Tool to support information security management (ISM), business continuity management (BCM), and IT service continuity management (ITSCM), as well as support and training
A tool in the sense of a software application to support information security management (ISM), business continuity management (BCM) and IT service continuity management (ITSCM) (hereinafter referred to as "tool" or "software") will be put out to tender. The tool is intended to support the internal ISM, the internal BCM and the internal ITSCM of the client. In addition, the client offers its members and customers (hereinafter referred to as "customers") the position of an information security officer/consultant (FITSU) within the framework of service contracts. The tool has to support the execution of this service and thus the control of the customer's ISM. Each customer should receive his own client within the tool, which is limited to the functional scope of the ISM. The client's customers may be enabled to use the tool as Software as a Service within the framework of the service contracts.
The installation of the tool is located in the data centers of Komm.ONE.
By using a modular tool, the greatest possible synergies of the listed management disciplines are to be created.
The tool must be able to manage and configure the aforementioned management systems of the client and its customers separately from each other (possibility of software implementation of multi-client capability).
At the time of the invitation to tender, the service offer described above is included in the client's product portfolio. The admission took place on 01.01.2023. At the time of the invitation to tender, the number of customers to be reached (customers of the client) is estimated at 130. This number of customers is expected to be reached in 2027. In 2023, a maximum of 20 customers is expected.
In addition, training is needed for administrators (both technical and professional) and for users. The subject of the training is the transfer of knowledge to the supervising Komm.ONE employees, who will later be responsible for the operation of the system. If possible, the training should be carried out remotely.
Komm.ONE will provide the support for its customers (professional and technical) itself. The support requirements of Komm.ONE vis-à-vis the contractor are thus limited to concerns of Komm.ONE, which cannot be solved by its employees. The service hours must be guaranteed at least from Monday to Friday between 08:00 and 17:00. Responses must be given within 24 hours.
The contractor is constantly developing the software further. This ensures the implementation of the current state of the art as well as the implementation of current legal requirements. In addition, it is ensured that the required standards can also be mapped in the event of changes to content or structure within the software. For this purpose, the contractor shall regularly provide updates and deliver them to the customer without being requested to do so (obligation to deliver).
The tendered software will be required for internal use in any case. The use with a client for internal use by the client should therefore be included in the initial scope of the delivery (minimum purchase). Optionally, up to one additional client should be created for another subsidiary of Komm.One and used for internal security management. There is no obligation to accept this additional internal client.
In addition, 10 external clients must be provided per contract year (minimum purchase). The number of other external clients of the client cannot be predicted. Minimum or maximum purchase quantities do not apply in this respect.
The performance of the service shall commence on the day following the award of the contract. The contract term is four years plus two unilateral extension options by two years each on the part of the client.