Request Management System RFP

1. Scope of Work

1.1 Introduction

Customer seeks to implement a Request Management System to ensure regulatory compliance, enhance
continuous improvement and execution efficiency, and elevate operational performance aligned with
global best practices and cybersecurity standards.

1.2 Project Objectives

The key objectives of implementing the Request Management System for Customer are:

 Enhance operational performance efficiency.

 Support digital transformation initiatives.

 Facilitate seamless integration with existing systems and applications.

 Ensure regulatory compliance and governance.

1.3 Project Location

The project will be executed KSA in Riyadh

1.4 Project Duration

The project duration is 12 months, commencing upon the vendor’s formal assignment to perform the
required services.

1.5 Project Deliverables

Deliverables include implementing a unified system to ensure compliance, development, execution, and
optimal operational performance using global best practices in the following areas:

1. IT Service Management (ITSM): Develop and implement in alignment with company policies and
procedures.

2. Software Asset Management (SAM): Build a system per the company’s procedures and policies.

3. Governance, Risk, and Compliance (GRC): Establish GRC systems as per company standards.
2. Technical Requirements

General Solution Requirements

The vendor must adhere to the following:

1. Provide Customer with a project workflow.

2. Migrate existing data from the current system to the new system.

3. Conduct detailed system requirements analysis.

4. Ensure a design with at least 99.9% service availability.

5. Supply and install the Request Management System.

6. Develop system functionalities per the company’s requirements.

7. Configure and prepare necessary system environments.

8. Test the system and ensure it fully meets company requirements.

9. Transfer knowledge and provide training on the system.

10. Offer technical support and continuous improvement for one year post-implementation.

11. Ensure the user interface supports Arabic and English.

12. Provide user management, roles, and permissions.

Specific System Requirements

2.1 IT Service Management (ITSM)

The ITSM system should include, but is not limited to, the following features:

 Incident Management

 Problem Management

 Change Management

 Release Management

 Knowledge Management

 Service Catalog and Request Management (covering IT, facilities, finance, HR, etc.)

 Employee Self-Service Portal

 Service Level Management

 Customer Surveys

 Reporting and Dashboards

 User interface aligned with company branding (Arabic and English).

2.2 Software Asset Management (SAM)

The SAM system should include the following:

 Software Asset Workspace

 Publisher Packs

 SaaS License Management

 Asset Onboarding

 Software Asset Connections

 Performance Analytics

 Contract and Renewal Management

 Automated Entitlements

 Asset Management Executive Dashboard

2.3 Asset Discovery System (ITOM)

The system must support the discovery of all assets, including those in the company’s cloud
environments.

2.4 Governance, Risk, and Compliance (GRC)

The GRC system should include the following features:

 Risk Management

 Governance and Policy Management

 Compliance Management

3. Hosting Requirements

1. The system must be hosted under a SaaS license.

2. The system must utilize Microsoft Azure cloud services.

3. The vendor must ensure all necessary connectivity requirements for the cloud platform with
approval from the General IT Administration, Digital Transformation, and Cybersecurity
departments.

4. The system must support high availability.

5. Prepare and configure system environments for development, testing, and production.
 4. Functional and Technical Features

The vendor is responsible for providing:

 Comprehensive capabilities for GRC management.

 A unified system platform.

 Automated workflows for governance, risk, and compliance.

 Real-time risk tracking and analytics.

 A modern and intuitive user interface in Arabic and English.

5. Requirements for implementing all operating requirements of the system and completing the
testing process Business outputs, integration and system performance with the help of users
from the business sector

▪ the implementation of integrated and clear procedures to complete the process of testing the output
of work and integration and the performance of the technical solution With the help of users from the
business sector to include:

o Qualification test of the system.

o Preliminary acceptance test.

o User acceptance test.

o Final acceptance test.

o Implement the scenarios of pressure tests on the technical solution, where behavior is monitored and
monitored in

Same time and make sure the technical solution is performed.

o Implement the entire project integration tests and ensure their performance.

o Implement database tests.

Document all errors in fault tracking systems and work to resolve them according to priorities.

o Pass cybersecurity management tests

6. Training and Knowledge Transfer

1. Develop and provide a training plan for all stakeholders, including system administrators,
operators, and IT specialists.

2. Training material must be available in Arabic and English.

3. Training effectiveness will be measured through trainee satisfaction surveys (targeting over 90%).
7. Integration and Data Migration

 Integrate the solution with Active Directory, REST/SOAP APIs, and other tools.

 Perform seamless data migration from the current system.

8. Support and Maintenance

1. Provide professional maintenance and support services for 12 months post-implementation.

2. Ensure preventive maintenance and issue resolution.

3. Adhere to SLA guidelines for all project elements.

9. Cybersecurity Compliance

1. Ensure encryption for data in transit (TLS 1.2).

2. Ensure compliance with Saudi Arabia’s cybersecurity standards.

3. Report cybersecurity incidents within 12 hours.

10. User Licenses

 60 licenses for ITSM users (request creation and management).

 30 licenses for ITSM approvals.

 22 licenses for GRC management.

 30 licenses for GRC stakeholder use.

Description Unit Quantity Duration

Configuration and licensing of ITSM system Service/ 1 12

Execution of operational requirements for ITSM Service 1 12

ITSM user licenses (creation, modification, License 60 12

ITSM approval licenses License 30 12

Asset Discovery System licenses License 110 12

SAM licenses License 110 12

GRC user licenses (managed by GRC team) License 22 12

GRC stakeholder licenses License 30 12

Technical workshop Service 1 N/A

Onsite engineer Service 1 12

Fieldwork Service 1 N/A

System integration Service 1 N/A

Technical documents Service 1 12

Support, maintenance, and warranty services Service 1 12

Training and knowledge transfer Service 1 12