1.1 Primary Applications Involved in UI Projects
Data Source/Application Name and Version
|
Description
|
SAP ECC 6 EnPack 6 (SAP NetWeaver v7.3)
|
SAP ECC (previously R/3) part of the SAP Enterprise Central Component platform. Used for financial and accounting purposes including GL, integrated financial cost accounting, purchasing, travel and expenses accounting also used for HR purposes including payroll and staff records management. (Interfaces: direct SQL interfaces to underlying Oracle database but BAPI/RFC (ABAP) interface and also files (iDOC).)
|
Oracle WebCenter Sites 11gR1
|
WCMS
|
OpenText Content Server v10.x
|
Document Management system which currently has integration to our Business server bridge and uses an application API to consume document metadata from the BSB
|
Java applications (JBOSS) v5.1.0 GA
|
Java J2EE Application Server based bespoke applications with underlying Oracle databases
|
Cognos v10.1.1
|
Business Intelligence platform
|
Tibco BusinessWorks v6.2.1
|
ESB/EMS
|
SAP SuccessFactors
|
SaaS
|
Cisco Jabber v10.6.2
|
IM and presence
|
1.2 Supported platforms and preferred versions
Type
|
Vendor
|
Name
|
Preferred Version
|
UXP Application Container
|
Apache
Redhat
|
Tomcat
JBoss AS
|
7+
7+
|
Operating Systems
|
Redhat
Microsoft
|
Redhat Linux (64bit)
Windows Server
|
6.5+
2012 R2
|
Database platforms
|
Oracle
Microsoft
|
Enterprise Database
SQL server
|
12.1
2012
|
Virtual Environment
|
Vmware
|
Vsphere
|
5.1 (5.5)
|
2.0 HIGH-LEVEL REQUIREMENTS
The essential features required of an UXP to support the Bank’s strategic IT architecture can be grouped under the following five headings.
Requirement
|
UXP role
| -
Lean UXP
|
Modern, Web-oriented architecture (WOA) and client side-based container model (browser)
Standards based: Pages/UI Components are built using web-open standards HTML5, CSS3 and JavaScript 5+
| -
Flexible deployment (App server)
|
Must be deployable on Apache Tomcat and JBOSS JEE AS
| -
OOTB AJAX Proxy
|
To avoid Cross-Origin Resource Sharing (CORS) complexities
| -
Multi-device UI framework across tablet, mobile, desktop
|
Must support responsive design at both page and UI Component level, with multiple layout templates to organise pages depending on device type and/or orientation, and UI components able to render themselves based on screen space allowed
| -
UI framework support for custom themes, page templates
|
Must provide a framework to design, create and deploy custom Themes AND Page templates
| -
UI consistency in appearance, navigation and accessibility
|
UXP must provide support for a strong separation between styling and UI Component functionally at a UI Component level
| -
UI Components Catalogue (App Store)
|
Allows users to search for (based on entitlements/roles), select and place pre-built UI Components on a page
| -
UI Component re-use
|
UI component re-use must be supported. UI component structure within UXP allows literal reuse of UI components within a single deployment framework supporting event-based cross-component integration
| -
Inter-UI Component communication
|
UI component event-based cross-component integration (i.e. inter-UI Components communication) must be supported
| -
Authentication/RBAC/SSO
|
Must support authentication and Role-Based-Access-Control (page and UI Component level) via MS Active Directory (internal users) and LDAP or SaaS IdP (external users), and facilitate Single-Sign On (supporting Kerberos, SAML2, OAuth)
| -
Auditing and accounting
|
Must provide auditing of security related activity, such authentication, authorisation and administrative access that is compatible with leading SIEM solutions.
| -
UI framework support for alerts and notifications
|
Must be able to channel “push” messaging
| -
Multiple logical portals
|
Must have a support for distinct logical portals with their own distinct address, authentication and access control model – (i.e. to allow internal/partner portals to be segregated)
| -
Integration/Authentication with the back-end systems
|
UXP must support integration with back-end systems via RESTful Web Services with appropriate authentication mechanism for external and internal users
|
-
Development, Testing and Deployment. The provision of an integrated development environment, including graphical and code-based design tools, testing and debugging facilities, and tools to manage deployment of developments between environments.
-
Management and Monitoring. The ability to monitor and analyse run-time performance and manage the platform to identify problems and exceptions and take remedial actions.
-
Security. Capability supporting common authentication, encryption and signing standards, combined with a platform authorisation and access model. Includes support for secure network access across DMZs using proxies. Must not introduce vulnerabilities into EBRD networks; software components should be designed in accordance with industry security best practices, to be validated by independent security assessment.
-
Non-functional characteristics. Usability and productivity, especially of the design and deployment tools; supportability (in terms of mix of technologies and skills); cohesion (overall simplicity of the product architecture); orthogonality (cross-applicability of independent features); scalability, configuration for availability, etc.
Specific questions about the proposed UXP platform are set out under these headings in Annex B – Core Requirements.
3.0 SCOPE OF PLANNED USE-CASES AND NON-FUNCTIONAL SCENARIOS
Responses to the questions in the following section should be submitted as part of the Supplier’s Narrative Response a template for which is provided as Annex C of the RFP.
3.1 Intranet
Target state: We want the intranet homepage to become a collaborative hub for EBRD staff, along the following lines:
Target layout mock-up
The home page divides into three logical zones: a Bank zone, managed by Communications; a Department zone, managed by individual departments; and a Personal zone, managed by each user for themselves. A similar model would be used by departments and teams to create their own home pages. Potential features include:
-
Standard navigation header and footer, with EBRD styling.
-
An enterprise search function, allowing rapid federated search of enterprise resources (static pages, OpenText Livelink, ebrd.com, other documents and indexed application content) in one place. This would include staff directories (“Who’s who”).
-
An EBRD news area, similar to the current intranet homepage’s news section. This could also include alerts and notices when necessary.
-
A departmental news area, with content relevant to and managed by the user’s department.
-
A team links area for links to common resources relevant to the department.
-
A universal task list, showing workflow tasks for the user drawn from a range of back-end systems (SAP, Appian…); see section 3.2 below.
-
A universal calendar, showing events and task deadlines drawn from a variety of systems which are relevant to the user.
-
A personalised apps area containing links to the user’s commonly used applications
-
A personal feed area showing latest updates from discussions and other collaborative fora to which the user has subscribed.
-
Embedded presence indicator linked to the Bank’s unified communications platform.
-
Customisation – the ability for users to rearrange the layout of their homepage, prioritising or hiding content in their personal zone as they see fit.
-
Additional application content – if a business application is particularly important to a team or department, it may be possible to integrate core content (beyond tasks and events) from that application into a ‘widget’ to be included in hub pages for those users.
Responsive design should be used to make the homepage easy to access on handheld devices:
All content will be delivered as UI Components that can be placed in a particular zone within a page template. Page templates will respond (change layout) based on the available space; UI Components may also respond to the size of the zone they are located in. For example, the My tasks widget above may show more detail when displayed across the full width of a desktop browser, but a more summarised view when in a more constrained space.
To achieve the target state described would require a range of technical capabilities:
-
Web content management (Oracle WebCenter Sites) – will be needed to create and manage the static content which will remain at the heart of the intranet.
-
Collaboration tools (SAP Jam) – to support collaborative content and messaging.
-
Identity Management (TBC) – to support and manage personalised presentation of content by users’ team and role.
-
Enterprise search (TBC) – to support the federation of search queries across multiple repositories, and aggregation of results into a common format.
-
Unified communications (Cisco Jabber) – to support instant messaging, presence and other personal communications.
-
Integration services (via RESTful Web Services) – to bring together content from a wide range of source systems for the task list, calendar, feed etc.
Describe how your product can support this use case, interoperating with the other software capabilities just described.
3.2 Universal Task List
Description: As an end-user, I want to be able to view tasks summary/details/linked documents and manage
-
My employees’ Leave Requests (ECC MSS)
-
My employees’ Service Request approvals (ServiceNow)
-
My Tasks triggered by other Business Applications (i.e. Appian BPM, bespoke systems)
from my mobile device (via Blackberry, iOS and Android browser) and PC (via desktop browser).
3.3 Universal Calendar
Description: As an end-user, I want to be able to view summary/details of events/meetings
-
Bank-wide
-
Department-wide
-
Team-wide
-
Triggered by other Business Applications (i.e. bespoke systems)
-
Personal
and configure the appearance of calendar by day/week/month/year and set calendars’ sources. Assume that the ESB provides publish-subscribe services to share all relevant events, filterable by User ID.
3.4 Who’s Who (Employee Directory)
Description: As an end-user (Employee), I want to be able to (on any type of device):
-
Search the EBRD employee directory (typeahead search)
-
View Employee details (including pictures)
-
View organisation chart
-
View employee’s online presence status (Cisco Jabber)
-
Initiate a chat session, share a screen or place a call (via Cisco Jabber client)
-
View employee’s activity stream (via SAP Jam: blog posts, published wiki pages, documents, videos, comments, etc.)
ESB-published web services support querying of employee data from the HR system. Pictures are held in MS AD.
3.5 Extranet
Description: As a client/partner (Non-Employee), I want to be able to
-
Upload documents.
-
Make disbursement applications online.
-
Receive statements and notifications. An alert system notifies interested parties whenever new items are added or changed.
-
View reports and simple content derived from back-end systems.
-
Initiate requests (for disbursements, waivers, prepayments, etc.) which trigger workflow items to the relevant internal teams to respond via their Universal Task List.
3.6 Single-Page Application (SPA)
Description: As a UXP Administrator/Developer, I want to be able to
-
Incorporate a standalone SPAs built with well-known JavaScript frameworks (i.e. AngularJS, Ember, React, Polymer) as widgets on UXP pages.
Non-functional scenarios:
3.7 Identity Propagation
We have a set of workflows processes, based on a BPM platform, which would be shown as a Universal Task List UI Component on UXP page and need to carry out fetch and update operations against our project management system (based on SAP ECC). The typical sequence would be an approval of a project element: fetch of project details, followed by update of project status to “approved” or “on hold”. SAP ECC exposes SOAP web-services to the ESB to support these fetch and update operations, which are in turn exposed as SOAP services to the BPM platform. For audit and authorisation purposes, it is important to us that all operations are carried out in the SAP ECC system under the user ID of the person who executed the relevant process step on the BPM platform. The BPM platform supports Kerberos SSO for user sign-on, and supports SAML subject confirmation via SOAP using the “sender vouches” profile to assert the identity of its users to the UXP when consuming RESTful web services. How can your UXP propagate user identities between UXP and BPM, and ECC back-ends?
3.8 Co-ordinated Deployment
The Bank uses Apache Subversion for source management and version control. A typical scenario would involve the simultaneous deployment to a test or production environment, of changes to UI components together with changes to integration features which serve those components.
Describe how your UXP can integrate with Subversion or use other techniques to facilitate orchestrated deployments of related UI and integration changes.
If a major failure of one change package requires reversion of the whole deployment, describe how your UXP could support this roll-back.
3.9 Retracing our steps
A sequence of hard-to-diagnose intermittent errors occurs in background integration activities involving several systems which serve the UXP. In order to understand the cause, we need to start detailed logging and tracing of integration operations, targeted at those systems and certain specific UXP operations we believe are involved. Describe how we can configure your product to provide such detailed and targeted message logs and activity traces, security logging and integration with SIEM; and the tools to analyse such logs and traces after the fact in order to support diagnostic work.
3.10 Business Continuity
The Bank has business continuity provision involving replication of key systems in near real-time at a remote “disaster recovery” site. The UXP would be part of our critical infrastructure and would be included in this provision. Please describe how your UXP failover architecture could provide a scalable, fault-tolerant business continuity solution during a disaster event.
3.11 Scalability for Throughput and Latency
Performance of the User Experience Platform will be a critical factor in the overall performance of applications using services. Please describe the ability to scale the components to manage the throughput performance of your UXP.
3.12 High Availability
As a critical infrastructure component, we will need to configure our UXP to be highly available with redundancy and seamless failover provision. Please describe the configuration options for your UXP to ensure availability.
-
Variant: how can we exploit these same options to provide combined throughput AND availability benefits without excessive redundant provision?
-
Variant: How can these options support the business continuity requirement described above.
3.13 Provision of Test Systems
We will need to incorporate an UXP instance in our regression and other test landscapes. Accordingly, ease of creation and reconfiguration of copies of our production UXP for use in testing is an important requirement. Please describe the steps by which you would recommend we create such test instances, paying particular attention to the range of components that need to be created or copied, and the configuration steps needed to connect them both to each other and to corresponding test instances of the other systems in the test environment.
Annex B – Core Requirements
With reference to the Bank’s requirements as described in Annex A, Suppliers are required to score themselves for each of the questions in the attached document using the following scale.
0 Product does not meet the Bank’s requirements.
1 Product partially meets the Bank’s requirements/requires customisation or integration with a third party product to meet the Bank’s requirements.
2 Product fully meets the Bank’s requirements with out of the box functionality (subject to standard configuration).
3 Product exceeds the Bank’s requirements and offers a degree of innovation that differentiates it from other available products.
-
Suppliers are required to provide a description and justification for each of their responses.
-
Please note that the TEP will be scoring the Supplier’s response based on this information.
-
Should the TEP be satisfied with the justification, suppliers may not be penalised for meeting a requirement through the use of third party products or by customisation of their base product. However, any related costs (additional licensing, professional services etc.) must be clearly indicated in the Suppliers’ Financial Proposal.
Annex C – Narrative Response
1.0 PLANNED USE-CASES AND NON-FUNCTIONAL SCENARIOS
This template is to be used for Vendor responses to the narrative questions set out in section 3.0 of Annex A – UXP Requirements of the RFP document.
-
Suppliers shall enter their response in the response section under each question title. Refer to the RFP document for the full question text.
-
Suppliers should focus on how their products can support the scenarios the Bank have described, emphasising the most appropriate features of both the design and run-time environments for the purpose. If there are several viable approaches, please do include them.
-
The suggested length of responses is up to one page per question, extending to two pages for the most complex questions. Diagrams may be used. Note that concision and relevance of the response to the specifics of the question are important evaluation factors; the inclusion of generic support or marketing material is discouraged. Suppliers should not repeat material between questions; a reference to the previous instance will suffice.
-
For status of components used, please list the product components alluded to in your response, and for each one, detail (a) if it is your own, or a third-party product; and (b) if custom development beyond the standard configuration options offered by the product is required to support any aspects of the scenario covered.
Title
|
2. Universal Task List
|
Response
|
|
Status of components used
|
|
Title
|
3. Universal Calendar
|
Response
|
|
Status of components used
|
|
Title
|
4. Who’s Who (Employee Directory)
|
Response
|
|
Status of components used
|
|
Title
|
5. Single-Page Application (SPA)
|
Response
|
|
Status of components used
|
|
Title
|
6. Extranet
|
Response
|
|
Status of components used
|
|
Title
|
7. Identity Propagation
|
Response
|
|
Status of components used
|
|
Title
|
8. Co-ordinated Deployment
|
Response
|
|
Status of components used
|
|
Title
|
9. Retracing our steps
|
Response
|
|
Status of components used
|
|
Title
|
10. Business Continuity
|
Response
|
|
Status of components used
|
|
Title
|
11. Scalability for Throughput
|
Response
|
|
Status of components used
|
|
Title
|
12. High Availability
|
Response
|
|
Status of components used
|
|
Title
|
13. Provision of Test Systems
|
Response
|
|
Status of components used
|
|
2.0 IMPLEMENTATION
2.1 Project Implementation Timeline
Phase 1 – Design / Preparation
Phase 2 – Commissioning of the trial UXP software in to the EBRD environment
Phase 3 – PoC
Phase 4 - Adoption of the UXP
Phase 5 – Further strategic development of the UI layer utilising the UXP (as described in the potential use-cases)
2.2 Implementation Services
The Bank requires that Suppliers provide professional services to implement phases 1-3 of the above timeline. The Suppliers Narrative Response will include the following:
-
Proposed approach, methodology and project governance.
-
CVs of the Project Team which the Supplier is proposing to deliver the implementation, identifying their experience of implementation of (e.g. a “lead” consultant), their contract status (permanent or subcontracted staff), and their length of time with the company.
-
Work Plan and Team Assignment, detailing key milestones.
-
Include any training necessary for Bank staff to administer, configure and operate the software. This may include shadowing the implementation consultants and/or some formal training
-
Describe any commitments that would be made to address a situation where a key member of the Implementation team (that your firm supplied) unexpectedly became unavailable.
-
Outline of the capacity to draw on resources when necessary from other areas of the Supplier’s organisation.
The cost of this implementation should be included in the quotation file
3.0 Architecture and Product Support
The Bank requires that Suppliers provide the following information as part of their Narrative Response.
-
The Supplier must identify the technical skills/training required to maintain and manage the solution.
-
The Supplier must provide details of its upgrade/patching release policy and approach to product upgrades.
-
The Supplier must provide an overview of the proposed development roadmap for the products under their control which are used in the solution.
-
The Supplier must show a clear development path for the solution, demonstrating commitment to support the latest and future versions of MS Windows and MS Office.
-
The Bank requires full technical support during UK office hours (09:00-17:00, Mon-Fri). The Supplier must provide the details of its support offering which most closely matches this requirement.
-
The Supplier must identify whether any support will be provided by a third party and if so how this will be delivered in accordance with the Bank’s requirements.
-
Describe at an overview level the complete lifecycle of a support call – from the point the Bank initiates the call to its resolution, specifically indicating:
-
The method of call logging
-
Standard SLAs
-
Integration of SLAs into the call logging system.
-
Internal escalation procedures
-
External escalation procedures
-
Remote support capability
-
Capability to provide on-site resources as requested
-
Describe any methodology, quality control system and/or “good” practice” initiatives that you would employ to facilitate the delivery of high quality support.
-
Specify any technical infrastructure that will be required at the Bank to facilitate support. Any additional costs that will be incurred by the Bank i.e. telecoms costs, licensing must be reflected in Annex D – Quotation File.
-
Describe the process for providing professional services to the Bank. Professional services.
-
Describe the level of flexibility in dealing with issues that may require consultants on-site and when responding to ad-hoc requests.
Annex D – Scope of Proof of Concept
Annex E – Quotation File
Share with your friends: |