Professional Documents
Culture Documents
Odc 2024 RFP Sow v0.2
Odc 2024 RFP Sow v0.2
Odc 2024 RFP Sow v0.2
1. Leverage on-the-ground local resources and expertise of the vendor to attract and
maintain top talent, and at the same time meeting the client’s needs for organizational
control
2. Fast resource scalability in different skill areas and competencies based on client needs
3. Transparent operating model and commercial model
4. Control the resources and the delivery process
5. Cost efficiency
2. Requirements
Bidder is required to submit following documents as a part of proposal
1. Compliance Matrix
This should be filled exactly as per MS Excel Template shared with bidders. The
compliance excel sheet contains the main requirements that vendor needs to confirm if
they comply fully, partially or not at all.
2. Technical Proposal
This should be submitted exactly as per Technical proposal template in MS Word format
shared with bidders. Technical proposal to cover details on approach, methodologies,
value-adds, references etc. in addition to how each of the following requirements will
be achieved by the bidder.
3. Commercial Proposal
This should contain commercials exactly as per the format mention in the RFP Section 5
ahead.
2.1. General Requirements
Note - Elm can decide to switch the connectivity mechanism from ‘Site-to-Site
VPN’ to ‘VDI’ (Virtual Desktop Infrastructure) in the beginning of or during the
contract period. In such case, bidder shall accept/support such change and
work with Elm on mutually agreed connectivity transition plan. In such case,
the VDI infrastructure will be arranged/managed by Elm (not by the bidder)
and costs (if any) for the site-to-site VPN connectivity will not be considered
for payment from that period onwards.
REQ- Res7 The ODC shall ensure that there are no conflict of interest between the
resources in the VC and its other projects. The ODC resource should not be a
shared resource working on any non-ODC projects. Resource rotation policy, if
any, should be that of minimum 18 months for ODC resources. No ODC
resource should move out of ODC before a minimum of 18 months with
exceptions of resignations or Elm terminating employee from ODC.
REQ- Res8 Shall have process/policy/mechanisms in organization for the Talent
Development which includes both technical & soft-skills trainings &
developments. Technical proposal to mention all the details on such policies
and practices.
REQ- Res9 ODC/VC should have a great position in the Market. Technical proposal to
provide details on " Market Positioning" of the ODC/VC
REQ- Res10 Shall ensure cultural differences are handled well. Technical proposal to
provide details on how the cultural differences be handled.
2.6. Metrics & KPIs Requirements
Req ID Requirement Description
REQ-MK1 Shall propose comprehensive Service Delivery Metrics/KPIs which shall serve as
the indicator for the performance of overall VC ODC.
REQ- MK2 Financial and project metrics must be transparent and predictable
REQ- MK3 Clear visibility must be provided on the progression and calculation of metrics
for projects, staffing, infrastructure, etc.
REQ- MK4 Shall provide plan and periodic updates on progression for the forecasted
requirements from ELM that may include resources, hardware, software,
network, etc.
REQ- MK5 Shall provide clear indicator on project progress and raise escalations on
impediments. Also, shall provide clarity on addressed issues.
REQ- MK6 Overall complete transparency must be provided on ODC operations
2.7. Data Security & Privacy Requirements
Req. ID Requirement Description
REQ-DSP1 The ODC shall have stringent Data security and privacy mechanisms in place.
The ODC shall provide the required documentation in this regard as an
evidence in the proposal.
REQ-DSP2 The ODC shall be able to demonstrate that security mechanism will be
provided at the data and data structure level
REQ-DSP3 The ODC shall ensure network security measures and provide the required
documentation in this regard as an evidence in the proposal
REQ-DSP4 The ODC shall demonstrate that there is periodic Data Security &Privacy
awareness and training provided to all the employees within ODC. This
awareness and training shall be based on ELM's requirements. The training
and awareness status and evaluation results shall be communicated to ELM on
periodic basis based on schedule provided by ELM.
REQ-DSP5 The ODC shall demonstrate Onboarding and Off boarding processes of each
individual. The onboarding process shall include employee screening and
background check based on ELM requirements.
REQ-DSP6 The employees job description and contract shall include the Information
Security responsibilities of employee
REQ-DSP7 The ODC shall ensure that all employees shall sign the Non-Disclosure
Agreements (NDA) provided by ELM
REQ-DSP8 The ODC employees shall only have access to ELM environment from the ODC
work site through their official laptops only. No data shall be moved outside
the ODC center. The ODC shall provide the required documentation in this
regard as an evidence in the proposal.
REQ-DSP9 The ODC Shall have proper Authentication, Authorization, Accounting and
Encryption mechanisms in place to protect sensitive information. The ODC
shall provide the required documentation as an evidence in the proposal.
REQ-DSP10 The ODC shall be responsible to ensure that any endpoint connecting to ELM
network shall be secured with updated end-point security solutions, Data
Leakage Prevention (DLP), latest OS and software patches and hard-disk
encryption. The ODC shall be responsible to protect the endpoints from any
virus, malware or worm spreads. The ODC shall provide the required
documentation in this regard as an evidence in the proposal.
REQ-DSP11 The ODC shall be responsible to ensure the compliance with ELM Information
Security and Privacy policies
REQ-DSP12 ELM shall reserve the right to audit, add or remove any security control over
the ODC employees and environment.
REQ-DSP13 Network connectivity setup and configuration between ODC and Elm shall be
compliant with Saudi Arabia’s NCA standards, Elm’s Remote Access Policy and
Elm technical standards.
REQ-DSP14 The ODC shall ensure that all ELM security technical standards (such as Web
and Mobile Application Security Checklist, User Access Management and
Password Management, Security Code Scanning, etc.) are implemented in the
developed software within the Software Development Life Cycle (SDLC). The
ODC shall provide the required documentation in this regard as an evidence in
the proposal.
REQ-DSP15 The ODC shall ensure the Physical security of the ODC work place including the
Employees identification for In and Out, CCTV monitoring, Security Guard and
other necessary security controls such as Printers security. The ODC shall
provide the required documentation in this regard as an evidence in the
proposal.
REQ-DSP16 The ODC should possess preferably 10 years’ experience in dealing with the
above-mentioned security controls including but not limited to the following:
• Physical Security
• Network and Infrastructure Security
• End-Point Security
• Web and Mobile Application Development Security
• Human Resources Security
• ISO27001 Compliance
REQ-DSP17 The ODC shall ensure that an Information Security Expert shall be part of the
shared ODC team to implement and ensure the compliance with all ELM
security requirements for ODC at any given point in time.
2.8. Facility Requirements
Req ID Requirement Description
REQ-Fac1 Physical ODC facility/office shall have sufficient place for people to be placed
with their own offices/cubicles (not shared spaces).
REQ-Fac2 A separate floor or a section of the floor has to be marked for the virtual
captive with its own segregated network
REQ- Fac3 Shall ensure that entry is restricted to only those who are a part of the Elm
ODC
REQ- Fac4 Shall be able to provide the facilities such as printers, scanners, meeting rooms,
huddle rooms, projectors or Big TV screens etc. as listed by Elm for people
working in the ODC
REQ- Fac5 Shall ensure transportation facility or allowance is provided to ODC employees.
Also, ensure Canteen is available in the same building as that of ODC/VC for ODC
resource to enjoy their meals without need to leave the host building/campus.
REQ- Fac6 In case of weekend work or overtime, bidder shall Provide transportation or
transportation allowance
Explanation
3-step process will be applied to calculate SLAs & derive the credits & penalties. The process by
which the credit/penalty will be calculated against the SLA mentioned ahead in this section
Step 1
Allotment of positive and negative points at the end of every month. Positive points are
awarded if the supplier performs better than the SLA and negative points are awarded if
supplier slips on the SLA.
Slab Slabs for YEP Credit/Penalty % of Total Annual Value at the time of
# points calculation (past 12 months)
1 +10 and above Credit/Reward Elm to pay 3%
2 +3 to +10 Credit/Reward Elm to pay 1%
3 -2 to +2 No Credit, No Penalty No Credit, No Penalty
5 -3 10 -10 Penalty Bosch to pay 1% to Elm
6 -10 and less Penalty Bosch will pay 3% to Elm
Step 3
Credit / Penalty payments - The mechanism of payment of Credit / Penalties will be mutually
agreed between Elm and Vendor.
Illustration: The below table has two rows. The first row shows the 12 months, the second row
shows corresponding negative / positive points allocated for that month. This is just an
example.
The total aggregated point is -2 and it falls under Slab 3 [Refer above table], hence Vendor will
have to pay 1% of the total annual contract value to Elm for not adhering to SLA.
Note
• Bidder to confirm the best SLAs that they can comply with (propose best what they can if
they can’t comply with expected SLAs)
• Reward/Penalty system will trigger after 3 months from ODC setup & signed off from both
parties
• Qualified CVs are CVs that match JDs. If CVs that do not match JD are shared, then they will
not be counted towards measurement of SLAs. Decision of whether CV is qualified or not
will solely remain with Elm.
2.13. Skills & Resource Requirements
Technical & Commercial Proposal from bidder is expected to be based on following resource
needs (skills, roles & quantities).
Core Model - Resources are dedicated for Elm regardless of project/task assignment (Baselines
Capacity). They are available to Elm at all the required time through the contract period.
Flex Model - Resources would be on-boarded/off-boarded on the need basis for specific
projects for specific durations. They will be ramped-up & ramped-down at short notice as per
the project needs in Flex mode.
Note – Once ODC is active, the skills & roles & quantity might change, and can be mutually
agreed. The skills, roles & quantity requirements heavily depends on incoming projects and
pipeline.
Specific JDs for each position by role will be provided for each new position/requirement.
3. Reference skills by Roles
The following are high level skills preferred from various roles. Following to be used just as a
reference for understanding of Elm’s skills preferences & expectations. Once ODC is active,
actual JDs for each position will be shared separately.
Note
• Monthly & Annual amounts will be considered for commercial evaluations.
• Blended ‘Daily’ rates will be considered for billing purposes.
• Actual billing amount will vary every month as it will be based on approved timesheets by Elm
stakeholders for resource on-board at that given point in time.
• Resource Experience level does not qualify him/her for a particular role. Elm will decide what
role a resource fits based on Elm interview panel’s judgement regardless of resource’s
experience level. E.g. 10 Years’ experience Java resource may fit for Developer Role and 7 years’
experience Java resource may fit for Lead Role. Decision will be at Elm’s discretion and billing
will happen as per the role assigned by Elm (not by years of experience of candidate).
• ODC Manager or any other shared services resource should not be mentioned as a resource in
this section. Cost of such shared services resources should be blended in Section A or Section B
of commercial proposal.
D. Total Proposal Value
Sr. Component Year 1 Year 2 Year 3
1 A. Total One-time Amount
2 B. Total Recurring Amount
3 C. Total Resource Amount
4 Total (without any taxes)
5 Taxes (as applicable)
6 Total (with Taxes)
Total for 3 Years (with Taxes)