Service Levels), the Supplier will call the Third Party Supplier to request a resolution and then notify the Customer. The Supplier will continue to liaise with the Third Party Supplier but Customer will be responsible for managing the activity of the Third Party Supplier and ensuring resolution of the Incident. The Supplier will then close the Incident after it has been fixed. For the avoidance of doubt the Supplier will provide measurement of operational Service Levels for Incidents/calls allocated to Third Party Suppliers. It is a Customer obligation to ensure that SLAs agreed with Customer Third Party Suppliers and Resolver Groups are aligned to the applicable Supplier SLAs hereunder.
Page 4 of 47 Users will be kept informed on the status and progress of their Incident. It will be the responsibility of First Line Support to monitor and escalate all Incidents within the agreed Service Levels. Once the Incident has been resolved, the Supplier will call the User to confirm that the resolution is satisfactory. The Supplier will then close the Incident.
1.3 Hours of Cover
The First Line Support Service will be provided within the Core Service Hours. Outside of these hours, a User will be prompted to leave a voicemail or e-mail message. The First Line Support Service does not include cover on UK Bank and Public Holidays except in Scotland where Service will be available in the instances of a Bank Holiday in the rest of the UK. Services outside this window may be negotiated between the Customer and the Supplier, with consequential costs to be agreed and authorised in advance.
1.4 Reporting and MIS Requirements
First Line Support will produce regular monthly reports against the agreed Service Levels in accordance with Part B of schedule 2.2 (Service Levels). The date of the monthly report is to be agreed with the Customer.
SERVICE ELEMENT 2 (HARDWARE SUPPORT)
2.1 Scope of Services
The Supplier will provide the Hardware Support service for the Equipment as specified in Appendix 2S to schedule 2.1 (Services Requirements) and Appendix 4S to schedule 2.1 (Services Requirements) to the Service Levels specified in schedule 2.2 (Service levels).
2.2 Service Description
Users will place Contacts with First Line Support as described in Schedule 1 (First Line Support).
The Supplier will view the Incident queue via the SMTS Incident management system. The Supplier will have responsibility for Incident analysis and associated resolution for the Incident.
The Supplier engineering team will be used to provide on-site support at the Head Office locations as detailed in Appendix 2S (Supported Equipment and Sites) to schedule 2.1 (Services Requirements). The Supplier field engineering team will be dispatched to deliver the Service to other Supported Sites detailed in Appendix 2S to schedule 2.1 (Services Requirements).
The Supplier will resolve Equipment Incidents using, as appropriate:
• On-site engineering resource • Field engineering • The Supplier’s technical hardware support specialists • The Supplier’s subcontractors • Third Party Suppliers
Equipment will be restored to the following levels:
Page 5 of 47 • Desktops will be restored to the previous working level (excluding any local data). • Workstations will be restored to the previous working level (excluding any local data). • Laptops will be restored to the previous working level (excluding any local data). • Servers will be restored to working configuration and include all data restored. • Printers will be restored to working order (*). • Scanners will be restored to working order. • Cisco (or other manufacturer, where appropriate) networking equipment will be restored to working order and routing tables, VLANS re-applied. • Blackberry devices will be restored to working order and configured for the recipient user.
(*) Printers are defaulted to duplex black and white printing in most cases.
In the event that a hard drive is faulty, the Supplier will ensure that hard drives have data deleted before disposal or re-use (in accordance with HMG InfoSec requirements). Deletion of data may be subject to additional charges and the Supplier will provide the Customer with quotations which will be subject to approval by the Customer before such work commences.
It is recommended that the Supplier utilises standard build images for hardware types to ensure commonality across similar hardware devices and speed of deployment. The Supplier would be expected to maintain the standard build images and to periodically refresh them to ensure they remain current.
The Customer will be responsible for data back-ups of local drives on desktops and laptops and for restoring all data onto such items after the hardware fix has been performed.
The provision of Gold Stock by the Supplier to the Customer is to be fulfilled to the requirements of Appendix 1S to schedule 2.1 (Services Requirements).
The Supplier will be responsible for network patching as appropriate and reporting to the Customer when infrastructure networking capacity needs to be increased. The Supplier will be expected to be able to provide an infrastructure networking service, which would be dealt with as a separate project to this Agreement.
The Supplier will be responsible for data back-ups on servers and will be responsible for restoring data on servers after a hardware fix has been performed.
The Supplier will provide the Customer with a Service Catalogue with the computer options available. The Service Catalogue should list computers that are available, and the date from which they are to be retired from the manufacturer. The following options should be offered;
• Standard Desktop • High-end Desktop • High-end Workstation • Standard Laptop • Lightweight Laptop
Not all will be made available to all users. Additions and deletions to the Service Catalogue are to be agreed with the Customer.
Page 6 of 47 2.3 Responsibility Matrix
P = Perform A = Approve C = Co-operate R = Make Recommendations Hardware Support Responsibility
Supplier Customer
Reporting of Incidents to First P P Line Support
Acceptance of Incidents by P First Line Support
Incident logging (and updating P of Incident logs)
Incident diagnosis P
Incident allocation to Resolver P Group
Resolve Incidents P
Agree satisfactory resolution P A with Customer
Warranty management P
Liaison with Third Party P Suppliers (excluding escalations)
Management of Third Party P P Suppliers
Provide advance notification to P the Supplier of any changes to the hardware estate
2.4 Reporting and MIS Requirements
The Supplier will provide the following monthly reports in accordance with Part B of schedule 2.2 (Service Levels):
• Total Incidents received
Page 7 of 47 • Total Incidents received and closed by Resolver Group • Total Incidents closed by priority • Total Incidents closed by Incident resolution code • Incidents outstanding by Resolver Group • Incidents outstanding aged profile • Incident activity trend analysis • Incidents outstanding and exceeding Service Level • Trend analysis of Incidents closed at first attempt • SLA failures and analysis report
2.5 Exclusions and Qualifications
The Equipment supported under this Agreement is detailed in Appendix 2S to schedule 2.1 (Services Requirements).
Customer responsibilities The Hardware Support service will include the repair of all defects resulting from fair wear and tear arising out of the normal and prudent use of the Equipment by the Customer (excepting chargeable work detailed below) and/or identified during a portable appliance test, in accordance with current health and safety legislation. Portable Appliance Tests (as defined in “The Electricity at Work Regulations 1989”) are not included as part of the Hardware Support service and the Customer acknowledges that it has full responsibility for arranging such tests as are necessary to ensure compliance with current legislation.
The Customer acknowledges that unless all changes to the Equipment, its configuration, use, location or required Service Level are communicated to the Supplier (in writing) not less than thirty days prior to such change, the Supplier may not meet the required Service Level. In the event of any such change the Supplier may reserve the right to vary the Core Service Charge. If Service calls are placed for equipment which has not been notified to the Supplier, then the initial costs incurred as a result of such calls will be charged at the Supplier’s then current rate of Time and Materials Charges.
The Supplier shall not be responsible for the costs of reconditioning printers. Where such Equipment has exceeded a copy count in excess of the manufacturer's recommendations, the Supplier may, with prior approval from the Customer, arrange for such Equipment to be reconditioned at Customer's expense.
The Customer will ensure that the Supplier is granted the right to load, re-load and use the Supported Software on the Equipment and agrees to indemnify the Supplier against any third party claims arising out of breach of this clause.
The Supplier responsibilities
The Supplier shall not be responsible for ensuring that the Equipment in conjunction with the Customer's other office equipment and office environment, complies with the requirements of the Health and Safety (Display Screen Equipment) Regulations 1982. It is, however, expected that the Supplier will support the Customer in meeting the requirements of relevant Health and Safety regulations and legislation though recommendations of suitable hardware.
The Service Levels within the contract are based on the assumption that access to the designated locations for the delivery of these Services is available. Such access should include desk and computing facilities and storage space as reasonably required by the Supplier.
Page 8 of 47 Failure to provide this access and reasonable parking (where applicable) may impact the provision of these Services being delivered and those Services affected will be excluded from any statistical information used for performance reporting of the Supplier.
The Supplier will not be responsible for any Incidents or problems resulting from hardware changes implemented by the Customer without prior agreement.
Page counts for printers included as Supported Equipment will be monitored where possible and the Customer will be advised when maintenance is required. Consumables are not covered under this Agreement.
Where requested by the Customer and on a chargeable basis, the Supplier will arrange the disposal of Equipment. The Supplier will ensure that all Equipment is disposed of in accordance with current legislation including, but not limited to, the Waste Electrical and Electronic Equipment Regulations 2006 as amended.
The Hardware Support Service excludes Contacts related to the following, which, if resolved by the Supplier, will be chargeable on a Time and Materials basis in accordance with the Contract:
Service outside the Core Service Hours; Service calls resulting from the Customer’s negligence or wilful misuse of the Equipment including operation in a manner contrary to the manufacturer's operating instructions;
Printer Consumables (including toner cartridges);
Any other Equipment defined by the manufacturer as user replaceable;
Incidents resulting from any modification, repairs, change or maintenance carried out by persons other than the Supplier or a third party instructed by the Supplier;
Service calls to correct any malfunction caused by the Equipment being placed by the Customer in an unsuitable environment that is inconsistent with the manufacturer's recommendations. For the avoidance of doubt, this clause shall not apply to Equipment placed by the Supplier;
Service calls to correct cosmetic damage to the appearance of the Equipment such as replacement of any plastic part of the Equipment that has become cracked or damaged, unless caused by the Supplier or its subcontractors;
Service calls to clean Equipment following liquid spillage unless caused by the Supplier or its subcontractors;
Service calls to undertake a full overhaul or refurbishment of Equipment at the Customer's request;
Service calls in connection with any other use not contemplated or approved by the manufacturer or the Supplier, unless previously agreed with the Supplier;
Written authority to proceed is required from the Customer prior to commencing all activity identified as being chargeable in accordance with the list above.
Page 9 of 47 In the event that Service Levels are affected on any Hardware Support Incidents due to the involvement of the Supplier staff in Major Customer Incidents. Subject to the Supplier using all reasonable commercial endeavours to attain the Service Levels, the Service Levels will not apply during the period which can reasonably be said to have been affected by such Incidents. The Supplier will inform the Customer when the Incident is no longer affecting Hardware Support and the Supplier's engagement on the applicable Incident has ended.
The Supplier will inform the Customer of any faulty Equipment that is BER or obsolete.
Resolution of Incidents means that when the system is restored and Users are able to process their normal workload. This might be resolved by a workaround acceptable to the Customer which is replaced by a permanent fix at the earliest possible date. An Incident will be deemed to have been resolved once a Customer has agreed that the Incident has been resolved. Notwithstanding the foregoing, where the Supplier has made three (3) attempts to contact a User to close a call and the User has not responded, the Supplier will close the call after the third contact attempt.
2.5.1 Change Control
Equipment can be added to or removed from the Agreement at any time in accordance with the Change Control Procedure. The Customer will notify the Supplier in advance where any such additions or removals are to take place and in such instances the Supplier may reserve the right to amend, with agreement, the Core Service Charge in accordance with the Supplier's additions, deletions or re-cost processes as defined in Appendix 2S to schedule 2.1 (Services Requirements).
2.5.2 Exception Management
The Supplier will not be responsible for supporting any additional Equipment that is not requested through the Additions, Deletions or re-cost processes or in accordance with the Change Control. Support for non-solicited Equipment is subject to approval from the Customer. The Supplier reserves the right to charge the Customer for such Customer approved support at the Supplier's then current Time and Materials rates and the Customer will pay such rates at the end of the relevant month.
SERVICE ELEMENT 3 (SOFTWARE SUPPORT)
3.1 Scope of Services
The Supplier will provide the Software Support Service for the Supported Software at the Sites, specified in Appendix 2S to schedule 2.1 (Services Requirements), to the Service Levels specified in schedule 2.2 (Service levels).
3.2 Service Description
Users will place all Incidents with the First Line Support as described in Service Element 1 (First Line Support). The Supplier will view the Incident queue via an SMTS Request Management System.
The Supplier will have responsibility for Incident analysis and associated Resolution for the Equipment.
The Supplier will resolve Supported Software Incidents using, as appropriate:
Page 10 of 47 • First level support (remote support from First Line Support will attempt to resolve all calls at first contact) • The Supplier's resolving groups • The Supplier's subcontractors • Third Party Suppliers
The Supplier’s engineering team will be used to provide on-site support at the Head Office locations as detailed in Appendix 2S to schedule 2.1 (Services Requirements). The Supplier’s Field Engineering team will be dispatched to deliver the Service to other Supported Sites detailed in Appendix 2S to schedule 2.1 (Services Requirements).
All Supported Software Incidents will be restored to the previous known working configuration.
Incidents that are allocated to a Third Party Supplier will be managed from end to end by the Supplier with the exception of management of escalation procedures. In the event that such an Incident reaches the agreed escalation point, the Supplier will notify the Customer and the Customer may assume responsibility for escalating the Incident to the Third Party Supplier and ensuring its subsequent resolution. The Supplier will then close the Incident after it has been resolved.
3.3 Responsibility Matrix
P = Perform A = Approve C = Co-operate R = Make Recommendations Hardware Support Responsibility
Supplier Customer
Reporting of Incidents to First P P Line Support
Acceptance of Incidents by P First Line Support
Incident logging (and updating P of Incident logs)
Incident diagnosis P
Incident allocation to Resolver P Group
Resolve Incidents P
Agree satisfactory resolution P A with Customer
Page 11 of 47 Hardware Support Responsibility
Licence management P C
Liaison with Third Party P Suppliers (excluding escalations)
Management of Third Party P P Suppliers
Provide advance notification to P the Supplier of any changes to the software estate
3.4 Reporting and MIS Requirements
The Supplier will provide the following monthly reports in accordance with Part B of schedule 2.2 (Service Levels):
• Total Incidents received • Total Incidents received and closed by Resolver Group • Total Incidents closed by priority • Total Incidents closed by Incident resolution code • Incidents outstanding by Resolver Group • Incidents outstanding aged profile • Incident activity trend analysis • Incidents outstanding and exceeding Service Level • Trend analysis of Incidents closed at first attempt • SLA failures and analysis report
3.5 Exclusions and Qualifications
Customer responsibilities
The Service Levels within this Service Element are based on the assumption that access to the designated locations for the delivery of these Services is available. Failure to provide this access and reasonable parking (where applicable) may impact the provision of these Services being delivered and those Services affected will be excluded from any statistical information used for performance reporting of the Supplier.
The Supplier will not be responsible for any Incidents resulting from software changes implemented by the Customer without prior agreement with the Supplier. The recovery action relating to these Incidents will be subject to Time and Materials charges as in accordance with the Day Rates set out in schedule 7.1 (Charges and Invoicing) and will be an exception to Service Levels.
The Customer will provide access to the current Approved Software List.
The Supplier responsibilities
Page 12 of 47 The Supplier will at all time take reasonable endeavours to protect Customers' data in accordance with the Customer’s own IT Policies.
In the event that Service Levels are affected on any software calls due to the involvement of the Supplier’s staff in Major Customer Incidents, subject to the Supplier using all reasonable commercial endeavours to attain the Service Levels, the Service Levels will not apply during the period which can reasonably be said to have been affected by such a Incident. The Supplier will inform the Customer when the Incident is no longer affecting software and the Supplier’s engagement on the applicable Incident has ended.
Only software on the Customer’s Approved Software List will be installed. Any exceptions to the Approved Software Listing are to be agreed in advance between the Customer and the Supplier.
3.5.1 Change Control
Supported Software can be added to or removed from the Agreement at any time in accordance with the Change Control Procedure. The Customer will notify the Supplier in advance where any such additions or removals are to take place and in such instances the Supplier reserves the right to amend, subject to discussion with the Customer the Core Service Charge in accordance with the Supplier's additions, deletions or re-cost processes as defined in Appendix 2S to schedule 2.1 (Services Requirements).
3.5.2 Exception Management
The Supplier will not be responsible for supporting any additional Users or software that are not requested through the Additions, Deletions or re-cost processes or in accordance with the Change Control Procedure as defined in the contract. In the event that the Supplier provides support for out of scope software or Users, the Supplier reserves the right to charge the Customer for such Customer approved support at the Supplier's then current Time and Materials rates and the Customer will pay such charges at the end of the relevant month by invoice.
Support for Incidents raised from non approved changes to the Supported Applications is not covered under this Agreement. These incidents will be treated as chargeable calls.
Applications may be added to this Service Element on request and to the extent such request is accepted by the Supplier, the support for such application shall be chargeable on a Time and Materials basis until support for the application is incorporated into the Agreement via the Change Control Procedure.
SERVICE ELEMENT 4 (REQUEST SERVICE - MACD)
4.1 Scope of Services
The Supplier will provide a Request Service for all activities requiring any Moves, Additions, Changes and Deletions (MACD) to the Equipment included in Appendix 2S to schedule 2.1 (Services Requirements) to the Service Levels specified in schedule 2.2 (Service Levels).
The Request Service covers Requests involving 5 Units or less.
The following are out of scope, but may be required and subject to additional charges:
Page 13 of 47 • Moves involving transporting Equipment from one Customer site to a different Customer site. • Non-desktop components such as furniture. • Servers, hubs and switches, which will be treated as separate scheduled work with the charges to be agreed in advance.
4.2 Service Description
First Line Support will handle all authorised Requests received from the Users and will record the appropriate details of the Request on an SMTS Request Management System.
The Supplier will view the Requests queue via an SMTS Request Management System.
The Supplier will provide a point of control for managing all Requests and to process and implement all Requests associated with the supported environment.
Requests are managed to an SLA as defined within this Service Element. Non-standard Requests are completed without an SLA or to a timescale that is agreed with the requestor. Non-standard Requests which will require additional resource or impact Service Levels will be treated separately as Projects and are subject to additional charges that will be agreed between the Supplier and the Customer prior to the work commencing. Where a non standard Request affects the ability of the Supplier to achieve a Service Level, the affected Service Level(s) may be excluded from the Service Level measurement and the payments of Service Credits in respect thereof, with agreement between both the Customer and the Supplier.
A standard Request is:
• A single activity to procure or supply and install an item with a single product code. • A single activity to decommission and remove an item with a single product code. This will include non-standard items of desktop equipment. • A single activity to relocate (move) an item from a User's existing working location, to the User's new working location. • A single request to add, remove or relocate a desk-based telephone from a User's existing working location, to the User's new working location. • A single request for a new User account set-up on one or more platforms. • A single request to replace an existing item of desktop equipment with another item. • A single request for the de-installation of one or more software applications or software builds. • A single request for the creation, amendment or deletion of a User's access rights on a directory. • A single request for the creation, amendment or deletion of access rights to a shared area affecting all Users with existing rights. • A single request for the moving of a User from one location to another within a building may contain a number of the above as a single activity. • A single request for a new starter joining the Customer may contain a number of the above as a single activity. • A single request for a leaver departing the Customer may contain a number of the above as a single activity.
Examples of a non-standard Request may include the following:
• More than 5 Units in one Request
Page 14 of 47 • 51 or more User administration activities to Add / Deletes / Move shared or group accounts • Activities involving servers as the result of a Request (for example to move a server) Where it is necessary to involve Third Party Suppliers, the Supplier will allocate the required work to such Third Party Suppliers and the Supplier will manage the activity of the Third Party Supplier(s) until the work has been completed.
When the Request has been deemed by the Supplier to be complete, the originating User will be asked to confirm and sign off the work as completed. The Supplier will then close the Request on SMTS. Notwithstanding the foregoing, where the Supplier has made three (3) attempts over a seven day period to contact the User to close the Request and the User has not responded, the Supplier may close the call after the third contact attempt.
4.3 Responsibility Matrix
P = Perform A = Approve C = Co-operate R = Make Recommendations Hardware Support Responsibility
Supplier Customer
Agree the process for authorising Requests R P
Authorising Requests prior to Users logging P them with the Supplier
Receipt, planning and prioritisation of P Requests
Task Management of the Supplier’s P C subcontractors
Task Management of Third Party Suppliers P C
Obtain User sign - off of satisfactory P completion
Provision of reporting and MIS as defined P C
New software requests: receipt P A
New hardware requests: receipt P A
Deliveries: receipt and checking P C
Returns: handling P A
Page 15 of 47 Hardware Support Responsibility
Maintenance of standard hardware and P A software configuration options and provision of all associated documentation
Maintenance of software licence records P
Maintenance of software library (discs, P manuals, etc)
Maintenance of hardware inventory records P
Configuration of new PCs P
Provision of cabling/power for new PCs R P
Installation of core software on new PCs P
Installation of other Customer authorised P software on new PCs
Installation of client applications on new PCs P
Installation of new PC P
Hand-over of new PC to User P C
User training P C
Installation of new authorised Supported P Software on existing PCs
Provision of WAN access P
Network patching from LAN to desk P
Disconnection/ move/ reconnection of PCs P A
Testing of PC at new location P C A
4.4 Reporting and MIS Requirements
The Supplier will provide the following reports on a monthly basis in accordance with Part B of schedule 2.2 (Service Levels):
• Total Requests received • Total Requests completed • Requests completed within Service Level • Total Requests received by type • SLA failures and Analysis
Page 16 of 47 4.5 Exclusions and Qualifications
Customer responsibilities In the event that the Supplier performs any tasks on authorised Requests that are subsequently cancelled, the Supplier may charge the Customer for the tasks that have been performed. The Supplier must provide the Customer with appropriate evidence that such costs have been incurred.
Where the physical infrastructure or facilities are not in place / available (including, but not limited to, desk mains supply and space) for the Request to be completed, the Request may be suspended until such tasks have been completed.
In the event that the completion of a Request is dependent on the completion of tasks by the Customer appointed party and these tasks are not completed as agreed, the Supplier will inform the Customer of any additional costs which may be incurred to complete such a task. The Customer will direct whether the Supplier should incur such additional costs. Costs will have to be notified and agreed with the Customer prior to charging. Where the Supplier has incurred costs as a result of the delay in completion of tasks by the Customer’s third party, the Customer will pay these costs as Charges. The Supplier will be expected to use reasonable endeavours to mitigate any costs incurred. These Requests will not be included in the statistical reporting of Service Level. Examples of such tasks groups are power, network, etc.
The Request Service does not include the provision of fault related services.
The Request Service should include the provision of a Disposals Service. A third party can be engaged at the Customers request to perform Disposal Services and such request may be chargeable.
The Supplier responsibilities
All activity processes must only proceed with the relevant approvals from the Customer. Requests with no authorisation will be returned to the User concerned and be exempt from Service reporting. The Customers IT Manager is responsible for providing authorisation.
Any deviations from the original Request may be designated to another new Request only if there is a cost or location impact. The original Request will be closed and the User informed accordingly.
Multiple requests for the same activity totalling in excess of 5 Units will be excluded from this Service Element and will be charged on a Time and Materials basis.
SERVICE ELEMENT 5 (BUSINESS APPLICATION SUPPORT)
Purpose
The Supplier will support the Applications as set out in Appendix 2S to schedule 2.1 (Services Requirements) and Appendix 3S to schedule 2.1 (Services Requirements) through on-site Resource, Field Engineering, Subcontractors and Third Party Supplier arrangements.
Service Description
Page 17 of 47 Users will place all Incidents with First Line Support as set out in Service Element 1 First Line Support.
The Supplier will allocate the Incidents to the relevant Supplier engineer, Subcontractor, Third Parties or the Customer incident queue via the SMTS Incident management system.
Incidents that are allocated to a Third Party Supplier or subcontractor will be managed from end to end by the Supplier. The Supplier will notify the Customer where the Incident involves Customer appointed parties and the Customer will be responsible for escalating the Incident and ensuring its subsequent Resolution. The Supplier will then close the Incident after it has been resolved.
5.1 Database Administrator (DBA) Support
5.1.1 Scope of Services
The Supplier will support, develop and maintain to the Service Levels specified below all databases, and environments. The Supplier will work with nominated Third Party Suppliers, Subcontractors and Customer appointed parties to support applications in use by the Customer.
5.1.2 Service Description
This Service includes the following:
5.1.2.1 Database Support
• Installation, configuration and upgrading of database server software and related products • Evaluate database features and database related products • Maintain database design and implementation • Support database replication system • Implement and maintain database security (create and maintain Users and roles, assign privileges) • Setup and maintain documentation and standards (following receipt of such from Customer) • Plan growth and changes (capacity planning) subject to the provision of timely data as to planned changes within the Customer's environment • Perform general technical trouble shooting and give consultation to Customer development teams • Interface with the database manufacturer/developer for technical support • Ensure all databases are made available during working hours
5.1.2.2 Maintenance
• Server and key component maintenance e.g. Server file purge, disk de-fragmentation • Disk capacity and integrity checks • Check and backup database event logs and flag potential problems • Preventative Maintenance • Perform database tuning and performance monitoring • Perform application tuning and performance monitoring • Perform routine maintenance tasks • Server operating system upgrades
Page 18 of 47 • Database upgrades, including patch level upgrades • Physical environmental check • Advise the Customer of any Incidents occurring as a result of database capacity issues and make recommendations for resolution
5.1.2.3 Development
• Liaise with the Customer business owners to confirm requirements • Design, code and implement • Data modelling • Migration and transfer of data • Creating the installation scripts • Stored procedure creation • Performance tuning
5.1.3 Responsibility Matrix
P = Perform A = Approve C = Co-Operate R = Make Recommendations Activity Responsibility
Supplier Customer
Database Support P
Reporting of faults to nominated First Line P C Support
Acceptance of faults from nominated First P Line Support
Scheduling of support staff to service P Incidents
Resolution of faults P
Updating of Incident logs P
Agree service is restored to Users P A
Liaison and management of all relevant third P parties
Manage Third Party Suppliers, and updating P and escalating to Customer management where necessary
Page 19 of 47 Activity Responsibility
Development
Strategic, tactical and technology planning P C A
Setting and documenting policy P R
Adherence to network security policy P P
Determination and specification of database P R standards
Documentation of database standards and P design
Documentation of installation procedures P
Remote server tools P
Product evaluation and procurement P C (hardware and software)
Communications equipment vendor P management
Define standard software configurations P
Provision of change management and control P A procedures
Adherence to change management and control P P procedures
Communications supplier management P
5.1.4 Exceptions to the Service Levels
The Supplier will provide the Services at the agreed Service Levels and will use all reasonable endeavours to ensure that the Customer’s operations experience minimum impact from database problems wherever possible. The following exceptions apply to the agreed Service Levels:
• Unscheduled server power downs, outages or any other such activities where data integrity is compromised. • Multiple concurrent failures with the same route cause will be treated as a single event for the purposes of calculation of achievement against Service Level(s). There is no Service Level attaching to the Resolution of multiple Incidents raised with the same route cause, the Supplier shall deal with the Resolution of these Incidents on a reasonable endeavours basis. In such cases the Supplier staff will prioritise server problems in conjunction with the Customer’s personnel.
Page 20 of 47 • Additional restoration of operating systems, applications software and data beyond the agreed Service Levels • Incidents resulting from any modification, change or maintenance carried out by persons other than the Supplier and/or other than a third party instructed by the Supplier.
For the avoidance of doubt, any modification, change or maintenance carried out by a third party instructed by the Supplier shall be included within the agreed Service Levels.
5.1.5 Exclusions and Qualifications
The Database support role does not include the provision of formal capacity and availability monitoring and reporting.
The Supplier responsibilities
If as a result of multiple Incidents the Supplier considers that changes are required to the Customer’s IT infrastructure to prevent or mitigate the occurrence of further Incidents, the Supplier will recommend environmental upgrades, consolidations and improvements where required.
5.2 Business Application Support
5.2.1 Scope of Services
The Supplier will support and maintain to the Service Levels specified in the contract. The Supplier will work with Third Party subcontractors and the Customer appointed parties to support the use of the Business Applications within the Customer.
5.2.2 Service Description
This Service includes the following:
5.2.2.1 Application Support
• Installation, configuration and upgrading of Business Application software and related products • Evaluate Business Application features and Business Application related products • Support Business Application system as part of 3rd Line support • Implement and maintain Business Application security (create and maintain Users and groups, assign access privileges) • Setup and maintain documentation and standards (following receipt of such from Customer) • Plan growth and changes (capacity planning), subject to the provision of timely data as to planned changes within the Customer's environment • Perform general technical trouble shooting and give consultation to Users and system administrators • Interface with Third Party companies for technical support. • Ensure all Business Application services are made available during Core Service Hours • Provide usage statistics to Customer business owners when required.
Page 21 of 47 5.2.2.2 Maintenance
• Server and key component maintenance e.g. Server file purge, disk de-fragmentation • Disk capacity and integrity checks • Implement Integrity Checks and backup of databases and Business Application servers and flag potential problems • Preventative Maintenance • Perform application tuning and performance monitoring • Perform routine maintenance tasks • Server operating system upgrades and patches • Business Application upgrades and patches • Physical environmental check of the Customer’s Server Rooms • Advise the Customer of any Incidents occurring as a result of disc capacity issues and make recommendations for resolution
5.2.2.3 Development
• Liaise with Customer business owners to confirm requirements • Design, code and / or implement where required • Review product offerings / roadmap and make recommendations
5.2.3 Responsibility Matrix
See 5.1.3
5.2.4 Exceptions to the Service Levels
The Supplier will provide the Services at the agreed Service Levels and will use reasonable endeavours to ensure that the Customer's operations experience minimum impact from database problems wherever possible. The following exceptions apply to the agreed Service Levels:
• Unscheduled server power downs, outages or any other such activities where data integrity is compromised. • Multiple concurrent failures with the same root cause will be treated as a single event for the purposes of calculation of achievement against Service Level(s). There is no Service Level attaching to the Resolution of multiple Incidents raised with the same route cause, the Supplier shall deal with the Resolution of these Incidents on a reasonable endeavours basis. In such cases the Supplier staff will prioritise server problems in conjunction with the Customer’s personnel. • Additional restoration of operating systems, applications software and data beyond the agreed Service Levels and Service scope • Incidents resulting from any modification, change or maintenance carried out by persons other than the Supplier and/or other than a third party instructed by the Supplier.
For the avoidance of doubt, any modification, change or maintenance carried out by a third party instructed by the Supplier shall be included within the agreed Service Levels.
Page 22 of 47 5.2.5 Exclusions and Qualifications
The Supplier responsibilities
If as a result of multiple Incidents the Supplier considers that changes are required to the Customer’s IT infrastructure to prevent or mitigate the occurrence of further Incidents, the Supplier will recommend environmental upgrades, consolidations and improvements where required.
SERVICE ELEMENT 6 (SERVER MANAGEMENT AND SERVER SUPPORT)`
6.1 Scope of Services
For in scope servers detailed on the Supported Equipment List in Appendix 2S to schedule 2.1 (Services Requirements) and Appendix 4S to schedule 2.1 (Services Requirements), the IT Managed Services supplier will actively monitor all production server components and respond to any alerts or Incidents, which may be generated via the IT Managed Services supplier’s implemented tool suite to the Service Levels specified below.
6.2 Service Description
This Service includes the following:
6.2.1 Server Support
• Ensure all Supported Servers are available during Core Service Hours • End to end monitoring of Supported Server estate • Service Level response to Incidents logged • Proactive monitoring and alerts • Hardware support using remote stock • Proactive fault analysis • Remote support to Supported Sites as set out in Appendix 2S to schedule 2.1 (Services Requirements)
6.2.2 Server and Data Management
• Advise the Customer of any Incidents occurring as a result of server capacity issues and make recommendations for resolution • Server and key component maintenance e.g. server file purge, disk de-fragmentation • Disk capacity and integrity checks • Backup management • Virus definitions management • OS using Change Management • Tape backup log check and tape unit head cleaning • Check and backup server event logs and flag potential problems • Availability monitoring • Maintain a detailed and specific inventory of server and server components • Check external connections • Perform routine maintenance tasks such as update server viral signatures • Server integrity and security check • Server operating system upgrades
Page 23 of 47 6.2.3 Preventative Maintenance
The Supplier is responsible for all Preventative Maintenance.
Where tasks are performed within supported hours all reasonable endeavours will be taken to minimise the disruption to the Customer.
Service levels will not apply to tasks that are delayed by the Customer.
For tasks, which are requested by the Customer to be performed by the Supplier outside of supported hours, the Supplier will reserve the right to apply charges as set out schedule 7.1 (Charges and Invoicing).
Where these tasks may impact on Services, the Supplier will advise the Customer of potential impact to services.
The Supplier should conduct regular monthly testing of the backup and restoration for critical business systems. The exact frequency of restoration tests is to be agreed with the Customer. The Supplier should ensure that restoration of systems is achievable with the minimum of data loss. The exact tolerance to loss of data is to be indicated by the Customer, but in the absence of clarification should be 24 hours of data as a maximum for all systems.
6.3 Responsibility Matrix
P = Perform A = Approve C = Co-operate R = Make Recommendations Hardware Support Responsibility
Supplier Customer
Server Support Fault Resolution P
Reporting of faults to First Line Support P C
Acceptance of Incidents from First Line P Support
Scheduling of support staff to service calls P
Resolution of Incidents P
Updating of Incident logs P
Agree service is restored to Users C/P A
Liaison and management of all relevant Third P Party Suppliers
Page 24 of 47 Hardware Support Responsibility
Problem reporting and MIS to agreed P schedule
Issue stock from the dedicated, on site, stock P holding and to update stock records with any spares withdrawn out side of these hours
Ensure that adequate controls are maintained P of this stock, which include regular stock checks and replacement of used items
Monitor and report on stock turnaround and P usage
Manage escalations due to non availability of P stock
Manage third party suppliers, and updating P and escalating to Customer’s management where necessary
Backup Management P
Backup of server data and configuration P
Restoration of server data and configuration P A
Server Management P
Strategic, tactical and technology planning P C A
Setting and documenting policy R P
Advise on policy, planning, standards and R changes to the network to improve service delivery and/or reduce costs
Adherence to network security policy P P
Determination and specification of network R P standards (hardware and software)
Documentation of network standards P R
Documentation of installation procedures P R
Support LAN servers maintaining hardware, P operating systems and other systems software
Page 25 of 47 Hardware Support Responsibility
Remote server tools P
Monitor and review disk and general resource P usage
Advise on need to replace network based R hardware if repair not justified
Data lines and communication carrier P management
Product evaluation and procurement C P (hardware and software)
Communications equipment vendor P management
Define standard software configurations P R
Provision of change management and control P A procedures
Adherence to change management and control P P procedures
Manage supplier communications P P
Monitoring of in scope Servers P
Patch Management P A
6.4 Reporting and MIS Requirements
The IT Managed Services supplier will provide service statistics on a monthly basis, in accordance with of Part B of schedule 2.2 (Service Levels), to include, but not limited to, the following:
• Total number of support calls logged, analysed into support level categories • Total number of calls resolved • Any calls failing to meet Service Levels and analysis • Exceptions reporting • Reporting against pending server installation Requests
SERVICE ELEMENT 7 (ASSET MANAGEMENT SERVICE)
7.1 Purpose
The Supplier will provide a dedicated Asset Management service for Customer, which encompasses the following:
Page 26 of 47 • Initial electronic asset discovery, hardware and software detection and recognition. • Comprehensive inventory management reporting • The process will address and inform on roles and responsibilities required to interface into this service. • Escalation management into Customer regarding exceptions to the asset estate • Creation of an effective license entitlement position and in-life management • Processes for manual collection facility for non-network attached and non-IT related assets. • Comprehensive dynamic software recognition library listing commercial products (Wintel and non-Wintel), plus the ability to add bespoke products. • Scalability for future business data feeds 7.2 Service Descriptions
7.2.1 Electronic Discovery Management
The Supplier will use an Inventory Management System and processes to enable electronic discovery of hardware, software and discoverable attached devices on devices connected and visible on Customer network.
7.2.2 Initial Electronic Discovery Management Activity
The Supplier activities around Initial Electronic Discovery Management will include:
• Jointly agree a success factor for the discovery of the asset information. • Rollout and distribution of the Electronic Discovery Agent • The management and monitoring of the information being gathered during the rollout of the Electronic Discovery Agent • Identify with Customer standard Equipment and Supported Software applications and operating systems). • Setup of reporting filters to identify Core and Non Core Applications and map these to the Build image. • Identify and investigate duplication device information and work with Customer to eliminate duplicate devices • Agree with Customer the optimum scan frequency for the environment and reports • Setup the scan frequency and monitor the process for issues and exceptions. Where exceptions identified, working with Customer to resolve using the different discovery mechanisms, for instance scan on demand. • Apply an HR data load for validation and acceptance purposes. The IT Asset Management Administrator will upload the HR data into the IT Asset Management toolset.
7.2.3 Ongoing Electronic Discovery Management Activity
The Supplier activities around Ongoing Electronic Discovery Management will include:
• The management and monitoring of the information gathered by the Electronic Discovery Agent to ensure information is within the Age of Data Policy. • Maintenance of Customer's hardware and software standards information in the inventory management system
Page 27 of 47 • Maintenance of the Core and Non Core Applications information and Build image information, following a change to Customer's software standard • Identification and investigation of duplication device information and working with Customer to eliminate duplicate devices • Handling Requests for Information on hardware and software information contained within Inventory Management System • The reporting to Customer on current software licence numbers, based on output from the Electronic Discovery Agent. • The monitoring of the Customer’s software licence inventory to the extent discoverable via Electronic Discovery Agent
7.2.4 Contract Management Activity
The Supplier and Customer will agree the contracts that need to be tracked in the Inventory Management System.
This will include:
• Maintenance and support contracts from the Supplier or from specialist vendors. • Customer's contract information, upon receipt of the following information from Customer; Contract Type, Contract Number, Vendor, Start Date, Contract Status, End Date.
7.2.5 Asset Management
The Inventory Management System and process will enable Customer to track details for IT Assets, from the time of purchase until they are retired from Customer. This will include management of hardware asset data for leased and purchased machines, software licensing information, contract and procurement data, and disposal records, in accordance with the data feeds provided by Customer and to the extent that they affect fields within the Inventory Management System.
7.2.6 Asset Management Activity
The Supplier activities for the Asset Management Service will comprise:
• The Supplier will manage Customer's Hardware and Supported Software catalogue / portfolio entries in the Asset Lifecycle Management System. • The Supplier will complete the disposal / retirement information of items in the Asset Lifecycle Management System upon receipt of the Disposal Request document from Customer. • The Supplier will periodically produce reporting against the Customer's Common Operating Environment (COE). • Customer will be responsible for the physical disposal of assets from the estate. The IT Asset Management administrator will be responsible for updating the Asset Lifecycle Management System device status. • The Supplier will on a monthly basis produce an asset status accounting report which will provide Customer with a view of assets not currently being used within the estate. • The Supplier will provide monthly details of under/over licensing positions with the Customer’s IT estate. An Effective Licensing Position should be provided when requested.
Page 28 of 47 7.2.7 Procurement Activity
The Supplier will enter all information to date on the Inventory Management System and create a process to manage all Assets procured through the Supplier. For all Assets not procured through the Supplier an alternative process will be agreed between both parties.
The Supplier activities for the Procurement Activity will comprise:
• The Supplier's Asset Management will run a monthly report of hardware items supplied to Customer from the Order Management system. • Check which items have been already updated into ELM via the Request/Engineering process. • The Supplier Asset Management updates the Electronic Licence Management (ELM) system with the details of all supplied items. For items that have been already updated into ELM only the purchase details such as "Price" and "Invoice Number" need be updated. For items not recorded in ELM an appropriate status and location must be selected. The loads of data into the ELM should follow the processes outlined in the ELM Data Import documents. • The Supplier’s Asset Management will run a monthly report of software items supplied to Customer from the Order Management system. • The Supplier’s Asset Management will request paper copies of invoices from the Supplier’s Order Desk. • The Supplier’s Order Desk will send proof of purchase paperwork they receive to the Supplier’s IT Asset Management. • The Supplier’s Asset Management will send the invoices and proof of purchase paperwork from software purchases to Customer IT Asset Management
7.2.8 Entitlements Management
The Supplier will:
• Provide Customer with entitlements management to reconcile the software installed against software procurement information provided by Customer. • Produce a report of all software purchases on a monthly basis, for agreement with the Customer. • Create any mappings required between the imported purchase records and the electronically discovered software on Customer's estate. • Deliver the monthly software entitlements report(s) detailing software that is believed to be non-licensed. • Setup and decommission software usage metering activity following an authorised and vetted request from Customer. • Perform, on a monthly basis, a number of scheduled tasks, which include; importing procurement data, undertaking an entitlements rollup, the importing of electronically discovered software.
7.2.9 Data Quality Management
The Supplier will:
• Validate the data quality within the system on an ongoing basis through MACD requests.
Page 29 of 47 • Validate the accuracy of the IT Asset Management database through the use of the database in incident, MACD and larger scale moves • Reconcile the information captured within the Inventory Management System against the information contained within the electronically discovered repository. The Supplier will produce exception reporting where differences occur which cannot be reconciled.
7.2.10 Security and Administration Management The Supplier will manage:
• Updates to the Supported software as set out in Appendix 2S to schedule 2.1 (Services Requirements) and Appendix 3S to schedule 2.1 (Services Requirements) will comply with Customer security policy and may be periodically audited. • The IT Asset Management database to include the Customer backup policy. • An appropriate level of business continuity planning and DR will be agreed for this service.
7.3 Responsibility Matrix
P = Perform A = Approve C = Co-Operate R = Make Recommendations T = Trigger Activity Responsibility
Supplier Customer
Electronic Initial Electronic Discovery Management P C Discovery Management
Ongoing Electronic Discovery Management P C
Asset Management
Contract Add New Contract P A Management
Contract Reporting P
Procurement Procurement Import P C
Asset Receipting P
Procurement Creation/Import Reporting P C
Asset Management Asset Mgt - Retire Assets P A
Page 30 of 47 Activity Responsibility
Reconciliation of HW P C
Producing Customer Software, Customer P A Hardware MI from the ELM
Provide Asset Availability Information P
Data Quality Maintain Data Quality P A
Archiving P
Security Security Administration A C P Administration
Operational Report Production P
Inventory Report Production P
Entitlements Reconciliation Reporting P Management
EMS Knowledge Base Management P
Service Service Management Reporting P Management
7.4 Service Levels and Hours of Cover
7.4.1 Hours of Cover
This Service will be provided during the Core Service Hours.
Service outside this window may be negotiated between Customer and the IT Managed Services supplier, with costs to be agreed and authorised in advance.
7.4.2 Service Levels
There are no service levels specific to this Asset Management Service; all requests for information in relation to asset management will be dealt with as a Request in accordance with the Request Management Service Element.. Any escalations received in relation to the request for information or the quality of information held will be dealt with in accordance with the escalation management process within schedule 8.1 (Governance).
7.5 Customer Responsibilities
Customer's responsibilities for this Asset Management Service include but are not limited to:
• Providing a dedicated Asset Service Owner to work with the Supplier service delivery team on an ongoing basis.
Page 31 of 47 • Customer will ensure Users are informed and requested to connect devices to the network in an appropriate manner to enable conformance with the Age of Data Policy. • Provide access to any current data relating to software inventories. • Customer to send appropriate purchase requests to the Supplier team for procurement recommendation. Ensuring any license shortages identified is corrected either through agreed removal of software or the procurement of further licenses by the Customer. • Ensure that the Electronic Discovery Agent may be deployed by the Supplier on the Customer’s network. 7.6 Supported Equipment
All Supported Equipment is listed in Appendix 2S to schedule 2.1 (Services Requirements).
SERVICE ELEMENT 8 (TRANSFORMATION)
8.1 Purpose
The purpose of this Service Element is to set out the potential areas for transformation which may be completed within the duration of the contract.
8.2 Principles
The Supplier should provide innovative ideas, methods and proposals for achieving cost savings and simplification for the Customer including the potential areas of transformation listed below.
.
In the first six months after the Effective Date
• Upgrade the computers to latest suitable and stable versions of the Microsoft Operating System. • Upgrade the computers to latest suitable and stable versions of the Microsoft Office Suite (*). • Upgrade the key servers to latest suitable and stable versions of the Microsoft Server Operating System. • Identify potential efficiency savings through the reduction and consolidation of servers within the Customer.
(*) Ensure legacy Microsoft Access databases remain accessible as required. The Customer is in the progress of upgrading Office 2007 but cannot move to Office 2010 due to current compatibility issues with LiveLink. LiveLink is planned to be upgraded in 2012 and this will solve the incompatibility issue.
In the first 12 months after the Effective Date
• Migration of key servers to an externally hosted List X co-location centre. • Provide managed printer solution • Provide facility to access the Government GSI network. • Provide an ONR (CNS) accreditable network infrastructure to replace the deprecated MPLS networks.
Page 32 of 47 • Provide Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS).
In the first 24 months after the Effective Date
• Consolidation of servers via virtualisation / cloud computing. • Reduction of server numbers through retirement of unnecessary systems. • Propose methods of splitting the RESTRICTED elements of the network away from the day-to-day commercial network. 8.3 Transformation Ideas
The Customer welcomes suggestions from the Supplier for improvements to IT specifically, but not limited to, the following areas;
• Ownership of hardware assets. • Improvements to remote working. • Alternate methods of network connectivity.
The Supplier will be required to operate a continuous improvement regime, proposing innovative solutions as appropriate. Innovation will be a standard agenda item for the monthly contract review meeting. Any changes will be agreed between both parties in accordance with the provisions of schedule 8.2 (Change Control Contract Change Procedure) and implemented accordingly.
All improvements must be able to make demonstrable cost savings for the Customer.
Page 33 of 47
APPENDIX 1S (GOLD STOCK)
Maintaining Gold Stock at Customer sites
Using best practice and the Supplier's own distributed storage network, no gold stock is required to be held onsite. All parts should be stored in the Supplier storage facilities located close enough to the Customer to facilitate the applicable service levels.
Page 34 of 47
APPENDIX 2S (SUPPORTED EQUIPMENT AND SITES)
Supported Applications
The following list details enterprise applications the Supplier will support, this list only details application support and is not in relation to hardware, database or infrastructure support which may be covered under other Service Elements in this document(*);
• Proquis • OpenText LiveLink • Oracle PeopleSoft • Oracle Primavera • Oracle PertMaster • IBM Cognos • Sage Line 500 • HSSE (also known as IRIS) • Eracent (Electronic Licence Management) • BeCrypt • XKryptor • Lotus Domino (Deprecated) (**) • Citrix • Titus Labs Email Classification
(*) A more detailed listing of applications, both specialist and enterprise applications, is included in Appendix 3S (Applications in Use) to schedule 2.1 (Services Requirements).
(**) Lotus Notes is used for the INS Business Management System, and includes databases related to processes such as car hire. The system will need to be supported whilst it is being migrated to another alternative system (date to be determined). The migration may form part of a project for the Supplier.
Third Party Support Contracts All of the Third Party Support Contracts listed below are to be managed by the Supplier as part of the provision of this Managed Service. A subset of this list (marked with an *) are to be included in the Supplier’s cost to the Customer as part of the Core Service Charge. All other Third Party Support Contracts are to be separately funded by the Customer.
• Whole disk encryption (currently BeCrypt) (*) • Desktop Anti-virus software (currently Symantec Endpoint) (*) • Document Management Software (currently OpenText LiveLink) • Firewall Software (currently Checkpoint) • VPN Software (currently X-Kryptor) • Web Browser Filtering (currently Websense) • Spam Email Filtering (currently SurfControl) • Audio Visual Support (currently Direct Visual) • Blackberry Support (currently Commsworld) • Citrix (currently Citrix) • MPLS WAN Connections via Capita Network (currently BT) (*) • Hardware Break and Fix (via 2e2) (*)
Page 35 of 47 • MessageLabs • IBM Doors • Proquis • Deltec Cobra • Lotus Domino • Titus LABS • RSA Secure ID
Supported Sites The Supplier will support the following sites; • London (NDA Head Office) (*) • Herdus House, Whitehaven (NDA Head Office) (*) • Hinton House, Warrington (INS Head Office) • Harwell Office, Oxfordshire (RWMD Head Office) • Forss, Thurso (NDA Regional Office) • Birchwood Boulevard, Warrington (NDA Regional Office)
(*) The NDA has two head offices.
And additionally provide support to smaller site offices; • Hinkley Point • Winfrith • Dounreay • Oldbury • Sizewell A • Wylfa • Bradwell • Dungeness • Hunterston • Capenhurst • Trawsfynydd • Chapelcross • Harwell • Pelham House, Whitehaven • Sellafield • INS Marine Terminal, Barrow
Supported Equipment Types • Desktop • Workstation • Laptop • Printers (both personal and network models) • Scanners (both personal and network models) • Telephones (including conference phones) • Mobile phones (including smartphones) • Faxes • Monitors • Servers
Page 36 of 47 • Network switches • Firewalls • PDAs (including Blackberry devices) • Video Conference equipment
N.B. The phone system at Hinton House is to remain under Sellafield control as they own the equipment. An independent system may be added in future in which case the Supplier would be expected to support it.
Additions / Deletions / Re-Cost Process
The Customer will communicate to the Supplier any required changes to the Equipment or number of Users to be supported using the Change Control Procedure.
Additional Equipment or Users
The Supplier will quote for the cost of any additional Equipment, Supported Software or Customers requiring support and submit this cost to the Customer for authorisation prior to the Equipment or Supported Software being added to the contract. Once authorised, the Equipment, Supported Software or Customers will be added to relevant Appendix to schedule 2.1 (Service Requirements) and the Core Service Charge may be increased accordingly.
Re-costs
Where a substantial amount of the supported Equipment or Supported Software is to be replaced, which, in the Supplier’s reasonable opinion, will affect the cost of support, the Supplier may re-cost the support for such Equipment. The new inventory will be supplied to the Supplier and the cost will be quoted to the Customer prior to the Equipment or Supported Software being added to the contract. Once authorised, the Equipment or Supported Software will be added to the contract and the Core Service Charge altered accordingly.
Deletions
Where any Equipment or Supported Software is deleted from the contract, the Supplier will review the Core Service Charge and amend it accordingly and update any and all registers, records and any relevant appendices to schedule 2.1 (Service Requirements) accordingly.
Page 37 of 47
APPENDIX 3S (APPLICATIONS IN USE)
Purpose
This following are lists of the applications in use by the Customer. This list should not be taken as definitive and will be verified by the Supplier in accordance with clause 2 (Due Diligence). Some applications (or versions of applications) may be added, or removed, before the Effective Date.
Installed Applications
The following list details applications currently in use by the Customer;
Adobe Products
• Adobe Acrobat 9 Standard • Adobe Acrobat Professional 10.0 • Adobe Acrobat Professional 9.0 • Adobe Acrobat Reader v8.0 • Adobe Acrobat Reader v9.0 • Adobe Design Standard CS4 4.0 • Adobe Dreamweaver CS5 • Adobe Fireworks CS3 v9.0 • Adobe Fireworks CS4 10.0 • Adobe Illustrator CS3 v13.0 • Adobe InDesign CS4 v6.0 • Adobe Master Collection CS5 5.0 • Adobe Photoshop CS2 v9.0
Autodesk Products
• Autodesk AutoCAD LT2009 • Autodesk AutoCAD LT2010 • Autodesk Map 3D 2008 • Autodesk Revit Architecture Suite 2008 • Autodesk Viz 2008
Specialist Products
• SIMULIA Abaqus FEA • BeCrypt - DISK Protect • Goldsim • IDEA 7.1 • MapInfo Professional v9.5 • MKS Toolkit v7.x • QuarkXPress 6.X • RightFax Product Suite • RouteFinder 3.41 for MapInfo • RouteFinder 3.50 for MapInfo • Sage Business Intelligence
Page 38 of 47 • Sage Line 500 • Titus Labs Message Classification • X-Kryptor • IBM TELELOGIC DOORS • IBM Cognos • Intel Fortran • Microsoft Visual Studio • WinZip • Hyperworks • Solidworks • MathCAD v11 • MathCAD v13 • Xcelsius 2008 • BlueCielo InnoCielo Meridian Enterprise - Drawing Management System • PaperCut printer management software • Workshare Professional • MindJet MindManager
Bespoke Applications
• Internal Audit Site – SharePoint (currently support by MindPoint) • Risk Register – SharePoint (currently support by NDA) • DiQuest – Microsoft Access (Currently supported by third-party developer) • LogCost – Microsoft Excel (Currently supported by third-party developer)
Microsoft Applications
• Microsoft AutoRoute 2010 • Microsoft Office Access 2003 • Microsoft Office Excel 2003 • Microsoft Office FrontPage 2003 • Microsoft Office Live Meeting 2007 • Microsoft Office Professional Edition 2003 • Microsoft Office Professional Plus 2007 • Microsoft Office Project Professional 2003 • Microsoft Office Project Standard 2003 • Microsoft Office SharePoint Designer 2007 • Microsoft Office SharePoint Server 2007 • Microsoft Office Standard Edition 2003 • Microsoft Office Visio Professional 2003 • Microsoft Office Visio Standard 2003 • Microsoft Office Visio Viewer 2007 • Microsoft Silverlight • Microsoft Virtual PC 2007 • Microsoft Visual SourceSafe 2005 • Microsoft Visual Studio 2010 • Windows Internet Explorer 7 • Windows Internet Explorer 8 • Windows Media Player 11
Page 39 of 47 Server Applications
The following list details server applications currently in use by the Customer;
• Citrix • MessageLabs • Apache HTTP Server • Apache Tomcat • Blackberry Enterprise Server • Diskeeper 2008 • Microsoft SQL Server 2000 • Microsoft SQL Server 2005 • Microsoft SQL Server 2008 • Microsoft Exchange 6.5 • Microsoft Lync 2010 • Microsoft Operations Manager 2005 • Microsoft Systems Management Server 2003 • Microsoft Virtual Server 2005 R2 SP1 • Microsoft SharePoint 2005 • Microsoft SharePoint 2010 • Lotus Notes 7.0.2 (due to be upgraded in Lotus Domino 8.5.3 prior to Service Commencement) Operating Systems The following list details operating systems and service pack levels currently in use by the Customer;
• Microsoft Windows 7 Professional (32bit and 64bit editions) • Microsoft Windows Server 2003 Enterprise Edition (Service Pack 2) • Microsoft Windows Server 2003 Enterprise Edition (Service Pack 1) • Microsoft Windows Server 2003 R2 Enterprise Edition (Service Pack 2) • Microsoft Windows Server 2003 R2 Enterprise Edition (Service Pack 1) • Microsoft Windows Server 2003 R2 Enterprise x64 Edition (Service Pack 1) • Microsoft Windows Server 2003 R2 Standard Edition (Service Pack 2) • Microsoft Windows Server 2003 R2 Standard Edition (Service Pack 1) • Microsoft Windows Server 2003 R2 Standard x64 Edition (Service Pack 2) • Microsoft Windows Server 2003 Standard Edition (Service Pack 2) • Microsoft Windows Server 2008 R2 Enterprise • Microsoft Windows Server 2008 R2 Standard • Microsoft Windows XP Professional (Service Pack 2) • Microsoft Windows XP Professional (Service Pack 3)
Page 40 of 47
APPENDIX 4S (HARDWARE IN USE)
Purpose
The following lists the hardware in use by the Customer. This list should not be taken as definitive and will be verified by the Supplier in accordance with clause 2 (Due Diligence). Some hardware may be added, or removed, before the Effective Date.
Desktop Hardware
The following list details desktop hardware currently in use by the Customer;
• HP Compaq 2510p Notebook PC • HP Compaq 6710b • HP Compaq 6730b • HP Compaq 8000 Elite SFF PC • HP Compaq 8710p • HP Compaq dc7100 SFF(PC924A) • HP Compaq dc7600 Small Form Factor • HP Compaq dc7900 • HP Compaq nc4400 • HP Compaq nc6220 • HP Compaq nc6320 • HP Compaq nc6340 • HP Compaq nc65xx • HP Compaq nc75xx • HP Compaq nx9420 • HP d530 SFF • HP EliteBook 2530p • HP EliteBook 2540p • HP Slate 500 Tablet PC • HP Workstation xw6000 • HP Workstation xw6200 • HP XW6400 Workstation • HP Z400 Workstation • Lenovo ThinkCentre A58 • Lenovo ThinkCentre A70 • Toshiba Portégé R200 • Toshiba Portégé R500 • Toshiba Tecra M10 • Toshiba Tecra M9
The Customer’s default laptop is now the Lenovo X220 with 4GB RAM. The Customer intends to deploy approximately 60 of these devices prior to Service Commencement.Personal Digital Assistant Hardware
• Blackberry Bold 9700 • Blackberry Bold 9000 • Blackberry Bold 9780 • Blackberry 8820
Page 41 of 47 Printer Hardware
• HP Color LaserJet 5550 • HP Color LaserJet 5100 • HP Color LaserJet 4650 • HP DesignJet 500 • HP DesignJet 800 • HP Color LaserJet 2550 • HP Color LaserJet 2100
Server Hardware
• ProLiant BL20p G2 • ProLiant BL20p G3 • ProLiant BL25p G2 • ProLiant BL460c G1 • ProLiant BL480c G1 • ProLiant BL685c G1 • ProLiant DL320s G1 • ProLiant DL360 G4p • ProLiant DL360 G5 • ProLiant DL380 G3 • ProLiant DL380 G4 • ProLiant DL380 G5 • ProLiant DL580 G4 • ProLiant DL585 G1 • ProLiant ML310 G5 • ProLiant ML370 G4
Approximate Quantities of Hardware
14x ProLiant BL20p G2 7x ProLiant BL20p G3 2x ProLiant BL25p G2 4x ProLiant BL460c G1 2x ProLiant BL480c G1 2x ProLiant BL685c G1 2x ProLiant DL320s G1 7x ProLiant DL360 G4p 1x ProLiant DL360 G5 6x ProLiant DL380 G3 18x ProLiant DL380 G4 5x ProLiant DL380 G5 4x ProLiant DL380 G7 2x ProLiant DL580 G4
Page 42 of 47 1x ProLiant DL585 G1 10x ProLiant ML310 G5 4x ProLiant ML370 G4
1x HP Workstation xw6000 1x HP Workstation xw6200 13x HP xw6400 Workstation 2x HP Z400 Workstation
9x HP Compaq 8000 Elite SFF PC 7x HP Compaq dc7100 SFF(PC924A) 9x HP Compaq dc7600 Small Form Factor 19x HP d530 SFF(PB603A)
14x HP Compaq 2510p Notebook PC 19x HP Compaq 6730b 4x HP Compaq 8710p 9x HP Compaq nc4400 213x HP Compaq 6710b 19x HP Compaq nc6220 40x HP Compaq nc6320 2x HP Compaq nx9420 13x HP EliteBook 2530p
150x Blackberry Bold handsets
Page 43 of 47
APPENDIX 5S (VOICE AND DATA COMMUNICATIONS)
Purpose
The Customer has mobile phones (including smartphones) and Blackberry devices. The Supplier will manage the third-parties who provide telephony services for both land lines and mobile devices. The Customer will receive a monthly itemised bill of usage (where available) and will be invoiced by the Supplier for the services.
There are also a number of ADSL and ISDN lines in the Customer’s offices and the contracts for these should be managed by the Supplier. Again invoicing should be from the Supplier. Usage statistics should be made available to the Customer when required or otherwise on a monthly basis.
The Supplier will be expected to provide a single point of contact for Users for the addition/removal of international roaming, international calling and data services. The Customer will provide details of what services users can request through the Customer’s business case process.
The Supplier will be expected to provide advice to the Customer on minimising expenditure based on the use of bundled packages of minutes and data and advise the Customer on the best tariffs.
Page 44 of 47 APPENDIX 6S (BESPOKE APPLICATION SUPPORT)
Purpose
The Customer has a number of Bespoke Applications. These applications are supported by the original developers or by external third-party contracts sourced by the Customer. The Supplier will be expected to provide first line support to the end-users by logging calls with the third-parties as appropriate. The Supplier should assist the Customer by managing logged calls for Bespoke Applications from end to end. Support from the Supplier direct to the Customer would be on a Reasonable Endeavours basis only.
In-scope bespoke applications are listed in Appendix 3S to schedule 2.1 (Services Requirements).
Page 45 of 47
APPENDIX 7S (MISCELLANEOUS SUPPORT ELEMENTS)
Purpose
The Customer has a number of systems which are supported by the Supplier. Support of systems listed below is to be included in the managed service contract (unless specifically excluded):
Internet Computers – Computers not linked into the Customer’s network but hard-wired onto the ADSL router at a number of sites, including all the head office locations. At NDA Head Office the computers are connected directly onto a leased line, solely used for internet access (both incoming for VPN and outgoing for desktop browsing). All users have desktop internet browsing from their NDA networked computers but it is limited in the number of sites which are accessible.
Train Ticket Printers – Provided currently at two locations, Herdus House and Harwell Office. They are connected directly to the internet via dedicated ADSL lines (provided by BT Business), one line in each location. The Train Ticket Printers are supported by a third-party (thetrainline.com) but the Supplier will be expected to support the ADSL line.
Photocopiers – Whilst the support and management is provided by the Customer’s Facilities Department the Supplier is expected to include the photocopiers onto the network, provide a suitable IP Address and ensure that the devices (if suitably equipped) can be printed to and scanned from back to the Customer’s desktop computers. The devices at a number of Customer locations are already equipped to provide this service. There may a requirement for the Supplier to offer a managed printer and photocopier service in the future (multi-function devices).
ID Card Printer – The Customer’s Security Manager has a dedicated identity card printer which is connected directly to their computer. Whilst maintenance is outside of the scope of the Managed Service contract the Supplier is expected to assist in configuring the computer to communicate effectively with the printer by installing new or updated printer drivers as appropriate.
GuestNet – Provision and maintenance of a wireless network at the Herdus House office of the customer. The wireless network connects to the internet via a fixed 6Mbit/S leased line.
Home Working – The Customer is in the process of developing a Home Working Policy. At the moment there are a number of users who are supported remotely for a number of reasons. The Supplier should be prepared to support users remotely, including sending Field Engineers into the Customer’s employees’ homes. The Supplier is asked to quote for providing this service as an additional element on top of the Managed Service.
Security Investigations – Ad-hoc assistance providing reporting on audits of internet and email usage. Investigations are started either by the Customer’s IT Manager or Security Manager.
ONR (CNS) Accreditation – The Supplier will at all times ensure that the Customer’s network remains accreditable to hold protectively-marked information up to and including “RESTRICTED”. When re-accreditation is due the Supplier will provide assistance to the NDA in preparing the documentation necessary in order to retain its accreditation. This may
Page 46 of 47 include the provision of suitably experienced and qualified personnel on a time and materials basis.
Network Intrusion Scanning – The Customer, or a third-party nominated by the Customer, may choose to conduct penetration testing of the network. The Supplier is expected to resolve discovered issues to timescales agreed with the Customer. The issues will be prioritised by the Customer, with advice from third-parties and the Supplier. As the Supplier is expected to maintain the network in an accreditable condition some issues will be expected to be completed as part of the Managed Service Contract. Other issues may need to be resolved on a time and materials basis in accordance with the Day Rates set out in schedule 7.1 (Charges and Invoicing).
Emergency Response – The INS Emergency Response team require the ability to procure hardware rapidly, through whatever is deemed the quickest method, in the event of it becoming a requirement. The Supplier may be asked to adopt and support the hardware, or alternatively procure a direct replacement from the approved catalogue at a later date. Hardware in this context would generally refer to a laptop. There would be a requirement for escalation of SLAs for the INS Emergency Response team when it is mobilised and this would be supported on a best endeavours basis. Support for the INS Emergency Response team’s telephone systems is via third-party contracts. The Supplier would be expected to manage those contracts for the Customer.
The Supplier is required to provide assistance as required to the INS Emergency Response Team in their application for both the Mobile Telecommunication Privileged Access Scheme (MTPAS) and for land-line numbers on the Government Telephone Preference Scheme (GTPS).
.02519996
Page 47 of 47