Page 1 of 72
Request for Proposal
For
Managed Security Services for Security Operation Centre
Tender No: HOIT/RFP/ 57 /2016-17
Dated: 30.05.2016
PUNJAB & SIND BANK
(A Govt. of India Undertaking)
Head office Information Technology Department
Bank House, 21, Rajendra Place
New Delhi-110008
Page 2 of 72
INDEX
S. No. Detail Page No.
From To
1 Introduction 3 3
2 Disclaimer 4 4
3 Key Information about Tender 5 5
4 Chapter 1 – Instructions to Bidders 6 15
5 Chapter 2- Terms and Conditions 16 23
6 Chapter 3 - Scope of Work 24 38
7. Chapter4 – Service Level Agreement And Penalties 39 45
8. Chapter5 – Project Team Structure 46 46
9. Chapter6 – Project Timelines 47 47
10. Chapter7 – Evaluation Methodology 48 48
Page 3 of 72
INTRODUCTION
1.1
About this Request for Proposal (RFP)
Considering the fast paced threats in the IT environment, Punjab & Sind Bank (therein
after referred as “Bank”) has decided to strengthen its Information Security set up as per
the guidelines in the Gopalakrishna Committee report on IT Security, released on 29th
April, 2011.
Note: This RFP should not be considered as a statement of intent for procurement unless a
purchase order or letter of intent is published by the Bank, as an end result of this RFP
process.
This RFP document is meant for the exclusive purpose of “Managed Security Services for
Security Operation Centre for Punjab & Sind Bank” at Punjab & Sind Bank as per the
terms, conditions, and specifications indicated in this RFP and shall not be transferred,
reproduced or otherwise used for purposes other than for which it is specifically issued.
1.2
About Punjab & Sind Bank
Punjab and Sind Bank, a body constituted under Banking Companies Acquisition and
Transfer of Undertakings Act, 1980 has its Head Office at 21, Bank House, Rajendra Place,
New Delhi-110008.
The Bank has three-tier administrative architecture having Head Office (H.O.) at 21, Bank
House, Rajendra Place, New Delhi – 110008, Zonal Offices (ZOs) at 22 locations and more
than 1400 branches across India. Bank envisages as one of the leading commercial Banks
in the country. All the branches of the Bank are CBS enabled. Bank has deployed Finacle as
a Core Banking Solution (CBS) for all its Branches.
Apart from the Finacle Core Banking System (CBS), Bank has implementation following
delivery channels:
1.
ATM – Debit Card (RuPay& Master Card)
2.
Internet Banking – For Retail & Corporate Customers
3.
Mobile Banking
Page 4 of 72
DISCLAIMER
The information contained in this RFP document or any information provided
subsequently to Bidder(s) whether verbally or in documentary form by or on behalf of
the Bank, is provided to the Bidder(s) on the terms and conditions set out in this RFP
document and all other terms and conditions subject to which such information is
provided.
This RFP is neither an agreement nor an offer and is only an invitation by Bank to the
interested parties for submission of bids. The purpose of this RFP is to provide the
Bidder(s) with information to assist the formulation of their proposals. This RFP does
not claim to contain all the information each bidder may require. Each Bidder should
conduct its own investigations and analysis and should check the accuracy, reliability
and completeness of the information in this RFP and obtain independent advice,
wherever necessary. Bank makes no representation or warranty and shall incur no
liability under any law, statute, rules or regulations as to the accuracy, reliability or
completeness of this RFP. Bank may in its absolute discretion, but without being under
any obligation to do so, update, amend or supplement the information in this RFP.
This is not an offer by the Bank but only an invitation to bid in the selection process
initiated by the Bank. No contractual obligation whatsoever shall arise from the RFP
process until a formal contract is executed by the duly authorized signatory of the Bank
and the Bidder.
Page 5 of 72
KEY INFORMATION
Particulars
Details
Tender Number
HOIT/RFP/57/2016-17
Tender Title
Request for Proposal For Managed Security
Services for Security Operation Centre
Participation Fee (Non-Refundable)
Rs. 20,000/-(Rs. Twenty Thousand Only)
Bid Security (EMD)
Rs. 25,00,000/- (Rs. Twenty Five Lakhs only)
Bid Validity
180 days
Date of Publishing the tender on Bank’s
Website
30.05.2016 11.00 Hrs
Last Date for submission of Pre-Bid Query
06.06.2016
(Queries
must
be
mailed
to
only quoting tender
reference number in the subject.)
Date and Time for Pre Bid Meeting
09.06.2016 11.30 Hrs
Last Date and time for submission of Bids
29.06.2016 15:00 Hrs
Date and Time of Opening of Technical Bids
29.06.2016 15:30 Hrs
Date and Time of Commercial Bids (through
Reverse Auction)
To be notified later to the qualifying bidders
only.
Place of Opening of Bids
Punjab & Sind Bank
Head Office
Information Technology Department
Bank House, 2
ndFloor, 21, Rajendra Place,
New Delhi 110008
Contact Persons for any clarifications/
Submission of Bids
AGM – IT
Page 6 of 72
CHAPTER 1 - INSTRUCTIONS TO BIDDERS
1.1 Minimum eligibility Criteria for the Bidders
Only those Bidders who fulfill the eligibility criteria for Primary Bidder and OEMs Members are eligible to submit response to this RFP.
The bidder is required to provide factually correct responses to the RFP. Adequate justification for the response (including the technical and other requirements) should be provided as part of the response. In case the bank finds any response to be inadequate, the bank has the right to ask for additional explanation/ justification. In the event of any discrepancy in the response submitted by the bidder, the bank reserves the right to disqualify/ blacklist the bidders.
The Bank reserves the right to verify/ evaluate the claims made by the Bidder independently. Any deliberate misrepresentation will entail rejection of the offer.
Bank reserves the right to change the eligibility criteria to ensure inclusivity.
The Bidder should possess the requisite experience, resources and capabilities in providing the services necessary to meet the requirements, as described in the tender document. The bidder must also possess the technical know-how and the financial wherewithal that would be required to successfully implement the replication solution and support services/ solutions sought by the Bank for the entire period of the contract. The Bid must be complete in all respects and should cover the entire scope of work as stipulated in the document. Bidders not meeting the Eligibility Criteria will not be considered for further evaluation.
The Minimum Eligibility Criteria for the bidder shall be as under:- Sr.
No.
Details Support documents.
1.
The bidder should be a registered corporate in India registered under the Companies Act, 1956 or a company/statutory body owned by Central / State Government.
Copy of incorporation /
commencement certificate, Sales Tax / VAT/registration certificates
2.
The bidder should have made an average annual turnover of Rs. 10 Crore per annum in the last three Financial Years (FY 2012-13, 2013-14, 2014-15)
(i.e. 2012-13& 2013-14)
Audited Balance Sheets
3. The Bidder must have positive net worth in last 3 financial years (i.e. FY 2012-13, 2013-14, 2014-15)
Audited Financial Statements (and Annual Reports, if applicable) for the last three financial years, viz. 2012-13, 2013-14 and 2014-2015 is to be furnished. CA certificate regarding positive net worth needs to be furnished
4. The bidder should own and have been managing well established Security Operations Centre (SOC) in India for the last 5 years.
The bidder should have at least one scheduled commercial Bank/ Financial Institution having a network of more than 100 branches as active customer for Managed Security Service or SOC for at least last 3 year that are being serviced from this SOC.
Year wise Copies of purchase orders showing SOC services provided to customer/s.
Attach copies of orders by active customer.
Page 7 of 72
5 The bidder should have provided/ be providing SOC/ Managed Security Services including log monitoring & co-relation for minimum 100 devices to at least one scheduled commercial bank in India.
Letter from client on client letter Head/ commissioning report along with name and designation and Landline telephone contact details 6 The SOC offering managed security services
should be ISO 27001 certified.
Please provide the copy of ISO 27001 certificate.
7 The bidder should have the DR Site of similar capacity for their SOC in India.
Self-Declaration with details of DR
8. The bidder should not be existing System Integrator (for Network Infrastructure/ Facility Management) for the Bank to avoid conflict of interest.
Bidder under taking should be submitted in this regard.
9. The proposed products/ tools (i.e. SIEM, WAF, PIM. Anti-Phishing) must be successfully implemented in at least one Scheduled commercial Bank in India
Letter from client on client letter Head/ commissioning report along with name and designation and Landline telephone contact details 10 The bidder should have minimum 10 skilled staff
with professional certifications like CISA/ CISSP / CEH / CCSP / CCNA or OEM certified for the product proposed.
CVs
11. The bidder should deploy industry standard license tools.
Product Brochure
12.
SIEM tool deployed must be in the Leader or Challenger Quadrant of latest published Gartner’s Report for SIEM.
Gartner report
13.
The bidder should not have been put in the negative list or Blacklist by any public sector bank /Government organization for breach of applicable laws or violation of regulatory prescriptions or breach of agreement for providing the SOC services.
Self-certificate
14 The service provider shall not assign or sub-contract the assignment or any part thereof to any other person/firm.
The vendor must submit a Letter of Undertaking.
15 Bidder should have Digital Signatures to participate in Reverse Auction
Details of certificates to be furnished.
16 Bidder should have successfully integrated the Finacle CBS Application with SOC in at least one Bank in India.
Letter from client on client letter Head/ commissioning report along with name and designation and Landline telephone contact details.
Photocopies of relevant documents / certificates, duly stamped and signed must be submitted as proof in support of the claims made. The Bank reserves the right to verify /evaluate the
Page 8 of 72
claims made by the Bidder independently. The decision of the Bank in this regard shall be final, conclusive and binding upon the Bidder.
1.2 Cost of Tender
The tender document may also be downloaded from The Bank’s official website www.psbindia.com. The bidder downloading the tender document from the website is required to submit a non-refundable fee as mentioned in Key-Information in the form of Demand Draft or Pay Order in favour of PUNJAB & SIND BANK, payable at New Delhi, at the time of submission of the technical bid, failing which the bid of the concerned Bidder will be rejected. It may be noted that amount will not be refunded to any prospective bidder under any circumstances including cancellation of RFP.
1.3 Language of the Bid
The bid as well as all correspondence and documents relating to the bid exchanged by the Bidder and The Bank shall be in English language only.
1.4 Bid Currency & Price Structure
Prices shall be expressed in the Indian Rupees only. The bidder must quote price exclusive of all applicable taxes and duties. The cost will not depend on any variation in dollar exchange rate/change in tax structure.
1.5 Two Bid System
a. The Bid Proposal being submitted would be binding on the Bidder. As such it is necessary that authorized personnel of the firm or organization must sign the Bid. The designated personnel should be authorized by a senior official of the Organization having such authority to do so. The same person or a different person should be authorized who should have Digital Certificate issued in his name and should have authority to quote offer price during On-line Reverse Auction. The details of Digital Certificate like Name, Digital Key details, Issuing Authority and validity etc. are to be provided. The Xerox copy of necessary Original Resolutions/ Authority/ Power of Attorney having authority to authorize the person to submit Bid Documents/ participate in Online Reverse Auction, on behalf of the Company shall be enclosed. The proposal must be accompanied with an undertaking letter duly signed by the designated personnel providing a Bid commitment. The letter should also indicate the complete name and designation of the designated personnel.
b. The bidder shall submit his response to the present tender separately in two parts –
“Technical Bid” or TB
andIndicative Commercial (“Indicative Commercial Bid” or
ICB)
. Technical Bid will contain product specifications whereas the indicativeCommercial Bid
(ICB) will contain the estimated pricing information. In the first stage, only the Technical Bids shall be opened and evaluated as per the criterion determined by the Bank. Those bidders satisfying the technical requirements as determined by the Bank in its absolute discretion shall be short-listed for opening their Indicative (Estimated) Price. The indicative prices are to fix the start price for on-line Reverse Auction. The shortlisted vendors shall be intimated the date and time for participating in the On-Line Reverse Auction. Bidder should be agreeable to accept the offer at the price quoted in Reverse Auction, in case bidder is identified/ selected as L1 Bidder. In order to participate in online reverse auction, bidders should have Digital Signature.c. E-auction vendor engaged by the bank for providing e-tendering services for Punjab & Sind Bank. E-Auction vendor will train the bidders for this purpose and they will have to abide by the E-Business Rules framed by the service provider and duly approved by the Bank. The E-business Rules shall be shared with Shortlisted bidder before Reverse Auction. For more information on participating for this reverse auction. The details of E-auction bidder will be given to the technically qualified/shortlisted bidders The Bank
Page 9 of 72
reserves the right to accept or not to accept any bid or to reject a particular bid at its sole discretion without assigning any reason whatsoever.
d. The Indicative (Estimated) Price of only technically qualified & short-listed vendors shall be opened to fix the Start price for online Reverse Auction. The Bank shall, however, may follow any other basis to determine the start price for on-line Reverse Auction. e. Bid documents shall be submitted in a Single sealed envelope, including Demand
Draft/Purchase Order towards cost of RFP, Bid Security (EMD) and other required documents as mentioned in the tender and a sealed envelope containing Indicative (Estimated) Price, duly super-scribing the envelope with the reference of this RFP, due date, name of the Bidder with contact details, Offer reference number etc. Bid document should be duly filed and all the pages of Bid including Brochures should be made in an organized, structured, and neat manner. Brochures / leaflets etc. should not be submitted in loose form. All the pages of the submitted Bid Documents should be serially number numbered with the Bidder’s seal duly affixed with the Signature of the Authorized Signatory on each page. Documentary proof, wherever required, in terms of the RFP shall be enclosed.
f. The Bids containing erasures or alterations will not be considered. There should be no hand-written material, corrections or alterations in the Bids. Technical details must be completely filled in. Correct technical information of the product being offered must be filled in.
g. The technical and indicative commercial bids should be submitted in “Hard copy” and “Soft copy”. The soft copy should be in a CD with the name of the bidder and the type (“Technical Bid”, “Indicative Commercial Bid”) clearly indicted on the CD. The CD should be included in the respective sealed cover.
h. The technical and indicative commercial bids should be submitted in “Hard copy” and “Soft copy”. The soft copy should be in a CD with the name of the bidder and the type (“Technical Bid”, “Indicative Commercial Bid”) clearly indicted on the CD. The CD should be included in the respective sealed cover.
i. In case of any discrepancy between the “Hard Copy” and the “Soft Copy” documents, the signed “Hard Copy” shall be considered as final
1.6 Formation of Technical Bid
The Technical offer/Technical bid must be made in an organized and structured manner. The Technical Bid shall contain the following documents and should be properly sealed and marked as “Bid
for managed security services for security operation Centre
”, Tender Reference Number, Bidder’s name and Address in the following forms:-1. Tender Covering letter duly signed by the authorized signatory (Annexure I) 2. Executive Summary.
3. Certificate of Incorporation of the bidder. 4. FORMAT - 1 Financial details
5. FORMAT - 2 Prime Bidder’s Undertaking Letter
6. FORMAT - 3 Channel Partner/ Dealership/experience letter from OEM 7. FORMAT - 4 Confirmation of Soft Copy
8. FORMAT - 5 Compliance Statement
9. FORMAT - 6 Prime Bidder’s Undertaking Letter 10. FORMAT - 7 Confirmation to Deliver
11. FORMAT - 8 Undertaking of Authenticity for Appliance and Server Supplies 12. FORMAT - 9 Confirmation of Past Experience for Solution
13. Enclosed copies of reference letter /credential letters 14. List of quality certifications, if any
Page 10 of 72
15. Quality/ Performance/ Benchmark Certifications for the products offered 16. DD for Cost of Bid
17. ANNEXURE I -Tender Covering Letter 18. ANNEXURE II - Bidder’s Information
19. ANNEXURE III - Performa for the Bank Guarantee for Earnest Money Deposit 20. ANNEXURE IV - Acceptance of Scope of Work
21. ANNEXURE V - Format of Performance Guarantee 22. ANNEXURE VI - PREBID QUIRY FORMAT
23. ANNEXURE VII - Technical Requirements
24. ANNEXURE VIII - Indicative Commercial Bill of Materials.
25. ANNEXURE IX - Technical requirement of Managed Security Services 26. ANNEXURE X - Non-Disclosure Agreement
27. Soft copy of the technical bid in formats supported by Microsoft Office Suite of Products 28. Any other documents, forms, letters etc supporting above information.
29. The Bidder must provide a Masked Bill of Material. The Masked Bill of Material should contain a replica of the bidder’s final Unmasked bill of material with prices masked.
Note: All Claims made by the Bidder will have to be backed by documentary evidence. The bidder is expected to examine all instructions, forms, terms and specifications in the RFP. Failure to furnish all information required or to submit a Bid not substantially responsive to the in every respect will be at the Bidder’s risk and may result in the rejection of the Bid.
1.7 Submission of bids
The Bank expects the bidders to carefully examine all instructions, terms and conditions mentioned in this RFP document before submitting its unconditional compliance as part of the RFP. Failure to furnish all information required or submission of an RFP not substantially responsive to the RFP in every respect will be at the bidder’s risk and may result in the rejection of its response.
Bids duly sealed should be submitted, in person, on or before the last Date and Time for bid submission at the address mentioned below. Any other mode of submission, e.g. by courier, fax, e-mail etc. will not be accepted.
Punjab & Sind Bank,
Head Office Information Technology Department, Bank House, 2nd Floor,
21, Rajendra Place, New Delhi – 110008
1.8 Cost of Preparation and Submission of Bid
The Bidder shall bear all costs associated with the preparation and submission of its Bid and the Bank will in no case be responsible or liable for these costs, regardless of the conduct or outcome of the Bidding process.
If any information / data / particulars are found to be incorrect, bank will have the right to disqualify / blacklist the company and invoke the bank guarantee/ forfeit the EMD.
All communications, correspondence will be only to the prime bidder. Any partner/sub contractor has to communicate only through the prime bidder. The prime bidder will act as the single point of contact for the bank.
Bank reserves it right to cancel the order even after placing the letter of Intent (LOI) / Purchase Order, if bank receives any directions / orders from Statutory Body / RBI/Govt. of India in a nature that binds the bank not to take the project forward.
Page 11 of 72 1.9 Late bids
Any bid received after the due date and time for receipts of bids as prescribed in this RFP will be rejected and returned unopened to the Bidder.
1.10 Earnest Money Deposit (EMD)
Non-submission of Earnest Money Deposit as mentioned in Key-Information will lead to outright rejection of the Offer. The EMD is to be submitted in the shape of Financial Bank Guarantee from any scheduled commercial Bank valid for minimum 225 Days from the date of Bid Submission Date.
EMD of unsuccessful Bidders will be returned to them on completion of the procurement process. The EMD of successful Bidder(s) will be returned within 30 days on submission of Performance Bank Guarantee.
The Earnest Money Deposit may be forfeited under the following circumstances:
a. If the Bidder withdraws its bid during the period of bid validity (180 days from the date of opening of the technical bid).
b. If the Bidder makes any statement or encloses any form which turns out to be false, incorrect and/or misleading at any time prior to signing of contract and/or conceals or suppresses material information; and / or
c. In case of Technically qualified bidder, if the bidders fails: To participate in Reverse Auction
To accept bid after submitting the bid in online reverse auction d. In case of the successful Bidder, if the Bidder fails:
To Accept the bid submitted during Reverse Auction
To sign the contract in the form and manner to the satisfaction of the Bank.
To furnish performance Bank Guarantee in the form and manner to the satisfaction of the Bank.
1.11 Performance Bank Guarantee
The Bank will require the selected Bidder to provide a Performance Bank Guarantee, within 15 days from the date of acceptance of the order or signing of the contract whichever is earlier, for a value equivalent to 10% of the contract value with validity of 63 months. (or extended period, if any) . The selected Bidder shall be responsible for extending the validity date and claim period of the Performance Guarantee as and when it is due. In case the selected Bidder fails to submit performance guarantee within the time stipulated, The Bank, at its discretion, may cancel the order placed on the selected Bidder without giving any notice. Bank shall invoke the performance guarantee in case the selected Bidder fails to discharge their contractual obligations during the period or Bank incurs any loss due to Bidder’s negligence in carrying out the project implementation as per the agreed terms & conditions.
1.12 Erasures or Alterations
The Bid should contain no alterations, erasures or overwriting except as necessary to correct errors made by the Bidder, in which case corrections should be duly stamped and initialed / authenticated by the person/(s) signing the Bid. The Bidder is expected to examine all instructions, forms, terms and specifications in the bidding documents. Failure to furnish all information required by the bidding documents or submission of bid not substantially/conclusively responsive to the bidding documents in every respect will be at the Bidders risk and may result in rejection of the bid.
1.13 Opening of bids
Technical Bid offer will be opened on the date and time mentioned in the bid ‘Key-Information’ in the presence of the Bidders who choose to attend on the said date and time.
Page 12 of 72
The Bank will evaluate the technical and techno functional response to the RFP of the Bidders who are found eligible as per the eligibility criteria mentioned in the RFP. There will be no scoring involved in the eligibility evaluation. Bids of only those Bidders who have been found to be in conformity of the eligibility terms and conditions during the preliminary evaluation would be taken up by the Bank for further detailed evaluation. The Bidders who do not meet the eligibility criteria and all terms during preliminary examination will not be taken up for further evaluation. During evaluation of the Bids, the Bank at its discretion may ask a bidder for clarification of its bid. The request for clarification and the response shall be in writing, and no change in the price or substance of the bid shall be sought, offered or permitted.
1.14 Evaluation Process of the Bids The Evaluation will be a two-stage process:
2. Technical Evaluation- Compliance to Minimum eligibility Criterion
- Acceptance to all terms and conditions of RFP - Completeness of Bid as per RFP requirement - Acceptance to Scope of RFP
- Technical Evaluation 3. Commercial Evaluation Bidding through online Reverse Auction
The evaluation by the Bank will be undertaken by a committee of internal which would have Bank officials and may include Consultants. The decision of the committee shall be considered final.
1.14.1 Preliminary Scrutiny
a. The Bank will examine the Bids to determine whether they are complete, required formats have been furnished, the documents have been properly signed, and the Bids are generally in order. b. The Bank may, at its discretion, waive any minor infirmity, non-conformity, or irregularity in a
Bid, which does not constitute a material deviation.
c. The Bank will first examine whether the Bid and the Bidder is eligible in terms of Eligibility Criteria. The bids not meeting the Minimum Eligibility Criteria shall not be considered for further evaluation.
d. Prior to technical evaluation, the Bank will determine the responsiveness of each Bid to the Bidding Document. For purposes of these Clauses, a responsive Bid is one, which conforms to all the terms and conditions of the Bidding Document without material deviations. Deviations from, or objections or reservations to critical provisions, such as those concerning Bid Security, Applicable Law, Bank Guarantee, Eligibility Criteria, will be deemed to be a material deviation. e. The Bank’s determination of a Bid’s responsiveness will be based on the contents of the Bid
itself, without recourse to extrinsic evidence.
f. If a Bid is not responsive, it will be rejected by the Bank and may not subsequently be made responsive by the Bidder by correction of the non-conformity.
1.14.2 Clarification of bids
To assist in the scrutiny, evaluation and comparison of offers/bids, The Bank may, at its sole discretion, ask some or all Bidders for clarification of their offer/bid. The request for such clarifications and the response will necessarily be in writing and no change in the price or substance of the bid shall be sought, offered or permitted. Any decision of The Bank in this regard shall be final, conclusive and binding on the Bidder.
1.15 Address for Submission of Bid and communication
Page 13 of 72 Assistant General Manager (IT)
Punjab & Sind Bank,
Head Office Information Technology Department, Bank House, 2nd Floor, 21, Rajendra Place,
New Delhi - 110008
1.16 No commitment to accept lowest or any bid
The Bank shall be under no obligation to accept the lowest or any other offer received in response to this tender notice and shall be entitled to reject any or all offers including those received late or incomplete.
Bank reserves the right to make changes in the terms and conditions of purchase. Bank will be under no obligation to have discussions with any bidder, and/or entertain any representation.
1.17 Right To Accept Any Bid And To Reject Any Or All Bids
PUNJAB & SIND BANK reserves the right to accept or reject in part or full any or all offers without assigning any reason thereof even after issuance of letter of Intent. Any decision of Punjab & Sind Bank in this regard shall be final, conclusive and binding upon the bidders. The Bank reserves the right to accept or reject any Bid in part or in full, and to annul the Bidding process and reject all Bids at any time prior to contract award, without thereby incurring any liability to the affected Bidder or Bidders or any obligation to inform the affected Bidder or Bidders of the grounds for Bank’s action. During any stage of evaluation process, if it is found that the bidder does not meet the eligibility criteria or has submitted false /incorrect information the bid will be summarily rejected by the Bank and no further correspondence would be entertained in this regard. Bank further reserves the right to amend, rescind, reissue or cancel this RFP and all amendments will be advised to the Bidder and such amendments will be binding upon them. The Bank also reserves its right to accept, reject or cancel any or all responses to this RFP without assigning any reason whatsoever. Further please note that the bank would be under no obligation to acquire any or all the items proposed. No contractual obligation whatsoever shall arise from the RFP process unless and until a formal contract is signed and executed by duly authorized officials of Punjab & Sind Bank and the bidder.
1.18 Correction of Errors
Bidders are advised to exercise greatest care in entering the pricing figures. No corrigenda or requests for prices to be corrected will be entertained after the bids are opened. If there are any corrections in the bid document, the authorized signatory should initial them all, failing which the figures for such item shall not be considered. Discrepancies in bids will be corrected as follows:
Where there is a discrepancy between the amounts in figures and in words, the amount in words shall prevail.
Where there is a discrepancy between the unit rate and the line item total resulting from multiplying the unit rate by the quantity, the unit rate will govern unless, in the opinion of Bank, there is an obvious error such as a misplacement of a decimal point, in which case the line item total will prevail
Where there is a discrepancy between the amount mentioned in the bid and the line item total present in the schedule of prices, the amount obtained on totaling the line items in the Bill of Materials will prevail
The amount stated in the correction form, adjusted in accordance with the above procedure, shall be considered as binding, unless it causes the overall price to rise, in which case the bid price shall prevail.
Based on the Bank’s requirements as listed in this document, the bidder should identify and offer the best-suited solution / bill of material for the product that would meet the Bank’s requirements and quote for the same.
Page 14 of 72 1.19 Soft copy of tender document
The soft copy of the tender document will be made available on the Bank’s website https://www.psbindia.com. However, the Bank shall not be held responsible in any way, for any errors / omissions /mistakes in the downloaded copy.
The bidder is advised to check the contents of the downloaded copy for correctness against the printed copy of the tender document. The printed copy of the tender document shall be treated as correct and final, in case of any errors in the soft copy.
1.20 Bid validity period
Bids shall remain valid for 180 (one hundred eighty) days after the date of bid opening prescribed by the Bank. The Bank holds the rights to reject a bid valid for a period shorter than 180 days as non-responsive, without any correspondence. In exceptional circumstances, The Bank may solicit the Bidder’s consent to an extension of the validity period. The request and the response thereto shall be made in writing. Extension of validity period by the Bidder should be unconditional and irrevocable. The Bid Security provided shall also be suitably extended.
A Bidder acceding to the request will neither be required nor be permitted to modify its bid. A Bidder may refuse the request without forfeiting its bid security. In any case the bid security of the Bidders will be returned after completion of the process.
1.21 Pre-bid meeting
For clarification of doubts of the bidders on issues related to this RFP, the Bank intends to hold a Pre-Bid Meeting on the date and time as indicated in the RFP in Key-Information.
For any clarification with respect to this RFP, the bidder may send an email to [email protected]by last date of submission of queries as defined in Key-Information in this document. The format to be used for seeking clarification is mentioned in Pre-bid Query Format. It may be noted that all queries, clarifications, questions etc., relating to this RFP, technical or otherwise, must be in writing only and should be sent to the email-id as stated earlier.
Only two (i.e. maximum) authorized representatives of the bidders will be allowed to attend the meeting.
1.22 Award of contract
Following evaluation, a contract may be awarded to the bidder whose bid meets the requirements of this RFP and provides the best value to the Bank from both a techno-functional and commercial point of view.
The Bank reserves the right to award the contract in whole or in part. The acceptance of the bid, subject to contract, will be communicated by way of placing a purchase order in writing at the address supplied by the bidder in the bid document. Any change of address of the bidder should therefore be notified promptly to the Assistant General Manager (IT) at the address given in this RFP.
1.23 Contract Period
The contract period will be for the periods of Five Years from the date of purchase order. However the bank may consider an exit option if no reasonable solution is obtained. Further Bank reserves the right to extend the contract on the same terms & conditions, but not more than one year.
On the completion of selection process, the selected vendor need to execute a comprehensive Service Level Agreement (SLA) with the Bank for Five Years Contract period covering all terms and conditions of this RFP and agreement.
The agreement will be based on the bidder’s offer document with all its enclosures, modifications arising out of negotiation / clarification etc., and will include the following documents:
Page 15 of 72 1.24 Signing of contract
The successful bidder(s) shall be required to enter into a contract with Bank, within thirty (30) days of the award of the work or within such extended period, as may be specified by Bank. This contract shall be based on this RFP document (read with addendums/Corrigendum/Clarifications), LOI, Purchase order and such other terms and conditions as may be determined by Bank to be necessary for the due performance of the work, as envisaged herein and in accordance with the bid.
However the terms and conditions of purchase order and RFP shall constitute a binding contract till such a contract is issued.
1.25 Confidentiality of the Bid Document
The Bidder, irrespective of his/her participation in the bidding process, shall treat the details of the documents as secret and confidential.
Page 16 of 72
CHAPTER 2 - TERMS AND CONDITIONS
2.1 PAYMENT TERMS
Payment for SOC services will be made on quarterly in arrears on the basis of actual availability of services / Signoff from 1st Year to 5th Year i.e., 20 quarters from date of sign-off of the project on submission of invoice and other supporting documents
The selected vendor will make payment request to bank in writing, accompanied by an invoice, along with the relevant reports in proof of services performed and by documents submitted pursuant to terms & conditions of the RFP/SLA.
Upon fulfillment of other obligations stipulated in the Contract, payment based on the basis of agreed Rates will be made by the bank –
2.2 PAYING AUTHORITY
The payments as per the Payment Schedule covered shall be paid by HO IT Department, Punjab & Sind Bank, 2nd Floor, 21 Bank House, Rajendra Place, New Delhi - 110008.
2.3 DELAYS IN THE BIDDER’S PERFORMANCE
The bidder must strictly adhere to the implementation schedule, as specified in the purchase contract, executed between the Parties for performance of the obligations, arising out of the purchase contract and any delay in completion of the obligations by the Bidder will enable Bank to resort to any or both of the following:
i. Claiming Liquidated Damages
ii. Termination of the purchase agreement fully or partly and claim liquidated damages. iii. Forfeiting of Earnest Money Deposit / Invoking EMD Bank Guarantee
2.4 LIQUIDATED DAMAGES
The Bank will consider the inability of the bidder to deliver the services within the specified time limit as a breach of contract and would entail the payment of Liquidated Damages on the part of the bidder. The liquidated damages represent an estimate of the loss or damage that the Bank may have suffered due to delay in performance of the obligations (relating to service delivery, training, acceptance) by the bidder.
Installation will be treated as incomplete in one / all of the following situations: Non-delivery of any services mentioned in the order
Non-delivery of supporting documentation No integration
System operational, but unsatisfactory to the Bank
Bank may at its option demand and recover from the successful bidder(s) Bank may at its option demand and recover from the successful bidder(s) an amount equivalent to 0.5 percent of the incomplete portion of services for every week of delay or part thereof. Once the maximum is reached, the Bank may consider termination of the contract. Similarly for delay in services,
Further, the Bank also reserves the right to cancel the order and invoke the Bank Guarantee/Performance Guarantees in case of inordinate delays in the delivery/ installation of the equipment. Bank may foreclose the bank guarantee without any notice. In the event of Bank agreeing to extend the date of delivery at the request of successful bidder(s), it is a condition precedent that the validity of Bank guarantee shall be extended by further period as required by Bank before the expiry of the original bank guarantee. Failure to do so will be treated as breach of contract. In such an event Bank, however, reserves its right to foreclose the bank guarantee.
Page 17 of 72
2.5 SUBCONTRACTING
The Vendor shall not subcontract or permit anyone other than its personnel to perform any of the work, service or other performance required of the Vendor under the contract without the prior written consent of the Bank.
2.6 CONTRACT TERMINATION/ ORDER CANCELLATION
The Bank reserves the right to terminate the contract / cancel the order placed on the selected Bidder and recover expenditure incurred by The Bank under the following circumstances:-
a. The selected Bidder commits a breach of any of the terms and conditions of the bid and fails to meet agreed uptime.
b. The Bidder goes into liquidation, voluntarily or otherwise.
c. An attachment is levied or continues to be levied for a period of seven days upon effects of the bid.
d. If the selected Bidder fails to complete the assignment as per the time lines prescribed in the RFP and the extension if any allowed, it will be a breach of contract. The Bank reserves its right to cancel the order in the event of delay and forfeit the bid security as liquidated damages for the delay.
e. If deductions of account of liquidated damages exceeds more than 10% of the total contract price.
f. In case the selected Bidder fails to deliver the services as stipulated in the schedule, The Bank reserves the right to procure the same or similar product from alternate sources at the risk, cost and responsibility of the selected Bidder.
g. The Bank reserves the right to recover any dues payable by the selected bidder from any amount outstanding to the credit of the selected Bidder, including the pending bills and/or invoking The Bank guarantee under this contract.
h. The Bank reserve its right to cancel the order in the event of one or more of the following situations, that are not occasioned due to reasons solely and directly attributable to the Bank alone.
a. Delay in customization / implementation / takeover of services beyond the specified period that is agreed in the contract that will be signed with the successful vendor. b. Serious discrepancy in the quality of services.
i. The Bank reserve its right to terminate the contract in the event of change in bank policy/ administrative exigency after providing notice period of six months.
2.8 Exit option and Reverse transition
a) The Bank reserves its right to cancel the order in the event of happening of one or more of the situations as mentioned in the contract termination/Order Cancellation‟ clause
b) Notwithstanding the existence of a dispute, and/or the commencement of arbitration proceedings, the bidder should continue to provide the facilities to the Bank.
c) Reverse transition mechanism would be activated in the event of cancellation of the contract or exit by the parties or 6 months prior to expiry of the contract. The bidder should perform a reverse transition mechanism to the Bank or its selected vendor. The reverse transition mechanism would facilitate an orderly transfer of services to the Bank or to an alternative 3rd party / vendor nominated by the Bank. Where the Bank elects to transfer the responsibility for service delivery to a number of vendor’s ,Bank will nominate a service provider who will be responsible for all dealings with
the bidder regarding the delivery of the reverse transition services. d) Knowledge Transfer: The bidder shall provide such necessary information,
documentation to the Bank or its designee, for the effective management and maintenance of the Deliverables under this
Page 18 of 72
contract. bidder shall provide documentation (in English) in electronic form where available or otherwise a single hardcopy of all existing procedures, policies and programs required to support the Services. Such documentation will be subject to the limitations imposed by bidder’s Intellectual Property Rights of this Agreement.
e) The parties shall return confidential information, Data and will sign off and acknowledge the return of such confidential information.
f) The bidder shall provide all other services as may be agreed by the parties in connection with the reverse transition services. However, in case any other services, in addition to the above are needed, the same shall be scoped and priced.
g) The bidder recognizes that considering the enormity of the assignment, the transition services listed herein are only indicative in nature and the bidder agrees to provide all assistance and services required for fully and effectively transitioning the services provided by the bidder under the scope, upon termination or expiration thereof, for any reason whatsoever.
h) The cost for reverse transition if any should be part of the commercial offer.
i) During which the existing bidder would transfer all knowledge, know how and other things necessary for the Bank or new bidder to take over and continue to manage the services. The bidder agrees that the reverse transition mechanism and support during reverse transition will not be compromised or affected for reasons whatsoever be for cancellation or exist of the parties.
h) The Bank shall have the sole and absolute discretion to decide whether proper reverse transition mechanism over a period of 6 months, has been complied with. In the event of the conflict not being resolved, the conflict will be resolved through Arbitration.
i) The Bank and the bidder shall together prepare the Reverse Transition Plan. However, the Bank shall have the sole decision to ascertain whether such Plan has been complied with.
j) The bidder agrees that in the event of cancellation or exit or expiry of the contract it would extend all necessary support to the Bank or its selected vendors as would be required in the event of the shifting of the site.
k) The bidder shall handover the complete data to bank after termination of contract/expiry of contract .
2.10 E F F E C T S OF TERMINATIONS
a) The bidder agrees that it shall not be relieved of its obligations under the reverse transition mechanism notwithstanding the termination of the assignment.
b) Same terms (including payment terms) which were applicable during the term of the contract should be applicable for reverse transition services
c) The bidder agrees that after completion of the Term or upon earlier termination of the assignment the bidder shall, if required by the Bank, continue to provide facility to the Bank at no less favorable terms than those contained in this tender document. In case the bank wants to continue with the bidder's facility after the completion of this contract
then the bidder shall offer the same or better terms to the bank. Unless mutually agreed, the rates shall remain firm.
Page 19 of 72
d) The Bank shall make such prorated payment for services rendered by the bidder and accepted by the Bank at the sole discretion of the Bank in the event of termination, provided that the bidder is in compliance with its obligations till such date. However, no payment for “costs incurred, or irrevocably committed to, up to the effective date of such termination” will be admissible. There shall be no termination compensation payable to the bidder.
e) Termination shall not absolve the liability of the Bank to make payments of undisputed amounts to the bidder for services rendered till the effective date of termination. Termination shall be without prejudice to any other rights or remedies a party may be entitled to hereunder or at law and shall not affect any accrued rights or liabilities or either party nor the coming into force or continuation in force of any provision hereof which is expressly intended to come into force or continue in force on or after such termination.
f) Upon cancellation of contract/completion of period of service, the bidder should handover the peaceful legal possession of all the assets provided and obtains discharge from the Bank. The Bank also reserves the right to assign or allot or award the contract to any third party upon cancellation of the availed services.
2.7 AUDIT BY THIRD PARTY
Punjab & Sind Bank reserves the right to inspect and/or conduct audit at the bidder’s site of any procedures, services and functionality offered by the selected vendor under this agreement. Punjab & Sind Bank will undertake audits by itself or through its designated company for audits on regular basis to audit the procedures, services and functionality for conformance as per this agreement. Vendor undertakes to take all necessary steps, at no additional costs to Punjab & Sind Bank, to rectify any non-conformance items as indicated by the auditors.
2.8 DISPUTE RESOLUTION MECHANISM
The Bidder and The Bank shall endeavor their best to amicably settle all disputes arising out of or in connection with the Contract in the following manner:-
I. The Party raising a dispute shall address to the other Party a notice requesting an amicable settlement of the dispute within seven (7) days of receipt of the notice.
II. The matter will be referred for negotiation between General Manager of The Bank / Purchaser and the Authorized Official of the Bidder. The matter shall then be resolved between them and the agreed course of action documented within a further period of 15 days.
In case any dispute between the Parties, does not settle by negotiation in the manner as mentioned above, the same may be resolved exclusively by arbitration and such dispute may be submitted by either party for arbitration within 20 days of the failure of negotiations. Arbitration shall be held in New Delhi and conducted in accordance with the provisions of Arbitration and Conciliation Act, 1996 or any statutory modification or re-enactment thereof. Each Party to the dispute shall appoint one arbitrator each and the two arbitrators shall jointly appoint the third or the presiding arbitrator.
The “Arbitration Notice” should accurately set out the disputes between the parties, the intention of the aggrieved party to refer such disputes to arbitration as provided herein, the name of the person it seeks to appoint as an arbitrator with a request to the other party to appoint its arbitrator within 45 days from receipt of the notice. All notices by one party to the other in connection with the arbitration shall be in writing and be made as provided in this tender document.
The arbitrators shall hold their sittings at New Delhi. The arbitration proceedings shall be conducted in English language. Subject to the above, the courts of law at New Delhi alone shall have the jurisdiction in respect of all matters connected with the Contract/Agreement. The arbitration award shall be final, conclusive and binding upon the Parties and judgment may be entered thereon, upon the application of either party to a court of competent jurisdiction. Each Party shall bear the cost of preparing and
Page 20 of 72
presenting its case, and the cost of arbitration, including fees and expenses of the arbitrators, shall be shared equally by the Parties unless the award otherwise provides.
The Bidder shall not be entitled to suspend the Service/s or the completion of the job, pending resolution of any dispute between the Parties and shall continue to render the Service/s in accordance with the provisions of the Contract/Agreement notwithstanding the existence of any dispute between the Parties or the subsistence of any arbitration or other proceedings.
Notwithstanding the above, the Bank shall have the right to initiate appropriate proceedings before any court of appropriate jurisdiction, should it find it expedient to do so.
2.9 JURISDICTION
The jurisdiction of the courts shall be in New Delhi.
2.10 NOTICES
Notice or other communications given or required to be given under the contract shall be in writing and shall be faxed/e-mailed followed by hand-delivery with acknowledgement thereof, or transmitted by pre-paid registered post or courier.
Any notice or other communication shall be deemed to have been validly given on date of delivery if hand delivered & if sent by registered post than on expiry of seven days from the date of posting.
2.11 AUTHORIZED SIGNATORY
The selected Bidder shall indicate the authorized signatories who can discuss and correspond with the bank with regard to the obligations under the contract. The selected Bidder shall submit at the time of signing the contract a certified copy of the resolution of their board, authenticated by the company secretary, authorizing an official or officials of the Bidder to discuss, sign agreements/contracts with The Bank , raise invoice and accept payments and also to correspond. The Bidder shall provide proof of signature identification for the above purposes as required by the bank.
2.12 FORCE MAJEURE
Force Majeure is herein defined as any cause, which is beyond the control of the selected Bidder or The Bank as the case may be which they could not foresee or with a reasonable amount of diligence could not have foreseen and which substantially affect the performance of the contract, such as:-
Natural phenomenon, including but not limited to floods, droughts, earthquakes and epidemics Acts of any government, including but not limited to war, declared or undeclared priorities,
quarantines and embargos
Terrorist attack, public unrest in work area
Provided either party shall within 10 days from occurrence of such a cause, notify the other in writing of such causes. The Bidder or The Bank shall not be liable for delay in performing his/her obligations resulting from any force Majeure cause as referred to and/or defined above. Any delay beyond 30 days shall lead to termination of contract by parties and all obligations expressed quantitatively shall be calculated as on date of termination. Notwithstanding this, provisions related to indemnity, confidentiality survives termination of the contract.
2.13 CONFIDENTIALITY
The selected vendor acknowledges that all material information which has or will come into its possession or knowledge in connection with this agreement or the performance hereof, consists of confidential and proprietary data, whose disclosure to or use by third parties will be damaging or cause loss to PUNJAB & SIND BANK. The vendor agrees to hold such material and information in strictest confidence and not to make use thereof other than for the performance of this agreement to release it only to employees requiring such information and not to release or disclose it to any other party. The vendor agrees to take appropriate action with respect to its employees to ensure that the obligations of non-use and non- disclosure of confidential information under this agreement can be fully satisfied.
Page 21 of 72
Punjab & Sind Banks' logs and data (including location details) is confidential and should NEVER be disclosed to any institutions or used by the vendor for purpose other than scope of work . The selected vendor will take suitable steps to ensure the confidentiality of the Punjab & Sind Banks' data. This step should include having the employees assigned to Punjab & Sind Banks' work sign a 'Confidentiality Agreement'. The selected vendor undertakes not to keep this data with its company after the end of this agreement. This clause will outlive the agreement date.
2.14 OWNERSHIP AND RETENTION OF DOCUMENTS
The Bank shall own the documents, prepared by or for the selected Bidder arising out of or in connection with the Contract.
Forthwith upon expiry or earlier termination of the Contract and at any other time on demand by The Bank, the Bidder shall deliver to The Bank all documents provided by or originating from The Bank / Purchaser and all documents produced by or from or for the Bidder in the course of performing the Service(s), unless otherwise directed in writing by The Bank at no additional cost.
The selected Bidder shall not, without the prior written consent of The Bank/ Purchaser, store, copy, distribute or retain any such Documents.
The selected Bidder shall preserve all documents provided by or originating from The Bank / Purchaser and all documents produced by or from or for the Bidder in the course of performing the Service(s) in accordance with the legal, statutory, regulatory obligations of The Bank /Purchaser in this regard.
2.15 PATENT RIGHTS
In the event of any claim asserted by a third party of infringement of copyright, patent, trademark, industrial design rights, etc., arising from the use of the Goods or any part thereof in India, the Vendor shall act expeditiously to extinguish such claim. If the Vendor fails to comply and the Bank is required to pay compensation to a third party resulting from such infringement, the Vendor shall be responsible for the compensation to claimant including all expenses, court costs and lawyer fees. The Bank will give notice to the Vendor of such claim, if it is made, without delay. The Vendor shall indemnify the Bank against all third party claims.
2.16 COMPLIANCE WITH STATUTORY AND REGULATORY PROVISIONS
It shall be the sole responsibility of the Vendor to comply with all statutory, regulatory & Law of Land and provisions while delivering the services mentioned in this RFP.
2.17 INDEMNITY
The selected vendor has to undertake to indemnify Punjab & Sind Bank and its officers, employees and agents against liability, including costs, for actual or alleged direct or contributory infringement of, or inducement to infringe, any Indian or foreign patent, trademark or copyright, arising out of the performance of this contract.
The selected vendor shall have to undertake to indemnify Punjab & Sind Bank and its officers, employees and agents against liability, including costs, for actual or alleged direct or contributory infringement or misuse by vendor of, any license issues arising out of the execution of this contract.
2.18 LEGAL COMPLIANCE
The successful bidder hereto agrees that it shall comply with all applicable union, state and local laws, ordinances, regulations and codes in performing its obligations hereunder, including the procurement of licenses, permits and certificates and payment of taxes where required. If at any time during the term of this agreement, the Bank is informed or information comes to the Bank's attention that the Successful bidder is or may be in violation of any law, ordinance, regulation, or code (or if it is so decreed or adjudged by any court, tribunal or other authority), the Bank shall be entitled to terminate this agreement with immediate effect.
Page 22 of 72
The Successful bidder shall maintain all proper records, particularly but without limitation accounting records, required by any law, code, practice or corporate policy applicable to it from time to time including records, returns and applicable documents under the Labour Legislation.
The Successful bidder shall ensure payment of minimum wages to persons engaged by it as fixed from time to time under the Minimum Wages Act, 1948. In case the same is not paid, the liability under the act shall solely rest with the successful bidder.
2.19 GOVERNING LAW AND RESOLUTION OF DISPUTES
All disputes or differences whatsoever arising between the parties out of or in relation to the construction meaning and operation or effect of the Contract / Tender Documents or breach thereof shall be settled amicably. If, however, the parties are not able to solve them amicably, the same shall be settled by arbitration in accordance with the applicable national laws, and the award made in pursuance thereof shall be binding on the parties. Any appeal will be subject of the exclusive jurisdiction of courts at Delhi and the language of the arbitration proceedings and that of all documents and communication between the parties shall be in English.
The laws applicable to this contract shall be the laws in force in New Delhi, India. The contract shall be governed by and interpreted in accordance with Indian law.
The successful bidder(s) shall continue work under the Contract during the arbitration proceedings unless otherwise directed in writing by the Bank or unless the matter is such that the work cannot possibly be continued until the decision of the arbiter, as the case may be, is obtained. The venue of the arbitration shall be in Delhi.
2.20 CONFLICT OF INTEREST
The Bidder shall disclose to the Bank in writing all actual and potential conflicts of interest that exist, arise or may arise (either for the Bidder or the Bidder’s team) in the course of performing the Service(s)as soon as practical after it becomes aware of that conflict.
2.21 INSPECTION OF RECORDS
Subject to receipt of prior written notice, all Vendor records with respect to any matters covered by this Tender shall be made available to the Bank or its designees and regulators including RBI, at any time during normal business hours, as often as the Bank deems necessary, to audit, examine, and make excerpts or transcripts of all relevant data. Said records are subject to examination. Bank’s auditors would execute confidentiality agreement with the Vendor, provided that the auditors would be permitted to submit their findings to the Bank pertaining to the scope of the work, which would be used by the Bank. The cost of the audit will be borne by the Bank. The scope of such audit would be limited to Service Levels being covered under the contract, and financial information would be excluded from such inspection, which will be subject to the requirements of statutory and regulatory authorities. Such audit shall be conducted within normal working hours of the Vendor and the Bank’s auditors shall comply with confidentiality and security requirements as specified by the Vendor.
2.22 DATA OWNERSHIP
The customer LOGS and any data (including location details) provided by Punjab & Sind Bank to vendor is exclusively the property of Punjab & Sind Bank. The various compiled/correlation data, information which is required/ used by the solutions mentioned in this RFP shall remain the property of Bank.
2.23 PUBLICITY
Any publicity by either party in which the name of the other party is to be used should be done only with the explicit written permission of such party.
Page 23 of 72
Both the parties agree not to hire, solicit, or accept solicitation (either directly, indirectly, or through a third party) for their employees directly involved in this contract during the period of the contract and one year thereafter, except as the parties may agree on a case-by-case basis. The parties agree that for the period of the contract and one year thereafter, neither party will cause or permit any of its directors or employees who have knowledge of the agreement to directly or indirectly solicit for employment the key personnel working on the project contemplated in this proposal except with the written consent of the other party. The above restriction would not apply to either party for hiring such key personnel who (i) initiate discussions regarding such employment without any direct or indirect solicitation by the other party (ii) respond to any public advertisement placed by either party or its affiliates in a publication of general circulation or (iii) has been terminated by a party prior to the commencement of employment discussions with the other party.
2.25 COMPLIANCE WITH LAWS
The bidder should adhere to laws of land and rules, regulations and guidelines prescribed by various regulatory, statutory and Government authorities. Bidder is to ensure that all the proposed solutions are compliant to all existing regulatory guidelines of GOI /RBI and also adheres to requirements of the IT Act 2000 (including amendments in IT Act 2008) and Payment and Settlement Systems Act 2007 and amendments thereof. A self-declaration to this effect is to be submitted by the bidder.
The Bank reserves the right to conduct an audit / ongoing audit of the services provided by the bidder. The Bank reserves the right to ascertain information from the banks and other institutions to which the bidders have rendered their services for execution of similar projects.
The Vendor shall undertake to observe, adhere to, abide by, comply with and notify the Bank about all laws in force or as are or as made applicable in future, pertaining to or applicable to them, their business, their employees or their obligations towards them and all purposes of this Tender and shall indemnify, keep indemnified, hold harmless, defend and protect the Bank and its employees/ officers/ staff/ personnel/ representatives /agents from any failure or omission on its part to do so and against all third party claims or demands of liability and all consequences that may occur or arise for any default or failure on its part to conform or comply with the above and all other statutory obligations arising there from.
Compliance in obtaining approvals/permissions/licenses: The Vendor shall promptly and timely obtain all such consents, permissions, approvals, licenses, etc, as may be necessary or required for any of the purposes of this project or for the conduct of their own business under any applicable Law, Government Regulation/Guidelines and shall keep the same valid and in force during the term of the project, and in the event of any failure or omission to do so, shall indemnify, keep indemnified, hold harmless, defend, protect and fully compensate the Bank and its employees/ officers/ staff/ personnel/ representatives/agents from and against all third party claims or demands of liability and all consequences that may occur or arise for any default or failure on its part to conform or comply with the above and all other statutory obligations arising there from and the Bank will give notice of any such claim or demand of liability within reasonable time to the Vendor.
This indemnification is only a remedy for the Bank. The Vendor is not absolved from its responsibility of complying with the statutory obligations as specified above. Indemnity would be limited to court and arbitration awarded damages and shall exclude indirect, consequential and incidental damages. However indemnity would cover direct damages, loss or liabilities suffered by the Bank arising out of claims made by its customers and/or regulatory authorities.
Page 24 of 72
CHAPTER - 3
SCOPE OF WORK
3.1 Intended Principles of the SOC
The principles that form the underlying platform for the SOC Services are as follows. The services
offered should follow from these principles. The “bidder” herein after called as “Security Integrator”
or “Vendor” or “SI”, or “Managed Security Service Provider” is expected to adhere to these
principles while submitting their response:
3.1.1 Functional Principles:
The intent for SOC Service/ Solution is covered in the below functional principles:
Prevention & Identification of Information Security Vulnerabilities: The SOC Services/
Solution should be able to identify information security vulnerabilities in Bank’s
environment and prevent these vulnerabilities.
Incident Management: Reporting of information security incidents through the use of
appropriate tools. Track and monitor the closure of these information security incidents and
escalation of these incidents to appropriate teams/ individuals in the Bank.
Continuous Improvement: Continuously improve SOC Services/ Solutions.
3.1.2 Scalability Principles
The services/ solutions offered should be modular, scalable, and should be able to address Bank’s
requirements during the period of contract.
3.1.3 Availability Principles
The services/ solutions in scope should be designed with adequate redundancy and fault tolerance to
ensure compliance with SLAs for uptime as outlined in this RFP.
3.1.4 Performance Principles
The services/ solutions offered should not have any significant impact on the existing infrastructure/
business of the Bank either during installation or during operation of SOC.
Based on the above principles, the following services/ solutions have been identified to enhance the
security posture of the Bank:
Security Information and Event Management (SIEM)
Web Application Firewall (WAF)
Anti-Phishing, Anti-Trojan, Anti-Malware, and Anti-rouge (for Mobile App) Services
Privilege Identity Management Solution (PIM)
Risk Assessment
The Bidders who wish to take up the project shall be responsible for the following at Bank’s
Data Centre (DC) and Disaster Recovery Site (DR) both:
Implementation of the respective services/ solutions including configuration, customization
as per the requirement of the Bank.
To provide a comprehensive single dashboard view of the security risks/ incidents for the
Bank.
Page 25 of 72
Work/ Liaison with the existing System Integrator(s) and various application vendors of the
Bank for integration the services/ solutions with existing application platforms, servers,
security devices, storage environments, enterprise network, and security solutions, etc.
Development of operating procedures in adherence with the Bank’s policies.
Adherence to agreed Service Level Agreements (SLA) and periodic monitoring and reporting
of the same to designated team and official of the Bank.
Continual improvement of the Security Operations Services as defined in the SLA.
Providing of appropriate ticketing tools for Reporting and logging of information security
incidents.
Secured Link (with necessary bandwidth) from Bank’s DC (and DR) to vendor’s SOC (DC &
DR), along with servers, solutions, software, database, storage, and networking equipments
etc. required at Bank’s DC and DR, without any additional cost to the Bank.
The raw log collection and storage should be at Bank’s premise only.
All the devices, hardware, software, database, storage, solutions, services, links required at
Bank’s premises shall be on lease/ service model.
All dev