Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY - FEDBIZOPPS ISSUE OF APRIL 25, 2015 FBO #4900
SOURCES SOUGHT

R -- Enterprise Risk Management Software Requirements

Notice Date
4/23/2015
 
Notice Type
Sources Sought
 
NAICS
423430 — Computer and Computer Peripheral Equipment and Software Merchant Wholesalers
 
Contracting Office
Department of Energy, National Security Technologies LLC (DOE Contractor), National Security Technologies LLC, PO Box 98521, Las Vegas, Nevada, 89193
 
ZIP Code
89193
 
Solicitation Number
042315-SH-15
 
Point of Contact
Sheppy, Phone: 702-295-3060, Emma B Fox, Phone: 702.295.0507
 
E-Mail Address
herskosd@nv.doe.gov, foxeb@nv.doe.gov
(herskosd@nv.doe.gov, foxeb@nv.doe.gov)
 
Small Business Set-Aside
Total Small Business
 
Description
Please provide a capabilities statement with supporting literature such as cut sheets, descriptive literature, catalogs etc. which will demonstrate how your product will meet the following requirements and also list if you are the manufacturer or reseller: Software Requirements A. Operating system 1. Should run on the Windows platform in order to integrate with other Microsoft products such as SharePoint and Excel. 2. Should be a server based enterprise-wide system. B. Function 1. Common Enterprise Level Risk Form functionality allowing text and numerical input by users from across the company and providing automated score calculation based on input. Risk scoring criteria embedded in calculation. Calculation capability to include the ability to select and chart (on 5x5 scoring matrix) highest risk score between four separate scoring criteria. 2. Common Embedded Level Risk Form functionality allowing text and numerical input by users from across the company and providing automated score calculation based on input. Risk scoring criteria embedded in calculation. Calculation capability to include the ability to select and chart (on 5x5 scoring matrix) highest risk score between four separate scoring criteria. NOTE: The Embedded Level Risk Form can be an abbreviated version of the Enterprise Level Risk Form and does not require the section on Risk Response Planning or the Section on Residual Risk Scoring. 3. Common Action List functionality that collects and lists action items for tracking purposes from Risk Response Plan section of the Risk Form with identified risk action owners and due dates. 4. Common Risk Register functionality, including but not limited to, description of the risk, impact, probability, scoring, summary of planned response, and summary of mitigation. 5. Ability for the Risk Manager to select/determine status for each populated risk form including 1) "active", 2) "closed", 3) "pending" and 4) "returned to embedded level" for use as a basis for sorting Risk Register output. 6. Ability for the Risk Manager to seamlessly migrate selected risks from the Embedded Level Risk Form to the Enterprise Level Risk form. 7. Ability to customize towards the company's unique needs, including fields for Mission (i.e. DESS, EM, GS), Functional Area (i.e. Business Management, Cyber Security, Worker Safety), or Directorate, amongst others. Includes ability to screen/sort between business risks and other risks. 8. Ability to export the Risk Form and Risk Register to several different file formats, including Excel and Adobe PDF dashboard layout formats. 9. Ability to generate and display metrics from data field information collected from the risk form including Pareto charts, pie charts, line charts, scatter charts, etc.. Collected data to include both the Enterprise Level Risk Form and the Embedded Level Risk Form. 10. Ability to graphically display/chart "active" risks by risk score on a 5 by 5 paired number grid with risk title indicated Ability to display risk scoring criteria as a "pop-up" as a job aid to assist in selecting applicable consequence categories, likelihood values and scoring risks. 11. Ability to sort by "related risk" input data field. C. Interfaces 1. Ability to interface with and leverage existing functionality built into SharePoint. D. Performance requirements 1. Should be web based for easy deployment 2. Should be capable of scaling up to 2500 users 3. Refresh capability not greater than 5 seconds E. Installation considerations 1. Should be contained on the company network, not cloud-based, to protect private data. G. Any design constraints of the computer program 1. General user access authorization shall be limited to: a. Initially enter data into the Risk Form b. Selecting drop down menu items on Risk Form c. Initiating risk score calculations 2. Risk Integrator access authorization shall include ability to: a. Initially enter data into the Risk Form b. Update or modify data content in previously populated Risk Forms 3. Risk Manager access authorization shall include ability to: a. Assign risk number b. Select/determine status for each populated risk form including 1) "active", 2) "closed", 3) "pending" and 4) "returned to embedded level" c. Update or modify data content in populated Risk Forms after the forms have been initially entered into the system d. Generate Risk Registers (full and enterprise versions) e. Update risk metric displays 4. Administrator access authorization shall include all of the above plus ability to: a. Customize drop down menus and/or modify the Risk Form input fields towards the company's unique needs, including fields for Mission (i.e. DESS, EM, GS), Functional Area (i.e. Business Management, Cyber Security, Worker Safety), or Directorate, amongst others b. Customize, modify or create new metric calculations and displays c. Customize or modify Risk Form fields and display d. Customize or modify Risk Register fields and display Software "make or buy" decision 1. Operating system requirements are met. 2. Functionality requirements are met. 3. Performance requirements are met. 4. Interface with SharePoint requirement is met 5. General, Risk Integrator and Risk Manager access requirements/constraints are met. 6. Customization allowed by administrative user. 7. Work flow requirements are met. 8. Installation requirements are met.   Draft Test Plans Test # Description Requirements Covered Pass/Fail Initials Date 1 Input risk details, including impact and probability Should automatically calculate score and graph on 5 x 5 grid 2 Pick customized fields, such as Directorate Should be able to select from company-specific values 3 Export dashboard format Should be able to print Risk Register to PDF in order to include in monthly dashboards 4 Export to Excel and.pdf formats Should be able to export all Embedded Level and Enterprise Level Risk Forms and Risk Register data to Excel and.pdf formats 5 Generate metrics Should be able to generate metrics from Enterprise Level and Embedded Level Risk Form data as charts 6 Create action list Should be able to generate action list from actions identified in Risk Response Plan section of Enterprise Level Risk Form 7 Test access authorization constraints General users should only be able to access Embedded Level Risk Form, Risk Integrators and Risk Manager should be able to perform additional actions defined above on the Enterprise Level Risk Form
 
Web Link
FBO.gov Permalink
(https://www.fbo.gov/spg/DOE/BNC/BV/042315-SH-15/listing.html)
 
Place of Performance
Address: North Las Vegas, NV, North Las Vegas, Nevada, 89193, United States
Zip Code: 89193
 
Record
SN03709314-W 20150425/150423235419-93a0a1c2b2863ab6a0dd398567f257ad (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.