Table of Resources for High-Risk Procurements
Note: Most items in this table are also helpful for other types of IT procurements that are not considered high-risk.
|
General Information |
|
|
Provides useful information on the high-risk procurement process. |
|
|
Tools |
|
|
VITA templates for IT solicitations and contracts |
VITA recommends agencies always use these templates for their IT procurements. To ensure that agencies are using the most up-to-date versions, VITA also recommends that agencies request these templates each time they are ready to begin a new IT procurement. Templates are not available on VITA’s website and must be obtained by emailing: scminfo@vita.virginia.gov. |
|
Matrix that needs to be completed by agencies and submitted for review to VITA with delegated, major, and high-risk IT solicitation and contract packages. The procurement officer should complete the matrix and provide it to their agency AITR to submit, along with the complete high-risk IT solicitation or contract document package, in Planview Enterprise 1. |
|
|
Guide with examples for creating performance measures/service level agreements for request for proposals (RFPs) and contracts.
|
|
|
A template for preparing a milestones and deliverables plan for your solicitation or contract. VITA recommends that agencies include a milestones and deliverables table for each high-risk procurement.
|
|
|
A resource to help agencies develop a strategy to maximize their success in negotiating with suppliers.
|
|
|
Training Videos |
|
|
Provides insight into drafting clear and distinct performance metrics, enforcement provisions, and remedies, including how they work together to make a strong contract. Also covers examples of compliant and noncompliant performance measures to help our customers when creating their contract performance measures. Transcript of the video with additional information and resources is available. |
|
|
Focuses on VITA’s delegated thresholds, the IT governance groups involved in the review process, submission requirements, and process steps for major projects, cloud and high-risk IT procurements. Transcript of the video with additional information and resources is available. |
|
|
Defines cloud-based solutions and lays out the steps in the ECOS (enterprise cloud oversight service) process including, the steps to follow for RFPs with cloud-based solutions and how to award a cloud contract with or without an RFP. Transcript of the video with additional information and resources is available. Please note that as of January 2024, Information Security Standard 525 (SEC525) has been changed to Information Security Standard 530 (SEC530). All references to SEC525 now refer to SEC530. |
|
|
Software as a Service (SaaS/Cloud) |
|
|
ECOS/COV Ramp Procedure Checklist for Cloud Solution Solicitations and Contracts |
Step-by-step guide to assist agencies with cloud procurements.
|
|
Cloud Services Additional Contract Terms and Conditions ("Cloud Terms") |
Terms to be included in solicitations and contracts for supplier-hosted (cloud) solutions. It is important to use the most up-to-date version of the cloud terms, as they are subject to change. The cloud terms may be obtained by emailing scminfo@vita.virginia.gov |
|
Cloud Service Assessment Form |
This must be included in solicitations for cloud-hosted solutions. Go to VITA service portal, and search for "Cloud Service Assessment" and then scroll down to "Attachment for 1-1003" and download the form. The assessment form will be completed by the supplier and reviewed by VITA to verify the supplier's ability to meet the Commonwealth security and governance requirements for non-premise based (cloud) services. |
|
A description of the Enterprise Cloud Oversight Service, which provides oversight functions and management of cloud based services. |
|
Please hover over the Procurement tab at the top of this page for other useful information concerning information technology procurements.
Would you like to provide SCM feedback on its site?