EFAST2 RFP

DOL069RP20266

Sections B - M
Attachments A - V






September 2006











Government Proprietary
Source Selection Sensitive
For Official Use Only





This Page is Intentionally Left Blank













EFAST2 RFP
Section B
Information Technology Description,
Cost, and Pricing
EFAST2 RFP
Section B, Page 1 of 16
DOL069RP20266





This Page is Intentionally Left Blank
EFAST2 RFP
Section B, Page 2 of 16
DOL069RP20266
PART I - THE SCHEDULE
SECTION B - INFORMATION TECHNOLOGY DESCRIPTION, COST, AND
PRICING

B.1 INFORMATION TECHNOLOGY DESCRIPTION, COST, AND PRICING

The Contractor shall provide the necessary Information Technology (IT) acquisition, equipment,
software, and technical expertise required to design, develop, test, implement, operate, and
maintain EFAST2.

B.2 COMPENSATION

The contract comprises a 21-month Base Period and eleven 1-year options, Option Periods I
through XI.

B.2.1 Base Period – Prototype System Module, Scaleup, and Certification &
Implementation

B.2.1.1 Base Period – Contract Type

The Base Period of the contract is Cost Plus Award Fee (CPAF) as defined in subpart 16.305 and
16.405-2 of the Federal Acquisition Regulations.

B.2.1.2 Base Period – Period of Performance

The Base Period of the contract is contract award through December 31, 2008. The Base Period
will be structured into three distinct time components. These three components, combined, reflect
the required 21-month Base Period of Performance for Development, Scaleup, and Certification
and Implementation of EFAST2. The Base Period begins with initial development and testing of
a system prototype, and ends with certification and implementation of a full-scale processing
system authorized to begin operations. The three components of Base Period are described
below.

The Base Period (1st Component) commences upon award and continues to testing of a prototype
EFAST2 system. This component is estimated to continue through December 31, 2007. During
this period the Contractor shall design, build, and test a prototype system capable of processing
limited volumes, per the requirements in this contract. The Government will conduct a functional
capability test (FCT) of the prototype, as described in Section E.8. The Government will evaluate
the results of the prototype testing (FCT 1), along with Contractor deliverables and related
materials, in determining whether to grant the Contractor Notice-To-Proceed (NTP) to
commence with the Base Period (2nd Component), and determining whether to grant the first
award fee (AF1), as described in Attachment Q.

The Base Period (2nd Component) continues with scaleup of the prototype to full production
processing capability and is estimated to continue through July 31, 2008. The Government will
conduct a functional capability test of the scaleup, as described in Section E.8. The Government
EFAST2 RFP
Section B, Page 3 of 16
DOL069RP20266
will evaluate the results of the scaleup end-to-end test (FCT 2), along with other Contractor
products, including deliverables, engineering process artifacts, and related materials, in
determining whether to exercise Option Period I and determining whether to grant the second
award fee (AF2), as described in Attachment Q.

The Base Period (3rd Component) continues with the correction of system problems identified
during the prototype and scaleup component phases and is estimated to continue through
December 31, 2008. This component is intended to correct all identified defects or deficiencies,
including retesting and system regression testing, in order to fully prepare the system for the
System Acceptance Test (SAT) and Security Certification. The Government will witness the
conduct of SAT of the production system (see Section E.8) and perform a Security Compliance
Review. The Government will evaluate the results of SAT and the Security Compliance Review,
along with other Contractor products, including deliverables and related materials, in determining
whether to grant the third award fee (AF3), as described in Attachment Q.

The Government will determine whether to authorize system startup and commencement of
EFAST2 production operations based on the following criteria: (1) the observed operational
capability of the system in the SAT; (2) the Contractor’s express certification that the security
controls designed for the EFAST2 system have been thoroughly tested and that the controls
effectively mitigate the threats and vulnerabilities documented in the Contractor’s security
documentation; and (3) the Government’s own Security Compliance Review. Should the
Government determine that the system is ready for startup, the Government will grant the
Contractor official Notice-To-Proceed (NTP) to Option Period I (2nd Component), and the
Contractor will commence production operations.

B.2.1.3 Base Period – Consideration

The total cost to the Government for the performance of work under this contract shall not
exceed $______________, which is composed of a cost of $______________, a fixed fee of
$______________, and an award fee of $______________. The Contractor agrees to use its best
efforts to perform all work specified in the Schedule and obligations under this contract within
the estimated cost set forth herein, subject to FAR 52.232-20 – Limitation of Cost.

B.2.1.4 Base Period – Fee

The Base Period contract shall provide for a fee structure consisting of 2 parts: (1) a fixed fee
established at inception of the contract and (2) an award fee that the Government may award in
whole or in part during performance.

B.2.1.4.1 Base Period – Fixed Fee

The fixed fee shall be $______________ or 70% of the total negotiated fee structure. This fixed
fee shall be reimbursed to the Contractor as part of its best-effort performance of the
Government’s minimum requirements under this contract.

EFAST2 RFP
Section B, Page 4 of 16
DOL069RP20266
B.2.1.4.2 Base Period – Award Fee

The Contractor may be eligible for a partial award fee at the conclusion of each component
identified under the Base Period. The maximum amount of the Base Period Award Fee that can
be awarded in each component will be 33% of the total award fee structure established under the
Base Period. The criteria for determining the award fee under each component and the
percentage of the respective award fee that may be awarded for each criterion are established in
Attachment Q of this contract. The four criteria that will be used to calculate the award fee are as
follows:

• Critical Error Reports—Critical error reports (ER) may be generated during each
identified component under the Base Period of the EFAST2 contract. Critical errors
are defined as observed defects or deficiencies that would be detectable by the public
end users of the system or that could pose a risk to data or system confidentiality,
integrity, or availability. Such critical ERs would be issued in response to FCTs 1 or 2
and/or SAT and would require resolution prior to the commencement of the following
component’s period of performance. All critical ERs shall be corrected and retested,
including system regression testing, to ensure compliance with the Government’s
requirements before proceeding to the following component. Up to 40% of the award
fee may be awarded for this criterion.

• Minor Error Reports—Minor ERs may be generated during each identified
component under the Base Period of the EFAST2 contract. Minor errors are defined
as observed defects or deficiencies that would not be detectable by the public end
users of the system and that would not pose a risk to data or system confidentiality,
integrity, or availability. Such minor ERs would be issued in response to FCTs 1 or 2
and/or SAT and would require resolution prior to granting of Notice-To-Proceed
(NTP) to Option Period I (2nd Component). All minor ERs shall be corrected and
retested, including system regression testing, to ensure compliance with the
Government’s requirements before the commencement of production operations. Up
to 20% of the award fee may be may be awarded in each component for this criterion.

• Schedule Performance—Schedule performance shall be demonstrated by the
Contractor within the approved EFAST2 Performance Measurement Baseline (PMB).
In earned value measurement terms, for each Base Period component period of
performance, the cumulative Budgeted Cost of Work Performed (BCWP) shall be
equal to or greater than the cumulative Budgeted Cost of Work Scheduled (BCWS).
Up to 20% of the award fee may be awarded in each component for this criterion.

• Cost Performance—Cost performance shall be demonstrated by the Contractor within
the approved EFAST2 PMB. In earned value measurement terms, for each Base
Period component period of performance, the cumulative Budgeted Cost of Work
Performed (BCWP) shall be equal to or greater than the cumulative Actual Cost of
Work Performed (ACWP). Up to 20% of the award fee may be awarded in each
component for this criterion.

EFAST2 RFP
Section B, Page 5 of 16
DOL069RP20266
Within 90 days of the conclusion of each component of the Base Period, the Government will
assess the Contractor’s performance against the award fee criteria for that component, as
specified in Attachment Q of this contract. The Government will calculate the award fee for the
component and compensate the Contractor based on the calculation.

The award fee shall be $______________ or 30% of the total negotiated fee structure. The award
fee may be awarded to the Contractor in whole or in part for fulfillment of Government
performance standards without qualification for the measurement period. The awarding of this
fee shall be determined by the Government’s judgmental evaluation of the Contractor’s
performance in terms of the criteria stated in the Contract and according to the guidelines set
forth in Attachment Q of this contract.

B.2.1.5 Base Period – Reimbursement of Costs

Reimbursement shall be made to the Contractor monthly based on actual costs incurred, and
contingent upon Government inspection and acceptance of Base Period deliverables listed in
Section F received in the month preceding submission of the Contractor’s invoice, and subject to
the Section G invoicing instructions in this contract and FAR 52.216-7 — Allowable Cost and
Payment. The Contractor also agrees to use its best efforts to perform all work specified in the
Schedule and obligations under this contract within the estimated cost set forth herein, subject to
FAR 52.232-20 – Limitation of Cost and FAR 52.216-08 – Fixed Fee for the Base Period - Fixed
Fee component.

All Contractor costs associated with the Base Period, including project planning, requirements
definition, system design, build, and test, hardware and software acquisition, commercial off-the-
shelf (COTS) software licenses, documentation, plant acquisition, labor, training, and security
certification, shall be built into the total CPAF cost figure proposed by the Contractor under the
Base Period.

The Contractor shall build all usage fees, maintenance expenses, upgrade costs, and all other
ongoing costs associated with computers and other equipment acquired (i.e., purchased or leased)
during the Base Period into the Base Period CPAF cost structure provided by the Contractor and
incorporated into this contract.

The Government does not intend to take title to computers, custom software, COTS licenses, or
any other non–Government Furnished Information (GFI) equipment produced and/or obtained,
purchased, leased, or rented by the Contractor during performance of the Base Period of this
contract. At the end of the Base Period, however, the Government reserves the right to take title
to any and all computers, COTS licenses, or other non-GFI equipment obtained, purchased,
leased, or rented by the Contractor in execution of this contract. If the Government does elect to
take title to such items to transition EFAST2 to another contractor, the Government shall request
the Contractor to submit a responsive proposal for the unreimbursed portion of the equipment
and software items identified herein.

EFAST2 RFP
Section B, Page 6 of 16
DOL069RP20266
Funding is provided for the Base Period of performance as follows:

Appropriation Code Amount



B.2.1.6 Base Period – Incremental Funding

Funds in the amount of $______________ are currently available through 09/30/20XX to fund
the performance of all work under this contract during its Base Period. The Government’s
obligation hereunder for funding the total estimated cost of $______________ for the
Contractor’s performance of this covered work is contingent upon the availability of funds. No
legal liability on the part of the Government for payment of any money beyond the currently
funded limit of $______________ for the performance of this covered work shall arise unless
funds are made available to the Contracting Officer for the additional $______________ and
notice is given to the Contractor by the Contracting Officer of such funding. The Contractor,
however, is entitled to payment only after an appropriately documented invoice is submitted, as
stated in Section G.2, Submission of Invoices.

B.2.2 Option Period I (1st Component) – Advance Pre-Processing Activities

B.2.2.1 Option Period I (1st Component) – Contract Type

Option Period I (1st Component) of the contract is Cost Plus Fixed Fee (CPFF) as defined in
subpart 16.306 of the Federal Acquisition Regulations.

B.2.2.2 Option Period I (1st Component) – Period of Performance

Option Period I (1st Component) of the contract is August 1, 2008, through December 31, 2008.
Option Period I (1st Component) commences upon successful completion of the Base Period
(2nd Component) (see Section B), planned for July 31, 2008. Option Period I (1st Component)
continues through the successful completion of the Base Period (3rd Component) (see Section
B), planned for December 31, 2008. During Option Period I (1st Component) the Contractor
shall conduct advance, pre-processing activities necessary to prepare for system startup.

B.2.2.3 Option Period I (1st Component) – Consideration

The total cost to the Government for the performance of work under the Option Period I (1st
Component) of the contract shall not exceed $______________, which is composed of a cost of
$______________ and a fixed fee of $______________. The Contractor agrees to use its best
efforts to perform all work specified in the Schedule and obligations under this component of the
contract within the estimated cost set forth herein, subject to FAR 52.232-20 – Limitation of Cost
and FAR 52.216-08 – Fixed Fee.

EFAST2 RFP
Section B, Page 7 of 16
DOL069RP20266
B.2.2.4 Option Period I (1st Component) – Reimbursement of Costs

Reimbursement shall be made to the Contractor monthly based on actual costs incurred, and
contingent upon Government inspection and acceptance of the deliverables listed in Section F for
Option Period I (1st Component). The deliverables shall be those received by the Government in
the month preceding submission of the Contractor’s invoice, subject to the invoicing instructions
in Section G of this contract and FAR 52.216-7 — Allowable Cost and Payment. The Contractor
also agrees to use its best efforts to perform all work specified in the Schedule and obligations
under this component of the contract within the estimated cost set forth herein, subject to FAR
52.232-20 – Limitation of Cost and FAR 52.216-08 – Fixed Fee.

All Contractor costs associated with the Option Period I (1st Component) of the contract shall be
built into the total CPFF cost figure proposed by the Contractor under Option Period I (1st
Component). This includes labor, training, other direct costs (ODC), and other necessary
advance, pre-processing activities necessary to prepare for system startup and initial operations
and maintenance of the EFAST2 production system during Option Period I (1st Component).

The Contractor shall build all usage fees, maintenance expenses, upgrade costs, and all other
recurring and/or ongoing costs associated with computers and other non-GFI equipment acquired
during the Base Period and the Option Period I (1st Component) that will be incurred during
Option Period I (1st Component) into the Firm Fixed Price (FFP) cost structure proposed by the
Contractor and incorporated into this contract for Option Period I (1st Component).

The Government does not intend to take title to computers, custom software, COTS licenses, or
any other non–GFI equipment produced and/or obtained, purchased, leased, or rented by the
Contractor during performance of Option Period I (1st Component) of this contract. At the end of
Option Period I (1st Component), however, the Government reserves the right to take title to any
and all computers, COTS licenses, or other non-GFI equipment obtained, purchased, leased, or
rented by the Contractor in execution of this contract. If the Government does elect to take title to
such items to transition EFAST2 to another contractor, the Government shall request the
Contractor to submit a responsive proposal for the unreimbursed portion of the equipment and
software items identified herein.

No funding has yet been provided for Option Period I (1st Component).

B.2.3 Option Period I (2nd Component) through Option Period XI – Operations

B.2.3.1 Option Period I (2nd Component through) Option Period XI – Contract Type

Option Period I (2nd Component) through Option Period XI of the contract consist of a Firm
Fixed Price (FFP) with Incentive contract structure as defined in subpart 16.204 and 16.403 of
the Federal Acquisition Regulations.

EFAST2 RFP
Section B, Page 8 of 16
DOL069RP20266
B.2.3.2 Option Period I (2nd Component) through Option Period XI – Periods of
Performance

EFAST2 production operations will be purchased in eleven contract option periods, starting with
Option Period I (2nd Component) and ending with Option Period XI. Option Period I (2nd
Component) commences at system startup with the Contractor’s receipt of the Government’s
Notice-To-Proceed (NTP) to production operations. This is planned for December 31, 2008. The
following periods of performance are associated with the eleven option periods:

• Option Period I (2nd Component) is January 1, 2009, through June 30, 2009.

• Option Period II is July 1, 2009, through June 30, 2010.

• Option Period III is July 1, 2010, through June 30, 2011.

• Option Period IV is July 1, 2011, through June 30, 2012.

• Option Period V is July 1, 2012, through June 30, 2013.

• Option Period VI is July 1, 2013, through June 30, 2014.

• Option Period VII is July 1, 2014, through June 30, 2015.

• Option Period VIII is July 1, 2015, through June 30, 2016.

• Option Period IX is July 1, 2016, through June 30, 2017.

• Option Period X is July 1, 2017, through June 30, 2018.

• Option Period XI is July 1, 2018, through June 30, 2019.

B.2.3.3 Option Period I (2nd Component) through Option Period XI – Cost and Pricing
Schedule

The Government will compensate the Contractor for performance during Option Period I (2nd
Component) through Option Period XI of this contract in accordance with the Contract Line Item
Number (CLIN) structure and incentive formulas established in the Cost and Pricing Schedule of
this contract.

The CLIN structure described herein for Option Period I (2nd Component) through Option
Period XI segments the negotiated Total Fixed Price (TFP) compensation into three (3) CLINs
for each option period. The CLIN structure provides for adjusting the final contract price by
application of a formula based on the Contractor’s demonstrated ability to meet the performance
standards specified in Section C.2 of this contract.

EFAST2 RFP
Section B, Page 9 of 16
DOL069RP20266
CLIN 1 represents the payment that shall be billable monthly as reimbursement for all EFAST2
operations, including applicable Customer Support activities, provided that the Contractor meets
the performance requirements specified under Section C of the Contract Schedule. The monthly
CLIN 1 price shall be one twelfth (1/12) of the Total Fixed Price (TFP) base amount for each of
Option Period I (2nd Component) through Option Period XI.

CLIN 2 represents a performance standard incentive payment that shall be billable monthly and
is based on the Contractor’s demonstrated ability to meet some or all of the performance
standards specified in Section C.2 of the contract, as measured and calculated by the
Government. The Contractor shall be entitled to a partial incentive payment for meeting some of
the performance standards and a full incentive payment for meeting all of the performance
standards during the evaluation period. In order to qualify for payment under each subpart of
CLIN 2, the performance standard described in Section C.2 corresponding to that subpart must be
met without qualification for the measurement period. For purposes of calculating the CLIN 2
payment, each performance standard will be considered of equal weight by the Government
towards calculation of the total incentive payment. The sum of all CLIN 2 monthly incentive
payments within Option Period I (2nd Component) through Option Period XI shall not exceed
the Contractor’s declared total incentive amount payment contained in Section B.2.3.3.of this
contract. The monthly price of CLIN 2 shall be a maximum of one twelfth (1/12) of the Total
Fixed Price (TFP) incentive amount for each of Option Period I (2nd Component) through
Option Period XI. The monthly CLIN 2 price shall be based on a formula used by the
Government to measure Contractor compliance with the performance standards specified in
Section C.2, per the methodology contained in Attachment I. The incentive amount payment
formula used by the Government is contained in Attachment R.

CLIN 3 represents the payment that shall be billable monthly as reimbursement for all EFAST2
hardware depreciation and software amortization. The monthly CLIN 3 price shall be one twelfth
(1/12) of the Total Fixed Price (TFP) depreciation/amortization amount for each of Option Period
I (2nd Component) through Option Period XI. The methodology to be used to determine the
depreciation/amortization amount for each option period is contained in Attachment T.

The Government will compensate the Contractor according to the negotiated Total Fixed Price
(TFP) compensation for each annual contract period, consisting of a base amount to be billed
under CLIN 1, an incentive amount to be billed under CLIN 2, and a depreciation/amortization
amount to be billed under CLIN 3.

The negotiated Total Fixed Price (TFP) to the Government for the performance of work under
Option Period I (2nd Component) of this contract shall not exceed $______________, and shall
consist of $______________ base amount to be reimbursed under CLIN 1, a maximum
$______________ incentive amount to be reimbursed under CLIN 2, and $______________
depreciation/amortization amount to be reimbursed under CLIN 3.

The negotiated Total Fixed Price (TFP) to the Government for the performance of work under
Option Period II of this contract shall not exceed $______________, and shall consist of
$______________ base amount to be reimbursed under CLIN 1, a maximum $______________
EFAST2 RFP
Section B, Page 10 of 16
DOL069RP20266
incentive amount to be reimbursed under CLIN 2, and $______________
depreciation/amortization amount to be reimbursed under CLIN 3..

The negotiated Total Fixed Price (TFP) to the Government for the performance of work under
Option Period III of this contract shall not exceed $______________, and shall consist of
$______________ base amount to be reimbursed under CLIN 1, a maximum $______________
incentive amount to be reimbursed under CLIN 2, and $______________
depreciation/amortization amount to be reimbursed under CLIN 3.

The negotiated Total Fixed Price (TFP) to the Government for the performance of work under
Option Period IV of this contract shall not exceed $______________, and shall consist of
$______________ base amount to be reimbursed under CLIN 1, a maximum $______________
incentive amount to be reimbursed under CLIN 2, and $______________
depreciation/amortization amount to be reimbursed under CLIN 3.

The negotiated Total Fixed Price (TFP) to the Government for the performance of work under
Option Period V of this contract shall not exceed $______________, and shall consist of
$______________ base amount to be reimbursed under CLIN 1, a maximum $______________
incentive amount to be reimbursed under CLIN 2, and $______________
depreciation/amortization amount to be reimbursed under CLIN 3..

The negotiated Total Fixed Price (TFP) to the Government for the performance of work under
Option Period VI of this contract shall not exceed $______________, and shall consist of
$______________ base amount to be reimbursed under CLIN 1, a maximum $______________
incentive amount to be reimbursed under CLIN 2, and $______________
depreciation/amortization amount to be reimbursed under CLIN 3.

The negotiated Total Fixed Price (TFP) to the Government for the performance of work under
Option Period VII of this contract shall not exceed $______________, and shall consist of
$______________ base amount to be reimbursed under CLIN 1, a maximum $______________
incentive amount to be reimbursed under CLIN 2, and $______________
depreciation/amortization amount to be reimbursed under CLIN 3.

The negotiated Total Fixed Price (TFP) to the Government for the performance of work under
Option Period VIII of this contract shall not exceed $______________, and shall consist of
$______________ base amount to be reimbursed under CLIN 1, a maximum $______________
incentive amount to be reimbursed under CLIN 2, and $______________
depreciation/amortization amount to be reimbursed under CLIN 3.

The negotiated Total Fixed Price (TFP) to the Government for the performance of work under
Option Period IX of this contract shall not exceed $______________, and shall consist of
$______________ base amount to be reimbursed under CLIN 1, a maximum $______________
incentive amount to be reimbursed under CLIN 2, and $______________
depreciation/amortization amount to be reimbursed under CLIN 3.

EFAST2 RFP
Section B, Page 11 of 16
DOL069RP20266
The negotiated Total Fixed Price (TFP) to the Government for the performance of work under
Option Period X of this contract shall not exceed $______________, and shall consist of
$______________ base amount to be reimbursed under CLIN 1, a maximum $______________
incentive amount to be reimbursed under CLIN 2, and $______________
depreciation/amortization amount to be reimbursed under CLIN 3.

The negotiated Total Fixed Price (TFP) to the Government for the performance of work under
Option Period XI of this contract shall not exceed $______________, and shall consist of
$______________ base amount to be reimbursed under CLIN 1, a maximum $______________
incentive amount to be reimbursed under CLIN 2, and $______________
depreciation/amortization amount to be reimbursed under CLIN 3.

B.2.3.4 Option Period I (2nd Component) through Option Period XI – Compensation

The Contractor shall establish a Total Fixed Price (TFP), consisting of a base amount, an
incentive amount, and a depreciation/amortization amount for each of Option Period I (2nd
Component) through Option Period XI. Payment shall be monthly or on a quasi-monthly “4-4-5”
schedule, depending upon the Contractor's approved accounting structure. In a 4-4-5 schedule,
the first month of a quarter consists of the first 4 weeks, the second month of the quarter consists
of the next 4 weeks, and the third month of the quarter consists of the remaining 5 weeks.

The Government will compensate the Contractor during Option Period I (2nd Component)
through Option Period XI according to the prices listed in the Cost and Pricing Schedule Section
B.2.3.3. The Government will compensate the Contractor through CLIN 1 for the Firm Fixed
Price (FFP) base amount compensation, through CLIN 2 for the Fixed Price Incentive amount
compensation, and through CLIN 3 for the FFP depreciation/amortization amount. The
Contractor, however, shall be entitled to payment only after an appropriately documented and
approved invoice is submitted, as stated in Section G.2, Submission of Invoices.

The Government will not provide the Contractor with any compensation during Option Period I
(2nd Component) through Option Period XI other than as specified in the Cost and Pricing
Schedule.

The Contractor shall recover the cost of major hardware items and commercial off-the-shelf
(COTS) software licenses required for the EFAST2 system on a depreciation and amortization
schedule during Option Period 1 (2nd Component) through Option Period XI. The schedule shall
be calculated as described in Attachment T. The cost of such hardware, COTS software, and
other non-GFI equipment used by the Contractor under this effort shall be included in the Firm
Fixed Price (FFP) CLIN 3 prices of Option Period I (2nd Component) through Option Period XI
of the contract.

At the end of each of Option Period I (2nd Component) through Option Period XI, the
Government reserves the right to take title to any and all computers, custom software, COTS
licenses, or other non-GFI equipment produced and/or obtained, purchased, leased, or rented by
the Contractor in execution of this contract. If the Government elects to take title to such items to
transition EFAST2 to another contractor, the Government may request the Contractor to submit a
EFAST2 RFP
Section B, Page 12 of 16
DOL069RP20266
responsive proposal for the unreimbursed portion of the equipment and software items identified
herein.

No funding has yet been provided for Option Period I (2nd Component) through Option Period
XI.

B.3 ALLOWABLE COST AND PAYMENT – BASE PERIOD & OPTION PERIOD I
(1ST COMPONENT)

The Government will reimburse the Contractor during the Base Period and Option Period I (1st
Component) for the costs determined by the Contracting Officer to be allowable in accordance
with FAR 52.216-7 – Allowable Cost and Payment and the following provisions:

1. Purchase Orders and Subcontracts

The following shall require prior written approval of the Contracting Officer:

(a) Purchase or rental of items of non-expendable property having a unit value
exceeding $750.00. For the purpose of this contract, non-expendable property means
property or equipment having a normal life expectancy of one year or more.

(b) All proposed purchase orders or subcontracts that require prior approval in
accordance with FAR 52.244-2 — Subcontracts.

2. Consultants

Any fee or other payment to consultants in excess of $350 per day requires the prior
written authorization of the Contracting Officer.

3. Salaries and Wages

(a) Salaries and wages of employees directly employed in performing work required by
this contract.

(b) Actual wages and fringe benefits.

4. Out-of-Town and/or Overnight Travel

Travel and subsistence exclusively in direct performance of this contract shall be
reimbursed as follows:

(a) The Contractor shall be reimbursed for the cost transportation, lodging, meals, and
incidental expenses of personnel who are authorized to undertake out-of-town and/or
overnight travel under this contract. Such costs shall be reimbursed in accordance
with the established policy of the Contractor and to the extent that they are
reasonable and allowable as provided in FAR 31.205-46.
EFAST2 RFP
Section B, Page 13 of 16
DOL069RP20266

(b) Costs incurred for lodging, meals, and incidental expenses shall be reimbursed only
to the extent that they do not exceed, on a daily basis, the maximum per diem rates
in effect at the time of the travel as set forth in the Federal Travel Regulations, Joint
Travel Regulations, or Standardized Regulations.

(c) Air fare costs in excess of the lowest customary coach or equivalent airfare offered
during normal business hours will not be reimbursed unless such accommodations
are not available and the Contractor certifies to this fact in the voucher or in other
documents for reimbursement.

(d) The Contractor shall be reimbursed for the cost of out-of-town travel and/or
overnight travel performed by personnel in their privately owned automobiles at the
rate set forth in the Federal Travel Regulations at the time of the travel, not to
exceed the cost by the most direct economy air route between the points so traveled.
If more than one person travels in such automobiles, no additional charge shall be
made by the Contractor for such travel.

(e) No travel cost for Contractor personnel traveling from place of residence to and
from the normally assigned worksite shall be directly reimbursed by the
Government.

5. Overtime

Overtime, shift, or other incentive premiums require prior written authorization by the
Contracting Officer’s Technical Representative (COTR).

6. Indirect Costs

Indirect costs shall be determined in accordance with FAR 52.216-7 — Allowable Cost
and Payment. Additionally, final annual indirect cost rates and the appropriate allocation
bases shall be established in accordance with FAR 42.700 for the period covered by the
indirect cost rate proposal. The Contractor shall submit an adequate final indirect cost
proposal to the Contracting Officer (or cognizant Federal agency official) and auditor
within the 6-month period following the expiration of each of its fiscal years. The
Contractor shall support its proposal with adequate supporting data.

The proposed rates shall be based on the Contractor’s actual cost experience for that
period. The appropriate Government representative and the Contractor shall establish the
final indirect cost rates as promptly as practical after receipt of the Contractor’s proposal.

The Contractor and the appropriate Government representative shall execute a written
negotiated agreement setting forth the final indirect cost rates. The agreement shall
specify (i) the agreed-upon final annual indirect cost rates, (ii) the allocation bases to
which the rates apply, (iii) the periods for which the rates apply, (iv) any specific indirect
cost items treated as direct costs in the settlement, and (v) the affected contract and/or
EFAST2 RFP
Section B, Page 14 of 16
DOL069RP20266
subcontract, identifying any with advance agreements or special terms and the applicable
rates. The agreement shall not change any monetary ceiling, contract obligation, or
specific cost allowance or disallowance provided for in this contract. The negotiated
indirect cost agreement is incorporated into the contract upon execution.

B.4 ESTIMATED FILING VOLUMES – OPTION PERIOD I (2ND COMPONENT)
THROUGH OPTION PERIOD XI

Although the Government does not guarantee any minimum number of filings, the Government
will provide all filings received at the designated electronic delivery locations during the dates
covered by the executed option periods of this contract.

The Government makes no assertion and provides no guarantee regarding estimated filing
volumes for Option Period I (2nd Component) through Option Period XI. Historical filing
volumes are contained in Attachment A – Return Processing Volumes, and are provided for the
limited purpose of assisting Offerors in budgeting and developing their proposals. Although the
Government does not expect future filing volumes to deviate appreciably from historical filing
volumes, Offerors are forewarned that historical filing volumes may not necessarily be
representative of future projected filing volumes. Offerors are encouraged to clearly state the
filing volume assumptions underlying the Offeror’s calculations, including minimum and
maximum assumptions, and any attendant warranty, guarantee, and cost implications associated
with the Offeror’s filing volume assumptions.

B.5 CONTRACT AMOUNT INCREASE/DECREASE

The Government maintains the right to incrementally fund this contract at any time in order to
provide sufficient funds to cover the anticipated levels of effort required for the remainder of the
contract term. Additional funds will be obligated on appropriate contract modifications signed by
the Contracting Officer. Such funding modifications will state the existing total contract amount,
the amount of increased funding, and the new total contract amount.

The Government will also have the right to unilaterally decrease funds for this contract in the
same manner as above.
EFAST2 RFP
Section B, Page 15 of 16
DOL069RP20266





This Page is Intentionally Left Blank
EFAST2 RFP
Section B, Page 16 of 16
DOL069RP20266













EFAST2 RFP
Section C
Statement of Work
EFAST2 RFP
Section C, Page 1 of 242
DOL069RP20266











This Page is Intentionally Left Blank

EFAST2 RFP
Section C, Page 2 of 242
DOL069RP20266

PART I – THE SCHEDULE
SECTION C - TABLE OF CONTENTS
Section Page
C 1. BACKGROUND............................................................................................................ 7

1. OVERVIEW.............................................................................................................. 8

2. BASE PERIOD....................................................................................................... 19

3. OPTION PERIOD I ................................................................................................ 27

4. OPTION PERIODS II-XI ....................................................................................... 31


C 2. STANDARDS.............................................................................................................. 39


C 3. KEY PERSONNEL...................................................................................................... 43


C 4. SYSTEM INPUTS ....................................................................................................... 53


C 5. RESERVED................................................................................................................. 54


C 6. PRODUCTION OPERATIONS AND CONTROL..................................................... 55


C 7. RESERVED................................................................................................................. 56


C 8. RESERVED................................................................................................................. 56


C 9. SPECIAL PROCESSING............................................................................................ 57


C 10. ELECTRONIC FILING............................................................................................... 59

1. GENERAL REQUIREMENTS ............................................................................... 60

2. WEB PORTAL......................................................................................................... 62

EFAST2 RFP
Section C, Page 3 of 242
DOL069RP20266

CONTENTS (continued)
Section Page
C 10. (continued)

3. INTERNET REGISTRATION (IREG) ................................................................... 72

4. INTERNET FILING ACCEPTANCE SERVICE (IFAS) ...................................... 80

5. INTERNET BASED FILING APPLICATION (IFILE) ....................................... 114

6. SOFTWARE DEVELOPER SUPPORT PROGRAM........................................... 124


C 11. ENTITY CONTROL………………………………………………………………. ..132


C 12. RESERVED……………………………………………………………………….....134


C 13. SYTEM INFRASTRUCTURE ……………………………………………………...135


C 14. DATA MANAGEMENT………………………………………………………….....144


C 15. DATA DISSEMINATION………………………………………………………..….151


C 16. RECORDS MANAGEMENT AND ARCHIVAL ……………………………..…...161


C 17. ANNUAL PRODUCTION OPERATIONS AND ROLLOVER…………………….162


C 18. CONTACT CENTER……………………………………………………………...…169


C 19. QUALITY ASSURANCE ………………..………………………………….………179


C 20. QUALITY CONTROL…………………………………………………………..……185


C 21. TESTING AND IMPLEMENTATION……………………………………………...195
EFAST2 RFP
Section C, Page 4 of 242
DOL069RP20266


CONTENTS (continued)

Section Page

C 22. SECURITY................................................................................................................. 202


C 23. GOVERNMENT FURNISHED INFORMATION (GFI).......................................... 215


C 24. MANAGEMENT ....................................................................................................... 223


C 25. CONFIGURATION MANAGEMENT...................................................................... 235
EFAST2 RFP
Section C, Page 5 of 242
DOL069RP20266





This Page is Intentionally Left Blank
EFAST2 RFP
Section C, Page 6 of 242
DOL069RP20266

PART I – THE SCHEDULE
SECTION C - STATEMENT OF WORK
C.1 Background
The Employee Retirement Income Security Act of 1974 (ERISA) and provisions of the Internal
Revenue Code require certain employee benefit plans to submit information on their size,
funding, operations, and other characteristics to the Government every year on the Form 5500
Series. The series was developed by four federal agencies that work together to enforce ERISA
provisions and other statutes designed to protect the retirement benefits of the nation’s workers.
These agencies include the Department of Labor (DOL) Employee Benefits Security
Administration (EBSA), the IRS Office of Tax Exempt and Government Entities (TE/GE), and
the Pension Benefit Guaranty Corporation (PBGC).

The regulatory functions of these four agencies are important for several reasons:
1. 50 percent of private-sector wage and salary workers participated in at least one
type of employer-sponsored retirement plan in 2005.
2. Private retirement plans now contain over $4 trillion in assets nationwide,
representing not only a major form of savings in the household sector of the U.S.
economy but also a major source of capital to U.S. financial markets and a major
federal tax expenditure that must be monitored for conformity with the tax code.
3. 60 percent of Americans were covered through employer-based health insurance in
2004.
4. PBGC insures defined employee benefit plans and monitors underfunding in these
plans. Nearly 60 percent of the 31,000 insured plans do not have enough assets to
cover promised benefits, and the estimated cumulative underfunding has risen
significantly in recent years to $600 billion. Total claims incurred by PBGC when
companies default on their employee benefit plans have increased by 45 percent over
the past two years. In 2005, the plans sponsored by one company alone account for
$7.1 billion in unfunded benefits guaranteed by PBGC, the biggest liability in the
agency’s 31-year history.

From 1975 to 2000, plans submitted Form 5500 returns/reports to the IRS, which processed the
returns and provided the other three agencies with the data they need to fulfill their
responsibilities under ERISA and other applicable statutes. As of 1976, the IRS processed not
only paper, but also electronic, Form 5500 Series returns into machine-readable format. Since
July 2000, DOL has contracted with a private-sector vendor to process paper and electronic
Form 5500 Series returns into machine-readable structured data through a system known as
EFAST, or ERISA Filing Acceptance System. Today, EFAST processes the more than 1.1
million Form 5500 returns/reports filed annually by plan administrators and sponsors.



EFAST2 RFP
Section C, Page 7 of 242
DOL069RP20266

Although EFAST has served the partner agencies well for a number of years, it is rapidly
becoming out of date because of three limitations:

1. Paper-Based Processing. Only about 10,000 Form 5500 returns/reports per year, or .9
percent of all filings, are filed and processed electronically. The rest are filed and
processed on paper. As a result, even the most current commercial off-the-shelf
(COTS) software packages and processing procedures do not eliminate inaccurate data,
the need to manually edit data, or the need to correspond with filers on paper, all of
which are time-consuming and costly activities. It can be a full eight months before a
filing is fully processed and the relevant information is distributed to DOL, the IRS,
and PBGC.

2. Obsolete Electronic Filing Technology. Although EFAST was designed to support
electronic filing, the system does not meet the needs of filers or the partner agencies.
The proprietary modem-to-modem technology is outdated, the filing capability cannot
be readily upgraded, and electronic filers and/or Third Party Software Developers must
still mail in signed, paper authorizations and correspondence.

3. No Real-Time Access to Filing Data. EFAST does not currently allow for real-time
dissemination of data to the partner agencies or the filing public, all of whom must
therefore wait for monthly data distributions.

To move beyond these limitations, the partner agencies are seeking an information technology
Contractor’s assistance in developing and operating a fully outsourced successor system to
EFAST, known as EFAST2, under which all filings will be submitted and processed
electronically.

C.1.1 Overview
The Contractor shall design, develop, test, implement, certify, and operate the next generation
ERISA Filing Acceptance System, known as EFAST2, under contract to DOL. EFAST2 will
capture and process data filed electronically on Form 5500 returns/reports in support of EBSA’s
final rule entitled “Electronic Filing of Annual Reports,” as published in the Federal Register
(http://www.access.gpo.gov/su_docs/fedreg/a060721c.html), 41359–41368 [06–6331]; in
support of EBSA’s proposed rule entitled “Annual Reporting and Disclosure”, as published in
the Federal Register (http://www.access.gpo.gov/su_docs/fedreg/a060721c.html), 41392–
41407 [06–6330]; and in support of EBSA’s notice of proposed forms revisions entitled
“Proposed Revision of Annual Information Return/Reports”, as published in the Federal Register
(http://www.access.gpo.gov/su_docs/fedreg/a060721c.html), 41616–41651 [06–6329]. The
resulting machine-readable data will be delivered to DOL, the IRS, PBGC, and the public.

The EFAST2 contract is based on a Performance Based Statement of Work (PBSOW) that is
subject to strict quality and timeliness performance standards (see Section C.2 and Attachment
I). The primary goal of EFAST2 is to improve the data quality and timeliness of Form 5500
return/report processing through mandated electronic filing. Paper filing processing is subject to
data capture error, human error due to reliance on manual processing procedures, and
correspondingly slow processing throughput. EFAST2 will eliminate invalid or inconsistent data
by not accepting a filing if it is invalid and electronically prompting filers to correct errors and
resubmit the filing before the filing will be accepted. By thus eliminating the need for paper
EFAST2 RFP
Section C, Page 8 of 242
DOL069RP20266

correspondence, EFAST2 will be less costly and less time-consuming than its predecessor. The
Contractor is encouraged to strongly promote electronic filing, particularly by working with
Third Party Software Developers and the filing public to simplify electronic filing.


C.1.1.1 Project Goals and Objectives
EFAST2 must fully meet the following project objectives:

1. Process over 1.1 million Form 5500 returns/reports submitted annually to the
Government.
2. Improve essential Form 5500 data receipt and delivery for the many Government
end users who rely on ERISA-related data to fulfill their statutory, regulatory, and
reporting obligations.
3. Provide filers with tools that will allow them to author, submit, check, correct, and
resubmit filings with corrected errors. These tools include value-added software
provided by Third Party Software Developers and free web-based software (IFILE)
provided by the Contractor. These tools allow filers to submit Form 5500
returns/reports over the Internet, and also help filers find and fix errors prior to
submission or after submission in response to a not accepted message
(acknowledgment).
4. Automatically accept or not accept filings in their entirety. Acknowledgement
messages must be delivered to filers electronically soon after acceptance or non-
acceptance occurs. A not accepted filing can be fixed and resubmitted by the filer,
however, to change an accepted filing the filer must amend the original filing.
5. Support the implementation of policy, management, and e-Government usability
enhancements in accordance with such directives and initiatives such as the
Government Paperwork Elimination Act (GPEA), the E-Government Act of 2002,
and the President’s Management Agenda.
6. Support EBSA’s regulation to require electronic filing of Form 5500 reports,
“Electronic Filing of Annual Reports,” as published in the Federal Register
requiring mandated electronic filing of all Form 5500 returns/reports made to
satisfy the annual reporting obligations under Title I of ERISA, starting with Plan
Year 2008.
7. Replace the original EFAST technology, which is rapidly reaching the end of its
useful life.

Beyond these broad objectives, EFAST2 will offer additional benefits to filers and other users in
the public sector, and to the partner agencies. For instance, filers will be able to gain access to
the web-based application and its tools; enter and, if necessary, correct the required information
and submit their completed Form 5500 over the Internet; submit their completed filings using
approved third party software applications; and access/search discloseable public filing data.
EFAST2 will also include an online help-desk feature that explains how to file, describes
common filing errors, and presents frequently asked questions. In addition, the system will give
EFAST2 RFP
Section C, Page 9 of 242
DOL069RP20266

filers the option to email or phone a contact center staff member for technical questions. Filers
and other stakeholders will be able to access publicly disclosable data via an EFAST2 website.
Plan participants will be able to use the website to stay informed about their plan. Finally,
EFAST2 will operate under strict security practices in accordance with prevailing industry
security standards.

EFAST2 will provide timely, accurate, readily accessible Form 5500 Series data to the partner
agencies to fulfill their responsibilities under ERISA. For instance:

1. DOL uses Form 5500 information to administer Title I of ERISA, which includes
rules for reporting and disclosure, vesting, participation, funding, fiduciary
conduct, and civil enforcement.
2. The IRS uses Form 5500 data to administer Title II of ERISA, which involves
monitoring financial and actuarial data to detect plan over-funding and compliance
with participation requirements, and ensuring that plans are not designed to
discriminate against types or classes of employees.
3. DOL and the IRS use Form 5500 data to administer Title III of ERISA, which is
concerned with both jurisdictional matters and the coordination of enforcement and
regulatory activities between the two agencies.
4. PBGC uses Form 5500 data to administer Title IV of ERISA, which covers the
insurance of 30,000 defined benefit retirement plans.
5. SSA uses Form 5500 data to notify separated employee benefit participants of
benefits to which they are entitled.
6. Other Government agencies, such as the Bureau of the Census and the Federal
Reserve, use Form 5500 data to meet significant statutory and regulatory
requirements.

EFAST2 will be based on the latest proven technology appropriate to the work of this contract.
Wherever possible, the Contractor shall incorporate COTS software that can be readily
customized and enhanced to meet the Government’s requirements. The Contractor shall design a
system that is flexible enough to accommodate changes necessary in response to Government
initiatives and/or regulatory or legislative changes. The data elements and reporting format on
Form 5500 returns/reports changes to some extent virtually every year in order to accommodate
legislative changes and emerging enforcement requirements. The Contractor shall therefore
design a system that is capable of processing and storing data in different reporting formats
corresponding to different plan years.

C.1.1.2 System Requirements Overview
The primary functions of the EFAST2 system are receipt, validation, acceptance, and distribution
of electronic filing submissions. Electronic filing shall be the only method of submitting Form
5500 Series filings to EFAST2 for processing. Paper filing submissions shall not be accepted.
The following system requirements overview presents a high-level description of the key system
requirements, capabilities, and functions.

EFAST2 RFP
Section C, Page 10 of 242
DOL069RP20266

1. Internet-based web service. The Contractor shall develop an Internet-based web
service for accepting and processing electronic filings from third party software or
via approved transmitters. The EFAST2 system shall present this as an XML-
based web service and shall be capable of accepting individual and batch filings
based on sender credentials. Filing submission in EFAST2 shall be implemented as
a web service, adhering to established Internet and web service standards such as
SOAP and WSDL. It is not a manual file upload. Filing submission data structure,
format, and validation rules are explicitly defined by the Government in the form of
XML Schema and Edit Tests, as described in Attachment P, Data Element
Requirements (“the XML DER”). The XML schemas, web service operations, and
request and response message structure are generally consistent with the IRS’s
Modernized eFile (MeF) program, which began to offer web services in 2006.
2. Internet Filing Acceptance Service (IFAS). Filing validation and acceptance in
EFAST2 shall be a completely automated function, requiring no human
intervention, inspection, or judgment. All rules governing acceptance of filing
submissions by EFAST2 are specified in the DER and other sections of this
Statement of Work and subsequent Government Furnished Information. The
majority of these rules are specified explicitly in XML Schema and XPath; their
implementation in the system shall be left to the Contractor. For all filing
submissions received via valid web service requests, filing acceptance status
including a detailed list of errors (authentication, schema errors, and edit test
failures) shall be logged in a database immediately upon the conclusion of
acceptance processing and made available to authorized users through the EFAST2
web portal or appropriate web service request. Filers will receive a "receipt" within
seconds of filing submission indicating an attempt to file has occurred. Filers will
receive an "acknowledgment" within minutes of filing submission that indicates
either acceptance or non-acceptance (with a list of error conditions).
3. Internet Registration (IREG) of Electronic Signatures. The Contractor shall
develop an Internet registration (IREG) application that allows plan the public to
electronically register and attain electronic filing credentials. The Contractor shall
create and maintain an application (IREG) that issues credentials (UserId and PIN)
to EFAST2 participants. These credentials are required for signing the Form 5500
and issuing any authenticated web service request to the EFAST2 system. The
registration application shall be capable of authenticating web service requests and
validating filing signatures upon receipt of each filing.
4. Third Party Software Developer Support. In the current EFAST system,
approximately 90 percent of submitted forms, schedules, and attachments have
been authored using certified third party software, and the Government expects
these software providers and associated service providers to play a similar if not
larger role in EFAST2. The vast majority of electronic filers are expected to
continue using value-added, third party software to author and submit their filings
to EFAST2. The Contractor’s responsibilities shall include outreach, technical
support, and certification of EFAST2 software providers and service providers,
ensuring compatibility with the EFAST2 system. Accordingly, the Contractor shall
support Third Party Software Developers that develop electronic filing software
with which filers may author, store, validate, submit, and collaborate electronically
EFAST2 RFP
Section C, Page 11 of 242
DOL069RP20266

with other members of the filing team. The Contractor shall provide Third Party
Software Developers with support in terms of electronic filing technical
specifications, technical support, testing, certification, and other ongoing support.
5. Tracking Database. All filing submissions received via valid web service requests,
whether accepted or not, shall be logged in a Tracking Database and timestamped
upon completion of key processing steps. Queries of the Tracking Database shall
support processing timeliness performance standards and Production Control (PC)
Reports, as described in this SOW.
6. Data Dissemination and Public Disclosure. The EFAST2 system shall create
structured data records for each accepted filing submission, as specified in the
DER, and maintain them in a production database. The EFAST2 system shall
allow public and authorized Government users to query, view, download, and print
publicly disclosable portions of filings and structured data records, depending on
their credentials. The system shall allow public users to view and/or print publicly
disclosable portions of filings and structured data records, depending on their
credentials. The system shall also allow Government and contact center support
staff to view, print or download selected filing data, including both disclosable and
nondisclosable items.
7. Contact Center. The Contractor shall offer a complete contact center capable of
responding to filer inquiries and fully staffed to handle peak processing periods.
The contact center shall provide troubleshooting help to filers regarding filing
submissions and errors, as well as help to software developers, Government end
users, and public disclosure users. The contact center shall be closely integrated
with the Web portal and, taken together, shall support inquiries by telephone or
electronically (via email or a web-form).
8. Web Portal. The Contractor shall design, develop, host, and maintain a secure,
scaleable web portal that provides a central point of access to a variety of EFAST2
functions, including general information and instructions, registration (IREG),
authoring of forms and schedules (IFILE), retrieval of filing status, software
developer support, and special facilities for authorized Government end users. The
Contractor shall manage any telecommunications equipment associated with the
web portal and maintain security on the portal based on varying degrees of access
control and authorization. The portal shall be designed in a way that recognizes
variation in the abilities, needs, and levels of authorization in its user community.
It shall provide help functions that allow users to find answers to “frequently asked
questions” (FAQs) for all features and capabilities; obtain a comprehensive list of
validation criteria and errors, with explanations and suggested remediation for the
most common errors; and submit questions electronically to the Contractor’s
contact center.
9. Free Internet Filing Software (IFILE). The Contractor shall design, develop, and
host a free Web-based application (IFILE) for authoring filing components and
submitting completed filings. IFILE is intended to be a basic no-frills offering that
does not compete with the value-added functionality of certified third party
software, and is intended for the anticipated small proportion of electronic filers
EFAST2 RFP
Section C, Page 12 of 242
DOL069RP20266

who do not choose to use value-added, third party software to author and submit
filings.
C.1.1.3 Project Activities by Contract Period
The project is structured as a series of activities that will occur within the prescribed periods of
performance within each contract period, as depicted in Exhibit C.1.1.1 and described below:

In the Base Period (1st Component), the Contractor shall build a prototype system with all of the
functional capabilities required to process test returns. The purpose of the prototype system is to
fully test and debug the system, and to establish a “development line” to be maintained over the
life of the contract. The Contractor shall support the Government's Functional Capability Test of
the prototype system (FCT 1) and shall correct defects and deficiencies uncovered by the FCT 1.

In the Base Period (2nd Component), the Contractor shall “scale up” the prototype system to a
fully functional production system capable of processing Plan Year 2008 and 2009 filings. The
Contractor shall support the Government's FCT of the scaled-up production system (FCT 2).

In the Base Period (3rd Component), the Contractor shall correct defects and deficiencies
uncovered by the Government's FCT 2 of the scaled-up production system, support the
Government's System Acceptance Test (SAT) of the scaled-up production system, and support
the Government's Security Compliance Review of the Contractor's scaled-up production system,
in preparation for operations.

In Option Period I (1st Component), the Contractor shall perform advance, pre-processing
activities necessary to prepare the system for processing Plan Year 2008 and 2009 filings at
startup.

In Option Period I (2nd Component), the Contractor shall startup, operate, and maintain the
production system and begin processing Plan Year 2008 and 2009 filings.

In Option Periods II-XI, the Contractor shall both operate the production system for each
processing year and “rollover” the system in preparation for each succeeding processing year
(add support for the upcoming plan year filings). In the first six months of each operations
period (operations/rollover), the Contractor shall operate the system, prepare for, and implement
the rollover package received as Government Furnished Information, per Section C.23. In the
second six months of each operations period (operations), the Contractor shall operate the
rollover system.

The Contractor shall follow DOL’s software development life-cycle model, described in the
DOL System Development Life Cycle Management (SDLCM) Manual, for all systems software
and development efforts. See Attachment K for a copy of the SDLCM. The Department of
Labor believes that an incremental/iterative software development life-cycle model is appropriate
for EFAST2. See Section C.19 for a full description of how the Contractor shall apply the
principles of SDLCM to EFAST2. Sections C.1.2 through C.1.4 describe the project activities
unique to each contract period.

EFAST2 RFP
Section C, Page 13 of 242
DOL069RP20266

E
x
h
i
b
i
t

C
.
1
.
1
.
1

-
-

E
F
A
S
T
2

P
r
o
j
e
c
t

A
c
t
i
v
i
t
i
e
s

B
y

C
o
n
t
r
a
c
t

P
e
r
i
o
d
,

P
l
a
n

Y
e
a
r
,

a
n
d

P
r
o
c
e
s
s
i
n
g

Y
e
a
r



C
o
n
t
r
a
c
t

P
e
r
i
o
d

C
a
l
e
n
d
a
r

P
e
r
i
o
d

P
r
o
c
e
s
s
i
n
g

Y
e
a
r

P
l
a
n

Y
e
a
r
s

P
r
o
c
e
s
s
e
d

A
c
t
i
v
i
t
i
e
s

C
r
i
t
e
r
i
a

T
o

P
r
o
c
e
e
d

B
a
s
e

P
e
r
i
o
d

(
1
s
t

C
o
m
p
o
n
e
n
t
)

A
w
a
r
d

t
o

1
2
/
3
1
/
2
0
0
7



D
e
s
i
g
n
,

b
u
i
l
d
,

t
e
s
t
,

a
n
d

i
m
p
l
e
m
e
n
t

p
r
o
t
o
t
y
p
e

s
y
s
t
e
m


S
u
c
c
e
s
s
f
u
l

c
o
m
p
l
e
t
i
o
n

o
f

P
r
o
t
o
t
y
p
e

F
C
T

1
:

-

N
o
t
i
c
e

t
o

p
r
o
c
e
e
d

t
o

B
a
s
e

P
e
r
i
o
d

(
2
n
d

C
o
m
p
o
n
e
n
t
)

-

P
o
t
e
n
t
i
a
l

a
w
a
r
d

f
e
e

#
1

(
A
F
1
)

B
a
s
e

P
e
r
i
o
d

(
2
n
d

C
o
m
p
o
n
e
n
t
)

1
/
0
1
/
2
0
0
8

t
o

7
/
3
1
/
2
0
0
8



S
c
a
l
e
u
p

p
r
o
t
o
t
y
p
e

t
o

f
u
l
l

p
r
o
c
e
s
s
i
n
g

c
a
p
a
c
i
t
y


S
u
c
c
e
s
s
f
u
l

c
o
m
p
l
e
t
i
o
n

o
f

S
c
a
l
e
u
p

F
C
T

2
:

-

N
o
t
i
c
e

t
o

p
r
o
c
e
e
d

t
o

B
a
s
e

P
e
r
i
o
d

(
3
r
d

C
o
m
p
o
n
e
n
t
)

-

P
o
t
e
n
t
i
a
l

a
w
a
r
d

f
e
e

#
2

(
A
F
2
)

-

P
o
t
e
n
t
i
a
l

E
x
e
r
c
i
s
e

o
f

O
p
t
i
o
n

P
e
r
i
o
d

I


B
a
s
e

P
e
r
i
o
d

(
3
r
d

C
o
m
p
o
n
e
n
t
)

8
/
0
1
/
2
0
0
8

t
o

1
2
/
3
1
/
2
0
0
8



S
y
s
t
e
m

A
c
c
e
p
t
a
n
c
e

T
e
s
t

(
S
A
T
)
,

S
e
c
u
r
i
t
y

C
e
r
t
i
f
i
c
a
t
i
o
n

a
n
d

I
m
p
l
e
m
e
n
t
a
t
i
o
n

S
u
c
c
e
s
s
f
u
l

c
o
m
p
l
e
t
i
o
n

o
f

S
A
T

&

S
e
c
u
r
i
t
y

C
o
m
p
l
i
a
n
c
e

R
e
v
i
e
w
:

-

N
o
t
i
c
e

t
o

P
r
o
c
e
e
d

t
o

O
p
t
i
o
n

P
e
r
i
o
d

I

(
2
n
d

C
o
m
p
o
n
e
n
t
)

-

P
o
t
e
n
t
i
a
l

a
w
a
r
d

f
e
e

#
3

(
A
F
3
)

O
p
t
i
o
n

P
e
r
i
o
d

I

(
1
s
t

C
o
m
p
o
n
e
n
t
)

8
/
0
1
/
2
0
0
8

t
o

1
2
/
3
1
/
2
0
0
8



A
d
v
a
n
c
e
,

p
r
e
-
p
r
o
c
e
s
s
i
n
g

a
c
t
i
v
i
t
i
e
s


S
u
c
c
e
s
s
f
u
l

c
o
m
p
l
e
t
i
o
n

o
f

S
A
T

&

S
e
c
u
r
i
t
y

C
o
m
p
l
i
a
n
c
e

R
e
v
i
e
w

N
o
t
i
c
e

t
o

P
r
o
c
e
e
d

t
o

O
p
t
i
o
n

P
e
r
i
o
d

I

(
2
n
d

C
o
m
p
o
n
e
n
t
)

O
p
t
i
o
n

P
e
r
i
o
d

I

(
2
n
d

C
o
m
p
o
n
e
n
t
)

1
/
0
1
/
2
0
0
9

t
o

6
/
3
0
/
2
0
0
9

2
0
0
9

2
0
0
8
,

2
0
0
9

F
u
l
l
y

p
r
o
c
e
s
s

P
l
a
n

Y
e
a
r

2
0
0
8

a
n
d

2
0
0
9

f
i
l
i
n
g
s
,

n
o

p
r
i
o
r

y
e
a
r

f
i
l
i
n
g

(
P
Y
F
)

p
r
o
c
e
s
s
i
n
g

S
u
c
c
e
s
s
f
u
l

c
o
m
p
l
e
t
i
o
n

o
f

O
p
t
i
o
n

P
e
r
i
o
d

I

O
p
t
i
o
n

P
e
r
i
o
d

I
I

(
O
p
e
r
a
t
i
o
n
s
/
r
o
l
l
o
v
e
r
)

7
/
0
1
/
2
0
0
9

t
o

1
2
/
3
1
/
2
0
0
9

2
0
0
9

2
0
0
8
,

2
0
0
9

1
.

F
u
l
l
y

p
r
o
c
e
s
s

P
l
a
n

Y
e
a
r

2
0
0
8
-
2
0
0
9

f
i
l
i
n
g
s
,

n
o

P
Y
F

p
r
o
c
e
s
s
i
n
g


2
.

P
r
o
c
e
s
s
i
n
g

y
e
a
r

2
0
1
0

r
o
l
l
o
v
e
r


EFAST2 RFP
Section C, Page 14 of 242
DOL069RP20266

C
o
n
t
r
a
c
t

P
e
r
i
o
d

C
a
l
e
n
d
a
r

P
e
r
i
o
d

P
r
o
c
e
s
s
i
n
g

Y
e
a
r

P
l
a
n

Y
e
a
r
s

P
r
o
c
e
s
s
e
d

A
c
t
i
v
i
t
i
e
s

C
r
i
t
e
r
i
a

T
o

P
r
o
c
e
e
d

O
p
t
i
o
n

P
e
r
i
o
d

I
I

(
O
p
e
r
a
t
i
o
n
s
)

1
/
0
1
/
2
0
1
0

t
o

6
/
3
0
/
2
0
1
0

2
0
1
0

2
0
0
8



2
0
1
0

1
.

F
u
l
l
y

p
r
o
c
e
s
s

P
l
a
n

Y
e
a
r

2
0
0
8
-
2
0
1
0

f
i
l
i
n
g
s
,

n
o

P
Y
F

p
r
o
c
e
s
s
i
n
g

S
u
c
c
e
s
s
f
u
l

c
o
m
p
l
e
t
i
o
n

o
f

O
p
t
i
o
n

P
e
r
i
o
d

I
I

O
p
t
i
o
n

P
e
r
i
o
d

I
I
I

(
O
p
e
r
a
t
i
o
n
s
/
r
o
l
l
o
v
e
r
)

7
/
0
1
/
2
0
1
0

t
o

1
2
/
3
1
/
2
0
1
0

2
0
1
0

2
0
0
8



2
0
1
0

1
.

F
u
l
l
y

p
r
o
c
e
s
s

P
l
a
n

Y
e
a
r

2
0
0
8
-
2
0
1
0

f
i
l
i
n
g
s
,

n
o

P
Y
F

p
r
o
c
e
s
s
i
n
g


2
.

P
r
o
c
e
s
s
i
n
g

y
e
a
r

2
0
1
1

r
o
l
l
o
v
e
r


O
p
t
i
o
n

P
e
r
i
o
d

I
I
I

(
O
p
e
r
a
t
i
o
n
s
)

1
/
0
1
/
2
0
1
1

t
o

6
/
3
0
/
2
0
1
1

2
0
1
1

2
0
0
8



2
0
1
1
,

P
Y
F

2
0
0
7

a
n
d

p
r
i
o
r

F
u
l
l
y

p
r
o
c
e
s
s

P
l
a
n

Y
e
a
r

2
0
0
8
-
2
0
1
1

f
i
l
i
n
g
s
,

p
r
i
o
r

y
e
a
r

p
l
a
n

y
e
a
r

p
r
o
c
e
s
s
i
n
g

o
f

2
0
0
7

f
i
l
i
n
g
s

a
n
d

p
r
i
o
r


S
u
c
c
e
s
s
f
u
l

c
o
m
p
l
e
t
i
o
n

o
f

O
p
t
i
o
n

P
e
r
i
o
d

I
I
I

O
p
t
i
o
n

P
e
r
i
o
d

I
V

(
O
p
e
r
a
t
i
o
n
s
/
r
o
l
l
o
v
e
r
)

7
/
0
1
/
2
0
1
1

t
o

1
2
/
3
1
/
2
0
1
1

2
0
1
1

2
0
0
8



2
0
1
1
,

P
Y
F

2
0
0
7

a
n
d

p
r
i
o
r

1
.

F
u
l
l
y

p
r
o
c
e
s
s

P
l
a
n

Y
e
a
r

2
0
0
8
-
2
0
1
1

f
i
l
i
n
g
s
,

p
r
i
o
r

y
e
a
r

f
i
l
i
n
g

p
r
o
c
e
s
s
i
n
g

o
f

P
l
a
n

Y
e
a
r

2
0
0
7

f
i
l
i
n
g
s

a
n
d

p
r
i
o
r


2
.

P
r
o
c
e
s
s
i
n
g

y
e
a
r

2
0
1
2

r
o
l
l
o
v
e
r


O
p
t
i
o
n

P
e
r
i
o
d

I
V

(
O
p
e
r
a
t
i
o
n
s
)

1
/
0
1
/
2
0
1
2

t
o

6
/
3
0
/
2
0
1
2

2
0
1
2

2
0
0
9



2
0
1
2
,

P
Y
F

2
0
0
8

a
n
d

p
r
i
o
r

F
u
l
l
y

p
r
o
c
e
s
s

P
l
a
n

Y
e
a
r

2
0
0
9
-
2
0
1
2

f
i
l
i
n
g
s
,

P
Y
F

p
r
o
c
e
s
s
i
n
g

o
f

P
l
a
n

Y
e
a
r

2
0
0
8

f
i
l
i
n
g
s

a
n
d

p
r
i
o
r


S
u
c
c
e
s
s
f
u
l

c
o
m
p
l
e
t
i
o
n

o
f

O
p
t
i
o
n

P
e
r
i
o
d

I
V

O
p
t
i
o
n

P
e
r
i
o
d

V

(
O
p
e
r
a
t
i
o
n
s
/
r
o
l
l
o
v
e
r
)

7
/
0
1
/
2
0
1
2

t
o

1
2
/
3
1
/
2
0
1
2

2
0
1
2

2
0
0
9



2
0
1
2
,

P
Y
F

2
0
0
8

a
n
d

p
r
i
o
r

1
.

F
u
l
l
y

p
r
o
c
e
s
s

P
l
a
n

Y
e
a
r

2
0
0
9
-
2
0
1
2

f
i
l
i
n
g
s
,

P
Y
F

p
r
o
c
e
s
s
i
n
g

o
f

P
l
a
n

Y
e
a
r

2
0
0
8

f
i
l
i
n
g
s

a
n
d

p
r
i
o
r


2
.

P
r
o
c
e
s
s
i
n
g

y
e
a
r

2
0
1
3

r
o
l
l
o
v
e
r


O
p
t
i
o
n

P
e
r
i
o
d

V

(
O
p
e
r
a
t
i
o
n
s
)

1
/
0
1
/
2
0
1
3

t
o

6
/
3
0
/
2
0
1
3

2
0
1
3

2
0
1
0



2
0
1
3
,

P
Y
F

2
0
0
9

a
n
d

p
r
i
o
r

F
u
l
l
y

p
r
o
c
e
s
s

P
l
a
n

Y
e
a
r

2
0
1
0
-
2
0
1
3

f
i
l
i
n
g
s
,

P
Y
F

p
r
o
c
e
s
s
i
n
g

o
f

P
l
a
n

Y
e
a
r

2
0
0
9

f
i
l
i
n
g
s

a
n
d

p
r
i
o
r


S
u
c
c
e
s
s
f
u
l

c
o
m
p
l
e
t
i
o
n

o
f

O
p
t
i
o
n

P
e
r
i
o
d

V

EFAST2 RFP
Section C, Page 15 of 242
DOL069RP20266

C
o
n
t
r
a
c
t

P
e
r
i
o
d

C
a
l
e
n
d
a
r

P
e
r
i
o
d

P
r
o
c
e
s
s
i
n
g

Y
e
a
r

P
l
a
n

Y
e
a
r
s

P
r
o
c
e
s
s
e
d

A
c
t
i
v
i
t
i
e
s

C
r
i
t
e
r
i
a

T
o

P
r
o
c
e
e
d

O
p
t
i
o
n

P
e
r
i
o
d

V
I

(
O
p
e
r
a
t
i
o
n
s
/
r
o
l
l
o
v
e
r
)

7
/
0
1
/
2
0
1
3

t
o

1
2
/
3
1
/
2
0
1
3

2
0
1
3

2
0
1
0



2
0
1
3
,

P
Y
F

2
0
0
9

a
n
d

p
r
i
o
r

1
.

F
u
l
l
y

p
r
o
c
e
s
s

P
l
a
n

Y
e
a
r

2
0
1
0
-
2
0
1
3

f
i
l
i
n
g
s
,

P
Y
F

p
r
o
c
e
s
s
i
n
g

o
f

P
l
a
n

Y
e
a
r

2
0
0
9

f
i
l
i
n
g
s

a
n
d

p
r
i
o
r


2
.

P
r
o
c
e
s
s
i
n
g

y
e
a
r

2
0
1
4

r
o
l
l
o
v
e
r


O
p
t
i
o
n

P
e
r
i
o
d

V
I

(
O
p
e
r
a
t
i
o
n
s
)

1
/
0
1
/
2
0
1
4

t
o

6
/
3
0
/
2
0
1
4

2
0
1
4

2
0
1
1



2
0
1
4
,

P
Y
F

2
0
1
0

a
n
d

p
r
i
o
r

F
u
l
l
y

p
r
o
c
e
s
s

P
l
a
n

Y
e
a
r

2
0
1
1
-
2
0
1
4

f
i
l
i
n
g
s
,

P
Y
F

p
r
o
c
e
s
s
i
n
g

o
f

P
l
a
n

Y
e
a
r

2
0
1
0

f
i
l
i
n
g
s

a
n
d

p
r
i
o
r


S
u
c
c
e
s
s
f
u
l

c
o
m
p
l
e
t
i
o
n

o
f

O
p
t
i
o
n

P
e
r
i
o
d

V
I

O
p
t
i
o
n

P
e
r
i
o
d

V
I
I

(
O
p
e
r
a
t
i
o
n
s
/
r
o
l
l
o
v
e
r
)

7
/
0
1
/
2
0
1
4

t
o

1
2
/
3
1
/
2
0
1
4

2
0
1
4

2
0
1
1



2
0
1
4
,

P
Y
F

2
0
1
0

a
n
d

p
r
i
o
r

1
.

F
u
l
l
y

p
r
o
c
e
s
s

P
l
a
n

Y
e
a
r

2
0
1
0
-
2
0
1
4

f
i
l
i
n
g
s
,

P
Y
F

p
r
o
c
e
s
s
i
n
g

o
f

P
l
a
n

Y
e
a
r

2
0
1
0

f
i
l
i
n
g
s

a
n
d

p
r
i
o
r


2
.

P
r
o
c
e
s
s
i
n
g

y
e
a
r

2
0
1
5

r
o
l
l
o
v
e
r


O
p
t
i
o
n

P
e
r
i
o
d

V
I
I

(
O
p
e
r
a
t
i
o
n
s
)

1
/
0
1
/
2
0
1
5

t
o

6
/
3
0
/
2
0
1
5

2
0
1
5

2
0
1
2



2
0
1
5
,

P
Y
F

2
0
1
1

a
n
d

p
r
i
o
r

F
u
l
l
y

p
r
o
c
e
s
s

P
l
a
n

Y
e
a
r

2
0
1
2
-
2
0
1
5

f
i
l
i
n
g
s
,

P
Y
F

p
r
o
c
e
s
s
i
n
g

o
f

P
l
a
n

Y
e
a
r

2
0
1
1

f
i
l
i
n
g
s

a
n
d

p
r
i
o
r


S
u
c
c
e
s
s
f
u
l

c
o
m
p
l
e
t
i
o
n

o
f

O
p
t
i
o
n

P
e
r
i
o
d

V
I
I

O
p
t
i
o
n

P
e
r
i
o
d

V
I
I
I

(
O
p
e
r
a
t
i
o
n
s
/
r
o
l
l
o
v
e
r
)

7
/
0
1
/
2
0
1
5

t
o

1
2
/
3
1
/
2
0
1
5

2
0
1
5

2
0
1
2



2
0
1
5
,

P
Y
F

2
0
1
1

a
n
d

p
r
i
o
r

1
.

F
u
l
l
y

p
r
o
c
e
s
s

P
l
a
n

Y
e
a
r

2
0
1
2
-
2
0
1
5

f
i
l
i
n
g
s
,

P
Y
F

p
r
o
c
e
s
s
i
n
g

o
f

P
l
a
n

Y
e
a
r

2
0
1
1

f
i
l
i
n
g
s

a
n
d

p
r
i
o
r


2
.

P
r
o
c
e
s
s
i
n
g

y
e
a
r

2
0
1
6

r
o
l
l
o
v
e
r


O
p
t
i
o
n

P
e
r
i
o
d

V
I
I
I

(
O
p
e
r
a
t
i
o
n
s
)

1
/
0
1
/
2
0
1
6

t
o

6
/
3
0
/
2
0
1
6

2
0
1
6

2
0
1
3



2
0
1
6
,

P
Y
F

2
0
1
2

a
n
d

p
r
i
o
r

F
u
l
l
y

p
r
o
c
e
s
s

P
l
a
n

Y
e
a
r

2
0
1
3
-
2
0
1
6

f
i
l
i
n
g
s
,

P
Y
F

p
r
o
c
e
s
s
i
n
g

o
f

P
l
a
n

Y
e
a
r

2
0
1
2

f
i
l
i
n
g
s

a
n
d

p
r
i
o
r


S
u
c
c
e
s
s
f
u
l

c
o
m
p
l
e
t
i
o
n

o
f

O
p
t
i
o
n

P
e
r
i
o
d

V
I
I
I

O
p
t
i
o
n

P
e
r
i
o
d

I
X

(
O
p
e
r
a
t
i
o
n
s
/
r
o
l
l
o
v
e
r
)

7
/
0
1
/
2
0
1
6

t
o

1
2
/
3
1
/
2
0
1
6

2
0
1
6

2
0
1
3



2
0
1
6
,

P
Y
F

2
0
1
2

a
n
d

p
r
i
o
r

1
.

F
u
l
l
y

p
r
o
c
e
s
s

P
l
a
n

Y
e
a
r

2
0
1
3
-
2
0
1
6

f
i
l
i
n
g
s
,

P
Y
F

p
r
o
c
e
s
s
i
n
g

o
f

P
l
a
n

Y
e
a
r

2
0
1
2

f
i
l
i
n
g
s

a
n
d

p
r
i
o
r


2
.

P
r
o
c
e
s
s
i
n
g

y
e
a
r

2
0
1
7

r
o
l
l
o
v
e
r


EFAST2 RFP
Section C, Page 16 of 242
DOL069RP20266

C
o
n
t
r
a
c
t

P
e
r
i
o
d

C
a
l
e
n
d
a
r

P
e
r
i
o
d

P
r
o
c
e
s
s
i
n
g

Y
e
a
r

P
l
a
n

Y
e
a
r
s

P
r
o
c
e
s
s
e
d

A
c
t
i
v
i
t
i
e
s

C
r
i
t
e
r
i
a

T
o

P
r
o
c
e
e
d

O
p
t
i
o
n

P
e
r
i
o
d

I
X

(
O
p
e
r
a
t
i
o
n
s
)

1
/
0
1
/
2
0
1
7

t
o

6
/
3
0
/
2
0
1
7

2
0
1
7

2
0
1
4



2
0
1
7
,

P
Y
F

2
0
1
3

a
n
d

p
r
i
o
r

F
u
l
l
y

p
r
o
c
e
s
s

P
l
a
n

Y
e
a
r

2
0
1
4
-
2
0
1
7

f
i
l
i
n
g
s
,

P
Y
F

p
r
o
c
e
s
s
i
n
g

o
f

P
l
a
n

Y
e
a
r

2
0
1
3

f
i
l
i
n
g
s

a
n
d

p
r
i
o
r


S
u
c
c
e
s
s
f
u
l

c
o
m
p
l
e
t
i
o
n

o
f

O
p
t
i
o
n

P
e
r
i
o
d

I
X

O
p
t
i
o
n

P
e
r
i
o
d

X

(
O
p
e
r
a
t
i
o
n
s
/
r
o
l
l
o
v
e
r
)

7
/
0
1
/
2
0
1
7

t
o

1
2
/
3
1
/
2
0
1
7

2
0
1
7

2
0
1
4



2
0
1
7
,

P
Y
F

2
0
1
3

a
n
d

p
r
i
o
r

1
.

F
u
l
l
y

p
r
o
c
e
s
s

P
l
a
n

Y
e
a
r

2
0
1
4
-
2
0
1
7

f
i
l
i
n
g
s
,

P
Y
F

p
r
o
c
e
s
s
i
n
g

o
f

P
l
a
n

Y
e
a
r

2
0
1
3

f
i
l
i
n
g
s

a
n
d

p
r
i
o
r


2
.

P
r
o
c
e
s
s
i
n
g

y
e
a
r

2
0
1
8

r
o
l
l
o
v
e
r


O
p
t
i
o
n

P
e
r
i
o
d

X

(
O
p
e
r
a
t
i
o
n
s
)

1
/
0
1
/
2
0
1
8

t
o

6
/
3
0
/
2
0
1
8

2
0
1
8

2
0
1
5



2
0
1
8
,

P
Y
F

2
0
1
4

a
n
d

p
r
i
o
r

F
u
l
l
y

p
r
o
c
e
s
s

P
l
a
n

Y
e
a
r

2
0
1
5
-
2
0
1
8

f
i
l
i
n
g
s
,

P
Y
F

p
r
o
c
e
s
s
i
n
g

o
f

P
l
a
n

Y
e
a
r

2
0
1
4

f
i
l
i
n
g
s

a
n
d

p
r
i
o
r


S
u
c
c
e
s
s
f
u
l

c
o
m
p
l
e
t
i
o
n

o
f

O
p
t
i
o
n

P
e
r
i
o
d

X

O
p
t
i
o
n

P
e
r
i
o
d

X
I

(
O
p
e
r
a
t
i
o
n
s
/
r
o
l
l
o
v
e
r
)

7
/
0
1
/
2
0
1
8

t
o

1
2
/
3
1
/
2
0
1
8

2
0
1
8

2
0
1
5



2
0
1
8
,

P
Y
F

2
0
1
4

a
n
d

p
r
i
o
r

1
.

F
u
l
l
y

p
r
o
c
e
s
s

P
l
a
n

Y
e
a
r

2
0
1
5
-
2
0
1
8

f
i
l
i
n
g
s
,

P
Y
F

p
r
o
c
e
s
s
i
n
g

o
f

P
l
a
n

Y
e
a
r

2
0
1
4

f
i
l
i
n
g
s

a
n
d

p
r
i
o
r


2
.

P
r
o
c
e
s
s
i
n
g

y
e
a
r

2
0
1
9

r
o
l
l
o
v
e
r


O
p
t
i
o
n

P
e
r
i
o
d

X
I

(
O
p
e
r
a
t
i
o
n
s
)

1
/
0
1
/
2
0
1
9

t
o

6
/
3
0
/
2
0
1
9

2
0
1
9

2
0
1
6



2
0
1
9
,

P
Y
F

2
0
1
5

a
n
d

p
r
i
o
r

F
u
l
l
y

p
r
o
c
e
s
s

P
l
a
n

Y
e
a
r

2
0
1
6
-
2
0
1
9

f
i
l
i
n
g
s
,

P
Y
F

p
r
o
c
e
s
s
i
n
g

o
f

P
l
a
n

Y
e
a
r

2
0
1
5

f
i
l
i
n
g
s

a
n
d

p
r
i
o
r




EFAST2 RFP
Section C, Page 17 of 242
DOL069RP20266

C.1.1.4 Performance Based Contract

The EFAST2 contract is performance based and, as such, the Contractor shall be required to
meet or exceed certain accuracy, timeliness, reliability, and related performance standards. The
Contractor’s performance shall be measured according to the performance standards specified in
Section C.2. The Contractor shall be entitled to incentives for exceeding certain performance
standards, as specified in Attachment R. The Government will monitor the Contractor’s
performance according to the Quality Assurance Plan (QAP) specified in Attachment R, and
other relevant contract sections.

C.1.1.5 Location of Contractor Facilities

The Contractor shall establish facilities for the conduct of work to be performed on this Contract
within the continental United States (lower 48 states and Washington, DC). This requirement
applies to the Contractor's prototype/development facility, production facility, contact center
facility, and specialized subcontractor and consultant facilities. The Government does not
require these distinct facilities be co-located, nor require that these facilities be conveniently
located near DOL's national office in Washington DC, and understands the Contractor's need to
conduct the work in the most advantageous manner with regards to cost competitiveness and
labor supply considerations. The Contractor shall, however, consider facility accessibility and
convenience to DOL's national office in the conduct of all work carried out under this Contract
in order to facilitate travel among DOL's national office in Washington, DC and the Contractor's
and subcontractor/consultant facilities.


EFAST2 RFP
Section C, Page 18 of 242
DOL069RP20266
C.1.2 Base Period – Prototype System Module, Scaleup, & Certification and
Implementation
During the Base Period, the Contractor shall implement a prototype processing system that
demonstrates all of the functional requirements of the EFAST2 system; shall scale up the system
to meet the system performance requirements specified in the contract; and shall conduct the
System Acceptance Test (SAT) and security certification activities required to obtain the
Government’s Notice-To-Proceed (NTP) to commence production operations.

The Contractor shall use the Government's Level 2 Contract Work Breakdown Structure
(CWBS) provided in Section C.24.5 as a basis for developing the CWBS that will be used to
manage, track, and report the work performed during the Base Period. The CWBS shall be
developed at Level 4 or lower and shall preserve the structure in the Government’s Level 2
CWBS. Exhibit C.24.1 shows the correlation between the activities that the Contractor shall
carry out in the Base Period and the requirements of the Statement of Work (SOW) for the Base
Period. The Contractor is further reminded to review Section F carefully as most Base Period
deliverables are not described in Section C.1.2 but instead are described in sections devoted to
particular functions. Section F contains a comprehensive list of required Base Period deliverables
with cross-references to the respective Section C clauses that describe the requirements.

The Contractor shall deliver the initial EFAST2 documentation during the Base Period.
Contingent upon Government exercise of succeeding option periods, the Contractor shall update
the documents specified in Section F for each option period.

The Contractor shall update and redeliver the Detailed System Design, as necessary, to reflect
major changes to the system. The initial version of the document shall be developed as described
in Section C.1.2.1.3 and the Schedule of Deliverables in Section F, and delivered in the Base
Period (1
st
Component). The first update to the document shall occur in the Base Period (2
nd

Component) and shall include scaleup to the production processing system and, if appropriate,
annual rollover system changes. Successive revisions and updates shall reflect the technical
design of the current production system, including any and all changes to the system architecture,
hardware and software components, configuration, or performance analysis.

The Base Period comprises three components. This section describes the specific phases and
activities of each component of the Base Period.

C.1.2.1 Base Period (1st Component) – Prototype System Module
During the Base Period (1
st
Component), the Contractor shall conduct project planning activities,
requirements clarification activities, and system design activities, and shall build, test, certify,
and implement a prototype processing system. The prototype system shall include all of the
functional capabilities required to process test returns, and shall be scaled to process only a
limited number of test filings. This section describes the specific phases and activities of the Base
Period 1st Component.

EFAST2 RFP
Section C, Page 19 of 242
DOL069RP20266
The Contractor shall carry out all project planning activities, including task planning, scheduling,
earned value performance measurement, and work and management reporting. See Sections
C.19, C.22, C.24, and other relevant contract sections for additional requirements.

The Contractor shall support ongoing project planning, requirements clarification, system design,
and prototype development activities, as needed, to address all Government requirements,
including those associated with annual forms changes and Contractor receipt of Government
Furnished Information (GFI) that will be periodically issued to the Contractor by the Government
throughout the Base Period (1
st
Component). See Section C.23 for a description of GFI.

C.1.2.1.1 Project Planning Activities
The Contractor shall work with the Government to define a project planning approach that
thoroughly describes the documentation, review, approval, and related efforts for all project
activities. The project planning approach shall include the following: establishing project goals;
planning for emergency maintenance; planning work packages and selecting methodologies for
measuring work completed (i.e., earned value) during the life cycle; identifying project tools and
methodologies; and estimating human resource, hardware, and software requirements. The
Contractor shall develop an Integrated Master Plan (IMP) with details on the Contractor’s
development approach, tools, tasks, resources, and schedules as described in Section C.24 and
the Schedule of Deliverables in Section F. The Contractor will meet with Government
representatives in an Integrated Baseline Review (IBR) to present the Contractor’s project
planning deliverables, as described in Section C.24.

C.1.2.1.2 Requirements Clarification Activities
The Contractor shall perform a thorough requirements review that shall ensure the system
addresses all Government requirements, including functionality, performance, security, and
related requirements throughout all project stages and contract periods. The Contractor shall
participate with the Government and its representatives in an ongoing requirements clarification
process to ensure that all Contract requirements contained in GFI are properly understood. This
process will involve up to 10 meetings at the Contractor’s development facility or at the
Department of Labor, during which the Contractor will be afforded the opportunity to ask
questions and seek clarification regarding the Government's requirements. The Government's
contract and the Contractor’s technical proposal will serve as the basis for this process. The
Contractor shall initiate requirements review meetings and shall make available all appropriate
technical staff to facilitate the requirements review. See Sections C.22, C.25, and other relevant
contract sections for additional requirements.

In addition to the Detailed System Design, the Contractor shall deliver a Configuration
Management (CM) Plan as described in Section C.25 and the Schedule of Deliverables in
Section F. This plan shall identify the automated CM process to be used for software
development, shall document other items to be placed under configuration control, and shall
identify the methods of control that will be used. The CM Plan shall also provide locations where
documents and other items are stored. The CM Plan shall specify plans for conducting document
audits.
EFAST2 RFP
Section C, Page 20 of 242
DOL069RP20266

C.1.2.1.3 System Design
The Contractor shall develop a Detailed System Design (DSD) supporting a solution satisfying
all functional requirements and performance standards at both prototype and production
processing volumes, including peak periods. See Section C.17 and other relevant contract
sections for additional requirements.

The Contractor shall develop a Detailed System Design for delivery to the Government in
accordance with the Schedule of Deliverables in Section F. The initial version of the Detailed
System Design shall be prepared and submitted in the Base Period (1
st
Component), and
thereafter shall be maintained, updated, and periodically redelivered to reflect adjustments to the
design occurring throughout the period of performance of this Contract. At a minimum the DSD
shall contain the following:

1. Description of all system and subsystem components (hardware, COTS software,
custom software, interfaces, databases) for the prototype system and the production
processing systems.
2. Components may be further subdivided and described using charts and pseudo
code.
3. Side-by-side comparison of component descriptions and component volumes for
the prototype system and the production processing system, as well as development
and/or test line. This comparison shall also include the capacity and scaling limits
of both systems.
4. All human-machine user input and user interfaces to the system shall be spelled out.
5. Cross-references to the Requirements Traceability Matrix (RTM) describing where
Government requirements are addressed by the system.
6. An assessment of design constraints and limitations. Describe the interaction and
compatibility among proprietary, custom-built, and commercially available
hardware and software that will be used in the EFAST2 system.
7. Assess the system flexibility for accommodating changes in the Form 5500 and in
the system itself to improve the quality and timeliness of the data provided to the
end users.
8. Network and data flow diagrams.

The EFAST2 Detailed System Design shall be a Government-reviewed deliverable describing
the technical design of all parts of EFAST2. It shall include the system design concept, technical
architecture, and functional description of each hardware and software component of EFAST2.
The deliverable shall describe each system component and identify it as either COTS or custom-
developed software. The deliverable shall specify the functional relationships between all system
EFAST2 RFP
Section C, Page 21 of 242
DOL069RP20266
modules, including charts and diagrams showing modular division of functions and end-to-end
process flow. The Detailed System Design shall contain logic specifications, detailed data usage
definitions, and user input and user approval descriptions. The document shall also include data
flow charts clearly relating data flow to data files, programs, and required products at the
program level.

The Contractor shall baseline the Detailed System Design during the Base Period 1st Component
to reflect the prototype system. The deliverable shall accurately reflect the actual planned
production system design, including any changes from the Contractor’s original technical
proposal. Since changes to the detailed design may create revisions to the schedules set in the
Integrated Master Plan, the Contractor shall update the Integrated Master Plan to account for
these design changes in accordance with the documentation maintenance and replacement pages
requirements described in Section C.24 and Section F.

The Contractor shall design electronic filing forms, conduct a sizing analysis, establish security
controls, and perform all other activities necessary to support system design.

The Contractor shall design an architecture that is flexible enough to easily accommodate annual
forms changes as described in Section C.17 and periodic changes in requirements throughout the
life of the contract.

The Contractor shall design an architecture that is conducive to development using the
incremental/iterative development methodology recommended under SDLCM.

The Contractor shall design and develop EFAST2 in a manner that first and foremost establishes
core, public-facing primary functionality that is of critical importance and high visibility to the
public and the Government. At a minimum, the system design shall call for core, public-facing
functions to be built first, with additional functionality added incrementally/iteratively to build
out the full system architecture. Core, public-facing system functionality includes IFAS/web
services, IREG, software developer support, tracking application, data dissemination and public
disclosure, contact center, web portal, IFILE, and security.

C.1.2.1.4 Prototype Development
The Contractor shall develop or acquire all software, hardware, communications equipment,
facility, documentation, and other materials necessary to build a prototype system.

The Contractor shall actively solicit volunteer Third Party Software Developers, filing
participants and Government users to serve as usability testers. The Government is looking to the
Contractor to vigorously identify and solicit the participation of motivated volunteers so as to
fully test the prototype system.

EFAST2 RFP
Section C, Page 22 of 242
DOL069RP20266
C.1.2.1.5 Prototype Test
The Contractor shall deliver a Test Plan in accordance with the Schedule of Deliverables in
Section F. In addition to Contractor-proposed tests, the Government may supply additional test
cases of the prototype system, per Section E.

The Contractor shall conduct a prototype system test that demonstrates, for Government
witnesses, that the prototype system is capable of processing both Contractor-proposed and
Government-supplied test cases within the performance standards specified in Section C.2. See
Section C.21, Section E, and other relevant contract sections for additional requirements.

C.1.2.1.6 Prototype Certification
Implementation of the prototype system is a critical activity in the Base Period. The Contractor
shall certify by letter to the Government that the system has been fully tested and is ready for
implementation from both an operational and security standpoint.

At the Government’s discretion, the Government will formally evaluate the prototype system
operational readiness through a Functional Capabilities Test (FCT 1), as specified in Sections
C.21, F, and E. At the Government's discretion, satisfactory completion of FCT 1 will be
required before the Contractor may proceed with scaleup activities. The Contractor shall submit
to the Government a Prototype Readiness Checklist and Operational Readiness Certification to
establish that the prototype satisfies the intent of the project.

The Government will also formally evaluate the prototype system security readiness through an
independent Government Security Compliance Review, as specified in Sections C.22 and F.
Satisfactory completion of the Government Security Compliance Review will be required before
the Contractor shall proceed with scaleup activities.

The Government will review and consider the Contractor's checklist and certification letter, along
with the Contractor's deliverables and other materials and artifacts, in determining whether the
prototype system is operationally ready for scaleup.

C.1.2.2 Base Period (2
nd
Component) - Scaleup
The Contractor shall scale up the prototype system to a fully functional production system
capable of processing Plan Year 2008 and 2009 filings. This section describes the specific phases
and activities of Base Period (2
nd
Component).

C.1.2.2.1 Project Planning, Requirements Clarification, and Detailed Design Activities
The Contractor shall update the Detailed System Design changes in accordance with the
documentation maintenance and replacement pages requirements described in Section C.24 and
Section F. The deliverable revisions and updates shall reflect the technical design of the
production system, including any and all changes to the system architecture, hardware and
software components, configuration, or performance analysis.
EFAST2 RFP
Section C, Page 23 of 242
DOL069RP20266

The Contractor shall design a scaleup architecture that is flexible enough to easily accommodate
annual forms changes and periodic changes in requirements throughout the life of the contract.

The Contractor shall update and reproduce planning Section F deliverables to reflect feedback
gathered from users during the Base Period and to reflect all other developments that affect
system planning and requirements definition activities. See Sections C.22, C.24, C.25 and other
relevant contract sections for additional requirements.

C.1.2.2.2 Scaleup Development & Test
The Contractor shall build (scale up) and test the security and operational readiness of the
production system for full production operations. The system shall be capable of fully processing
Plan Year 2008 and 2009 filings. The Contractor shall address defects and deficiencies
uncovered by the Contractor or through Government conduct of FCT 1 during the scaleup
development & test phase.

The Contractor shall size the system to handle peak production processing volumes and meet all
performance standards. The Contractor shall develop or acquire all software, hardware,
communications equipment, facility, documentation, and other materials necessary to build a
fully functional production system. The system completed in the Base Period shall be scaled to
process peak and non-peak volumes of electronic filings and meet all performance standards.

The Contractor shall actively solicit volunteer Third Party Software Developers and filers to act
as testers of the scaleup production processing system. The Government is looking to the
Contractor to vigorously identify and solicit the participation of motivated volunteers so as to
fully test the scaleup production processing system.

The Contractor shall perform a comprehensive end-to-end system test, document the results in a
test checklist, and submit a letter to the Government certifying that the system meets all
requirements of the contract.

The Contractor shall update and reproduce production development/test Section F deliverables to
reflect feedback gathered from end users during the Base Period and to reflect all other
developments that affect system production development/test activities. The Contractor shall
produce a number of new Section F deliverables that are introduced in this phase. See Sections
C.21, C.24, E, F and other relevant contract sections for additional requirements.

At the Government’s discretion, the Government will formally evaluate the production system
implementation readiness through an FCT 2, as specified in Sections C.21, F, and E. The
Government will review and consider the Contractor's checklist and certification letter, along
with the Contractor's deliverables and other materials and artifacts. At the Government's
discretion, satisfactory completion of FCT 2 will be required before the Contractor may proceed
with system certification and implementation activities.

EFAST2 RFP
Section C, Page 24 of 242
DOL069RP20266
C.1.2.3 Base Period 3rd Component – Certification & Implementation
The Contractor shall update and reproduce planning Section F deliverables to reflect feedback
gathered from users during the Base Period and to reflect all other developments that affect
system planning and requirements definition activities. See Sections C.22, C.24, C.25 and other
relevant contract sections for additional requirements.

The Contractor shall support an ongoing project planning, requirements clarification, design, and
development and testing activities, as needed, to correct defects and deficiencies uncovered by
the Contractor or through Government conduct of FCTs 1 and 2. The Contractor shall support
and host Government conduct of a System Acceptance Test (SAT). Upon successful completion
of SAT, the Contractor shall support the Government’s independent Security Compliance
Review. This section describes the specific phases and activities of Base Period (3
rd
Component).

C.1.2.3.1 Regression Testing
The Contractor shall continue development and test activities as needed to address defects and
deficiencies uncovered by the Contractor or through Government conduct of FCTs 1 and 2. The
Contractor shall correct all problems found in the EFAST2 system. The Contractor shall conduct
regression testing to establish that problem fixes and system changes do not negatively impact
operation of the system.

Certification, implementation, and Government acceptance of the production system is a critical
activity in Base Period (3
rd
Component). The Contractor shall certify by letter to the Government
that the system has been fully tested and is ready for implementation from both an operational
and security standpoint.

The Government will review and consider the Contractor's checklist and certification letter, along
with the Contractor's deliverables and other materials and artifacts. At the Government's
discretion, correction of all identified system defects and deficiencies will be required before the
Contractor may proceed with the System Acceptance Test.

C.1.2.3.2 System Acceptance Test
At the Government’s discretion, the Government will formally evaluate the production system
operational readiness through a System Acceptance Test (SAT), as specified in Section C.21, E
and F. Satisfactory completion of the SAT, and all attendant readiness certifications, will be
required by the Government before the Contractor may proceed to production operations.

C.1.2.3.3 Security Certification
The Government will formally evaluate the production system security readiness through an
independent Government Security Compliance Review, as specified in Section C.22 and Section
E. Satisfactory completion of the Government Security Compliance Review, including correction
and retesting of any system defects/deficiencies and satisfactory resolution of identified security
vulnerabilities, will be required before the Contractor may proceed with production operations.
EFAST2 RFP
Section C, Page 25 of 242
DOL069RP20266

The Government will review and consider the Contractor’s certification letters, along with the
Contractor’s deliverables and other materials and artifacts, in determining whether to issue the
Notice-To-Proceed (NTP) to production operations in Option Period I.

C.1.2.3.4 Disposition
The Contractor shall carry out the disposition steps necessary for an orderly closeout of the Base
Period, per the requirements in Section C.24.
EFAST2 RFP
Section C, Page 26 of 242
DOL069RP20266
C.1.3 Option Period I - Advance Pre-processing Activities, Operations and
Maintenance
During Option Period I, the Contractor shall conduct advance pre-processing activities necessary
to prepare for operations, followed by operations and maintenance. The Contractor shall deliver
all documents and products described in the following sections, in accordance with the Schedule
of Deliverables in Section F.

The Contractor is reminded to refer to the Government’s initial CWBS in Section C.17 for an
overview description of the activities that the Contractor shall carry out in Option Period I. The
Contractor is further reminded to review Section F carefully as most Option Period I deliverables
are not described in Section C.1.3 and instead are described in sections devoted to a particular
function. Section F contains a comprehensive list of required Option Period I deliverables with
cross-references to the respective Section C clauses that describe the requirements.

C.1.3.1 Option Period I (1st Component) - SDLCM Phase 6, Advance Pre-processing
Activities
During Option Period I (1st Component), the Contractor shall perform advance pre-processing
activities necessary to prepare for operations.

C.1.3.1.1 SDLCM Phase 6, Advance Management Support Pre-processing Activities
The Contractor shall perform advance management support activities necessary to prepare for
operations.

The Contractor shall recruit, hire, and train sufficient production staff to operate EFAST2.

The Contractor shall submit Minimum Background Investigation (MBI) paperwork to the
Government to secure clearances for production processing staff, as described in Section C.22.

The Contractor shall begin producing sample monthly work and management reports that are
operations-oriented, as described in Section C.24 and Section F.

The Contractor shall produce sample production (fixed-price) invoices on a monthly basis that
are based on simulated processing conditions and include calculations of fixed-price incentive
payments, per the fixed price incentive payment methodology contained in Attachment R.

The Contractor shall produce sample production control reports that are based on simulated
processing conditions.

The Contractor shall produce sample quality control reports that are based on simulated
processing conditions.

C.1.3.1.2 SDLCM Phase 6, Advance Call Center Support Pre-processing Activities
The Contractor shall conduct advance call center support activities necessary to prepare for
production operations.

EFAST2 RFP
Section C, Page 27 of 242
DOL069RP20266
The Contractor shall develop hire and train production operations staff, including contact center
staff, as described in Section C.18.

The Contractor shall conduct "warm transfers" of calls to OCA, as necessary to prepare for call
transferring to OCA at operations.

The Contractor shall produce sample call center service tickets based on simulated processing, as
described in Section C.18.

The Contractor shall produce sample contact center daily reports based on simulated call center
activity, as described in Section C.18.


C.1.3.1.3 SDLCM Phase 6, Advance Data Distribution & Public Disclosure Pre-
processing Activities
The Contractor shall conduct advance data distribution and public disclosure activities necessary
to prepare for production operations.

The Contractor shall produce sample "push" data distributions that are based on simulated
processing and are made available to designated Government end users, as described in Section
C.15 and Attachment E.

The Contractor shall support "pull" data distributions that are based on simulated processing and
are made available to designated Government end users, as described in Section C.15.

The Contractor shall populate the public filing record query application with data based on
simulated processing and make this data available to designated Government end users, as
described in Section C.15.

The Contractor shall simulate Internet connectivity for all data dissemination and public
disclosure purposes in order to allow for accessibility and availability to end users. The
Contractor shall establish simulated Internet connectivity that is based on strict security controls
to prevent possible damage, hacking, penetration, or breaches of security from occurring at end
user systems participating in advance pre-processing activities.

C.1.3.1.4 SDLCM Phase 6, Advance Market Outreach Pre-processing Activities
The Contractor shall conduct advance market research activities to prepare stakeholders for
production operations.

The Contractor shall deliver electronic filing kickoff post-cards, as described in Section C.10.3.7.

The Contractor shall plan, prepare, and host a stakeholder outreach conference during Option
Period I to assist filers, third party preparers, transmitters, and other EFAST2 stakeholders in
adjusting to EFAST2. The stakeholder outreach conference shall be distinct and separate from
the third party software developer conference. See Section C.10.6.3 for requirements related to
third party software developer conference.

EFAST2 RFP
Section C, Page 28 of 242
DOL069RP20266
The Contractor shall invite attendees to the stakeholder outreach conference that are
representative of the various stakeholder groups, including plan administrators, plan sponsors,
accountants, actuaries, fiduciaries, public, end users and other Government personnel.

The Contractor shall develop stakeholder outreach materials to include: agenda, conference
schedule, presentation slides, marketing brochures, breakout sessions for specialized subgroups,
and other materials as deemed necessary for an effective conference.

The Contractor shall host the stakeholder outreach conference and shall provide for question and
answer periods. The Contractor shall establish an on-line forum, such as an on-line listserv or
Web Portal feature as described in Section C.10, to inform conference attendees and other
interested stakeholders of significant EFAST2 system developments that occur subsequent to the
conference.

The Contractor shall maintain the ongoing forum throughout the duration of all operations
periods and use this forum as a primary mechanism to notify and inform stakeholders of EFAST2
system developments, changes, and issues that directly affect the stakeholders.

C.1.3.1.5 SDLCM Phase 6, Advance Value-added System Enhancement Activities
The Government may require the Contractor to enhance EFAST2 to include certain value-added
features. Refer to Attachment O for a description of potential system enhancements that may be
requested by the Government. The requirements contained in Attachment O are provided for
information purposes only and do not constitute formal system requirements to which the
Contractor is obligated to perform at this time.

C.1.3.2 Option Period I (2nd Component) - Startup, Processing Year 2009
During Option Period I (2nd Component), the Contractor shall startup EFAST2 and shall operate
EFAST2 for the initial 6-month processing period, as described in Section C.17.

C.1.3.2.1 SDLCM Phase 6 - Operations
The Contractor shall startup EFAST2 processing year 2009 operations. The Contractor shall
process Plan Year 2008 and 2009 filings, and shall conduct operations and maintenance activities
as described under Section C.17, Section C.23, Section C.24, Section F, and all other relevant
sections of this contract.

The Contractor shall conduct intensive system shakeout monitoring during the initial 6-month
period of processing operations to verify ongoing processing operations accuracy and compliance
with the contractual requirements and performance standards.

The Contractor shall identify, describe, and record all defects and deficiencies that manifest
themselves during operations in the Contractor’s configuration control management, as described
in Section C.25, whether the defects or deficiencies are identified by the Contractor or the
Government.

See Contract Section C.1.4 through Section C.1.15 for additional operations requirements that
apply to all operations periods of the contract, including Option Period I (2nd Component).
EFAST2 RFP
Section C, Page 29 of 242
DOL069RP20266

C.1.3.2.2 SDLCM Phase 7 Scale-up Disposition
The Contractor shall carry out the disposition steps necessary for an orderly closeout of Option
Period I, per the requirements in Section C.24.
EFAST2 RFP
Section C, Page 30 of 242
DOL069RP20266
C.1.4 Option Periods II-XI - SDLCM Phase 6 - Production Operations
The Contractor shall operate and maintain EFAST2 throughout Option Periods II-XI, contingent
on Government exercise of each successive option period, as described in Section C.17. The
Contractor shall process filings associated with the respective option period and shall conduct
operations and maintenance activities as described under Section C.17, Section C.23, Section
C.24, Section F, and all other relevant sections of this contract.

During each Option Period II-XI, the Contractor shall prepare and rollover EFAST2 in
preparation for processing the next plan year’s forms, as described in Section C.17. The
Contractor shall design, develop, test, implement, and provide written certifications to the
individual successful completion and implementation of all Government required system changes
prior to EFAST2 rollover.

The Contractor is reminded to refer to the Government's initial CWBS in Section C.17 for an
overview description of the activities that the Contractor shall carry out in Option Periods II-XI.
The Contractor is further reminded to review Section F carefully as most Option Period II-XI
deliverables are not described in Section C.1.4 -C.1.15 and instead are described in sections
devoted to a particular function. Section F contains a comprehensive list of required Option
Period II-XI deliverables with cross-references to the respective Section C clauses that describe
the requirements.

C.1.4.1 Option Period II - SDLCM Phase 6 - Processing Year 2009/2010 Operations
The Contractor shall carry out EFAST2 processing year 2009 operations, prepare and certify the
system for rollover to processing year 2010 operations, and shall carry out processing year 2010
operations.

C.1.4.1.1 Option Period II (Operations/rollover - 7/01/2009 to 12/30/2009) - SDLCM Phase
6 - Processing Year 2009 Operations, SDLCM Phase 2/3/4/5 - Rollover to
Processing Year 2010
The Contractor shall carry out EFAST2 processing year 2009 operations during which the
Contractor shall fully process Plan Year 2008 and 2009 filings, and shall perform no prior year
filing processing.

The Contractor shall prepare and certify the system for rollover to processing year 2010
operations.

C.1.4.1.2 Option Period II (Operations - 1/01/2010 to 6/30/2010) - SDLCM Phase 6 -
Processing Year 2010 Operations
The Contractor shall carry out EFAST2 processing year 2010 operations, during which the
Contractor shall fully process Plan Year 2008, 2009, 2010 filings, and shall perform no prior year
processing.

C.1.4.2 Option Period III - SDLCM Phase 6 - Processing Year 2010/2011 Operations
EFAST2 RFP
Section C, Page 31 of 242
DOL069RP20266
The Contractor shall carry out EFAST2 processing year 2010 operations, prepare and certify the
system for rollover to processing year 2011 operations, and shall carry out processing year 2011
operations.

C.1.4.2.1 Option Period III (Operations/rollover - 7/01/2010 to 12/30/2010) - SDLCM Phase
6 - Processing Year 2010 Operations, SDLCM Phase 2/3/4/5 - Rollover to
Processing Year 2011
The Contractor shall carry out EFAST2 processing year 2010 operations during which the
Contractor shall fully process Plan Year 2008, 2009, and 2010 filings, and shall perform no prior
year processing.

The Contractor shall prepare and certify the system for rollover to processing year 2011
operations.

C.1.4.2.2 Option Period III (Operations - 1/01/2011 to 6/30/2011) - SDLCM Phase 6 -
Processing Year 2011 Operations
The Contractor shall carry out EFAST2 processing year 2011 operations, during which the
Contractor shall fully process Plan Year 2008, 2009, 2010, and 2011 filings, and shall perform
prior year processing on Plan Year 2007 and prior year filings.


C.1.4.3 Option Period IV - SDLCM Phase 6 - Processing Year 2011/2012 Operations
The Contractor shall carry out EFAST2 processing year 2011 operations, prepare and certify the
system for rollover to processing year 2012 operations, and shall carry out processing year 2012
operations.

C.1.4.3.1 Option Period IV (Operations/rollover - 7/01/2011 to 12/30/2011) - SDLCM Phase
6 - Processing Year 2011 Operations, SDLCM Phase 2/3/4/5 - Rollover to
Processing Year 2012
The Contractor shall carry out EFAST2 processing year 2011 operations during which the
Contractor shall fully process Plan Year 2008, 2009, 2010, and 2011 filings, and shall perform
prior year processing on Plan Year 2007 and prior year filings.

The Contractor shall prepare and certify the system for rollover to processing year 2012
operations.

C.1.4.3.2 Option Period IV (Operations - 1/01/2012 to 6/30/2012) - SDLCM Phase 6 -
Processing Year 2012 Operations
The Contractor shall carry out EFAST2 processing year 2012 operations, during which the
Contractor shall fully process Plan Year 2009, 2010, 2011, and 2012 filings, and shall perform
prior year processing on Plan Year 2008 and prior year filings.


C.1.4.4 Option Period V - SDLCM Phase 6 - Processing Year 2012/2013 Operations
EFAST2 RFP
Section C, Page 32 of 242
DOL069RP20266
The Contractor shall carry out EFAST2 processing year 2012 operations, prepare and certify the
system for rollover to processing year 2013 operations, and shall carry out processing year 2013
operations.

C.1.4.4.1 Option Period V (Operations/rollover - 7/01/2012 to 12/30/2012) - SDLCM Phase 6
- Processing Year 2012 Operations, SDLCM Phase 2/3/4/5 - Rollover to Processing
Year 2013
The Contractor shall carry out EFAST2 processing year 2012 operations during which the
Contractor shall fully process Plan Year 2009, 2010, 2011, and 2012 filings, and shall perform
prior year processing on Plan Year 2008 and prior year filings.

The Contractor shall prepare and certify the system for rollover to processing year 2013
operations.

C.1.4.4.2 Option Period V (Operations - 1/01/2013 to 6/30/2013) - SDLCM Phase 6 -
Processing Year 2013 Operations
The Contractor shall carry out EFAST2 processing year 2013 operations, during which the
Contractor shall fully process Plan Year 2010, 2011, 2012, and 2013 filings, and shall perform
prior year processing on Plan Year 2009 and prior year filings.

C.1.4.5 Option Period VI - SDLCM Phase 6 - Processing Year 2013/2014 Operations
The Contractor shall carry out EFAST2 processing year 2013 operations, prepare and certify the
system for rollover to processing year 2014 operations, and shall carry out processing year 2014
operations.

C.1.4.5.1 Option Period VI (Operations/rollover - 7/01/2013 to 12/30/2013) - SDLCM Phase
6 - Processing Year 2013 Operations, SDLCM Phase 2/3/4/5 - Rollover to
Processing Year 2014
The Contractor shall carry out EFAST2 processing year 2013 operations during which the
Contractor shall fully process Plan Year 2010, 2011, 2012, and 2013 filings, and shall perform
prior year processing on Plan Year 2009 and prior year filings.

The Contractor shall prepare and certify the system for rollover to processing year 2014
operations.

C.1.4.5.2 Option Period VI (Operations - 1/01/2014 to 6/30/2014) - SDLCM Phase 6 -
Processing Year 2014 Operations
The Contractor shall carry out EFAST2 processing year 2014 operations, during which the
Contractor shall fully process Plan Year 2011, 2012, 2013, and 2014 filings, and shall perform
prior year processing on Plan Year 2010 and prior year filings.


C.1.4.6 Option Period VII - SDLCM Phase 6 - Processing Year 2014/2015 Operations
EFAST2 RFP
Section C, Page 33 of 242
DOL069RP20266
The Contractor shall carry out EFAST2 processing year 2014 operations, prepare and certify the
system for rollover to processing year 2015 operations, and shall carry out processing year 2015
operations.

C.1.4.6.1 Option Period VII (Operations/rollover - 7/01/2014 to 12/30/2014) - SDLCM
Phase 6 - Processing Year 2014 Operations, SDLCM Phase 2/3/4/5 - Rollover to
Processing Year 2015
The Contractor shall carry out EFAST2 processing year 2014 operations during which the
Contractor shall fully process Plan Year 2011, 2012, 2013, and 2014 filings, and shall perform
prior year processing on Plan Year 2010 and prior year filings.

The Contractor shall prepare and certify the system for rollover to processing year 2015
operations.

C.1.4.6.2 Option Period VII (Operations - 1/01/2015 to 6/30/2015) - SDLCM Phase 6 -
Processing Year 2015 Operations
The Contractor shall carry out EFAST2 processing year 2015 operations, during which the
Contractor shall fully process Plan Year 2012, 2013, 2014, and 2015 filings, and shall perform
prior year processing on Plan Year 2011 and prior year filings.

C.1.4.7 Option Period VIII - SDLCM Phase 6 - Processing Year 2015/2016 Operations
The Contractor shall carry out EFAST2 processing year 2015 operations, prepare and certify the
system for rollover to processing year 2016 operations, and shall carry out processing year 2016
operations.

C.1.4.7.1 Option Period VIII (Operations/rollover - 7/01/2015 to 12/30/2015) - SDLCM
Phase 6 - Processing Year 2015 Operations, SDLCM Phase 2/3/4/5 - Rollover to
Processing Year 2016
The Contractor shall carry out EFAST2 processing year 2015 operations during which the
Contractor shall fully process Plan Year 2012, 2013, 2014, and 2015 filings, and shall perform
prior year processing on Plan Year 2011 and prior year filings.

The Contractor shall prepare and certify the system for rollover to processing year 2016
operations.

C.1.4.7.2 Option Period VIII (Operations - 1/01/2016 to 6/30/2016) - SDLCM Phase 6 -
Processing Year 2016 Operations
The Contractor shall carry out EFAST2 processing year 2016 operations, during which the
Contractor shall fully process Plan Year 2013, 2014, 2015, and 2016 filings, and shall perform
prior year processing on Plan Year 2012 and prior year filings.

C.1.4.8 Option Period IX - SDLCM Phase 6 - Processing Year 2016/2017 Operations
EFAST2 RFP
Section C, Page 34 of 242
DOL069RP20266
The Contractor shall carry out EFAST2 processing year 2016 operations, prepare and certify the
system for rollover to processing year 2017 operations, and shall carry out processing year 2017
operations.

C.1.4.8.1 Option Period IX (Operations/rollover - 7/01/2016 to 12/30/2016) - SDLCM Phase
6 - Processing Year 2016 Operations, SDLCM Phase 2/3/4/5 - Rollover to
Processing Year 2017
The Contractor shall carry out EFAST2 processing year 2016 operations during which the
Contractor shall fully process Plan Year 2013, 2014, 2015, and 2016 filings, and shall perform
prior year processing on Plan Year 2012 and prior year filings.

The Contractor shall prepare and certify the system for rollover to processing year 2017
operations.

C.1.4.8.2 Option Period IX (Operations - 1/01/2017 to 6/30/2017) - SDLCM Phase 6 -
Processing Year 2017 Operations
The Contractor shall carry out EFAST2 processing year 2017 operations, during which the
Contractor shall fully process Plan Year 2014, 2015, 2016, and 2017 filings, and shall perform
prior year processing on Plan Year 2013 and prior year filings.

C.1.4.9 Option Period X - SDLCM Phase 6 - Processing Year 2017/2018 Operations
The Contractor shall carry out EFAST2 processing year 2017 operations, prepare and certify the
system for rollover to processing year 2018 operations, and shall carry out processing year 2018
operations.

C.1.4.9.1 Option Period X (Operations/rollover - 7/01/2017 to 12/30/2017) - SDLCM Phase 6
- Processing Year 2017 Operations, SDLCM Phase 2/3/4/5 - Rollover to Processing
Year 2018
The Contractor shall carry out EFAST2 processing year 2017 operations during which the
Contractor shall fully process Plan Year 2014, 2015, 2016, and 2017 filings, and shall perform
prior year processing on Plan Year 2013 and prior year filings.

The Contractor shall prepare and certify the system for rollover to processing year 2018
operations.

C.1.4.9.2 Option Period X (Operations - 1/01/2018 to 6/30/2018) - SDLCM Phase 6 -
Processing Year 2018 Operations
The Contractor shall carry out EFAST2 processing year 2018 operations, during which the
Contractor shall fully process Plan Year 2015, 2016, 2017, and 2018 filings, and shall perform
prior year processing on Plan Year 2014 and prior year filings.

C.1.4.10 Option Period XI - SDLCM Phase 6 - Processing Year 2018/2019 Operations
EFAST2 RFP
Section C, Page 35 of 242
DOL069RP20266
The Contractor shall carry out EFAST2 processing year 2018 operations, prepare and certify the
system for rollover to processing year 2019 operations, and shall carry out processing year 2019
operations.

C.1.4.10.1 Option Period XI (Operations/rollover - 7/01/2018 to 12/30/2018) - SDLCM
Phase 6 - Processing Year 2018 Operations, SDLCM Phase 2/3/4/5 - Rollover to
Processing Year 2019
The Contractor shall carry out EFAST2 processing year 2018 operations during which the
Contractor shall fully process Plan Year 2015, 2016, 2017, and 2018 filings, and shall perform
prior year processing on Plan Year 2014 and prior year filings.

The Contractor shall prepare and certify the system for rollover to processing year 2019
operations.

C.1.4.10.2 Option Period XI (Operations - 1/01/2019 to 6/30/2019) - SDLCM Phase 6 -
Processing Year 2019 Operations
The Contractor shall carry out EFAST2 processing year 2019 operations, during which the
Contractor shall fully process Plan Year 2016, 2017, 2018, and 2019 filings, and shall perform
prior year processing on Plan Year 2015 and prior year filings.

C.1.5 Option Periods I (2nd Component), II-XI - SDLCM Phase 6 - Work &
Management Progress Reports
The Contractor shall produce Work & Management Progress Reports throughout all operations
periods, as described in Section C.24.12 and Section F.

C.1.6 Option Periods I (2nd Component), II-XI - SDLCM Phase 6 - Notification to
COTR of Problems, Errors, or Breach of Security
The Contractor shall monitor processing operations throughout all operations periods to verify
ongoing processing operations accuracy and compliance with the contractual requirements and
performance standards.

The Contractor shall notify the contracting officer’s technical representative (COTR) of
problems, errors, or breach of security, as described in Sections C.22 and C.24.13.

C.1.7 Option Periods I (2nd Component), II-XI - SDLCM Phase 6 - Production Control
Reports
The Contractor shall produce Production Control Reports throughout all operations periods, as
described in Section C.6.5 and the Schedule of Deliverables in Section F.

C.1.8 Option Periods I (2nd Component), II-XI - SDLCM Phase 6 - Quality Control
Reports
EFAST2 RFP
Section C, Page 36 of 242
DOL069RP20266
The Contractor shall produce Quality Control Reports throughout all operations periods, as
described in Section C.20.15.1 and the Schedule of Deliverables in Section F.

C.1.9 Option Periods I (2nd Component), II-XI - SDLCM Phase 6 - Documentation
Replacement Pages
The Contractor shall produce Documentation Replacement Pages throughout all operations
periods, as described in Section C.24.16 and the Schedule of Deliverables in Section F.

C.1.10 Option Periods I (2nd Component), II-XI - SDLCM Phase 6 - Contact Center
Daily Reports
The Contractor shall produce Contact Center Daily Reports throughout all operations periods, as
described in Section C.18.18 and the Schedule of Deliverables in Section F.

C.1.11 Option Periods I (2nd Component), II-XI - SDLCM Phase 6 - Configuration
Management Tracker Reports
The Contractor shall identify, describe, and record all defects, deficiencies, and system problems
that manifest themselves during operations in the Contractor’s configuration control
management, as described in Section C.25, whether the defects and deficiencies are identified by
the Contractor or the Government.

The Contractor shall provide the Government with access to the configuration management
reporting application, as described in Section C.15 and Section C.25. The application is used to
record Error Reports (ER) covering both system problems and system changes, as described in
Section C.25.

C.1.12 Option Periods I (2nd Component), II-XI - SDLCM Phase 6 - Transmission of
Structured Data Records to End Users
The Contractor shall produce customized data extracts throughout all operations periods to, as
described in Section C.15 and Attachment E.

C.1.13 Option Periods I (2nd Component), II-XI - SDLCM Phase 6 - Processing Year
Rollover
The Contractor shall conduct processing year rollover activities and produce the required
deliverables throughout all operations periods to, as described in Section C.17 and Section F.

C.1.14 Option Periods I (2nd Component), II-XI - SDLCM Phase 6 - Government
Monitoring of Operations
The Contractor shall support full-time, Government on-site ongoing monitoring throughout
operations. The government will assign monitors to inspect and monitor processing operations,
including but not limited to: electronic filing processing, contact center operations, quality
control procedures, performance standards measurement, production control reporting, and
EFAST2 RFP
Section C, Page 37 of 242
DOL069RP20266
invoicing and financial reporting. The Government may designate one or more third party
Contractors specifically tasked with conducting EFAST2 monitoring. The Contractor shall
provide routine access to Contractor facilities, personnel and records for Government monitoring
teams. Upon request, the Contractor shall supply government monitoring staff with copies of
documents to include, but not be limited to, all system documentation, computer programs, XML
filing data, tracking database information, quality control and invoicing tables, and other related
artifacts and information. The Contractor shall supply Government monitoring staff with routine
office space, desks, chairs, lights, and power outlet usage sufficient to host up to five
Government personnel at a time throughout the duration of this contract.

C.1.15 Option Periods I (2nd Component), II-XI - SDLCM Phase 6 - Government
Conduct of Compliance Reviews
The Contractor shall assist and support Government conduct of processing compliance reviews
to inspect Contractor processing operations, including but not limited to: electronic filing
processing, filing storage, performance standards measurement, quality control procedures,
invoicing, and related processing functions.

The Contractor shall assist and support Government conduct of security compliance reviews, as
described in Section C.22.

The Contractor shall assist and support the DOL Inspector General, IRS Inspector General,
Treasury Inspector General, General Accounting Office, DOL and IRS Chief Information Officer
systems and operations staff, and any other Government oversight groups approved by the COTR
in the conduct of targeted reviews of EFAST2 systems and management operations.

Up to four compliance reviews may be conducted by the Government per contract award period
throughout operations. The Government may designate one or more third party Contractors
specifically tasked with conducting EFAST2 reviews. The Contractor shall provide routine
access to Contractor facilities, personnel and records for auditors and other Government review
teams. Upon request, the Contractor shall supply Government review staff with copies of
documents to include, but not be limited to, all system documentation, computer programs,
transaction flow charts, tables and related information. Upon request, the Contractor shall supply
government auditing and review staff with copies of documents to include, but not be limited to,
all system documentation, computer programs, filing data, tracking database information, quality
control and invoicing tables, and other related processing artifacts and information.




EFAST2 RFP
Section C, Page 38 of 242
DOL069RP20266

C.2 STANDARDS
C.2.1 EFAST2 Performance Standards
EFAST2 performance standards emphasize timeliness and accuracy/completeness of all
processing and associated functionality, including electronic filing, distribution, web portal,
documentation, and the Contact Center. A set of standards exists for peak and non-peak
processing periods. The peak processing period is from July 1 through November 30. Non-peak
is from December 1 through June 30. The Contractor is free to propose alternate standards but
bears the burden of showing clear evidence of offsetting benefits in applicability, cost, or
efficiency. Exhibit C.2.1 contains the full set of EFAST2 performance standards to which the
Contractor shall adhere. The Government reserves the right to add or delete standards as
processing needs dictate.

C.2.2 Measurement of Standards
The Contractor’s performance against each of the standards listed in Exhibit C.2.1 shall be
reported by the Contractor during Option Periods II-XI in accordance with the requirements and
procedures described in Attachment I, Section F, and Section C.20. The Contractor’s
Independent Quality Control Unit (IQCU) shall be responsible for measuring the Contractor’s
performance against these standards using the methodology specified in Attachment I. The
Government will independently monitor EFAST2 functions, and evaluate the Contractor’s
performance as described in Attachment R, the Quality Assurance Plan (QAP). The QAP is
provided herein for information purposes only, and describes the approach and methodology the
Government intends to use in verifying the Contractor’s reported performance to ensure that the
standards are met.
EFAST2 RFP
Section C, Page 39 of 242
DOL069RP20266

Exhibit C.2.1 – Performance Standards
Standard
Reference
Number
Standard Applies
To

Statement of Standard
n = Peak /
Non-Peak
IFAS Web Service Requests
1.1
Web Service
Request Validation
/ Receipt
Timeliness
99% of all web service requests, including single filing
submissions, batch filing submissions, and filing status requests,
shall respond with a receipt or error message, as described in
Section C.10.4, within n seconds of receipt by IFAS.
60 / 30
1.2
Filing Acceptance /
Acknowledgement
Timeliness
99% of all filing submissions shall complete acceptance
processing in IFAS and generate an acknowledgment, as
described in Section C.10.4, within n minutes of receipt by IFAS.
20 / 10
1.3
Filing Acceptance /
Filing Status
Record Timeliness
99% of all filing submissions shall complete acceptance
processing in IFAS and generate a retrievable filing status
record, as described in Section C.10.4, within n minutes of
receipt by IFAS.
20 / 10
1.4
Filing Status
Record / Accuracy
n% of all filing status (tracking database) records shall be
complete and accurate, based on correct implementation of all
acceptance rules, including signature authentication, schema
validation, and edit tests.
99.99 / 99.99
IREG
2.1
IREG Application
Processing /
Timeliness
99.9% of applications for electronic filing credentials shall be
processed and unique IDs and random PINs issued to the
applicant’s supplied email address for complete and valid
applications within n minutes.
5 / 1
2.2
IREG Application
Processing /
Accuracy
n% of applications for electronic filing credentials shall be
accurately processed and unique IDs and random PINs issued to
the applicant’s supplied email address for complete and valid
applications, and no credentials issued for incomplete or invalid
applications.
99.99 / 99.99
2.3
IREG Forgotten
Credential
Requests /
Timeliness
99.9% of forgotten credential requests shall be processed and
emails containing the ID, PIN, and / or password issued to the
correct email address within n minutes.
5 / 1
2.4
IREG Forgotten
Credential
Requests /
Accuracy
n% of forgotten credential requests shall be accurately processed
and emails containing the ID, PIN, and / or password issued to
the correct email address.
99.99 / 99.99
2.5
IREG Revoked
Credentials /
Timeliness
99% of electronic filing credentials that are compromised or are
requested to be removed by applicants no longer participating in
Form 5500 series electronic filing shall be revoked within n
minutes of notification.
5 / 5
2.6
IREG Revoked
Credentials /
Accuracy
n% of electronic filing credentials that are compromised or are
requested to be removed by applicants no longer participating in
Form 5500 series electronic filing shall be accurately revoked,
and no credentials are inaccurately revoked.
99.99 / 99.99
System Availability
3.1
Web Portal /
Availability
The web portal and all its supported features (including IFILE,
IREG, IFAS) shall be available n% of time period between 5AM
EST through 3AM EST.
99 / 99
EFAST2 RFP
Section C, Page 40 of 242
DOL069RP20266

Standard
Reference
Number
Standard Applies
To

Statement of Standard
n = Peak /
Non-Peak
3.2
Disaster Recovery /
Availability
In the event of a disaster, the system shall be able to process at
least 50% capacity of filing submission, data dissemination, and
web portal requests expected daily within n
1
calendar days and
shall be able to process 100% capacity of filing system
submission, data dissemination, and web portal requests
expected daily within n
2
calendar days.
(5,30) /
(5,30)
IFILE
4.1
IFILE Response /
Timeliness
99% of IFILE server requests shall be resolved and HTML pages
returned to client’s workstation within n seconds.
10 / 5
Edit Test Masking
5.1
Edit Test Masking /
Timeliness
n% of edit test mask / unstable list changes shall be implemented
within 24 hours of Contractor receipt of revised edit test mask /
unstable list from the Government.
99.99 / 99.99
Data Distribution / Public Disclosure
6.1
Data Distribution /
Timeliness
99% of all filing submissions shall complete IFAS processing
and create a timely output data record ready for data
dissemination to all Government end user agencies and public
disclosure, as described in Section C.10.4, Section C.15,
Attachment E, and Attachment P, within n hours of receipt.
24 / 12
6.2
Data Distribution /
Accuracy
n% of all filing submissions shall complete IFAS processing and
create an accurate output data record ready for data
dissemination to all Government end user agencies and public
disclosure, as described in Section C.10.4, Section C15,
Attachment E, and Attachment P.
99.9 / 99.9
6.3
Data Distribution /
Timeliness
n% of Government “push” data distributions shall be delivered
timely, as described in Section C.15, Section F, and Attachment
E.
99.99 / 99.99
6.4
Data Distribution /
Completeness
n% of Government “push” data distributions shall be delivered
completely, such that all required data is delivered and no data
that is not required is delivered.
99.99 / 99.99
6.5
Public Disclosure
Queries / Response
Time
99% of public disclosure server queries shall be resolved and
HTML pages returned to client’s workstation within n seconds.
10 / 5
Web Content / Documentation
7.1
Web Portal Static
Content Changes /
Timeliness
99.9% of all changes to static content visible on the EFAST2
web portal, or content of any communication with filers,
software developers, or other third parties, shall be accurately
implemented as needed within n days of Contractor receipt of
Government’s request.
1 / 1
7.2
Web Portal
Dynamic Content
Changes /
Timeliness
99.9% of all changes to dynamic content visible on the EFAST2
web portal, or content of any communication with filers,
software developers, or other third parties, shall be accurately
implemented as needed within n days at the Government’s
request.
5 / 5
EFAST2 RFP
Section C, Page 41 of 242
DOL069RP20266

Standard
Reference
Number
Standard Applies
To

Statement of Standard
n = Peak /
Non-Peak
7.3
Documentation
Content Changes /
Timeliness
Within n work days of notification by the Government, 100% of
documentation or marketing material defects/deficiencies shall
be corrected as instructed by the Government and replacement
pages shall be delivered.
14 / 14
Contact Center
8.1
Contact Center /
First Call Contact
Resolution
Callers shall receive resolution during the initial call, without the
need for transfer, on n% of calls received.
90 / 90
8.2
Contact Center /
Service Level
95% of all calls shall be responded to within n seconds. 30 / 20
8.3
Contact Center /
Calls Abandoned
No more than n% of callers will abandon their call before being
answered.
5 / 5
8.4
Contact Center /
Calls Blocked,
Busy Signal
No more than n% of callers will receive a busy signal. 5 / 3
8.5
Contact Center /
Callbacks
Callers will receive a call back within n business hours. 4 / 2
8.6
Contact Center /
Email responses
Queries received by email or web form shall be responded to
within n hours / days.
24 hours / 2
days
8.7
Contact Center /
Response Accuracy
n% of phone, email or web queries to the Contact Center shall
receive accurate responses.
95 / 95

EFAST2 RFP
Section C, Page 42 of 242
DOL069RP20266

C.3 Key Personnel
Key personnel positions required under EFAST2 and defined in Section C.3 are skilled
professional positions and, as such, are considered exempt positions from the Service Contract
Act (SCA), as defined in FAR subpart 22.10.

C.3.1 Fully Trained Staff
The Contractor shall assign fully trained staff possessing the skills necessary to carry out the
functions specified in the contract, including management, technical, production, security,
financial, and other necessary tasks. The Contractor shall be responsible for all recruiting, hiring,
and training required to develop staff possessing the required skills necessary to carry out the
functions specified by the contract.
C.3.2 Security Clearance
The Contractor shall follow the personnel clearance, nondisclosure, and other security
requirements described in Section C.22 and Section H for all personnel assigned to work on the
contract. All assigned personnel must be a U.S. citizen or permanent resident, and undergo a
Minimum Background Investigation (MBI).
C.3.3 COTR Resume Review
The Contractor shall supply, for the Contracting Officer’s Technical Representative’s (COTR)
review, resumes for all additional or replacement key personnel before their assignment to this
contract. The COTR will evaluate the key personnel resumes in relation to the qualifications and
experience requirements of the labor category. The COTR will notify the Contractor in writing
of the acceptance or rejection of the additional or replacement key personnel. Subcontractors are
not excluded from this process and must supply resumes for the COTR’s review prior to any
additional or replacement key personnel being assigned to the contract. See Section G for
additional requirements regarding replacement of key personnel.
C.3.4 Absence
The Contractor shall ensure that essential tasks will be accomplished and operations will
continue uninterrupted despite the protracted absence of key personnel. In this context,
"protracted" shall mean a period greater than one month as, for example, in the event of
resignation, serious or extended illness, or accident.
C.3.5 Experience Equivalency
Specialized experience in data processing or analysis positions may be substituted for
undergraduate level college credit from an accredited college or university. Progressively
responsible experience in data processing or analysis positions at mid-range or senior levels may
be substituted for graduate level college study. One year of specialized experience is an
EFAST2 RFP
Section C, Page 43 of 242
DOL069RP20266

admissible substitute as one year of educational experience. Four years of specialized experience
is an admissible substitute for an undergraduate degree. Equivalent experience should be
significant professional experience on similar large complex electronic data processing systems.
C.3.6 Dedicated Positions
The Contractor shall not divert key personnel assigned to a specific function to other assignments
without advance written consent from the COTR. All key personnel shall be full-time, dedicated
positions. The Contractor shall assign a full-time project manager to oversee all aspects of the
project.
C.3.6.1 Project Manager
C.3.6.1.1 Project Manager Duties and Responsibilities
This position is a 100 percent, full-time, dedicated position throughout the duration of this
contract. If the Offeror lists an existing officer of corporate executive as Project Manager, that
person shall resign all other positions to assume the Project Manager’s position full time upon
award. The Project Manager is responsible for overseeing development of procedures and
policies for the overall management of the contract, and for overseeing the successful completion
of all EFAST2 deliverables on schedule and within budget. The Project Manager is responsible
for supervising all activities according to the standards established in this Statement of Work, to
include formulating, disseminating, implementing, and enforcing EFAST2 management,
administrative, technical, production, security, and quality control policies and procedures. The
Project Manager works collaboratively with the COTR, program managers, Government program
specialists and other officials to oversee all EFAST2 activities, including technical solution,
schedule, budget, and subcontractors. The Project Manager works collaboratively with the
Contractor’s chief quality control specialist, information security Officer, EFAST2 personnel,
subcontractor personnel, and senior executive staff to ensure the successful completion of the
EFAST2 on schedule and within budget. The Project Manager listens, understands, and responds
to problems and concerns raised by EFAST2 team members and the COTR and his
representatives during the course of the system life cycle, and recommends cost-effective and
efficient solutions to problems in terms that are easily understood by non-technical and technical
personnel. The Project Manager is responsible for the development and presentation of
specifications, diagrams, and other graphic and presentation materials that help to identify needs,
resolve problems, and brief Government personnel on EFAST2 status.
C.3.6.1.2 Project Manager Qualifications
The following are desirable, though not required, qualifications and experience for the position:
• Undergraduate college degree from an accredited college or university in a course of
study directly related to the requirements of this contract, or equivalent experience
EFAST2 RFP
Section C, Page 44 of 242
DOL069RP20266

• Project Management Institute Project Management Professional Certification (or
equivalent)
• Ten years of progressively responsible automated data processing systems or project
management experience, which includes at least 4 years of managing projects with 30
or more staff, including specialized subcontractors and consultants
• Demonstrated experience with large-scale, automated, data processing systems
• Demonstrated capability to successfully manage, coordinate, and complete large-scale
data processing systems, electronic filing, software development, and
hardware/software systems integration
• Demonstrated success in organizing, planning, directing, and coordinating data
processing project teams consisting of 30 or more technical staff, subcontractors, and
specialized consultants
• Demonstrated capability to prepare effective oral and written communications, and to
make presentations to all levels of Government management for planning and control
of activities, to formulate and review feasibility studies, to determine and adhere to
budgets, and to interpret policies of the contracting organization
• Demonstrated success in managing contracts (particularly cost-plus and fixed price)
providing expertise equivalent in complexity to those required for this contract
• Demonstrated working knowledge of federal procurement regulations, information
processing standards, prevailing electronic filing standards, prevailing security
standards (including FISMA), performance measurement standards (including
GPRA), gained through managing contracts with federal agencies to develop and
operationalize automated data processing systems
• Demonstrated success in implementing and enforcing quality control, configuration
control, and security standards.
• Demonstrated working knowledge of earned value management reporting (refer to
Section C.24 and Attachment N.2.1)

C.3.6.2 Computer Systems Analyst
C.3.6.2.1 Computer Systems Analyst Duties and Responsibilities
This position is a 100 percent, full-time, dedicated position throughout the duration of this
contract. The duties of the Computer Systems Analyst include, but are not limited to, designing
the system, supervising, controlling, and performing the technical activities needed to design,
build, test, and implement the system to ensure that project deliverables meet project
requirements. The Computer Systems Analyst reports directly to the Project Manager. The
Computer Systems Analyst establishes resource requirements, organizes team members, reports
on project progress and problems, initiates corrective action to keep deliverables on schedule and
within cost, prepares and evaluates written detailed technical specifications, and provides
EFAST2 RFP
Section C, Page 45 of 242
DOL069RP20266

technical guidance and instructions to project staff. The Computer Systems Analyst conducts or
participates in management analysis studies, defines information requirements, determines the
feasibility of proposed technical solutions, and recommends technical solutions that best
integrate the various system components. The Computer Systems Analyst also determines the
needs of the end user, assesses how all system components are expected to function given these
needs, and writes the specifications that will enable the components to perform as required.
C.3.6.2.2 Computer Systems Analyst Qualifications
The following are desirable, though not required, qualifications and experience for the position:
• Undergraduate college degree from an accredited college or university in computer
science, information systems management, mathematics, or other discipline related to
the requirements of this project, or equivalent experience
• Fifteen years of progressively responsible data processing experience, which includes
at least five years of experience as a team leader, at least ten years of experience as a
senior systems analyst, and at least five years of experience as a programmer
• Demonstrated experience with large-scale data processing systems, including ability
to successfully lead and complete efforts in substantial electronic filing, accurate data
capture, and data distribution within time and cost constraints
• Demonstrated success in organizing, planning, directing, and coordinating data
processing activities on project teams consisting of 20 or more technical staff,
including specialized subcontractors and consultants
• Demonstrated success in oral and written communications, including presentations to
Government management staff
• Demonstrated working knowledge federal information processing standards,
prevailing electronic filing standards, prevailing security standards (including
FISMA), performance measurement standards (including GPRA), gained through
working on contracts with federal agencies to develop and operationalize automated
data processing systems.

C.3.6.3 Chief Quality Control Specialist
C.3.6.3.1 Chief Quality Control Specialist Duties and Responsibilities
This position is a 100 percent, full-time, dedicated position throughout the duration of this
contract. The duties of the Chief Quality Control (QC) Specialist include, but are not limited to,
overseeing all QC efforts, including calculation and reporting of the performance standards
specified in Section C.2, overseeing the quality control function specified in Section C.20,
establishing written QC procedures and policies, monitoring the quality of all functions in the
production processing system, monitoring the quality of deliverable documentation and data
products, and ensuring the accuracy of the system software, manual operations, and equipment.
EFAST2 RFP
Section C, Page 46 of 242
DOL069RP20266

The Chief QC Specialist interacts with Government representatives or third party contractors
appointed by the Government to oversee QC procedures. The Chief QC Specialist ensures the
accuracy of notifications or error messages displayed to filers upon detection of filing errors. The
Chief QC specialist shall occupy a wholly independent position within the project structure,
reporting solely to an executive above the Project Manager level within the Contractor’s
organization.
C.3.6.3.2 Chief Quality Control Specialist Qualifications
The following are desirable, though not required, qualifications and experience for the position:
• Undergraduate degree from an accredited college or university in statistics,
mathematics, operations research, or other discipline related to the requirements of
this project, or equivalent experience
• Five years of quality control experience in a data processing environment
• Demonstrated experience in data analysis and statistical techniques, including
interpreting and producing quantitative and qualitative statistical data
• Demonstrated experience in automated data processing systems subject to the Privacy
Act of 1974 (refer to Attachment N.1.9) or similar state statutes, or equivalent
experience
• Demonstrated experience in quality control issues related to processing governmental
filings, including corresponding with filers to perfect filer submissions, or equivalent
experience
• Demonstrated experience conducting operations research or operations-oriented
appraisals
• Demonstrated experience in design, refinement, and implementation of sampling and
inspection plans, measurement techniques, operation procedures, and production
standards
• Demonstrated experience in software quality assurance methods, such as SEI-CMMI
(refer to Attachment N.2.4)
• Demonstrated working knowledge of performance measurement standards (including
GPRA and NIST), gained through working on contracts with federal agencies to
quantitatively measure and report quality for automated data processing systems
• Demonstrated success in implementing and enforcing quality control standards

C.3.6.4 Information Security Officer
C.3.6.4.1 Information Security Officer Duties and Responsibilities
EFAST2 RFP
Section C, Page 47 of 242
DOL069RP20266

This position is a 100 percent, full-time, dedicated position throughout the duration of this
contract. The duties of the Information Security Officer (ISO) include, but are not limited to,
overseeing all security operations, including personnel security, physical security of the facilities,
administrative security, and computer/network/telecommunications/Internet security. The ISO
serves as a single point of contact with the Government regarding all security matters related to
the contract.

The ISO manages and administers the Contractor’s Minimum Background Investigations (MBI),
paperwork completion, badge procedures, and employee hiring and termination procedures. The
ISO develops and maintains all physical security controls implemented for the contract, including
locks, cameras, and security controls during material transport. The ISO oversees all
administrative security controls, including designation and labeling of sensitive but unclassified
(SBU) data and federal tax information (FTI) data, records storage and management, and
development of security deliverables and documentation. The ISO works directly with the
System Administrator to oversee all system security controls of SBU/FTI data, including
computer, network, and telecommunications security controls, as well as to review all file access
and audit logs and to enable/disable system access for hired/terminated employees. The ISO
oversees secure transmission of SBU/FTI data products to and from the EFAST2 facility,
including delivery of data products to end users, archival of records, and offsite storage and
retrieval of system backups. The ISO reviews configuration control actions for potential security
implications and provides relevant feedback to developers to correct security defects or
deficiencies, as needed. The ISO manages and oversees conduct of security tests and audits
conducted by the Contractor, and supports the Government’s independent security tests
conducted by the Chief Information Officer, Inspector General, third party Government
Contractor designees, and other official Government representatives. The ISO develops security
awareness procedures and training, evacuation procedures, and disaster recovery / business
resumption plans and procedures. The ISO develops and maintains security documentation,
procedures, and policies for the contract.
C.3.6.4.2 Information Security Officer Qualifications
The following are desirable, though not required, qualifications and experience for the position:
• Undergraduate degree from an accredited college or university in information
security, computer science, operations research, or other discipline related to the
requirements of this project, or equivalent experience
• Computer Information Systems Security Professional (CISSP) certification, Global
Information Assurance Certification (GIAC), or equivalent.
• Ten years of information security experience of SBU/FTI data/document processing
or equivalent
• Demonstrated working knowledge of Government computer security standards, as
specified in NIST SP 800-53 (refer to Attachment N.1.19), U.S. Department of Labor
Computer Security Handbook (refer to Attachment N.1.26), and Treasury TDP 71-10,
Department of the Treasury Security Manual (refer to Attachment N.1.68)
EFAST2 RFP
Section C, Page 48 of 242
DOL069RP20266

• Demonstrated working knowledge of computer, network, electronic transmission,
telecommunications, and Internet security, including secure sockets layer (SSL)
technology
• Demonstrated working knowledge of prevailing federal requirements for computer
security, such as OMB Circular A-130 major application security and FISMA
• Demonstrated experience personnel, physical, administrative, and
computer/network/telecommunications/Internet security
• Evidence of recent successful performance as Information Security Officer under
contract to the Government, on a project with an outsourced data/document
processing system similar to this contract

C.3.6.5. Systems Administrator
C.3.6.5.1 Systems Administrator Duties and Responsibilities
This position is a 100 percent, full-time, dedicated position throughout the duration of this
contract. The duties of the Systems Administrator include, but are not limited to, installing,
testing, overseeing, and maintaining all production systems, including computer, network,
telecommunications, hardware, cabling, commercial off-the-shelf (COTS) software, backup
systems, and all other peripheral support systems. The Systems Administrator works with the
Information Security Officer to administer all aspects of computer, network, telecommunications,
and Internet security. The systems administrator works with the Computer Systems Analyst and
other members of the project team to develop the system according to the design specifications,
and to diagnose, troubleshoot, and debug system problems, as needed. The Systems
Administrator is responsible for ensuring timely resolution of system problems, including
ensuring that all equipment service contracts are maintained in force for the duration of the
contract.
C.3.6.5.2 Systems Administrator Qualifications
The following are desirable, though not required, qualifications and experience for the position:
• Undergraduate degree from an accredited college or university in management
information systems, computer science, or other discipline related to the requirements
of this project, or equivalent experience
• Ten years of information security experience of SBU/FTI data/document processing
or equivalent
• Demonstrated experience of computer, network, electronic transmission,
telecommunications, and Internet security, including secure sockets layer (SSL)
technology
EFAST2 RFP
Section C, Page 49 of 242
DOL069RP20266

• Demonstrated experience operating systems under prevailing federal requirements for
computer security, such as NIST 800-53 and DOL Technical Configuration Standards
Manual
• Demonstrated experience in managing and maintaining web systems and web services
• Evidence of recent successful performance as a systems administrator on a
Government outsourced data/document processing system of similar application,
scale, and complexity


C.3.6.6 System Test Engineer
C.3.6.6.1 System Test Engineer Duties and Responsibilities
The duties of the System Test Engineer include, but are not limited to, overseeing the
development of test plans and procedures, requirements analysis, and development of appropriate
test simulations. The System Test Engineer will have primary responsibility for designing and
administering the tests required to certify the operational readiness of the system. The System
Test Engineer reports directly to the project manager. The System Test Engineer has in-depth
technical knowledge of all hardware, software, subsystems, and associated technologies
encompassed by the system, and of the integration of these pieces in the development of a total
system. The System Test Engineer will design thorough testing procedures to ensure that the
system operates according to design.
C.3.6.6.2 System Test Engineer Qualifications
The following are desirable, though not required, qualifications and experience for the position:
• Undergraduate college degree from an accredited college or university in computer
science or electrical engineering, or other discipline related to the requirements of this
project, or equivalent experience
• Three years experience writing and executing software test plans and procedures for
electronic data processing systems
• Demonstrated experience developing and applying various types of systems tests,
including functional, regression, load and stress, and certification
• Demonstrated experience with various test strategies, including black-box and white-
box
• Demonstrated experience with large-scale data processing systems, including ability
to test all system components in a substantial electronic filing, data capture, and data
distribution
EFAST2 RFP
Section C, Page 50 of 242
DOL069RP20266

• Demonstrated success in organizing, planning, directing, and coordinating data
processing testing activities
• Demonstrated success in oral and written communications, including presentations to
Government management staff
• Familiarity with security requirements

C.3.6.7 Configuration Management Specialist
C.3.6.7.1 Configuration Management Specialist Duties and Responsibilities
The duties of the Configuration Management Specialist include, but are not limited to,
overseeing the establishment and maintenance of configuration control procedures for the
system. The Configuration Management Specialist identifies naming conventions for hardware,
software, and documentation elements; determines standard configurations for systems hardware
and software baselines; and develops and implements strict change control procedures for each.
Working with the Project Manager and other team members, the Configuration Management
Specialist will develop the baselines for all systems, develop and maintain configuration control
documentation, and provide guidance and assistance with project personnel in documenting and
approving engineering changes. The Configuration Management Specialist provides procedures
that are to be followed by end users, including Government and third party Contractor personnel,
to report system problems or to request system or requirements changes. The Configuration
Management Specialist reports directly to the Project Manager.
C.3.6.7.2 Configuration Management Specialist Qualifications
The following are desirable, though not required, qualifications and experience for the position:
• Undergraduate college degree from an accredited college or university in computer
science, information systems management, mathematics, or other discipline related to
the requirements of this project, or equivalent experience
• Seven years of progressively responsible data processing experience, which includes
at least three years of experience as a configuration management specialist in a
document or electronic data processing environment, and at least five years of general
experience with configuration control
• Demonstrated experience with large-scale document-processing systems, including
ability to successfully design and implement a configuration control specification for
a system of the comparable size and complexity
• Demonstrated knowledge of security as it relates to large scale document processing
systems
• Demonstrated knowledge of computer software and hardware systems
EFAST2 RFP
Section C, Page 51 of 242
DOL069RP20266

• Specific knowledge of computer software and hardware systems as they relate to
imaging, document processing, electronic filing, and related systems encompassed by
the system

C.3.7 Additional Labor Categories
The Contractor shall propose personnel in additional professional labor categories, such as
subject matter expert, web developer, forms redesign specialist, Internet filing specialist,
production line supervisor, Independent Quality Control Unit staff, project administrator,
technical writer, J2EE/XML developer, system architect, deputy project manager, senior systems
analyst, applications development manager, contact center manager, telecommunications
specialist, data management coordinator, Internet coordinator, web master, and related labor
categories, as needed.
EFAST2 RFP
Section C, Page 52 of 242
DOL069RP20266
C.4 System Inputs
C.4.1 Processable and Unprocessable Submissions Overview
This section provides a general description of EFAST2 system inputs. The Contractor is directed
to Section C.10.4, Section C.14, and Attachment P for the comprehensive requirements.

The Contractor shall receive and process Form 5500 returns/reports, including forms, schedules,
and attachments, in electronic form. The latest available Form 5500 series forms, schedules, and
instructions are contained in Attachment D.

Filing submissions shall either be considered processable or unprocessable, based on criteria
described in this section and further detailed in Section C.10.4.
C.4.2 Processable Submissions
Filing submissions shall be considered processable only if received via valid web service
requests.

Filing submissions include the following:
- Current Form 5500 series electronic returns/reports, including the primary form and
associated schedules and attachments.
- Prior year Form 5500 series electronic returns/reports, including the primary form and
associated schedules and attachments. For a list of Plan Years considered “current” or
“prior year” for each processing year, refer to Exhibit C.1.1.1, EFAST2 Project Activities
By Contract Period, Plan Year, and Processing Year. These submissions shall be subject
to the prior year filing process described in Section C.9, Section C.10.4, and Attachment
P.
- Amended Form 5500 series electronic returns/reports.
- Secured/Substitute Form 5500 series electronic returns/reports. These submissions are
not subject to edit testing as described in Section C.9, Section C.10.4, and Attachment P.

The Contractor shall validate all attempted filing submissions as described in Section C.10.4.
Filing submissions that meet the Government-defined message structure specified by WSDL and
pass XML threat detection shall be considered processable. Processable submissions shall be
evaluated and determined to be ‘accepted’ or ‘not accepted’ filings.





EFAST2 RFP
Section C, Page 53 of 242
DOL069RP20266
Exhibit C.4.1 Filing Terminology Tree


C.4.3 Unprocessable Submissions
Any invalid web service request shall be considered unprocessable. The Contractor shall
maintain a log containing information on invalid web service requests (unprocessable filing
submissions) as described in Section C.14. The unprocessable submissions shall also be made
available to the Contractor’s Contact Center.

Any other attempted mode of submission (other than via a valid web service request), including
paper, physical electronic media such as tape or CD, or manual file upload, shall be considered
unprocessable and not received by the Government, and not an “attempt to file.”

The Contractor may come into possession of unprocessable submissions, including
unprocessable submissions that cannot be predicted in advance. In the event that the Contractor
comes into possession of an unprocessable paper or physical electronic media submission, the
Contractor shall trans-ship this unprocessable submission to the Government for evaluation. The
Contractor shall work collaboratively with the Government and the filing public to prevent future
receipt of unprocessable submissions to the maximum extent possible.

C.5 Reserved
EFAST2 RFP
Section C, Page 54 of 242
DOL069RP20266
C.6 Production Operations and Control

C.6.1 Tracking Database Overview

The Contractor shall maintain a tracking database as defined in Attachment J. The purpose of the
tracking database is to support Production Control (PC) Reports as described in Section C.6.5
and Attachment J, to provide an auditable basis for measuring system performance, and to allow
Government users to review and query filing status information.

Supporting documentation requirements for invoices are specified in Section G.

C.6.2 Tracking Database and Records

The Contractor shall create a tracking database record for every processable filing as specified in
Section C.4.2, Section C.10.4, and Attachment J.

The Contractor shall distribute a snapshot of the tracking database to support the requirements of
government end user agencies, as described in Section C.15, Section F, and Attachment E. The
Contractor shall also provide web-based access to the tracking database as described in Section
C.15.

C.6.3 Filing Status Record Timeliness

The timeliness of the creation of tracking database records shall occur as described in
Attachment J and shall be subject to timeliness performance standards as defined in Section C.2.

C.6.4 Supplementary Tracking

The Contractor shall be free to supplement the requirements of Attachment J with additional
tracking database functionality or with other databases as necessary to meet its own production
control and management requirements. Any such supplementary tables or databases shall be
consistent and reconcilable with values of the data elements specified in Attachment J.

C.6.5 Production Control Reports

The purpose of Production Control (PC) Reports is to help the Government monitor the overall
status of EFAST2 production, analyze volume trends versus historical patterns, analyze
performance of edit tests, and track compliance with timeliness performance standards. PC
Reports shall contain the information described in Section J.3 of Attachment J. The Contractor
shall deliver Production Control (PC) reports throughout operations as specified in the Schedule
of Deliverables in Section F and Attachment J.

C.6.6 Large Plan Monthly Report

To assist the Government in monitoring year-to-year continuity of large plan filings, the
Contractor shall provide a Large Plan Monthly Report in accordance with Section F. The Large
Plan Monthly Report shall show the status of all filing submissions for fifty of the largest defined
benefit plans. The plans serving as the basis for the initial report will be identified by the COTR
EFAST2 RFP
Section C, Page 55 of 242
DOL069RP20266
as GFI during the Base Period, and will be updated periodically thereafter. The plans tracked in
the report may be changed by the COTR once per year at system rollover with the replacement of
obsolete plans. This monthly report shall indicate the following fields from the tracking
database:

• FILING-HEADER-EIN
• FILING-HEADER-PN
• FILING-HEADER-PLAN-YEAR-END
• FILING-ID
• True Duplicate Indicator
• Suspect Duplicate Indicator
• FILING-HEADER-AMENDED-IND
• FILING-STATUS

The report shall also include explanatory comments if needed, such as those provided by the data
management coordinator.

Note there will be multiple entries in the monthly report for a single plan. The report shall be
grouped by EIN and PN. The report shall show all filing records processed by the Contractor for
the identified plans.

C.7–C.8 Reserved
EFAST2 RFP
Section C, Page 56 of 242
DOL069RP20266
C.9 Special Processing
C.9.1 Prior Year Filing
A prior year filing is a filing that has a Plan Year Begin Date prior to the current plan years being
processed. If the Contractor receives a filing submission that has a Plan Year Begin Date prior to
the current plan years being processed, the Contractor shall set the Prior Year Indicator in the
Filing Header (FILING-HEADER-PRIOR-YR-IND). Filing submissions with FILING-
HEADER-PRIOR-YR-IND shall only be subject to Administrator and Sponsor signature tests.
The Contractor shall not be responsible for processing prior year filings until Option Period III,
beginning January 1, 2011. Beginning in Option Period III, the Contractor shall be responsible
for all prior year filings, which will be Plan Year 2007 and prior.

C.9.2 Record Retrieval
Any filing submission referred to in this Statement of Work, which is within the Contractor’s
possession, is subject to retrieval at the Government's request. The Contractor shall comply with
retrieval requests by providing a copy of the original submission in electronic form to the
Government within three (3) working days after receipt of the request. Electronic submissions
generally include original source files electronically filed in their native format to the
Contractor's processing center.

The Government believes that with electronic filing, any initial review can be completed by
reviewing distributed versions of the data rather than reviewing the actual electronic filing source
file in the native format in which it was received and stored by the Contractor. If the original
electronically filed source file in its native format is specifically requested by the Government the
Contractor shall retrieve and provide it to the Government in the requested format. The
Contractor shall honor Government requests for retrieval of electronic filing source files in their
native format as long as the electronic filings are in the Contractor's possession. The Contractor
shall store and maintain original filings in data repositories described in Section C.14.

The Contractor shall certify that retrieved original electronic filing source files are untouched or
unchanged. The Contractor shall establish an auditable system for retrieving and protecting
original source files, which includes proper identifiers. The Contractor shall send the requested
source files, via CD or email with a cover letter, to the COTR or COTR's designee. In instances
where a large number of source files need to be retrieved, an extended turnaround time may be
considered by the Government.

C.9.3 Secured/Substitute Filings
A secured/substitute filing is a filing submitted to the Contractor directly from Government
agencies, usually the IRS. These filings will be submitted using the IFILE application described
in Section C.10.5. A secured/substitute filing will be identified by a Government agent by
application of a valid Agent UserID. All filings received by the Contractor with a valid Agent
UserID shall have the Agent UserID logged in the Tracking Database. All secured/substitute
filing submissions are considered final, and are prevented from being subject to any edit testing
through the assignment of Bypass Code C. However, secured/substitute filings are subject to
schema validation and authentication of IRS or DOL signer’s credentials (Agent UserID).

EFAST2 RFP
Section C, Page 57 of 242
DOL069RP20266
C.9.4 Short Plan Year and Early Filings
Plans may have plan years that are less than 12 months, called a short plan year, which may be as
short as one day. This means that there may be current year filings eligible to be filed as early as
January 1 of the plan year covered by the filing. These short plan year filings must be fully
processed the same as a full plan year filing.

Additionally, plans may file prior to their due date, which are called early filings. To
accommodate early filings, the Contractor must be prepared to fully process filings for up to four
current years on January 1 of each year.

Short plan year and early filed Plan Year 2008 filings filed prior to January 1, 2009 shall not be
processed by the Contractor. Beginning with full processing operations on January 1, 2009
(Option Period I, 2
nd
Component), the Contractor shall be capable of processing all received Plan
Year 2008 and Plan Year 2009 filings.






EFAST2 RFP
Section C, Page 58 of 242
DOL069RP20266

C.10 Electronic Filing
The Contractor shall design, establish, and maintain a system for electronic filing of Form 5500
series returns. The electronic filing requirements are structured as follows.
1. General Requirements. Section C.10.1 contains the overall program requirements.
2. Web Portal. Section C.10.2 contains the web portal requirements, including access
to IREG, IFAS, IFILE, on-line documentation, FAQs, tutorial, links to other
related sites and links to approved software.
3. Internet-based Registration (IREG). Section C.10.3 contains the requirements for
access control to the web portal and electronic signature registration and credential
issuance. This section contains requirements for plan administrator, transmitter,
and software developer credentials.
4. Internet-based Filing Acceptance Service (IFAS). Section C.10.4 contains the
requirements for receipt, authentication, validation, acceptance/non-acceptance,
and generating the filing acknowledgement. It contains the requirements for the
overall filing structure of the transmission file, including message and filing header
information.
5. Internet-based Filing (IFILE) Application. Section C.10.5 contains the
requirements for the free, direct filing web interface (IFILE). It includes
requirements for the forms interface as well as saving, printing, and transmitting
filings.
6. Software Developer Electronic Filing Support. Section C.10.6 contains the
requirements for the Third Party Software Developer support program that allows
third parties to develop electronic filing software with which filers may complete,
validate and submit filings electronically. The program provides technical
specifications, technical support, testing, certification, and ongoing support to
Third Party Software Developers.
7. DER. Attachment P contains the technical Data Element Requirements (DER) for
all forms and schedules. This includes descriptions of all XML input elements,
validation rules, edit tests, conditions to accept/non-accept, generate receipts and
acknowledgments to filers, and Government language to provide filers for each
edit test failure or non-acceptance condition. The XML DER consists of schema
documentation (as generated by XMLSpy), xsd files, and XPATH definitions of
edit tests. The DER is updated annually and provided to the Contractor as
described in Section C.23.
8. IRD. Attachment E contains the Interface Requirements Document (IRD), which
contains the specifications for all filing information posted to EFAST2 data
repositories and distributed to end users. The IRD is updated annually and
provided to the Contractor as described in Section C.23.

EFAST2 RFP
Section C, Page 59 of 242
DOL069RP20266

C.10.1 General Requirements
The Contractor shall receive valid electronic filing submissions from certified third party
software or its free, direct filing web interface (IFILE). The Contractor shall ensure that all
electronic filings be submitted using Government-approved formatting. The Contractor shall
ensure all electronic filings submitted undergo Government-approved validation, authentication,
and edit testing. The Contractor shall return acknowledgements to the filer indicating whether
the filing was accepted. If the electronic filing is deemed unacceptable, the Contractor shall
provide the filer with a user-friendly message describing the error. The Contractor shall store all
submitted electronic filings per the data management requirements in Section C.14 with an
indicator as to the status of the filing (accepted or unaccepted). The contractor shall follow
adequate reconciliation procedures to ensure no data is lost between processes and follow the
Government’s production control requirements specified in Section C.6.
C.10.1.1 Standards Based Solution
The Contractor’s electronic filing solution shall be standards based. The requirements in this
Statement of Work use an XML-based solution along the lines of the IRS Modernized eFile
(MeF), which processes forms similar to the Form 5500, such as the Form 1120 Corporate
Income Tax. Proposals for solutions that are not XML-based should be accompanied with a
detailed analysis and justification for this design choice. Attachment N identifies Government
and Industry Standards applicable to this Contract.

C.10.1.2 Internet Communications
Transmission of filing data between either the IFILE application or third party software and the
Government’s filing acceptance system (IFAS) shall use the Internet and standard
communications protocols. The Contractor’s electronic filing solution shall ensure each
transmission of an electronic filing is protected by encryption in its entirety during Internet
transmission, according to Government and Industry Standards (e.g., minimum 128bit SSL). The
Contractor’s electronic filing shall use web service protocols as identified in Attachment N.
C.10.1.3 IFILE Usage
The Contractor shall devote resources in developing and maintaining components of the
electronic filing system in accordance with estimated usage. In the legacy EFAST system, 90
percent of filers submitted filings using third party software. The Contractor shall anticipate the
majority of filers will submit electronic filings using third party software as opposed to IFILE in
EFAST2.
C.10.1.4 Partial Filing Submissions
The Contractor shall instruct filers not to file part of the filing at one time and the remainder of
the filing at a later time. Partial electronic filings, such as an unattached schedule or attachment,
shall not be accepted by the filing acceptance system.

EFAST2 RFP
Section C, Page 60 of 242
DOL069RP20266

C.10.1.5 Communication for Accepted Filings
Electronic filings accepted by the Government shall be considered complete and final using
automated tests and processes. There shall be no additional communication with the filer to
perfect an accepted filing.


EFAST2 RFP
Section C, Page 61 of 242
DOL069RP20266

C.10.2 Web Portal
The Contractor shall develop, host, and maintain a secure, current, scalable, and user-friendly (as
defined by such authorities on usability and accessibility as http://usability.gov and http://w3.org)
EFAST2 web portal. The portal shall allow users to access a broad array of EFAST2 resources
and services at a consolidated location on the Internet. The Contractor shall develop the web
portal in accordance with all Government requirements regarding public websites including the
OMB Policies for Federal Public Websites, NIST publication 800-44 Guidelines on Securing
Public Web Servers, and the E-Government Act of 2002.

C.10.2.1 Users
The portal shall provide access to different audiences:

• Government users
• plan preparers, sponsors, and administrators
• plan participants
• third party filing participants (i.e., fiduciaries, accountants, and actuaries)
• software developers
• general public

C.10.2.2 Resources and Services
The Contractor shall provide the most current information and resources available for EFAST2
and electronic filing on the web portal. At a minimum, the Contractor shall develop the portal to
include the following resources and services:
• Obtain answers to “frequently asked questions” (FAQs) for all features and capabilities
• Obtain general Form 5500 series filing requirements and instructions via links to EBSA
and related websites
• Obtain a list of edit test and entity validation criteria, including a list of electronic filing
error codes and explanations for at least 10 of the most common errors and ways to avoid
the error conditions
• Obtain a description of EFAST2 Internet-based filing (IFILE) capabilities
• Obtain IFILE support material
• Allow user authentication in order to provide access to additional features and
functionality
• Obtain a list of Government-approved software and contact information for such
• Send questions electronically via email or web-form to the Contractor’s contact center
described in Section C.18
• Link to the data dissemination service described in Section C.15
EFAST2 RFP
Section C, Page 62 of 242
DOL069RP20266

• Register for electronic filing credentials described in Section C.10.3
• Link to DOL, IRS, PBGC, and FirstGov web sites.

C.10.2.3 Organization

The portal shall contain multiple web pages and links to applications for access by the various
user groups identified in C.10.2.1. The Contractor shall strive to make a simple, clear, and
consistent page layout that makes it easy for users to access and understand the information.
Web interfaces shall be user-friendly, allowing for easy navigation for less experienced computer
users. The Contractor shall follow the DOL External Linking Policy and the Editorial Style
guide identified in Attachment N and Attachment H.

C.10.2.3.1 Web Design and Layout

In order to provide a consistent and unified approach to EFAST and other DOL services, the
Contractor shall follow common design, navigation, and cross-functionality standards for
EFAST2. The Contractor shall adhere to the Web Community Standards for Design, Navigation,
and Cross-Functionality identified in Attachment N and Attachment H with regard to the
standard terminology, color palette & typography, standard page elements, visual hierarchy, and
global navigation and cross-functionality.

C.10.2.3.2 Homepage

The Contractor shall design a homepage that clearly communicates the purpose of the portal,
includes key words, presents general information to the user such as important notices or newly
released Government information pertaining to the Form 5500 series, and provides links to other
services available to the user. An integrated search and help component shall be accessible from
the home page as well as a listing of frequently asked questions and a site map. Authenticated
access to the homepage shall provide a direct link to all submitted filings for that individual as
described in Section C.10.2.4.

C.10.2.3.3 Help and Contact Information

The web portal shall account for both experienced and novice computer users. All pages shall
include links to “Help” and the homepage shall include links to “About EFAST2” and
“Frequently Asked Questions” pages. These pages shall contain general information about the
portal and contact information. The contact information shall include a directory of contacts
indexed by type of problem. For example, contact information shall be provided in case of
problems in the website, problems with the online filing application, or questions about the Form
5500 series.

C.10.2.3.4 Privacy Information

EFAST2 RFP
Section C, Page 63 of 242
DOL069RP20266

The web portal shall follow the policies and procedures regarding privacy policy and data
collection on federal web sites as specified in Attachments N and H. The web portal shall also
maintain the security of non-disclosable information as specified in Section C.22.

C.10.2.3.5 Cookies and Session Data
In order to provide stateful storage of information, session cookies or other session mechanisms
may be used and shall be managed by DOL policies identified in Attachments N and H..
Persistent cookies or other client side persistent storage mechanisms shall not be used. Session
cookies may be used provided that they do not threaten the privacy of individuals and do not
track users over time and across different web sites. Session information stored on an end users
computer or transferred over the Internet shall only be in the form of unique, non-sequential
identifiers. The actual state variables and metadata shall not be stored on the end user’s
computer. All session data shall be stored on the web portal servers or infrastructure and
internally referenced via this unique session identifier. Except for PDF readers, browser plugins
or any applications or helpers that require a user to download and/or install them are specifically
prohibited.
EFAST2 RFP
Section C, Page 64 of 242
DOL069RP20266

C
.
1
0
.
2
.
3
.
6

C
o
n
c
e
p
t
u
a
l

S
i
t
e

M
a
p

E
x
h
i
b
i
t

C
.
1
0
.
2
.
1

s
h
o
w
s

a

c
o
n
c
e
p
t
u
a
l

s
i
t
e

m
a
p

f
o
r

t
h
e

p
u
b
l
i
c

w
e
b

p
o
r
t
a
l

a
n
d

i
l
l
u
s
t
r
a
t
e
s

e
x
t
e
r
n
a
l

a
n
d

i
n
t
e
r
n
a
l

l
i
n
k
s
.

E
x
h
i
b
i
t

C
.
1
0
.
2
.
1




C
o
n
c
e
p
t
u
a
l

W
e
b

S
i
t
e

M
a
p




EFAST2 RFP
Section C, Page 65 of 242
DOL069RP20266

C.10.2.4 Authenticated Access – My Account
The portal shall provide the ability for an individual to login using their electronic filing
credentials, as defined in Section C.10.3. If the individual is successfully authenticated, the
portal shall allow the user to access additional services with their single sign-on. An SSL web
certificate using 128bit encryption (at a minimum) shall be used to secure authenticated services.
Once authenticated, the web portal shall provide a “My Account” page and feature that provides
authentication and single sign-on to IFILE, IREG (for users with existing accounts), FilingStatus,
and Contact Center web pages.

C.10.2.4.1 Filing Status
For non-Government users, the account information link (My Account) shall take the individual
to a FilingStatus web page that lists each submitted filing attributed to that individual’s UserID,
displaying at a minimum all relevant status and acknowledgement information returned in the
FilingStatusResponse schema, as specified in C.10.4. The FilingStatus web page shall list all
submitted filings that the user is either one of the signers or is the transmitter, including both
accepted and not-accepted ones. Upon the individuals’ selection of a filing from the FilingStatus
listing, EFAST2 shall display structured data for that filing in facsimile format including
associated attachments. Required display and print functionality is defined in Section C.15.
Exhibit C.10.2.2 shows an example of this functionality.
EFAST2 RFP
Section C, Page 66 of 242
DOL069RP20266

Exhibit C.10.2.2 – My Account Filing Status
C.10.2.4.2 Contact Center Web Form
The web portal shall provide a web form that allows authenticated users to submit a ticket to the
contact center service, as detailed in Section C.18.
C.10.2.4.3 New Filings
Once authenticated in the web portal, a user shall be able to easily create a new filing in IFILE.
The web portal My Account section shall have a link to allow the user to go directly to IFILE and
create a new filing.
C.10.2.4.4 Account Information
The web portal shall provide the end user with a summary of their account showing their contact
information and other pertinent information as defined in C.10.3, IREG. The end user shall also
have the ability to change the appropriate information as defined in C.10.3

EFAST2 RFP
Section C, Page 67 of 242
DOL069RP20266

C.10.2.5 Government Account
Functionality described in this segment shall be accessible by Government-approved personnel
only. Government users will log in with a UserID and PIN and be authenticated through IREG as
described in Section C.10.3. The Government account segment shall include the following
features:
• Provide authorized Government agents the capability to submit secured/substitute filings
using IFILE.
• Provide viewing and printing access to disclosable filing data, non-disclosable filing data
and system-generated data in facsimile format for filings based on the users access
permissions as described in Section C.15.
• Provide viewing and download access to tracking database records as described in
Section C.15.
• Provide access to contact center service ticket records.
• Provide access to configuration management records.
The Government account segment shall be used to provide information access for users of the
appropriate agencies, as described in Section C.15.

C.10.2.6 Incremental/Iterative Approach

The Contractor shall propose a web portal design, development, prototyping, and testing
schedule that includes multiple iterations and focuses on ensuring positive, forward progressing
development, per SDLCM. The Contractor shall provide for at least two levels of iterative
design detail for Government inspection and acceptance as specified in the Schedule of
Deliverables in Section F. The first design iteration shall consist of top-level pages that show the
general look, feel, layout, and flow of the web portal. The Contractor shall test top-level pages
for Government usability testing and inspection and acceptance. The second design iteration
shall consist of secondary-level pages that provide detail to the top-level pages and include
mockups of all required secondary pages. The Contractor shall test secondary-level pages for
Government usability testing and inspection and acceptance. The Contractor shall correct design
defects or deficiencies cited for top-level and secondary-level pages before proceeding to
development, prototyping, and further testing. The Contractor shall develop software prototypes,
test the prototypes, test the prototypes, and then make adjustments based on the test results and
prototype feedback. The Contractor shall provide tests of the web portal to groups of actual
users, including public and Government personnel, for user interface feedback and beta testing.
The Contractor shall correct defects and deficiencies cited by the Government at each iteration
before proceeding to the next iteration.


C.10.2.7 Web Portal Maintenance and Content Management

EFAST2 RFP
Section C, Page 68 of 242
DOL069RP20266

The Contractor shall institute a formal audit process of periodic portal audits and updates. The
audits shall check that all information is current and accurate, make new information available,
and check that all portal links are still operational. The portal shall include a method for users to
report errors or problems. The Contractor shall respond to all credible user feedback, correct
identified errors, and provide users with the status of any resolutions in a timely manner.

The Contractor shall establish web review and clearance processes that ensure public web
content is appropriately reviewed and cleared prior to publication and is maintained in
compliance with DOL Internet policy and standards. Attachment N and Attachment H specify
guidelines for the review and clearance process that the Contractor shall follow. The Contractor
shall employ a web review and clearance process that utilizes a web content management system
for organizing, facilitating, and continuously updating web content based on contact center and
other usability feedback.

C.10.2.8 Configuration

The Contractor shall design the web portal so that wide ranges of configurations are
accommodated. All pages shall be viewable on the Microsoft Windows, Macintosh, UNIX and
Linux platforms without the page layout or functionality changing significantly. All pages of the
web portal shall be viewable by the current versions of Microsoft Internet Explorer, Netscape
Navigator, Mozilla FireFox, and Opera browsers. As new browsers become available, the portal
shall continue to maintain backward-compatibility with at least one older version of each
browser. The portal shall maintain compliance with all Section 508 of the Rehabilitation Act (29
U.S.C 794d) requirements.

C.10.2.8.1 Accessibility

The portal shall be supported by the top industry standard web browsers such as Microsoft
Internet Explorer, Mozilla FireFox, Opera, and Netscape Navigator. The web portal shall be
multifaceted, providing EFAST2 information to partnering agencies, filers, software developers
and other involved parties. The web portal shall be developed and organized from the audiences’
point of view. Content shall be organized in ways that is understandable to each audience group.
The web portal shall provide easy access, be written in plain language, have consistent
navigation, have a search engine, and use standard metadata.

Web based viewing, searching, and access applications from the EFAST2 Web portal, and data
dissemination systems shall not require the user to download any software, driver, plug-in,
control, or browser extension in order to successfully use application features, nor shall any port
other than 80 and 443 be used. The Contractor is permitted to require the user to have or
download and install a PDF viewer for filing and facsimile viewing. Formats shall be limited to
HTML, XML, JPG, GIF, PDF and safe JavaScript. For on-line training delivery, use of
Macromedia Shockwave shall be permitted. The web methodology shall also be designed not to
require bypass of required firewall and proxy server features.The Website Design, web file
formats, and web methodology are subject to Government inspection and acceptance and security
evaluation.
EFAST2 RFP
Section C, Page 69 of 242
DOL069RP20266


C.10.2.8.2 Section 508 Compliance
Government designed web portals shall meet all requirements from Section 508 of the
Rehabilitation Act (29 U.S.C 794d). Section 508 requires federal agencies to ensure that their
procurement of information technology takes into account the needs of all users, include those
with disabilities. Approximately 8% of web users have disabilities preventing the traditional use
of websites. Compliance with section 508 requirements enables users with disabilities to access
the information provided on the website. The Contractor shall adhere to guidance for designing
accessible web pages specified in Attachments N and H.

C.10.2.8.3 Limited English Speaker Support

The Contractor shall direct non-English users of the web portal to the DOL public disclosure
office for assistance in navigating the web site. The Contractor is not required to translate web
pages.

C.10.2.9 Navigation

The web portal shall be organized in a way that allows users to easily locate information. The
portal shall minimize the number of steps and screens that a user must view before obtaining the
desired information. Each page shall indicate its relative location in the overall portal hierarchy.
The URL on each page shall be easily interpretable by users. This will assist users in
understanding where they are located in the hierarchy and in providing addresses to others.

C.10.2.9.1 Navigation Bar

All pages on the portal shall contain a main navigation bar that provides links to other major
sections of the portal. The main navigation bar shall be located in the same location on each
page. The main navigation bar shall include a search field and a link to the home page. The
Contractor shall adhere to the Web Community Standards for Design, Navigation and Cross-
Functionality identified in Attachments N and H when designing and implementing the page
elements, visual hierarchy, and global navigation and cross-functionality.

C.10.2.9.2 Scrolling

Except for meeting the requirements from Section 508 of the Rehabilitation Act (29 U.S.C 794d)
and other needs of users with disabilities, horizontal scrolling shall be minimized wherever
possible when the width of the browser is set to a standard size of 800x600. All page images
shall fit into the standard screen width. The use of vertical scrolling is acceptable.

C.10.2.9.3 Text

The text shall be well organized, properly formatted and clearly written. The Contractor shall
follow the Web Community Standards for Design, Navigation and Cross-Functionality identified
in Attachments N and H when designing and implementing the standard terminology, color
palette & typography.
EFAST2 RFP
Section C, Page 70 of 242
DOL069RP20266



C.10.2.9.4 Bandwidth

The Contractor shall consider the speed of user connections and the general levels of travel on
the web when designing the portal. The portal shall use compressed graphics formats, such as
GIF or JPEG to reduce download or access time. For files, the portal shall provide information
on the size of the file and allow users the option to download if they so choose.

C.10.2.9.5 Domain
The portal’s domain shall be exclusive to the U.S. Government: .gov, .mil, or fed.us. By using
domains that are exclusive to the Government, the public is assured that these are official
Government websites and that a Government agency is accountable for the website's content. The
Government will acquire the appropriate domain name and subdomain names and shall furnish
these to the Contractor (see Section C.23.12).
C.10.2.10 Federal Laws and Regulations
The EFAST2 portal and associated web pages shall follow federal government laws,
requirements, executive orders, policies, and guidelines as listed in Attachment N, Web Content
Federal Laws and Regulations
C.10.2.11 Procedures for Web Review and Approval Deliverable
The Contractor shall develop procedures for web review and approval in accordance with
requirements in Section C.10.2, Attachment H, and Attachment N. The Contractor shall deliver
Procedures for Web Review and Approval in accordance with the Schedule of Deliverables
Section F.


EFAST2 RFP
Section C, Page 71 of 242
DOL069RP20266

C.10.3 Internet Registration (IREG)

IREG requires filing participants to obtain EFAST2 electronic filing authentication credentials.
Registration begins when an applicant provides contact information on the EFAST2 IREG
website. Upon successful completion, the Contractor will provide the applicant with the
requested credentials. Exhibit C.10.3.1 below provides a summary illustration of this process.
The Contractor maintains electronic filing credentials in a secure data repository. In addition to
electronic filing credentials for applicants of IREG, the Contractor maintains credentials for
authorized Government users.

A potential enhancement to EFAST2 is integration with General Service Administration’s
approved e-Authentication credential service providers as described in Attachment O. In order
for the EFAST2 architecture to more easily conform to this potential enhancement, the
Contractor shall develop an authentication and signing function that can be modified with
minimal changes to IFAS, web portal, and related services.

Exhibit C.10.3.1 – Registration Procedure for Applicants
Applicant registers on
EFAST2 IREG website
Server checks that contact
information is complete,
creates credentials and new
IREG database record
Applicant obtains e-
mail, visits URL.
application
submission
e-mail containing
credentials and link to
secure URL
acknowledgement of receipt
Server stores timestamp in
associated IREG database
record and activates
credential


C.10.3.1 IREG Applicants

There are three types of applicants in IREG: filing transmitters, signers, and web portal users.

A transmitter is an individual or company/organization authorized by the plan sponsor or plan
administrator to submit electronic returns for the plan. Each transmitter is required to apply to
participate in the program and obtain an ID and PIN using IREG. These credentials enable the
registrant to submit single or batch filings to the Contractor. The transmitter is not necessarily
the plan administrator, employer, plan sponsor, or DFE for the plan submitted.

Signers are subdivided into three groups: plan administrators, employers/plan sponsors, and
DFEs. The three groups of signers are defined below.
EFAST2 RFP
Section C, Page 72 of 242
DOL069RP20266


• Plan Administrators - Each plan administrator is required to apply to participate in the
program and obtain an ID and PIN using IREG. These credentials are used to
electronically sign a Form 5500 as the plan administrator.
• Employers/Plan Sponsors - Each plan sponsor/employer is required to apply to
participate in the program and obtain an ID and PIN using IREG. These credentials
are used to electronically sign a Form 5500 as the employer/plan sponsor.
• DFEs - Each representative authorized to sign on behalf of the DFE is required to
apply to participate in the program and obtain an ID and PIN using IREG. These
credentials are used to electronically sign a Form 5500 as the DFE.

The same ID and PIN may be used for signing the Form 5500 as a plan administrator,
employer/plan sponsor, and/or DFE. Similarly, the same ID and PIN used for signing any
portion of the Form 5500 may be used as credentials for transmitting individual filings. Only
transmitters that send batches of filings (a.k.a., batch transmitters) will need separate credentials
that cannot be used for signing the Form 5500. Batch transmitters are companies/organizations
and not individuals.

Individuals wanting to use authenticated services provided through the web portal (such as
IFILE) would apply for an ID and PN through IFILE. Exhibit C.10.2.1 illustrates the web portal
services that require authentication. Note that third party attesters such as actuaries, accountants,
and fiduciaries are not required to apply for electronic filing credentials through IREG.
However, such individuals may wish to apply for electronic filing credentials so they can author
portions of filings, such as Schedule B, in IFILE.

C.10.3.2 Signing Credentials

There may be as few as one or as many as three signatures for one filing: plan administrator,
employer/plan sponsor, and/or DFE. Upon signing the filing, filing preparation software (either
IFILE or approved third party software) shall apply the signer’s electronic filing credentials
(UserID and PIN), name, and date to the Filing Header and the name and date to the Form 5500,
as described in Section C.10.4. Upon submission to the Government, the signatures are
authenticated by comparing the submitted credentials to the IREG credentials database as
described in Section C.10.3.6 and C.10.4. Filing software shall ensure a signatory’s electronic
filing credentials applied to a filing, in particular the PIN value, is not viewable or accessible by
any other signatories or persons. This restriction shall be implemented by the Contractor in
IFILE (reference Section C.10.5) and verified as part of the Contractor’s PATS test/certification
program for third party software (reference Section C.10.6).

C.10.3.3 Registration Application

The Contractor shall develop a web-based registration application for electronic filing
participation and associated instructions. The EFAST2 IREG website shall instruct all electronic
filing participants to submit an application for electronic Plan Year 2008 and later filings.
Registration shall establish an individual’s identity and associated organization. Through the
registration application, applicants shall be required to provide contact and associated
EFAST2 RFP
Section C, Page 73 of 242
DOL069RP20266

information. Contact information includes the following fields that must be completed unless
otherwise noted:

1. full name (required)
2. mailing address (required)
3. daytime phone (required)
4. fax (optional)
5. email address (required)

The application for electronic filing participation shall be completed in one session. Incomplete
applications shall not be saved or stored.

In developing the registration application, the Contractor shall consider means to guard against
web crawlers, web bots, and other such automated registration methods that may cause a denial
of service attack or erroneous registrations.

C.10.3.3.1 Validating Registration Application

The Contractor’s IREG system shall perform rudimentary validity checks to ensure registration
fields are complete and the e-mail address is unique to non-expired and non-revoked records in
the credentials database (see Section C.10.3.6.3). IREG shall notify the applicant if the supplied
e-mail address is not unique and point the applicant to the request for forgotten credentials
webpage (see Section C.10.3.6.2).

The IREG system shall make no further attempts to verify any of the applicant’s information to
ensure that the identity is real or that the applicant is authorized to file/sign the filing. If
registration fields are not validly completed or the e-mail address is not unique, IREG shall
notify and describe the error to the applicant.

C.10.3.3.2 Providing Credentials to IREG Applicants

Upon receipt of a complete and valid application, the IREG system shall automatically create a
unique ID and an initial random PIN. IREG shall issue those credentials within five (5) minutes
to the applicant’s supplied email address. The email message shall also contain a secure link to
IREG used to complete and activate the registration.

The ID shall be used to identify the applicant while the PIN shall be used to authenticate the
applicant. The ID is a unique identifier that shall not be modified. All IDs shall be 8
alphanumeric characters in the format of one (1) alpha character followed by seven (7) digits.
IDs shall be assigned in such a manner that they identify the type of user. For example:

• The first character of signer UserIDs and individual transmitters shall be character A
through W followed by seven (7) digits.
• The first character of ETIN for batch transmitters shall be character Y followed by
seven (7) digits.
• The first character of Government UserIDs shall be character X followed by seven (7)
digits.
EFAST2 RFP
Section C, Page 74 of 242
DOL069RP20266


The PIN shall be four (4) characters in length and allow only numeric characters. An individual
or batch transmitter may change the PIN following successful authentication.

Exhibit C.10.3.2 below summarizes credentials provided to electronic filing participants.

Exhibit C.10.3.2 - Credentials Issuance by Type of Electronic Filing Participant

ID PIN Password
Secret
Knowledge
Provided to Plan Administrators User ID Yes Yes Yes
Provided to Employers/Plan Sponsors UserID Yes Yes Yes
Provided to DFEs UserID Yes Yes Yes
Provided to Batch Transmitters ETIN Yes No No
Provided to MyAccount users UserID Yes Yes Yes


C.10.3.4 Government User Authorization and Credentials

In addition to IREG applicants described in Section C.10.3.1, the Contractor shall authenticate
Government users. Each Government user will be categorized in one of five Government user
groups: DOL EFAST2 Program Office, DOL Office of Compliance Assistance, DOL Other
Offices, IRS, and PBGC. The Contractor shall grant only authenticated Government users
access to information as described in Section C.15. The Contractor shall grant only
authenticated Government users the ability to denote a filing as secured substitute and subject to
special processing described in Sections C.9 and C.10.5.

The COTR will provide the Contractor with an initial list of users requiring Government
credentials. The Contractor shall generate IDs (a.k.a. AGENT-SECURITY-SIGNERID) and
PINs for each Government user. The Contractor shall enclose each ID and PIN pair in an
individually sealed envelope. All envelopes shall be submitted in one mailing to the COTR as
specified in the Schedule of Deliverables in Section F.

The COTR will provide notification to the Contractor of Government users that need new
credentials or those that need existing credentials revoked approximately once per week. The
Contractor shall provide new credentials to the COTR in individually sealed envelopes within 2
(two) workdays after receipt of the COTR’s request for new credentials. The Contractor shall
revoke credentials within 1 (one) workday after receipt of request for revocation of credentials.

Monthly, the Contractor shall provide a complete listing of users with Government credentials to
the COTR for review in accordance with the Schedule of Deliverables in Section F. The listing
shall be separated into five subparts, one for each Government user group, and indicate the user’s
full name in the Government user group to which they belong.

The Contractor may develop an automated process to receive credential requests from the COTR
and deliver monthly user listings to the COTR. Such a process must ensure the confidentiality
and integrity of transmitted information. However, new credentials must continue to be provided
in individually sealed envelopes and mailed to the COTR.
EFAST2 RFP
Section C, Page 75 of 242
DOL069RP20266


C.10.3.5 Passwords and Secret Knowledge

A user-selected password shall be required of individuals, including Government users, but not
batch transmitters. The password shall be required of the individual immediately following
initial authentication. The password shall be used to and allow modification of the individual’s
contact information and PIN. The password shall be at least 10 characters in length, allow
alphanumeric as well as special characters, and require at least one alpha character and one
numeric character. Secret knowledge (question and answer) shall be used to control the
individual’s password if it is forgotten. For the shared-secret, at least one of the following fields
must be completed, with the choice left up to the individual:

• date of birth (answer should be a valid date)
• place of birth (answer should be characters, alpha and special characters 2 to 20
characters in length)
C.10.3.6 Credential Authentication

IREG shall maintain a secure database of identities supporting authentication of web service
requests in EFAST2:

• Plan Administrators, Employers/Plan Sponsors, and DFEs apply their ID and PIN in
filing headers to sign the Form 5500.

• Government Users apply their ID and PIN in filing headers to denote a filing as
secured substitute.

• Transmitters apply their ID (ETIN) and PIN in message headers to authenticate filing
submissions and retrieve submission acknowledgments.

A registered applicant or Government user completing multiple plan filings shall be permitted to
use the same credential for all filings. IFAS shall verify that submitted filings have valid user
credentials by comparing the submitted credentials with the IREG database. Details of
authentication of electronic signatures and filing submissions by EFAST2 are described in
Section C.10.4.

Credentials in the IREG database shall also be used to authenticate the following website
requests as described Section C.10.2, Section C.10.5, and Section C.15:
• Login to web portal
• Submit filing through IFILE
• Get privileged information through the data dissemination service
• Change contact information, PIN, or Password
• Get forgotten credentials
• Get filing acknowledgement
EFAST2 RFP
Section C, Page 76 of 242
DOL069RP20266


Exhibit C.10.3.3 provides a summary of how credentials are used in the above electronic filing
requests.

Exhibit C.10.3.3 – Electronic Filing Credential Summary

ID PIN Password
Secret
Knowledge
E-mail
address
Used as electronic signature X X

Used in filing submission X X

Used to get filing acknowledgement X X

Used to modify contact information X X

Used to obtain forgotten credentials X
X

C.10.3.6.1 Changing Contact Information, PIN, or Password

Individuals may modify their contact information, PIN, or password at any time through the
IREG website. In order for the change to take affect, registered applicants must submit their ID
and password on the IREG website. The Contractor shall treat large numbers of change requests
as a security incident. If the ID and password entered matches a record in the IREG database,
the Contractor shall provide a viewable and printable change acknowledgement specifying the
field(s) changed, date, and time. If the ID and/or password entered does not match a record in
the IREG database, the Contractor’s web page shall notify the individual of the error. The
Contractor shall not specify which portion of the credential was incorrect (the ID or password)
but only state the applicant’s credentials were invalid.

Batch transmitters would not be able to modify their contact information or PIN and must re-
apply for a new credential if needed.

Individuals will not be allowed to modify their secret information and must re-apply for a new
credential if needed.

C.10.3.6.2 Get Forgotten Credential Authentication

The Contractor’s IREG website shall include a webpage for registered individuals who have
forgotten their ID, PIN, and/or password. The website shall have an automated challenge
requesting the individual’s email address and secret knowledge information supplied during
registration. The Contractor shall treat large numbers of forgotten credential requests as a
security incident. If the email address and secret knowledge entered matches a record in the
IREG database, the Contractor shall issue an automated email containing a secure link within
five (5) minutes. This secure link will take the user to a web page allowing the registered
applicant to change their ID, PIN, and/or password. If the email address and/or secret knowledge
entered does not match a record in the IREG database, the Contractor shall send an email to the
last supplied email address (from the forgotten credential webpage) notifying the individual of
the error. The Contractor shall not specify which portion of the credential was incorrect (the
email address or secret knowledge) but only state the supplied information did not match the
EFAST2 RFP
Section C, Page 77 of 242
DOL069RP20266

IREG database records and instruct the individual to apply for new credentials by submitting a
new IREG application.

Batch transmitters would not be able to retrieve their ID or PIN and must re-apply for a new
credential if needed.

C.10.3.6.3 Credentials Database

The Contractor shall store all IDs, PINs, passwords, and secret knowledge in a secure credentials
database. The PINs, passwords, and secret knowledge shall be encrypted while stored to provide
added security.

If an individual’s name, PIN, password, secret knowledge, or email address is changed, the
credentials database shall maintain a record of that change for the duration of the contract.

In the case where an applicant has initiated but not completed the registration process by
acknowledging the email in Exhibit C.10.3.1, the Contractor shall retain the incomplete
credentials database record for three (3) months. After three months the Contractor shall discard
the applicant’s credentials.

The Contractor shall design an authentication database, which may be a subset of the credentials
database or a separate database all together, such that it efficiently responds to IFAS validation
requests and is capable of meeting performance standards described in Section C.2. Valid
UserID-PIN and ETIN-PIN combinations shall be used to authenticate web service requests and
filing signatures with extremely high performance.


C.10.3.6.4 Revoked Credentials

The Contractor shall instruct users to call the Contact Center if an electronic filing credential has
been compromised or will not be used in the future. A credential may be deemed compromised
if an unauthorized individual has obtained it. If the caller provides a valid ID and corresponding
full name, the Contractor shall issue a notification to the e-mail address in the credentials
database and revoke the credential. The Contractor shall revoke the compromised credential
(ID) within five (5) minutes of notification. No filing shall be accepted using a revoked
credential after the expiration date. The expired credential shall remain in the IREG database but
be flagged as revoked.

Credentials that have never been used for three (3) consecutive calendar years will expire. The
Contractor shall instruct applicants with expired credentials to obtain a new credential by
submitting a new IREG application. No filing shall be accepted using an expired credential after
the expiration date. The expired credential shall remain in the IREG database but be flagged as
expired.

C.10.3.7 Kick-off Postcard

The Contractor shall design a kickoff postcard for all active filers. The Contractor shall develop
the postcard template for the Government’s review and acceptance as specified in the Schedule
EFAST2 RFP
Section C, Page 78 of 242
DOL069RP20266

of Deliverables in Section F. The postcard shall promote electronic filing by describing its
features and benefits and advising future electronic filing participants how to complete the IREG
application process. The postcard template shall include an electronic filing logo and key
messages promoting electronic filing. Pending Government resource availability and contingent
upon all necessary approvals, the Government will, at its option, generate, address, and mail the
postcards (including postage) to active plan administrators/sponsors.
EFAST2 RFP
Section C, Page 79 of 242
DOL069RP20266

C.10.4 Electronic Filing, Internet Filing Acceptance Service
The Contractor shall provide a high-performance, high-availability, and fully automated Internet
Filing Acceptance Service (IFAS) for accepting and processing electronic filing submissions.
IFAS functions include credential authentication, schema validation, data edit tests, return of
acknowledgment, creation and maintenance of tracking database records, and posting to data
management.
C.10.4.1 Overview
IFAS shall accept filing submissions and filing status requests from filers submitted using either
approved third party software or the Government IFILE application. Filing data shall be in XML
format consistent with the schemas specified in the DER, Attachment P. Details are provided in
Section C.10.4.3.
IFAS shall be implemented as a web service, consistent with applicable Internet standards
including SOAP and Web Service Description Language (WSDL), as described in Attachments
N and P. The operations supported by this web service shall include submission of filings and
retrieval of filing acceptance status. Details of web service interfaces and their corresponding
request and response messages are specified in Section C.10.4.4.
The Contractor shall establish the maximum allowable size of a batch filing submission web
service request to be 100 filings or 2 gigabytes (GB). In the rare event that a single filing,
including attachments, exceeds 2 GB, the Contractor shall make special arrangements with the
filer to receive and process the filing, and work with the filer to reduce the size of future
submissions.
IFAS functionality may be described as three parts:
• service request validation
• IFAS front end, and
• IFAS back end.
Service request validation shall authenticate all messages received by IFAS. These checks
include authentication of EFAST2 message header elements indicating approved transmission
software (TransmissionSoftwareId) and registered transmitter (TransmitterId), and validation of
the message structure schema, including SOAP envelope. Service request validation is
considered by the Government to be part of EFAST2 system security. Messages failing service
request validation shall be considered not processable and not received by the Government, and
any filing submissions contained in such messages shall not be considered an “attempt to file.”
All filings contained in messages passing service request validation shall be considered attempts
to file, whether or not they pass IFAS acceptance processing. Service request validation status
EFAST2 RFP
Section C, Page 80 of 242
DOL069RP20266

shall be returned either via a response message (valid request) or fault message (invalid request).
Only valid service requests shall be passed to IFAS front end processing. Details of service
request validation are specified in Section C.10.4.5.
IFAS front end. The primary function of IFAS front end shall be to determine whether or not
the Government accepts the filing submission, and to record such determination in a filing status
record. Filing status information shall be made available to authorized filers via the EFAST2
web portal, and shall be returned to authorized transmitters in response to a filing status request.
IFAS shall make determination of filing status automatically with no human intervention.
Whether or not the filing is accepted, IFAS front end processing shall create a filing record in the
Tracking Database. The Tracking Database supports queries and reports used for invoicing,
production control, entity research, and monitoring performance standards; details are specified
in Attachment J. The IFAS front end also shall archive the XML submission message in the
Input Message Archive, described in Section C.14. Complete details of IFAS front end
functionality are specified in Section C.10.4.6.
Any filing submission that completes all validation, authentication, and edit tests with no errors
at a severity level of “Reject” or “Reject and Stop” shall be determined by IFAS to be accepted
by the Government. A filing submission that fails any validation, authentication, or edit test with
a severity level of “Reject” or “Reject and Stop” shall be determined to be not accepted by the
Government.
Status of all filing submissions, whether judged accepted or not accepted, shall be recorded in the
Filing Status Database, which is described in Section C.10.4.8. Filing status records called
acknowledgments may be retrieved in response to a filing status request or retrieved manually
through the EFAST2 web portal. See Sections C.10.4.4.8.2 and C.10.2 for details.
IFAS back end. If IFAS determines a filing status of accepted, processing of the filing shall
continue to the back end. The primary purpose of back end processing is to transform XML
filing data into the structured output data records delivered to the Government. XML output
records shall be created consistent with the ProcessedFiling schema described in Attachment P.
As described in Section C.15, the Data Dissemination component of EFAST2 shall translate
these XML output records into structured data for distribution to Government and public end
users. Details of IFAS back end functionality are specified in Section C.10.4.7. Detailed
formatting requirements for structured data dissemination are specified in Attachment E.
C.10.4.2 Sources of Processable Submissions
Authentication of processable submissions shall validate both the software used to transmit the
request message and the person or organization performing the transmission. The first shall be
EFAST2 RFP
Section C, Page 81 of 242
DOL069RP20266

indicated by the TransmissionSoftwareId element in the EFAST2 message header; the second
shall be indicated by the TransmitterId element in the EFAST2 message header.
IFAS shall consider processable filing submissions from the following sources only:
• IFILE. IFILE is a free limited-function web application allowing the creation of
Form 5500 series returns/reports. See the IFILE section of this SOW for a complete
description of IFILE. Each submission from IFILE to IFAS shall be limited to a
single filing. The TransmissionSoftwareId shall indicate the source as IFILE. The
TransmitterId and associated PIN shall be the registration credentials (UserId and
PIN) of the individual submitting from IFILE. See the Section C.10.3 for a
description of the registration process and credentials.
• Certified third party software. In the current EFAST program, approximately three
quarters of filings are prepared with certified third party software, and the
Government expects that to continue in EFAST2. Third party software shall receive a
TransmissionSoftwareId only after rigorous PATS testing and certification, as
specified in Section C.10.6 of this SOW. Submissions from third party software may
include multiple filings in a single batch transmission. When the transmitting
software is hosted by an organization on behalf of multiple filers (i.e., more than one
EIN), such as a service provider web site, the TransmitterId and associated PIN shall
be the ETIN and PIN of that organization. When the transmitting software is hosted
by an individual on behalf of a single EIN only, such as on the filer’s desktop, the
TransmitterId and associated PIN shall be the UserId and PIN of that individual. See
Section C.10.3 of this SOW for a complete description of the registration process for
both UserId and ETIN.

C.10.4.3 Filing Data
C.10.4.3.1 Processable Submissions
Filing submissions shall be received only via valid web service requests. Any other attempted
mode of submission, including paper, physical electronic media such as tape or CD, email or
FTP upload to the Government, shall be considered unprocessable and not received by the
Government, and not an “attempt to file.” Processable submissions to IFAS shall be well-formed
XML conforming to standard SOAP envelope and the Government-defined message structure
specified by WSDL and XML Schema. For more details on Processable Submissions, see
Section C.4.
C.10.4.3.2 Filings, Forms and Schedules
A processable submission may contain one or more filings, each composed of one or more forms,
schedules, and attachments. Each filing shall be formatted as XML data consistent with XML
EFAST2 RFP
Section C, Page 82 of 242
DOL069RP20266

Schema specifications published by the Government for the Form Year specified in the filing
header, as described in the DER, Attachment P. These schemas specify whether each data
element is required or optional, how many times it may occur, and the order and hierarchy of
elements in the filing data. In addition, the type specified for each element further defines the
values and formats valid for that element. Any filing containing schema validation errors shall
be not-accepted by IFAS.
The schema defines two kinds of filings:
• Regular filing. A regular filing consists of a required Form 5500 and optionally
any combination of schedules and attachments. The schema for a regular filing
consists of a FilingHeader element and a FilingData element.
• Short form. A short form filing consists of a required Form 5500-SF and
optionally a Schedule B and associated attachments. The schema for a short form
filing consists of a FilingHeader element and a ShortFormData element.
Other combinations of forms and schedules shall be schema-invalid and not accepted.
C.10.4.3.3 Form Years and Versions
Government-defined XML schemas and edit tests for all EFAST2 forms and schedules are
subject to annual changes. Each set is designated by a form year, corresponding to the year
appearing in the printable rendition of the forms. IFAS shall determine the form year schema and
edit test set to be applied from filing header values. IFAS shall not accept any filing submission
that is invalid with respect to the schema applicable for its form year.
It is possible that a form year schema may be revised to correct problems detected after
implementation. In that case, latest version of a form year schema set shall be used to validate
submissions.
In each processing year, only certain form years shall be valid as current year filings by IFAS. In
addition, beginning in Option Year III, filings from plan years prior to valid current years may be
submitted as prior year filings (PYF) using a valid current year schema (form year). For current
year filings, the form year must match the plan year of the filing, which is determined by the
Plan Year Begin Date. However, for prior year filings, the form year will be different from the
plan year. See Sections C.10.4.3.7 and C.1.1 for further details.
C.10.4.3.4 Filing Header
The Filing Header is an XML structure at the head of each filing. Its schema is intended to be the
same for regular and short form filings and unchanged from one form year to the next. The
Filing Header identifies the plan entity and year covered by the filing, the schema version used to
EFAST2 RFP
Section C, Page 83 of 242
DOL069RP20266

prepare the filing, prior year indicator, and other information required by IFAS to determine the
appropriate set of validation rules to apply. It also holds the signature of the plan administrator,
sponsor or DFE, and in special cases a Government agent identifying the filing as a
secured/substitute return. The FilingHeader element shall not be directly editable by filers, but
instead shall be populated only by IFILE or certified third party software, automatically each time
the assembled filing is signed.
A graphical depiction of the FilingHeader element is shown below.
EFAST2 RFP
Section C, Page 84 of 242
DOL069RP20266

Exhibit C.10.4.1 – FilingHeader Schema

The FilingHeader elements are described in the following exhibit.
EFAST2 RFP
Section C, Page 85 of 242
DOL069RP20266

Exhibit C.10.4.2 – EFAST2 Filing Header Elements
Element Definition
FilingId 20-character unique identifier for the filing submission. Format: UserId +
timestamp of last signing (YYMMDDhhmmss). The UserId identifies the last
signer of the filing. Element is overwritten each time the filing is signed. If the
filing is modified and resubmitted (e.g. after failing IFAS acceptance), a new
FilingId is required.
Timestamp Date/time filing was last signed by administrator, sponsor, DFE, or Government
agent. Element is overwritten each time the filing is signed.
EIN 9-digit Employer Identification Number of Sponsor or DFE, copied from Form
5500 or 5500-SF.
PN 3-digit Plan Number, copied from Form 5500 or 5500-SF.
PlanYearBeginDate Copied from Form 5500 or 5500-SF. Determines the plan year for the filing.
PlanYearEndDate Copied from Form 5500 or 5500-SF.
AmendedInd Optional indicator, copied from Form 5500 or 5500-SF. Value “1” indicates an
amended filing
RefAckId For amended filings only, a reference to the original submission, identified by
AckId.
FormYear Identifies the form set used to prepare the filings, a 4-digit year. This is used by
IFAS to select the schema and edit test version used to validate the submission.
Only certain form years are valid current years in each processing year.
FormVersion Optional. Identifies the version of the schema and edit tests used to prepare the
filings.
PriorYearInd Optional. Identifies the submission as a prior year filing.
FilingSoftwareId Credential of certified software package used to sign the filing. Certification
criteria are described in Attachment G. Element is overwritten each time the filing
is signed.
AdminSignature AdminSignature/SignerId, PIN, SignedDate, and SignedName
SponsorSignature SponsorSignature/SignerId, PIN, SignedDate, and SignedName
DfeSignature DfeSignature/SignerId, PIN, SignedDate, and SignedName
AgentSecurityCode For secured substitute returns, AgentSecurityCode/SignerId, PIN, SignedDate,
and SignedName

C.10.4.3.5 Regular Filing, FilingData Element
The schema for the FilingData element using in a regular filing is shown below. The Form 5500
element is required by the FilingData schema; elements for all other forms, schedules, and
attachments are optional in the schema, although edit tests may require them to be present in
order for the filing to be accepted.
EFAST2 RFP
Section C, Page 86 of 242
DOL069RP20266

Exhibit C.10.4.3 – FilingData Schema

Detailed specifications of all form, schedule, and attachment data elements are provided in the
DER, Attachment P. A fragment of the Form 5500 schema is illustrated below. The DER
includes complete schemas for all filing data elements and schema validation error text for each
defined datatype.
EFAST2 RFP
Section C, Page 87 of 242
DOL069RP20266

Exhibit C.10.4.4 – Fragment of Form 5500 schema. Solid outline indicates required
element; dashed outline indicates optional element.

C.10.4.3.6 Short Form Filing, ShortFormData Element
EFAST2 introduces short form filing based on the new Form 5500-SF, and optionally Schedule
B and Attachments. Other forms and schedules are invalid in the ShortFormData element. The
schema for ShortFormData is shown below.
Exhibit C.10.4.5 – ShortFormData element

EFAST2 RFP
Section C, Page 88 of 242
DOL069RP20266

C.10.4.3.7 Prior Year Filings
Beginning in Option Year III, prior year filing is available when the form year associated with the
filing’s plan year is not valid for the current processing year. Prior year filings, whether regular
or short form, shall be submitted using the schema for a valid current form year, with a prior year
indicator set in the filing header. Prior year filings shall be subject to the same schema validation
requirements as current year filings but a minimal set of edit tests.
The Contractor shall not process prior year filings at the start of EFAST2 operations but shall
implement prior year processing beginning with Option Period III processing year 2011 rollover,
which is set to coincide with the closeout and transition of EFAST. EFAST will fully process all
ERISA filings up through plan year 2007. Upon closeout and transition of EFAST, the EFAST2
Contractor shall commence fully processing all prior year filings, including plan year 2007 and
prior year filings. An edit test shall not accept filings in which the Prior Year Indicator in the
Filing Header is invalid for the specified form year and processing year. See Exhibit C.1.1.1 for
additional requirements related to prior year processing.
EFAST2 RFP
Section C, Page 89 of 242
DOL069RP20266

C.10.4.3.8 Attachments
In addition to forms and schedules, EFAST2 allows submission of attachments. For some
filings, edit tests may require the presence of specific attachments. EFAST2 attachments are
XML structures combining structured elements and a single unstructured attachment body
(document) element. The Attachments element schema is shown below.
Exhibit C.10.4.6 – Schema for Attachments element

EFAST2 RFP
Section C, Page 90 of 242
DOL069RP20266

The DER distinguishes between the Accountant Opinion, Extensions, and other attachment
types. The Accountant Opinion and Extension document elements shall be accepted only as
Adobe PDF format. Document elements of all other attachments may be submitted either in plain
text or PDF. No other document formats shall be valid for the attachment body element.
Specifically, the only binary document type allowed by EFAST2 is PDF.
C.10.4.3.8.1 Accountant’s Opinion
The Accountant’s Opinion (AO) shall be provided as a PDF document only. The PDF is
intended to hold a scanned image of a signed paper Accountant’s Opinion.
C.10.4.3.8.2 Extensions
The EFAST2 filer instructions define various types of extensions of time to file and the
procedures for requesting an extension. When filing under an extension, the extension request
must be submitted as a PDF attachment. Specifically, original extension request must be
submitted as a PDF within the Extension attachment element. The particular type of extension is
indicated by the ExtensionTypeCode value and optionally, a Name.
C.10.4.3.8.3 Other Attachments
Except for the Accountant Opinion and Extensions, the specific type of attachment is defined by
its AttachmentTypeCode value. Enumerated values of the AttachmentTypeCode element have
been predefined for each attachment described in the filing instructions. In addition to the
predefined attachment types, user-defined attachments shall be allowed using the
OtherAttachment type.
C.10.4.3.8.4 Binary Attachment Encoding
Efficient inclusion of binary document formats such as PDF in web services and other message-
based communications poses well-known problems. For example, IRS Modernized eFile v3.2
A2A channel today provides duplicate service implementations, one based on SOAP with
Attachments (MIME) and another based on DIME, in order to accommodate both J2EE-based
and Microsoft-based client software. In EFAST2, the Government prefers a less complex
solution, and one in which the entire filing structure, including binary attachments, can be
described by XML Schema.
In the DER, PDF attachment bodies are specified as base64Binary encoded content. While this
encoding is consistent with WSDL standards, it incurs bandwidth overhead when used as a wire
format with SOAP 1.1. In SOAP 1.2, a newer approved standard, a feature called Message
Transmission Optimization Mechanism (MTOM) transparently removes the encoding overhead
on the wire while retaining the ability to specify the entire filing, including schedules and
attachments, within the XML envelope, where it can be validated by XML schema and XPATH-
EFAST2 RFP
Section C, Page 91 of 242
DOL069RP20266

based edit tests (business rules). MTOM also provides a common standard supported by both
J2EE and Microsoft messaging libraries.
The DER specification of binary attachments as base64Binary encoded anticipates wide
availability of SOAP 1.2 and MTOM in EFAST2 operations, and this is the Government’s
preferred method of supporting binary attachments in EFAST2. For example, SOAP 1.2 and
MTOM are currently supported by Ajax2, the Apache SOAP implementation, available in
preliminary form. However, should SOAP 1.2 and MTOM not be readily available in
commercial off-the-shelf (COTS) software during the development, scale up, or operational
periods of EFAST2, proposals for alternative handling of binary attachments using COTS, such
as WS-Attachments, DIME, or SOAP with attachments, will be allowed.
C.10.4.4 Web Service Interface
IFAS shall be implemented as a web service. The operations it exposes to filers and transmitters,
and their respective request and response message schemas, shall be described by WSDL, a W3C
standard, or successor/equivalent standard.
The specifications in this SOW are based on current versions of web services standards widely
available in COTS today. These include SOAP 1.1, WSDL 1.1, XPath 1.0, WS-I SOAP Binding
Profile, and related standards. However, it is anticipated that the final SOW may be based on
successor versions of these standards.
C.10.4.4.1 WSDL
A draft WSDL for IFAS, based on WSDL version 1.1, is provided in the DER. The WSDL
describes the relationships between IFAS operations, messages, and the data element schemas
specified in the DER.
The Contractor shall be allowed to modify this draft WSDL, in consultation with the
Government, if it can demonstrate that such modification would result in improved efficiency,
security, reliability, performance, cost, ease of client implementation, or functionality, or to
correct errors in the draft. The Government recognizes that web services standards change
periodically, and intends that the Contractor’s IFAS implementation be based on versions of
WSDL, SOAP, and associated standards appropriate to the operating periods of this SOW and
supported by widely available commercial off-the-shelf (COTS) software. Thus the WSDL and
message types provided in the DER and described in this section should be interpreted as
functional requirements for IFAS operations rather than a strict technical specification. Bidders
are encouraged to propose alternative WSDL specifications if they are consistent with the
required functionality. The current web standards applicable to this SOW are identified in
Attachment N.
EFAST2 RFP
Section C, Page 92 of 242
DOL069RP20266

IFAS shall expose three operations as specified by the WSDL:
• SendSubmissions. This operation transmits a filing or batch of filings to IFAS. The reply
indicates receipt of the filings by the Government but not their acceptance status.
• GetSubmissionStatus. This operation requests acceptance status information for a
specific list of SendSubmissions requests identified by RequestId, and is authorized only
for the original transmitter. The reply is a set of filing status records called
acknowledgments.
• GetFilingStatus. This operation requests acceptance status information for a list of filings
identified by FilingId, and is authorized only for signers or the transmitter of the original
submission. The reply is a set of acknowledgments.
Each web service operation shall be invoked by a specific request message and shall return a
specific response message or fault message, in accordance with WSDL and the SOAP protocol.
The WSDL specifies the name and structure of each request, response, and fault message,
elements of which are defined in detail in the DER.
C.10.4.4.2 Message Structure
Submissions to IFAS and their responses shall take the form of web service messages, as
specified by the WSDL. The general form of service operations and messages described in the
DER is similar to that implemented by the IRS Modernized eFile (MeF) program, version 3.2,
A2A (web services) channel.
The EFAST2 message structure consists of a message header used to authenticate the message,
determine its type, and obtain addressing information, and the message body, which provides
operation–specific data as input to the requested operation. The overall structure of messages is
intended to conform to the WS–I Basic Profile and the WS–I SOAP Binding Profile (HTTP).
The EFAST2 message headers are described in detail in the Efast2.wsdl and MessageTypes.xsd
specifications in the DER. Efast2.wsdl should be interpreted by the Contractor as description of
the information elements required but not their detailed implementation in the SOAP message
structure. Given the pace of change in web services standards and their uncertain rate of
adoption in COTS libraries, certain details of the message header implementation, such as
whether it is part of the SOAP Header or SOAP Body, whether it relies on standards such as WS-
Addressing and WS-Security or an EFAST2-specific implementation and namespace, shall be
determined by the Contractor in consultation with the Government and third party software
providers. The Government’s primary interest in the message header is validation of web service
requests, consistent with ease of implementation by a broad range of third party software
providers and infrastructure platforms.
EFAST2 RFP
Section C, Page 93 of 242
DOL069RP20266

All messages sent to IFAS shall include the Request Message Header, and responses to valid
service requests shall include the Response Message Header. Should request validation fail,
IFAS shall return an Efast2Exception message, which does not include the Response Message
Header.
C.10.4.4.3 EFAST2 Request Message Header
For requests to IFAS, the EFAST2 Message Header includes elements used to authenticate web
service requests. A graphical depiction of the EFAST2 Request Header schema is shown below.
Exhibit C.10.4.7 – EFAST2 Request Message Header Schema

The EFAST2 Request Header elements are described in the following exhibit.
EFAST2 RFP
Section C, Page 94 of 242
DOL069RP20266

Exhibit C.10.4.8 – EFAST2 Request Message Header Elements
Element Definition
RequestId Unique identifier for the request message, generated by submitter.
From URI identifying the transmitter endpoint; address where the response message
is returned.
Action String identifying the operation requested, matching the operation name in
WSDL.
MessageTimestamp Date/time the message was created.
TransmitterId String identifying the sender of the message. In most cases this is the ETIN of
a service provider hosting the transmitting software. When the software is
hosted by an individual user and used to transmit that user’s submissions only,
it may be the user’s UserId. ETIN and UserId are credentials issued by IREG
following a registration process.
PIN Secret password maintained by IREG to authenticate the TransmitterId.
TransmissionSoftwareId Credential issued by EFAST2 to approved filing software. Only web service
requests submitted by approved software will be processed by IFAS.
TestInd “1” indicates a test transmission, used only for testing by the Government.

C.10.4.4.4 EFAST2 Response Message Header
IFAS shall include a standard response header in all messages sent in reply to a valid web service
request. A graphical depiction of the EFAST2 Response Message Header is shown below.
Exhibit C.10.4.9 – EFAST2 Response Message Header Schema

The EFAST2 Response Header elements are described in the following exhibit.
EFAST2 RFP
Section C, Page 95 of 242
DOL069RP20266

Exhibit C.10.4.10 – EFAST2 Response Message Header Elements
Element Definition
ResponseId Unique identifier for the response message, generated by IFAS.
RelatesToId RequestId of the service request message.
To URI of the request transmitter, copied from From element of request header.
Action String identifying the requested service operation, copied from Action element
of request header.
Timestamp Date/time the response message was created.

As in the case of the Request Header, this specification of the Response Header should be
considered descriptive and not a specific implementation. Implementation of the Response
Header and its relation to SOAP headers and EFAST2 faults shall be determined by the
Contractor in consultation with the Government and third party software providers. The
Government’s primary interest in the message headers and fault messages is return of service
request validation and error information, consistent with ease of implementation by a broad range
of third party software providers and infrastructure platforms.
C.10.4.4.5 EFAST2 Fault Message
All web service requests received by IFAS shall be validated prior to execution of the requested
operation, as described in Section C.10.4.5. In addition, IFAS may be unable to perform valid
service requests because of system errors or other conditions. In case of either an invalid service
request or inability of the service to execute the request, IFAS shall return a standard EFAST2
fault message named Efast2Exception. The Efast2Exception message schema, modeled after IRS
Modernized eFile v3.2 A2A channel specifications, is shown below. Again, this specification
should be considered descriptive and not a required implementation. Implementation of the
Efast2Exception message and its relation to all possible error conditions shall be determined by
the Contractor in consultation with the Government and third party software providers. The
Government’s primary interest in the message headers and fault messages is return of service
request validation and error information, consistent with ease of implementation by a broad range
of third party software providers and infrastructure platforms.
EFAST2 RFP
Section C, Page 96 of 242
DOL069RP20266

Exhibit C.10.4.11 – EFAST2 Fault Message Schema

C.10.4.4.6 SendSubmissions Operation
Filing submissions to IFAS invoke the SendSubmissions operation.
C.10.4.4.6.1 SendSubmissions Request
The schema of the request message body for this operation, called SubmissionRequest, is shown
below.
Exhibit C.10.4.12 – Submission Request schema

The request message body for a SendSubmissions request shall consist of a FilingCount element
followed by a list of Filing elements. The FilingStructureType schema used for message
structure validation is not the same as the FilingType schema but one that simply validates the
gross filing or batch structure, sufficient to parse individual filings, identify the type of filing
(Regular or Short Form, form year, current or prior year filing). The FilingStructureType schema
is intended to remain the same for all form years and filing types, in contrast to the FilingType
schema, which may change from year to year. FilingStructureType validation involves detailed
EFAST2 RFP
Section C, Page 97 of 242
DOL069RP20266

validation of the FilingHeader element, but only top-level element validation (i.e., FilingData or
ShortFormData) of the filing data. Request messages that fail this basic schema validation shall
be considered invalid web service requests and not “attempts to file” for any filing contained in
the request. IFILE and certified third party software shall be required to identify such schema
validation errors at the time of message creation, prior to transmission to the Government, and a
pattern of invalid web service requests may result in revocation of the TransmissionSoftwareId
issued to a software provider (reference Section C.10.6).
C.10.4.4.6.2 SendSubmissions Response
If the SendSubmissions request is determined to be valid, IFAS shall respond with a list of
receipts, each specifying a FilingId and a timestamp of receipt. Each receipt shall indicate only
that the Government has received the filing submission, but shall not imply either acceptance or
non-acceptance of the filing. A valid receipt is the filer’s record of an “attempt to file.”
If the request is determined to be invalid, an Efast2Exception message shall be returned
describing the error.
The receipt schema for the SendSubmissions response message is shown below.
Exhibit C.10.4.13 – Submission Response Message Schema

The schema elements are described in the exhibit below:
EFAST2 RFP
Section C, Page 98 of 242
DOL069RP20266

Exhibit C.10.4.14 – Submission Response Elements
Element Definition
ReceiptCount Count of filings detected in the SendSubmissions request.
Receipt/FilingId For each filing, the unique identifier assigned by filer.
Receipt/
ReceivedTimestamp
Date/time the filing was received by IFAS.

C.10.4.4.7 GetSubmissionsStatus Operation
If the SendSubmissions request is valid, IFAS shall parse the request into a set of filing
submissions and individually perform acceptance processing on each one. The result of such
processing, called a filing status record, is described in Section C.10.4.4.7.3.
Detailed filing status records shall be maintained in the Filing Status Database as described in
Section C.10.4.8; summary filing status information shall also be stored in the Tracking Database
as described in Attachment J. The transmitter of a set of SendSubmissions requests may poll
IFAS for filing status records for those transmissions, identified by RequestId, by means of the
GetSubmissionsStatus operation. The response to the request is a list of acknowledgments
containing filing status record information, each indicating either acceptance of the filing
submission or non-acceptance, with a detailed list of errors found.
C.10.4.4.7.1 SubmissionStatus Request
GetSubmissionStatus shall be authorized only for the transmitter of the original submission. The
TransmitterId in the SendSubmissions request header must match the TransmitterId in the
request header of each referenced SendSubmissions RequestId. No other requester shall be
authorized to invoke this operation; unauthorized SubmissionStatus requests shall be considered
invalid web service requests and not received by the Government. Details of request
authorization are described in Section C.10.4.5.1.2.
The schema for the request body element SubmissionStatusRequest is shown below.
EFAST2 RFP
Section C, Page 99 of 242
DOL069RP20266

Exhibit C.10.4.15 – Submission Status Request Message Schema

C.10.4.4.7.2 SubmissionStatus Response
For each filing in the submission RequestIds, the filing status returned may be one of three
values: Accepted, Not Accepted, or In Process, or the RequestId may be Not Found. In Process
means that the filing has been received but has not yet completed IFAS front end processing.
The schema for the SubmissionStatusResponse message returned for this operation is shown
below.
Exhibit C.10.4.16 – Submission Status Response Message Schema

EFAST2 RFP
Section C, Page 100 of 242
DOL069RP20266

C.10.4.4.7.3 Filing Status Record (Acknowledgment)
Following counts of filings in each of the status categories, the response to GetSubmissionStatus
returns a list of acknowledgments containing filing status record information. Each
acknowledgment carries an IFAS-generated identifier (AckId) that uniquely identifies a filing
status record in the Filing Status Database. The AckId also uniquely identifies a submission
received by the Government via a valid SendSubmissions request that has completed IFAS front
end processing.
If the filing is determined to be not-accepted, the acknowledgment provides a detailed error list,
including all schema errors and edit test errors. Whether or not the filing is accepted, the
acknowledgment shall also provide any edit test Alerts, indicating edit test failures that do not by
themselves prevent filing acceptance but which indicate possibly incorrect or missing data.
In addition to the various identifiers, the acknowledgment lists FilingHeader information such as
EIN, PN, Form Year, Plan Year Begin and End Dates, and Amended indicator, as well as
timestamps of both receipt and acceptance.
Error information returned in the acknowledgment is intended to help filers identify error
locations by form line number and label, and correct specific problems preventing acceptance of
the filing. Text explaining schema datatype errors and edit test errors will be provided by the
Government, and is included in the DER. The ErrorType schema is shown below.
Exhibit C.10.4.17 – Acknowledgment Error Schema

EFAST2 RFP
Section C, Page 101 of 242
DOL069RP20266

Exhibit C.10.4.18 – Acknowledgment Error Schema Elements
ErrorCode Specific error type, e.g. schema violation or edit test number.
ErrorText Government-provided text about the error.
Severity Reject and Stop, Reject, or Alert
ErrorDetail/XPath For schema errors, XML path of the element failing validation
ErrorDetail/DataValue For schema errors, data value of element failing validation
ErrorDetail/FormLineNum For schema errors, form line number of element failing validation
Error/FormLabel For schema errors, form label of element failing validation

C.10.4.4.8 GetFilingStatus Operation
The operation GetFilingStatus retrieves acknowledgments for an enumerated list of filings, each
identified by its FilingId.
C.10.4.4.8.1 FilingStatus Request
The request for status of a particular FilingId shall be authorized if the RequesterId and PIN in
the request message body is a valid pair and matches either the TransmitterId of the original
submission or the UserId of a signer of the original submission (plan administrator, sponsor,
DFE, or Government agent). IFAS shall be responsible for authenticating RequesterId and PIN
from the IREG database. No other requesters shall be authorized to invoke this operation.
Details of request authorization are described in Section C.10.4.5.1.2.
The schema for a FilingStatusRequest message is shown below.
Exhibit C.10.4.19 – FilingStatusRequest Message Schema

EFAST2 RFP
Section C, Page 102 of 242
DOL069RP20266

C.10.4.4.8.2 FilingStatus Response
For each of the requested FilingIds, the filing status returned may be one of four values:
Accepted, Not Accepted, In Process, or Not Found. In Process means that the filing has been
received but has not yet completed IFAS front end processing. Not Found means that IFAS has
no record of receiving this FilingId in a valid SendSubmissions request.
The schema for the FilingStatusResponse message returned for this operation is shown below.
The message returns counts of filings in each filing status and a list of filing status records. The
filing status record information is the same as that returned in SubmissionStatusResponse, as
described in Section C.10.4.4.7.3.
Exhibit C.10.4.20 – FilingStatusResponse Message Schema

C.10.4.5 Request Validation Processing
C.10.4.5.1 Request Validation Processing Overview
All messages received by IFAS are subject to request validation processing as a matter of
security. This processing shall answer the following basic questions:
• Transmitter Authentication. Is the transmitter of the request valid in the registration
database?
EFAST2 RFP
Section C, Page 103 of 242
DOL069RP20266

• Request Authorization. Is the requester authorized to invoke the requested operation?
• Software Authentication. Is the transmitting software certified by the Government?
• Message Processability. Is the request message well-formed XML conforming to the
specified SOAP envelope and WSDL? For SendSubmissions requests, can it be parsed
into filings with valid headers and identifiable type and form year?
• Virus-free. Is the message, including encoded attachments, free of any virus?
If the answer is No to any of these validation checks, the service request shall be considered
invalid, unprocessable, and not received by the Government, and IFAS shall return an
Efast2Exception message. If an Efast2Exception message is returned for a SendSubmissions
request, any filings contained in such request shall not be considered an “attempt to file,” and
transmitters shall be expected to inform filers of such status in a timely manner.
The order and specific details of request validation processing steps may be design-dependent.
C.10.4.5.1.1 Transmitter Authentication
IFAS shall ensure that credentials of web service request transmitters match valid records in the
Contractor’s IREG database. In all web service requests to IFAS, the TransmitterId (UserID or
ETIN) and PIN of the transmitter shall be provided in the request header. Failure to pass this
authentication check shall cause the request to be invalid. If authentication fails, IFAS shall
terminate processing and issue an Efast2Exception (classification SECURITY_ERROR)
indicating Invalid transmitter.
C.10.4.5.1.2 Authorization
IFAS shall ensure that the requester is authorized to invoke the requested operation.
Authorization rules depend on the operation requested:
• For SendSubmissions, any transmitter with valid TransmitterId is authorized by default.
• For GetSubmissionStatus, authorization involves the following steps:
1. For each listed SendSubmissions RequestId, lookup of TransmitterId from the Filing
Status Database (See Section C.10.4.8).
2. If TransmitterId of GetSubmissionStatus does not match all retrieved TransmitterIds
in step above, IFAS shall determine the request to be invalid. In this case, IFAS shall
terminate processing and issue an Efast2Exception (classification
REQUEST_ERROR) indicating Unauthorized Submission Status request.
• For GetFilingStatus, authorization involves the following steps:
EFAST2 RFP
Section C, Page 104 of 242
DOL069RP20266

1. Authentication of RequesterId and RequesterPIN in the request message body.
2. Lookup of TransmitterId and UserId of all signers for each listed FilingId from the
Filing Status Database (See Section C.10.4.8).
3. If RequesterId of GetFilingStatus does not match either the TransmitterId or any
signer’s UserId retrieved in the step above for all requested FilingIds, IFAS shall
determine the request to be invalid. In this case, IFAS shall terminate processing and
issue an Efast2Exception (classification REQUEST_ERROR) indicating
Unauthorized Filing Status request.
C.10.4.5.1.3 Software Authentication
IFAS shall accept web service requests only from certified EFAST2 software packages,
identified by valid TransmissionSoftwareId in the request header.
TransmissionSoftwareId is a credential issued to software providers by the Contractor upon
successful completion of testing and certification, as described in Section C.10.6 and Attachment
G. The TransmissionSoftwareId shall uniquely identify the vendor, software package, and form
year of approved EFAST2 software. The TransmissionSoftwareId only identifies the software
package that communicates with the IFAS web service; it is not necessarily the same software
used by filers to create and sign filings.
IFAS shall ensure that the TransmissionSoftwareId provided in the request header matches a
valid record in the Government’s database. Failure to pass this authentication check shall cause
IFAS to not accept the request as valid. If software authentication fails, IFAS shall terminate
processing and issue an Efast2Exception (classification SECURITY_ERROR) indicating Invalid
Transmission Software.
C.10.4.5.1.4 Message Structure Validation
IFAS shall ensure that all web service request messages are well-formed XML in a valid SOAP
envelope and conforming to the message structure defined in WSDL. Invalid message schema
shall cause IFAS to not accept the request as valid. In this case, IFAS shall terminate processing
and issue an Efast2Exception (classification MESSAGE_FORMAT_ERROR) indicating Invalid
Message Structure, with additional details as appropriate.
For SendSubmissions, the request message structure is validated against the FilingStructure
schema. The FilingStructure schema used as part of the message structure validation is intended
to be independent of Form Year or filing type (regular filing, short form, or prior year filing).
Details of the FilingStructure schema are described in Section C.10.4.4.6.1.
EFAST2 RFP
Section C, Page 105 of 242
DOL069RP20266

C.10.4.5.1.5 Virus Check
IFAS shall ensure that all web service request messages are virus-free. Virus checking may
require decoding of base64Binary or MIME-encoded attachments. Any request message found to
contain a virus shall be considered invalid. In this case, IFAS shall terminate processing and
issue an Efast2Exception (classification SECURITY_ERROR) indicating Virus Found, with
additional details as appropriate.
C.10.4.6 Front End Processing
IFAS front end processing refers specifically to valid SendSubmissions requests. Processing of
invalid service requests terminates upon return of the Efast2Exception message. All filing
submissions contained in valid SendSubmissions requests are considered “attempts to file,”
regardless of whether IFAS accepts the filing.
C.10.4.6.1 Filing Acceptance Processing Overview
SendSubmissions requests successfully completing service request validation shall be parsed by
IFAS into individual filings for acceptance processing. Successful request validation ensures that
all FilingHeader elements are schema-valid, that the type of filing and form year can be
determined from the filing structure, and that the form year is valid for the current processing
year.
Specification of filing validation rules in the DER reference the ValidFiling XML structure.
ValidFiling appends to the original Filing structure various authentication indicators, calculated
dates, and edit test bypasses that are referenced in the DER’s edit test specifications. It is
described in detail in Section C.10.4.6.3.
IFAS front end processing consists of the following steps, explained more fully in sections to
follow:
1. Archive the original request message in the Input Message Archive (reference Section
C.14).
2. Parse request into individual filings. Then, for each filing complete steps 3 through
14).
3. Create a Tracking Database record (see Attachment J).
4. Determine the Form Year from the FilingHeader. This selects the version of the
Filing schema used for validation. Check that the form year value is valid for the
current processing year. If the form year is invalid, terminate acceptance processing
at this point and create a filing status record with a status of NotAccepted.
EFAST2 RFP
Section C, Page 106 of 242
DOL069RP20266

5. Validate the Filing element against its schema, as specified in the DER, Attachment
P.
6. If binary attachments exist, check that they are all valid Adobe PDF. All other binary
attachment formats are invalid, and shall be considered equivalent to schema errors.
7. If schema errors or non-PDF binary attachments exist, terminate acceptance
processing at this point and create a filing status record with a status of NotAccepted
and a list of schema errors. IFAS shall aggregate all schema errors in the filing status
record, including Government-approved error text for each datatype, as described in
the DER.
8. If no schema errors or non-PDF binary attachments exist, determine the type of filing
(regular or short form) from the Filing structure, and check the prior year indicator in
the FilingHeader. These determine the set of edit tests to apply.
9. Authenticate all signatures in FilingHeader and store the results in corresponding
indicators in the ValidFiling structure.
10. Calculate edit test bypasses and store the results in corresponding ValidFiling
indicators.
11. Run all edit tests with a Severity of “Reject and Stop”. If errors exist, terminate
acceptance processing at this point. Create a filing status record with a status of
NotAccepted and a list of edit test errors. See Government-provided error text for
each edit test in the DER.
12. If no Reject and Stop errors exist, run all other edit tests. If there are any errors with a
Severity of “Reject,” terminate acceptance processing and create a filing status record
with a status of NotAccepted and a list of edit test errors. See Government-provided
error text for each edit test in the DER.
13. If no edit test errors with Severity of Reject or Reject and Stop exist, create a filing
status record with a status of Accepted. Edit test warnings (i.e., with Severity of
“Accept and Flag”) shall be recorded in the filing status record. See Government-
provided filer alert text for each such edit test in the DER.
14. Determination of filing acceptance processing is now complete. Update the Tracking
Database record for the filing, whether accepted or not accepted. This completes
IFAS front end processing. Accepted filings proceed to IFAS back end processing.

C.10.4.6.2 Schema Validation and Error Reporting
IFAS shall validate each filing against the version of FilingType schema defined in the schema
set for the reported form year. The Contractor shall implement this step using a validating XML
parser capable of returning multiple schema errors, not just the first error detected, and capable of
providing the detailed information specified by the Acknowledgment Error schema (see Exhibit
C.10.4.17).
EFAST2 RFP
Section C, Page 107 of 242
DOL069RP20266

The Government considers return of detailed error information that will help filers repair and
resubmit not-accepted filings to be a critical customer service function. For each schema error
found, the IFAS shall populate as many elements of the Error element structure described in
Section C.10.4.4.7.3 as possible, including XPath pointing to the erroneous element, Form line
number, etc. For elements invalid with respect to their schema datatype, Government-defined
error text is provided in the DER.
C.10.4.6.3 ValidFiling Schema
For filing submissions found valid with respect to the FilingType schema, edit test processing is
based on the ValidFiling schema in the DER. ValidFiling extends the original Filing schema
with system-generated elements to hold the results of authentication checks and calculated edit
test bypasses. This schema is shown below.
Exhibit C.10.4.21 – ValidFiling Schema

EFAST2 RFP
Section C, Page 108 of 242
DOL069RP20266

C.10.4.6.3.1 Authentication of Signatures
Plan sponsors and administrators shall apply their personal UserID and PIN to electronically sign
filings for their plans. In addition, secured substitute returns must be authenticated by the
signature of an authorized Government agent.
IFAS shall record the results of signature authentication in system-generated authentication
indicator elements of the ValidFiling structure, as described in the DER. ValidFiling extends the
originally submitted Filing structure with system-generated elements used for edit test
processing.
The absence of valid sponsor and administrator signatures on the filing shall not cause the filing
to be not-accepted at this point in the filing acceptance process. Subsequent edit tests will check
the presence of the authentication indicators and in most cases will cause the filing to be not-
accepted. However, in certain exceptions, identified by Edit Test Bypass conditions specified in
the DER, valid sponsor or administrator signatures may not be required for filing acceptance.
C.10.4.6.3.2 Generation of Bypass Codes
Bypass codes are special system-generated indicators used in edit test logic. Using the XPath-
based rules specified in the DER, IFAS shall calculate the Bypass indicators for the filing, and
record them in the appropriate ValidFiling indicator elements.
C.10.4.6.3.3 Submitted Date and Due Date
Submitted Date and Due Date are calculated fields used in edit tests. Submitted Date is simply
the Timestamp in the request message header converted to XML Date type. Due Date is
calculated based on the Plan Year End Date in the Filing Header, as described in the filing
instructions.
C.10.4.6.4 Edit Tests
The edit tests provided in the DER (Attachment P) are business rules established by the
Government to determine acceptance of filing submissions. For current year filings, IFAS shall
apply all edit tests defined in the DER except for those designated by the Government as masked.
Upon notification by the Government that an edit test has been masked or unmasked, the
Contractor shall enable IFAS to respectively disable or enable such edit test within 24 hours. A
sample list of edit tests and their masked/stable status in the current EFAST system is provided in
Attachment F.
Unless otherwise indicated, edit tests are specified in the DER as XPath 2.0 expressions relative
to the FilingData node (or ShortFormData node for –SF tests) of the ValidFiling structure
EFAST2 RFP
Section C, Page 109 of 242
DOL069RP20266

generated for each filing in a submission. The XPath is intended to eliminate ambiguity and has
been tested by the Government using XSLT 2.0; however, the Contractor shall be free to use
alternative technologies in the implementation of edit tests in IFAS.
Edit tests with a Severity level of Reject and Stop shall be performed as a block prior to running
other edit tests. A Reject and Stop failure shall terminate processing without performing the
other edit tests. If a filing has no Reject and Stop errors, the other edit tests shall be performed as
a block. Details of each edit test failure shall be recorded in detail in the filing status record.
Any edit test with a severity level of Reject or Reject and Stop shall cause the submission to be
not-accepted by the Government.
C.10.4.7 Back End Processing
The main function of back end processing is to transform submitted XML data into XML output
records, which will be transformed by Data Dissemination (Section C.15) into structured data
records delivered to Government end users. IFAS shall perform back end processing only for
filings accepted by front end processing.
C.10.4.7.1 ProcessedFiling Schema
IFAS output data shall be provided as XML based on the ProcessedFiling schema specified in
the DER. All private data elements in message headers and filing headers, such as PINs, shall be
excluded from the output data.
ProcessedFiling includes the following information elements:
• Original Filing XML (unmodified)
• Identifiers and timestamps from the Submission Request message.
• Identifiers and timestamps from the Submission Response message.
• Authentication indicators and bypasses from the ValidFiling structure.
• Complete filing status information, including list of error codes. (Note: only accepted
filings create a ProcessedFiling record.)
• System-generated fields, including Document Locator Number (DLN) and processing
timestamps.
The ProcessedFiling schema is shown below.
EFAST2 RFP
Section C, Page 110 of 242
DOL069RP20266

Exhibit C.10.4.22 – ProcessedFiling Schema

C.10.4.7.2 Post to Data Management
IFAS shall post processed output data from all accepted filings to the Data Management
subsystem, from which they will be transformed and distributed to Government end users and
public disclosure by Data Dissemination, as described in Sections C.14, C.15 and the IRD.
EFAST2 RFP
Section C, Page 111 of 242
DOL069RP20266

C.10.4.8 Filing Status Database
IFAS shall create and populate detailed filing status records in filing status database. This
database supports both authorization of filing status requests and return of detailed filing status
information in response to web service requests or queries from the EFAST2 web portal. The
primary key for this database, referenced in the DER as the AckId, shall provide a unique
identifier for all filings that have completed acceptance processing, whether accepted or not
accepted. Records in this database shall be maintained for a minimum of five years following
record creation.
C.10.4.8.1 Filing Status Information
Each filing status record in the Filing Status Database shall contain, at a minimum, the following
information:
• AckId
• ValidatedTimestamp
• FilingStatus
• FormYear
• FilingId
• RequestId (from SendSubmissions request message)

Authorization Information
• TransmitterId
• SponsorSignature/SignerId (may be blank)
• AdminSignature/SignerId (may be blank)
• DfeSignature/SignerId (may be blank)
• AgentSecurityCode/SignerId (may be blank)

Error List
For each error or alert:
• ErrorCode
• Severity
• ErrorText
EFAST2 RFP
Section C, Page 112 of 242
DOL069RP20266

For schema errors, also:
• ErrorDetail/XPath (pointer to XML element causing the error)
• ErrorDetail/DataValue (of the element causing the error)
• ErrorDetail/FormLineNumber (e.g. Form 5500 line 2a)
• ErrorDetail/FormLabel
Because Severity and Error Text have static values for each Error Code in a given Form Year,
they may be implemented as a separate table.
C.10.4.8.2 Authorization to Retrieve Filing Status Information
Information in the database shall be managed in a way that allows rapid and efficient
authorization of requests for filing status information. Request come from two sources:
GetSubmissionStatus and GetFilingStatus web service requests in IFAS, as described in Section
C.10.4, and requests from the EFAST2 web portal, as described in Section C.10.2.
Authorization of GetSubmissionStatus for a particular submission RequestId requires that the
TransmitterId of the Submission Status request (see Sections C.10.4.4.7 and C.10.4.5.1.2)
matches the TransmitterId of all filing status records having that RequestId. This implies that the
Filing Status Database must be able to rapidly and efficiently aggregate records by RequestId.
This operation returns information from all filing status records matching the RequestId.
Authorization of GetFilingStatus for a particular FilingId requires that the RequesterId of the
Filing Status request (see Sections C.10.4.4.8 and C.10.4.5.1.2) matches at least one of the
following elements of the filing status record for that FilingId: TransmitterId,
SponsorSignature/SignerId, AdminSignature/SignerId, DfeSignature/SignerId, or
AgentSecurityCode/SignerId. This implies that the Filing Status Database must be able to
rapidly and efficiently locate records by FilingId.

Authorization of filing status retrieval for a particular FilingId from the EFAST2 web portal
requires that the UserId of the signed-in portal user matches at least one of the following
elements of the filing status record for that FilingId: TransmitterId, SponsorSignature/SignerId,
AdminSignature/SignerId, DfeSignature/SignerId, or AgentSecurityCode/SignerId. This implies
that the Filing Status Database must be able to rapidly and efficiently locate records by FilingId.

Authorization of filing status retrieval from the EFAST2 web portal for a particular combination
of EIN, PN, and Form Year requires that the UserId of the signed-in portal user matches at least
one of the following elements of the filing status record matching those EIN, PN, and Form Year
values: TransmitterId, SponsorSignature/SignerId, AdminSignature/SignerId,
DfeSignature/SignerId, or AgentSecurityCode/SignerId. This implies that the Filing Status
Database must be able to rapidly and efficiently locate records by the combination of EIN, PN,
and Form Year.
EFAST2 RFP
Section C, Page 113 of 242
DOL069RP20266

C.10.5 Electronic Filing Internet-based Filing Application (IFILE)
The Contractor shall develop, host, and maintain a secure web application, referred to as IFILE,
for creation and direct electronic submission of filings. IFILE shall allow users to complete a
filing in multiple sessions and save the information before submission. IFILE shall allow users to
create and edit any number of filings. Filings consist of multiple filing components. IFILE shall
allow users the ability to create, edit, and save individual filing components. Filing components
consist of individual forms, schedules, and attachments. When the user is finished, IFILE shall
support the capability to sign and submit the completed filing and IFILE shall transmit it
electronically to the Internet Filing Acceptance Service (IFAS). The IFILE application shall only
allow a user to submit complete filings including all required schedules and attachments.
Separate piece-meal submissions of portions of a filing shall not be accepted by IFAS.
C.10.5.1 General Functionality
At a minimum, the Contractor shall develop the IFILE web application to include the following
features:
• Provide online instructions: help text, worksheets, and other aids.
• Allow data entry on any Form 5500 series form or schedule.
• Allow attachments in either plain text or Adobe PDF format to be uploaded and
included with a filing.
• Automatically populate information on the Form 5500 and all included identifying
information based on previous years IFILE filings.
• Automatically populate XML elements required by schema but allowed to be blank in
government instructions (.e.g., Plan Year Begin Date on Form 5500).
• Convert filing data entry to XML as specified in the DER, Attachment P.
• Automatically regenerate FilingHeader XML whenever assembled filing is signed by
plan sponsor, administrator, DFE, or authorized Government agent.
• Provide for a Test Filing Tool to support the (1) Government’s need to test EFAST2
for purposes of FCT and SAT testing, ER testing, and annual system rollover testing
and (2) stakeholder usability testing of EFAST2.
• Check the filing for errors using the schema validation and edit test criteria specified
in the DER Attachment P, and notify user of required corrective action. IFILE shall
provide a pre-validation check of filing prior to submission to determine whether the
filing will be accepted by IFAS, and shall warn filers of other errors. However, the
Contractor shall ensure that Government Test Filing Tool versions of IFILE shall
allow for schema validation, edit test, and other common filer errors to be introduced
into filings for testing purposes.
EFAST2 RFP
Section C, Page 114 of 242
DOL069RP20266

• Provide both end user import and export functionality of filings and filing
components in XML format as specified in the DER, Attachment P.
• Retain work in progress of filing components, such as partially or wholly filled out
components, whether complete or not, and resume editing of those stored
components.
• Retrieve partially or wholly completed filing components, from within IFILE and
allow filer to resume IFILE from the partial filing.
• Display and allow the filer to print partially or wholly completed or assembled filings
in facsimile format as described in Section C.15.
• Allow the End User to assemble selected filing components into a single filing,
resulting in a filing structure specified in the DER.
• Electronically sign assembled filing as plan administrator, sponsor, and/or DFE, or
apply Government agent security code for secured substitute returns. IFILE shall
automatically rewrite the FilingHeader each time the filing is signed, and apply
signer’s name and signing date to the Form 5500. IFILE shall not allow the
FilingHeader to be accessed directly or edited, and shall automatically erase all
signatures in the FilingHeader if an assembled filing is edited after signing.
• Offer a Shared Signing functionality that will allow multiple signers of filings via the
Internet as described in Section C.10.5.8.
• Electronically submit the assembled filing and transmit it to the Internet Filing
Acceptance Service using the required web service protocols and message formats,
and receive receipt and acknowledgment, as described in Section C10.4 and the DER,
Attachment P.
• Allow filer to view and print filing status information retrieved from IFAS.
• Other functional requirements mandated for third party software, as described in
Attachment G.













EFAST2 RFP
Section C, Page 115 of 242
DOL069RP20266

Exhibit C.10.5.1 – Example IFILE Form 5500 Input Page


C.10.5.2 Access Control
The IFILE application shall require users to have electronic filing credentials as described in
Section C.10.3. These credentials allow authorized users capability to access the IFILE web
based software. This access allows the user to create filings, edit components, electronically sign
and submit filings, and view filing status information.

C.10.5.3 Authoring Filings

IFILE shall support the ability to create, edit, and submit filings for a valid form year and plan
year, in accordance with Exhibit C.1.1.1. The IFILE application shall have the capability for
users to author filing components (forms, schedules, and attachments) and to upload schedules
and attachments. The authoring capability shall allow users to key data directly into EFAST2
EFAST2 RFP
Section C, Page 116 of 242
DOL069RP20266

forms online using standard HTML forms. IFILE shall support the capability to upload
components from the desktop to IFILE. Users shall be provided the capability to author any and
all filing components necessary to constitute a full filing for ERISA reporting purposes. Users
shall also be provided the option to pull up the previous years filing information as a template,
allowing IFILE to automatically populate form fields such as EIN, PN, and other pertinent filing
information that can be reused. Until the filing is submitted to IFAS, filing components in IFILE
are considered to be in the possession of the user, not the Government.
IFILE shall have the ability to “copy” filings and create a new unsubmitted filing based off of an
existing submitted or unsubmitted filing. This will allow users to take a submitted non-accepted
filing, create a new file that is a copy of it, fix the filing problems, and resubmit the new filing.
IFILE shall be able to historically show all previously submitted and unsubmitted IFILE filings
along with the status of such filings.
As part of the IFILE editing process, IFILE shall store all filings and components once created.
The stored filings and components may be viewed, edited, continued and deleted by the user.
Unsubmitted filings and components shall be stored on the IFILE servers until the user manually
deletes them. During editing sittings, filings and components shall have the ability to be stored
without needing to be fully completed. During the input of a filing, a user can choose to “Save”
the component. This action will store the component on the IFILE systems for later continuation.
The filing can be continued via the IFILE functionality as shown in the example Exhibit C.10.5.2
below.
Exhibit C.10.5.2 – IFILE Unsubmitted Filings and Filing Components
EFAST2 RFP
Section C, Page 117 of 242
DOL069RP20266



C.10.5.4 Filing Component Import and Export

In addition to filings and components created online, IFILE shall offer the capability to upload or
download XML based assembled filings or unassembled filing components created using IFILE
or certified third party software to allow for extended sessions and session sharing.
This feature will allow users to import the uploaded filing or filing components into IFILE or
export the filing or filing components from IFILE.
For import and export purposes, an assembled filing is defined as a single XML file conforming
to the Filing structure defined in the DER, consisting of a FilingHeader element and all forms,
schedules, and attachments. For import and export purposes, a filing component is defined as a
single XML file conforming to a single child element of the FilingData or ShortFormData
structure defined in the DER, representing a single form, schedule, or attachment.
No upload or download shall overwrite any filing or filing component, regardless of file name
duplication. It is up to the filer to delete or modify the filing components in order to assemble a
complete filing.
C.10.5.4.1 Filing Component Import
IFILE shall have the ability for the end user to upload a previously downloaded IFILE filing or
third party filing component or assembled filing for importing into IFILE. After uploading the
EFAST2 RFP
Section C, Page 118 of 242
DOL069RP20266

filing component, the end user shall be provided the ability to continue editing the filing or any
filing component within IFILE. IFILE shall automatically extract all of the individual filing
components if an entire filing is imported, allowing individual components to be edited and
managed independently.
IFILE shall support an import initiated when the user is working on an individual filing. If the
user imports filing components, all the components imported will be made available to the user
as part of that filing the user is currently working on.
IFILE shall support imports initiated when the user is not working on any filing. In this case, the
import will allow the user the capability to create a new filing using the filing components from
the import.
C.10.5.4.2 Filing Component Export
IFILE shall have the ability for the end user to download a filing or filing component(s).
Downloaded filing data shall conform to the XML structure specified in Attachment P. Users
shall be provided the capability to store the filing or filing component(s) on their local machine,
or share it with others. The download feature shall ensure that any signed filings that are
downloaded do not contain the signature elements in the Filing Header, such that downloaded
copies of signed filings are no longer considered to be a valid signed filing.
The ability to download XML based individual filing components for importing into third party
software shall also be supported, such that users may import the filing component via certified
third party software. Any signed filing components that are downloaded shall not contain the
signature elements in the FilingHeader XML element, such that downloaded copies of signed
filings are no longer considered to be a valid signed filing.
C.10.5.5 Attachment, Form, and Schedule Uploading

IFILE shall provide the ability for a user to upload filing components as a text file or PDF
consistent with the requirements for forms, schedules, and attachments. Filers shall be provided
the capability to upload these filing components within the web browser. IFILE shall support the
capability to perform multiple uploads for a filing.
C.10.5.6 Filing Component Viewing and Downloading

IFILE shall provide the ability for a user to view, download, or print filing components,
attachments, or entire filings in facsimile format, as detailed in C.15. The facsimile format shall
be PDF format. The upload/download format shall be XML format.
C.10.5.7 Assembled Filings
EFAST2 RFP
Section C, Page 119 of 242
DOL069RP20266

IFILE shall allow the end user to “assemble” a filing from individual filing components. IFILE
shall allow the user to select the desired filing components from within a single created filing. At
the point of assembly, a filing header or equivalent indication of the assembly shall be created by
IFILE. IFILE shall provide the capability to sign and submit the assembled filing to IFAS. IFILE
shall remove all signatures and related FilingHeader information in the event that the user
performs any subsequent modification of filing components or re-assembly of the filing.
C.10.5.8 Shared Signing Functionality
IFILE shall offer an easy to use and software independent method of allowing multiple
individuals to electronically sign a filing. Prior to submission of an assembled filing, the entire
filing must be signed by potentially multiple individuals. Normal signing in IFILE only allows a
user to sign an assembled filing in his or her own IFILE account. In order to allow non-IFILE
users or users with other IFILE accounts to sign (but not edit) the assembled filing, a shared
signing solution shall be created. The mechanism to be used will leverage a secure extension to
the IFILE web site. The individual that assembled the filing shall be given the option to offer the
filing for shared signing. Upon choosing this functionality, a hash of the entire filing shall be
created and a web URL will be generated from this hash. This URL shall then be displayed to the
user, and the user shall be instructed to communicate the URL to all interested parties that need
to sign the filing.
EFAST2 RFP
Section C, Page 120 of 242
DOL069RP20266


Exhibit C.10.5.3- Shared Signing URL Creation
The individual signers will go to the above mentioned secure URL, and shall be presented with
an authenticated read-only view of the complete filing. IFILE, before presenting the filing, shall
verify the URL hash with the current filing hash. If the hashes are different, the signer shall be
informed that the filing has been changed, and the filer must offer up a new shared signing filing.
If the signing user is not currently signed into IFILE, they will be prompted for their credentials.
Once the signer has viewed the filing, they will be given the option to sign the filing. Once the
filing is signed by any individual, any further changes to the filing will revert the filing to its
previous unsigned status. During the signing process, the signatory shall be prompted for both
their signing credentials and as to what authority they are signing as. Once the credentials are
verified, IFILE shall create and/or populate the appropriate XML headers to the filing in order to
signify the filing as signed by that individual. IFILE shall show an indication of the signed status
as part of the filing listings.
C.10.5.9 Filing Submission

The IFILE application shall support single-filing submission to IFAS and shall not support batch
submissions of filings for public users (see Section C.10.5.15 and Section E.8.3 for batch IFILE
EFAST2 RFP
Section C, Page 121 of 242
DOL069RP20266

capability for Government users). After an assembled filing is properly signed, the user shall
have the ability to submit the filing to IFAS.
Once a filing has been submitted, the user shall have the ability to view detailed status
information such as filing status and detailed error information.
C.10.5.10 Software Architecture
Unless otherwise proposed and approved by the Government, the IFILE application shall be an
interactive web form-fill application hosted entirely on the public website. This web based
application shall present each individual form and schedule in their entirety in a single web page.
Each form or schedule shall be on its own page and shall be subject to approval by the
Government.
C.10.5.11 Security
The Contractor shall establish secure website access to filers using the IFILE website. The
Contractor shall establish a secure connection with the filer based on SSL or equivalent
Government-approved encryption that provides confidentiality of the filing in transmission. The
IFILE security shall allow access only to registered filers with valid credentials established in
IREG.
The Contractor shall establish a method to require secure communications for access to the IFILE
site from the beginning of the login of a user to the completion of the transaction. Version 3.0 or
later of the Secure Socket Layer (SSL) operating in at least 128-bit encryption using RS4, 3DES,
or AES shall be provided.

C.10.5.12 Web-Based Training

The Contractor shall develop a training program to assist users in the use of IFILE. The training
program shall guide users through the entire life cycle of the form series preparation enabled by
IFILE. The training program shall recognize the different roles and responsibilities of various
users in the preparation of the form series.

The Contractor shall enable a “practice” filing which steps users through the return preparing and
filing process without resulting in the filing of live data.
The web-based training shall be published in the web portal section under the Help and Contact
Information, allowing unauthenticated users’ access without requiring registration.

C.10.5.13 User Guide

The Contractor shall develop and publish an IFILE User Guide in accordance with the Schedule
EFAST2 RFP
Section C, Page 122 of 242
DOL069RP20266

of Deliverables in Section F that instructs filers how to use the IFILE application to create and
transmit electronic filings. The guide shall provide a description of the Contractor’s Internet
filing program and how it can be used to file electronically. The guide shall describe the purpose
of the electronic filing program, general information, filing requirements, the composition of the
electronic return, electronic signature application and use, encryption, entity requirements, testing
and acceptance procedures, acknowledgment of returns, troubleshooting, contacts, support, and
help. The guide shall also include step-by-step instructions for use of the IFILE application. The
guide shall be published in the web portal section under the Help and Contact Information,
allowing unauthenticated users access.

C.10.5.14 IFILE Functional Specification

The Contractor shall develop an IFILE Functional Specification that describes the Contractor-
developed and hosted web application for completing and submitting electronic filings. The
IFILE Functional Specification deliverable shall be delivered in accordance with the Schedule of
Deliverables in Section F, and shall describe in detail the functionality and user interface of this
application, including filer authentication, form design, filer help, data validation, signing, and
submission. The Contractor shall maintain the IFILE Functional Specification to reflect the
technical design of the production system, including any and all changes to the system
architecture, user interface, functional capabilities, configuration, or performance analysis.
The branding, style, and User Interface of IFILE shall seamlessly flow and be part of the User
Interface as defined in C10.2, Web Portal. The design of IFILE shall be part of the iterative
design process as defined in C10.2, Web Portal.

C.10.5.15 Test Filing Tool

The Contractor shall produce preliminary versions of IFILE that are capable of authoring,
signing, and submitting test filings for purposes of (1) Government testing of EFAST2 during the
Base Period and Operations and (2) stakeholder usability testing of EFAST2 during the Base
Period. The Test Filing Tool shall be delivered in accordance with the Schedule of Deliverables
in Section F. The Test Filing Tool shall support the Government's need to test EFAST2 for
purposes of FCT and SAT testing, ER testing, and annual system rollover testing. The Test
Filing Tool shall support single and batch transmissions of filings. Refer to Section E.8.3 for
additional requirements related to the Test Filing Tool and Government usage of the tool for
testing purposes. Refer to Section C.21.3 for additional requirements related to usability testing.

C.10.5.16 Secured/Substitute Filing Submission
The Contractor shall ensure that IFILE supports specialized secured/substitute filing submission
by Government agents, including agents of the IRS, who will use IFILE to author, and submit
secured/substitute filings on behalf of filers. Secured/substitute filings are a special class of
filings that are not subject to most edit tests. Government agents will not sign on behalf of filers,
but will apply an AgentSecurityCode and PIN to designate it as a secure/substitute, thereby
enabling IFAS to bypass most edit tests.

EFAST2 RFP
Section C, Page 123 of 242
DOL069RP20266

C.10.6 Software Developer Support Program
Third party software plays a vital role in EFAST2. In the current paper-based EFAST program,
approximately 90% of all filings are prepared using Government-certified third party software,
and that trend is expected to continue in EFAST2. The Contractor shall enable filers to
complete, sign, and submit filings and retrieve filing status information using approved third
party software. The Contractor shall establish and maintain a support program for EFAST2
software developers and service providers, and test and certify third party software on behalf of
the Government.
The Contractor’s software developer support program shall include developer registration, access
to schemas and edit test specifications, technical assistance, PATS testing, and award of
certification credentials to software packages meeting all requirements for approval. Credentials
signifying certified software shall be required by IFAS for filing acceptance and validation of
web service requests, as described in Section C.10.4.
C.10.6.1 Third Party Software Characteristics and Credentials
In EFAST2, commercial third party software and service providers are expected to provide the
predominant channel for preparation and submission of Form 5500 series filings. The
Government IFILE application described in Section C.10.5 is intended to be a simple free web-
based facility that does not compete with third party software for the majority of EFAST2 filers.
As described in Section C.10.4, EFAST2 applies strict acceptance criteria to submitted filings,
and submissions that fail acceptance checks may subject filers to timeliness penalties. Therefore,
it is vital that third party software used to create filings and transmit them to EFAST2 does so in
strict accordance with Government-published schemas and communications protocols. Also, to
reduce the incidence of non-acceptance because of violations of EFAST2 business rules (edit
tests), the Government requires third party software to prevalidate filings prior to submission. In
addition, the Government needs to ensure that third party software protects the integrity and
privacy of electronic signatures. The Contractor’s testing and certification procedures shall be
the Government’s primary means of ensuring these capabilities of approved third party software.
EFAST2 third party software can be broadly divided into two categories: filing preparation
software and filing transmission software. Filing preparation software is the software used to
prepare forms and schedules, assemble them into filings, prevalidate and sign them. Filing
transmission software is the software used to transmit completed filings and filing status requests
to EFAST2 via the web services protocol described in Section C.10.4. In many instances one
software package may provide both functions, but this need not always be the case. The two
categories of software have separate functional requirements, and separate testing and
certification credentials. A software developer may apply for certification of either of these
credentials, or both.
EFAST2 RFP
Section C, Page 124 of 242
DOL069RP20266

The Contractor shall award filing preparation software a FilingSoftwareId as a certification
credential upon satisfactory completion of PATS testing as described in Section C.10.6.6 and
Attachment G. The credential is applied to the Filing Header by the software used to sign a
filing. The Government recognizes that in some cases individual forms and schedules may be
created using other non-certified software prior to assembly into a complete, signed filing.
However, the software used to apply the electronic signature of the plan administrator and/or
sponsor to the assembled filing must be approved and certified, as demonstrated by a valid
FilingSoftwareId. The EFAST2 system shall maintain a database of valid FilingSoftwareIds for
each Form Year and use it to authenticate filing submissions to IFAS.
The Contractor shall award filing transmission software a TransmissionSoftwareId as a
certification credential upon satisfactory completion of PATS testing as described in Section
C.10.6.6 and Attachment G. The credential is applied to the request message header by the
software used to transmit filings and other web service requests to IFAS. The EFAST2 system
shall maintain a database of valid TransmissionSoftwareIds and use it to authenticate all web
service requests to IFAS.
It is important to recognize that the certification credential applies to a software package, not to a
developer organization. Specifically, a FilingSoftwareId is valid for a specific Form Year and
must be reissued for each Form Year. A TransmissionSoftwareId, which generally demonstrates
compatibility with the EFAST2 web service protocol, may be valid for more than one processing
year. The Contractor may require transmission software vendors to be retested and certified
periodically based on changes to the EFAST2 communications infrastructure or protocol.
C.10.6.2 Stakeholder Support
In addition to software developer support, the Contractor shall establish a support program for
the broader community of EFAST2 stakeholders, including:
• Filers. These include plan administrators, plan sponsors, accountants, fiduciaries,
actuaries, and others with an interest in creating EFAST2 filing components.
• Third Party Preparers. These are generally individuals or organizations that provide
filing preparation services to filers and may wish to provide software hosting and/or
transmission services as part of the EFAST2 filing process.
• Transmitters. These are generally individuals or organizations that offer to transmit
electronic filings in bulk for processing on behalf of filers.
No testing or certification is required to serve as an EFAST2 preparer or transmitter. However,
any individual or organization that hosts filing transmission software on behalf of more than one
filing entity (EIN) is required to apply for an ETIN credential, as described in Section C.10.3.
EFAST2 RFP
Section C, Page 125 of 242
DOL069RP20266

C.10.6.3 Third Party Software Developer Conference
The Contractor shall plan and host a Third Party Software Developer conference during the Base
Period and annually thereafter in each option period of this contract. The conferences shall be
designed to report on annual changes to forms and edit tests and periodic changes in
communications infrastructure or protocol; solicit feedback on the XML Schema and
transmission specifications; and provide other assistance to electronic filing software developers
and other third party service providers. The conferences shall focus on the specifications for
electronic filings, and the procedures for gaining software certification and receiving an approved
FilingSoftwareId and/or TransmissionSoftwareId.
The timing of the annual conference and related support materials shall allow software
developers and service providers to implement changes in time for the start of the new processing
year. The Contractor shall make all arrangements for the facilities, refreshments, presentations,
and materials required for an effective conference, as specified in the Schedule of Deliverables in
Section F.
C.10.6.4 EFAST2 Guide for Filers and Service Providers
The Contractor shall develop and deliver the EFAST2 Guide for Filers and Service Providers as
specified in the Schedule of Deliverables in Section F. The EFAST2 Guide for Filers and
Service Providers shall provide information about EFAST2 required by filers, preparers,
transmitters, and other service providers. It shall be patterned after comparable guides issued by
DOL under the current EFAST program and by the IRS under the eFile and Modernized e-File
(MeF) programs. See:

EFAST: http://www.dol.gov/ebsa/PDF/EFAST-A.pdf
IRS: Publication 3112 (1040 eFile) http://www.irs.gov/pub/irs-pdf/p3112.pdf
IRS: Publication 4163 (MeF)
http://www.irs.gov/pub/irs-schema/publication_4163_ty2005_rev._1.pdf

C.10.6.5 EFAST2 Software Developer’s Specification
The Contractor shall develop a "Specification for Authorized EFAST2 Software Developers and
Transmitters", or Software Developer’s Specification for short. The Contractor shall deliver the
Software Developer’s specification in accordance with the Schedule of Deliverables in Section F.
This specification defines technical requirements and specifications for third party software, as
well as all required registration, test, certification and approval procedures for software
developers and transmitters. It shall also provide detailed schema and edit test specifications,
formatted for public distribution.

EFAST2 RFP
Section C, Page 126 of 242
DOL069RP20266

The Specification shall be patterned after prevailing comparable Third Party Software Developer
guides issued by DOL under EFAST and by the IRS under the Modernized e-File (MeF)
program. See:

EFAST: EFAST-B http://www.dol.gov/ebsa/PDF/EFAST-B-Pt2.pdf and
http://www.dol.gov/ebsa/pdf/efast-b-pt1.pdf
IRS: Publication 4164 (MeF)
http://www.irs.gov/pub/irs-schema/publication_4164_ty2005_draft.pdf
IRS: MeF Trading Partner ICD
http://www.irs.gov/pub/irs-schema/iss_mef_trading_partners_icd.pdf
IRS: 1120 Business Rules
http://www.irs.gov/pub/irs-schema/1120srulesty2004-pkg-12292004.pdf

Following acceptance by the Government, the specification shall be published for review by
Third Party Software Developers and related stakeholders, and revised on an ongoing basis, as
needed to reflect feedback and comments received.

At a minimum, the Software Developer’s Specification shall include specifications needed to
develop software to author and transmit electronic filings. The specifications shall describe
XML data elements, user interface requirements, message envelope, wire formats,
communications protocol, response and fault handling, and other technical specifications
required to develop third party software. The materials shall provide Third Party Software
Developers with a description of the file specifications and validation criteria required to be
implemented in certified filing preparation software and filing transmission software.

The Government has provided a baseline representation of this information in the DER,
Attachment P. The Contractor shall accept the baseline GFI XML schema from the Government
and shall be responsible for updating, maintaining, publishing, and making the schema accessible
to software developers. The Contractor shall accommodate periodic Government updates to the
GFI XML Schema Specification to reflect any and all changes planned for the production system,
per the GFI schedule in Section C.23. The Contractor shall deliver the revised XML Schema to
the Government for review and comment.

The Contractor shall issue the Software Developer’s Specification in each contract period to
reflect changes and updates to the program. The Contractor shall revise and update the Software
Developer’s Specification, as necessary, to reflect any and all changes to data elements and
structure (XML Schema), transmission envelope, communications protocol, validation rules, edit
tests, software certification and test procedures, and any other technical factors affecting software
developers. The revised deliverable versions shall include and update all sections and
components of the previously issued Software Developer Specification, and shall clearly denote
such changes in a change table.

Following Government review and approval, the Contractor shall make this deliverable available
to software developers.


EFAST2 RFP
Section C, Page 127 of 242
DOL069RP20266

C.10.6.6 Participant Acceptance Testing System (PATS) Test/Certification Program
The Contractor shall establish a program to test third party EFAST2 software packages to certify
that they meet all Government requirements and are compatible with the EFAST2 system. The
program shall support separate test and certification procedures for filing preparation software
and filing transmission software. The filing preparation software test and certification shall
include, but is not limited to, creation of valid XML filing data and protection of filing header
information. The filing transmission software test and certification shall include, but is not
limited to, transmission of test filings and filing status requests, and receipt of response and fault
messages. The filing preparation test will require transmission of filings to the Contractor’s test
facility using previously approved transmission software.
The Contractor shall establish a test facility capable of receiving transmissions for PATS testing
and certification. The test facility shall allow software developers to self-test their software and
obtain detailed filing status information automatically. The message validation, filing acceptance
criteria, and error information provided by this test facility shall be, to the extent possible,
identical to those implemented in the production system.
C.10.6.6.1 Transmission Software Test and Certification
The Contractor shall test filing transmission software and certify that it can communicate
properly with EFAST2. The test shall verify support for all three IFAS web service operations
described in Section C.10.4, including the proper creation of message headers and SOAP
envelope, the ability to communicate successfully with IFAS using the specified web service
protocol, handling of binary attachments, and handling of response and fault messages.
Transmission software testing of the SendSubmissions operation shall only require web service
request validation; it shall not require acceptance of filings contained in the transmission.
Successful communications with EFAST2 may have dependencies on versions of operating
systems, installed libraries, and other aspects of the transmission software host environment. As
part of PATS testing, the Contractor shall also ensure that all such dependencies are documented
by the software vendor and that the transmission software verifies host compliance with all
dependencies upon installation of the software.
Detailed functional requirements of Transmission Software testing and certification are provided
in Attachment G.
Transmission software meeting all certification requirements shall be granted a
TransmissionSoftwareId credential that shall be included in the request message header of all
web service requests sent by that software package. Only messages with a valid
TransmissionSoftwareId shall be considered valid web service requests. The
TransmissionSoftwareId shall uniquely identify the software package and version. Each new
release of the software shall require recertification and a new TransmissionSoftwareId.
EFAST2 RFP
Section C, Page 128 of 242
DOL069RP20266

C.10.6.6.2 Filing Preparation Software Test and Certification
The Contractor shall test filing preparation software and certify that it creates valid filing data.
Because this requires transmission of filings to the Contractor’s test facility, filing preparation
software must be integrated with certified transmission software in order to conduct PATS
testing. The Contractor shall also verify features of the filing preparation software intended to
protect the integrity and security of filer electronic signatures and timestamps in the Filing
Header.
Filing preparation software may have dependencies on versions of operating systems, installed
libraries, and other aspects of the host environment where it is installed. As part of PATS
testing, the Contractor shall also ensure that all such dependencies are documented by the
software vendor and that the filing preparation software verifies host compliance with all
dependencies upon installation of the software.
Detailed functional requirements of filing preparation Software testing and certification are
provided in Attachment G.
Filing preparation software meeting all certification requirements shall be granted a
FilingSoftwareId credential that shall be included in the Filing Header of all filings signed by that
software package. Only filings with a valid FilingSoftwareId shall be considered valid filing
submissions. A FilingSoftwareId is valid only for a specific form year. The FilingSoftwareId
shall uniquely identify the software package and version and form year. Each new release of the
software for a particular form year shall require recertification and a new FilingSoftwareId.
C.10.6.6.3 PATS Package
The Contractor shall develop a PATS package and deliver it to the Government in accordance
with the Schedule of Deliverables in Section F, and make it available to third party software
developers and other stakeholders. The third party software PATS Package shall be patterned
after prevailing comparable electronic filing PATS guides issued by the IRS under the
Modernized e-File (MeF) program. See:

http://www.dol.gov/ebsa/PDF/EFAST-C.pdf
http://www.irs.gov/pub/irs-schema/pub_4162_final_10-26-05.zip
http://www.irs.gov/pub/irs-schema/rel_2_scenarios_for_web.pdf

At a minimum, the PATS Package shall include the following:

• PATS Application.
• PATS Procedures and Certification Criteria. Shall cover the purpose of the
Contractor’s software developer certification and support program, including general
information, filing requirements, the composition of the electronic return, electronic
EFAST2 RFP
Section C, Page 129 of 242
DOL069RP20266

signature composition, encryption, entity requirements, testing and acceptance
procedures, troubleshooting, contacts, support, and help.
• PATS Test Filings shall provide software developers with a set of test filings that
exercise the full range of Form 5500 series forms, schedules, and attachments
expected during live operation. The Contractor shall develop and publish test filings
for the purpose of certifying third party software. The test filings shall exercise the
full range of form and schedule faces, attachments, and filer entries expected during
live processing. The test filings shall test the software’s ability to correctly format
and transmit filing data, and receive acknowledgments from the Contractor's Internet
Filing Acceptance Service (IFAS).
C.10.6.6.4 PATS Certification Procedures
Attachment G is intended to specify minimum functional requirements for third party software,
but delegates to the Contractor responsibility for developing specific mechanisms and
procedures. The Contractor shall establish mechanisms and procedures for working with third
party software providers by which those providers may apply for certification, conduct the
testing, and receive the applicable credentials. These guidelines shall address such items as how
to complete a certification package, how to submit a certification package, how to create and
transmit valid test submissions, and how to obtain and apply the certification credentials. The
Contractor shall document those procedures in detail in a “Third Party Software Test Plan and
Certification Procedures” deliverable, which shall be delivered in accordance with the Schedule
of Deliverables in Section F.
Following Government approval, the Contractor shall publish the Third Party Software Test Plan
and Certification Procedures deliverable and make it available to stakeholders. In addition, the
Contractor shall ensure that the most current version of the PATS Package, which includes test
filing data, a user’s manual, and additional specifications in support of software developers and
transmitters, as well as schemas and edit test specifications for all current form years, are
available on the EFAST2 website.
The Contractor shall provide technical support necessary to aid applicants in the successful
completion of certification procedures, working with them until their product is approved. The
Contractor may conduct multiple rounds of certification testing with a software developer.
The Contractor shall report on the results of the certification activity in the Monthly Work and
Management Progress Report. Specifically, the Contractor shall list each identified applicant and
the status of their application each month.
C.10.6.6.5 PATS Re-certification
The Contractor shall update the software developer support materials annually in response to
forms and other system changes for all processing years identified in Section C.1. This update
shall allow software developers and service providers sufficient time to make changes prior to
EFAST2 RFP
Section C, Page 130 of 242
DOL069RP20266

the date of annual rollover. The Contractor shall require recertification of filing preparation
software for each form year, and recertification of transmission software prior to the beginning of
each processing year or in the event of a new release of the IFAS software.
EFAST2 RFP
Section C, Page 131 of 242
DOL069RP20266

C.11 Entity Control

In support of the Government’s ERISA compliance, enforcement, and disclosure mission, it is
important that duplicate filings and amended filings are accurately processed. EFAST2 entity control
shall consist both of identifying and flagging duplicate filing submissions, and of matching amended
filing submissions to the original filing submission it is intending to amend, provided the original
was processed by EFAST2.


C.11.1 Duplicate Filing Identification

Filers sometimes erroneously submit more than one copy of their filing. These are called duplicate
filings and must be properly identified to ensure accuracy of the Government’s records. Duplicate
filing identification shall occur on filing submissions that have a record in the Tracking Database, as
defined in Attachment J.

There are two types of duplicate filings - suspect duplicates and true duplicates. A suspect duplicate
filing submission matches an original filing submission on four data fields: FILING-HEADER-
FORM-YEAR, FILING-HEADER-EIN, FILING-HEADER-PN, and FILING-HEADER-PLAN-
YEAR-END, whereas a true duplicate matches an original filing submission exactly on all
FilingData or ShortFormData elements.

Duplicate filing identification shall occur in two parts. The first part is suspect duplicate
identification. A filing submission is considered a suspect duplicate filing submission if it is not an
amended filing and it has the same FILING-HEADER-FORM-YEAR, FILING-HEADER-EIN,
FILING-HEADER-PN, and FILING-HEADER-PLAN-YEAR-END as another filing with a
Tracking Database record. Filing submissions identified as suspect duplicates based on this criterion
shall set Suspect Duplicate Indicator in the Tracking Database, as described in Attachment J. Filing
submissions with a set Suspect Duplicate Indicator shall be linked in the Tracking Database to the
original filing submission of which it is a suspect duplicate. Original filing submissions may have an
unlimited number of suspect duplicates. Each suspect duplicate shall have Suspect Duplicate
Indicator set, and shall be linked to the original filing submission in the Tracking database.

The second part of duplicate filing identification shall occur only on those filing submissions
identified as suspect duplicates based on the criteria defined above. Filing submissions flagged as
suspect duplicates shall have all FilingData or ShortFormData elements compared to the same
elements on the original filing submission to which it has matched as described in Section C.14.5.
This data element comparison shall be developed by the Contractor and shall determine the suspect
duplicate is a true duplicate if the two filings’ data elements are identical. Filing submissions
identified as true duplicates based on this criterion shall have True Duplicate Indicator set in the
Tracking Database. Filing submissions with True Duplicate Indicator set shall be linked in the
Tracking Database to the original filing submission of which it is a true duplicate. Original filing
submissions may have an unlimited number of true duplicates. Each true duplicate shall have True
Duplicate Indicator set, and shall be linked to the original filing submission in the Tracking database.

EFAST2 may receive multiple suspect and/or true duplicates in close proximity of time to each
other. EFAST2 shall consider the filing submission with the earliest Received Timestamp, as
defined in the DER and set in the Tracking Database, as the original filing submission as described
EFAST2 RFP
Section C, Page 132 of 242
DOL069RP20266

in Attachment J, Section J.2.4. It is possible that subsequent filing submissions whose Received
Timestamp is later than the original filing submission’s Received Timestamp may post to Data
Management prior to the original filing submission. Still, the filing submission with the earliest
Received Timestamp shall be considered the original filing.

Duplicate identification check shall occur not later than 24 hours after filing acceptance, and prior to
distribution of data products ("push" extracts) to end-users, per Section F and Attachment E. The
Contractor shall not delete duplicate filings from data repositories.


C.11.2 Amended Filing Processing

Filers may change data previously submitted on an original filing, no matter when the original was
processed, by submitting an amended filing. EFAST2 must process the amended filing no matter
when the original filing was submitted. However, only filings processed by EFAST2 shall be
candidates for matching the amended filing to the parent original filing. There will be no priming of
EFAST2 with data extracts from either the Government or from another vendor.

Unlike duplicate filing submissions, amended filing submissions self-identify. A filing submission is
considered an amended filing submission if the filer checks the amended filing box on Form 5500
Series returns/reports. If the amended filing box is checked, the Amended Filing Indicator shall be
set in the Tracking Database.

EFAST2 shall match amended filings to parent original filings, but only if the parent original was
processed by EFAST2. Filers submitting amended filings for parent original filings that were
processed by EFAST2 must enter the AckID of the original filing, received from EFAST2 when
submitting the original filing, on the amended filing submission so that the amendment can be linked
together with the proper original filing submission. EFAST2 shall match the amended filing
submission to the original filing submission in the Tracking Database via the AckID indicated by the
filer on the amendment. Once linked together, the amended filing submission shall be considered a
complete replacement of the original; however, the original shall remain accessible in the database.
No deletion of data from the original filing submission shall occur, nor shall any consolidation of the
two filing submissions occur.

Parent original filings processed prior to EFAST2 shall not be amended by EFAST2, however the
amendment must still be processed. Filers who submit amendments for original filings submitted
prior to EFAST2 shall have the Amended Filing Indicator set in the Tracking Database, but no
attempt will be made to match the amendment with the parent original.

EFAST2 shall link amended filing submissions to their original filing submissions, not less than
once per day.

C.11.2.1 Amendment of an Amendment

Filers may amend a filing more than once. Each amendment shall be linked to all other amendments
for that plan and plan year, and to the original filing submission itself for that plan and plan year so
that the Government may track the filer’s intent to correct data. The amendment with the most
recent Received Timestamp shall be considered the latest filing for that plan.
EFAST2 RFP
Section C, Page 133 of 242
DOL069RP20266

C.11.2.2 Amendment of a Duplicate

The AckID entered on the amended filing shall be used to link the amendment to its original
submission, even if the AckID is for a suspect or true duplicate. EFAST2 shall make no attempt to
match an amended filing submission to any original filing submission other than the one indicated by
the AckID.


C.11.2.3 Incorrect and Missing AckID

Filers may enter the wrong AckID on the amended filing submission, causing the amendment to be
linked to the incorrect original filing submission. This could occur either by a filer with multiple
plans who writes the AckID on the amendment for an original submission from another of his plans,
or from a filer who transposes or enters a completely inaccurate from another Sponsor’s filing
submission. In either case, when the error is discovered, EFAST2 shall have the capability of fixing
the data record and Tracking Database records to “un-amend” the effected parent original filing, and
match the amendment to the correct parent original filing.

If the AckID entered by the filer on the amended filing submission is either blank or invalid,
EFAST2 shall set the Amended Filing Indicator, and no attempt shall be made to link the amendment
to another filing submission.


C.11.2.4 Amendment of a Submission Processed Prior to EFAST2

Filings processed prior to EFAST2 startup will not have an AckID, yet filers may still attempt to
amend them. An amended filing submission received by EFAST2 for an original filing processed
prior to EFAST2 will have the amended filing box checked, but will have no AckID. These filings
shall have the Amended Filing Indicator set, but no attempt shall be made to link these amendments
to another filing submission.

C.12 Reserved



EFAST2 RFP
Section C, Page 134 of 242
DOL069RP20266

C.13 System Infrastructure
The Contractor shall design, deploy and maintain EFAST2 hardware, software and firmware
replacements, upgrades, migrations, and modifications. The Contractor shall make reasonable
efforts to ensure that system modification efforts are deployed during non-peak processing
periods, and downtime and related disruptions to EFAST2 and its customers are minimized.

C.13.1 Fault Tolerance and Downtime

The Contractor shall be responsible for ensuring fault-tolerance and minimizing downtime
associated with hardware failures, software failures, labor shortages, or other similar events
affecting service availability. This includes hardware crashes, power or UPS failure, system
crashes, hardware or software malfunction, labor strike, and labor shortages.

C.13.1.1 Service Availability

The Contractor shall develop a system to measure service availability in support of the
performance standards, and shall support and enable the Government’s review of the Contractor’s
system availability measures. Reference Section C.2 and Attachment I for definition of system
availability and associated measurement methodology for relevant performance standards.
Service availability shall consist of all public-facing and Government-facing components of
EFAST2. The Contractor shall take responsibility for the service availability within its network
and system, and will not be held liable for intermittent internal problems that do not directly
affect the public-facing and Government-facing components of EFAST2.

Service availability and downtime shall be reported to the Government in System Performance
Report as described in Section C.13.8.5, with the documented cause, resolution, and future
mitigation of all downtime incidents for that month and delivered in accordance with the
Schedule of Deliverables in Section F.


C.13.1.2 Planned Maintenance

The Contractor shall conduct planned maintenance, partial, or full shutdown outside of system
availability hours documented in performance standard 3.1. The Contractor shall request
approval no less than 24 hours in advance from the Government for all maintenance, partial, or
full shutdown activities that are expected to occur outside of the system availability hours. The
Contractor’s request shall notify the Government of any affected users in accordance with
Section F, and if done during filing hours, must have Governmental approval.


C.13.1.2 Interruptions Beyond Contractor’s Control

The Government will allow an unplanned interruption of up to 24 hours per month for factors
beyond the Contractor’s control. By the end of 24 hours the Contractor shall have resumed
accepting EFAST2 filings. If any filing was in process and the filing transmitter had completed
EFAST2 RFP
Section C, Page 135 of 242
DOL069RP20266

identification and authentication with EFAST2 at the time of a planned or unplanned
discontinuation of EFAST2, the Contractor shall notify the filing transmitter of the status of the
filing, allowing the filing transmitter to resubmit the filing. In the event of an unplanned
interruption, the Government will allow the loss of data from filings submitted within five
minutes prior to the interruption, subject to the following condition: the Contractor shall be able
to identify the filers who had submitted filings during that five minute period and shall notify the
filer of the loss of data, allowing the filer to resubmit the filing. Other than described here, the
Contractor shall suffer no loss of data or access to the system.


C.13.1.3 Major Disasters

Major disasters are beyond the Contractor’s control and include fire, flood, hurricane, terrorism,
or acts of God. Within five (5) calendar days of a major disaster, EFAST2 shall be able to
process at least 50% capacity of filing submission, data dissemination, and web portal requests
expected daily. Within thirty (30) calendar days following a major disaster, EFAST2 shall be
able to process 100% capacity of filing submission, data dissemination, and web portal requests
expected daily. Reference performance standard 3.2.

C.13.2 Load Balancing, Backup, and Restore
The Contractor shall employ a mirrored remote site to enhance backup and potential load sharing
as an integral part of EFAST2 processing and disaster recovery. The remote site shall be no less
than one hundred fifty (150) miles in distance from the primary site. At a minimum, the
Contractor shall ensure replication of the Input Message Archive, security logs, Tracking
Database, and IFILE data repositories to the remote site in no less than 10 minute intervals
during filing hours. The Contractor shall ensure replication of output records to the remote site
in no less than 24 hour intervals.

The Contractor shall back up all data repositories onto media no less than daily to protect against
accidental loss or erasure. The Contractor shall label and store backup media offsite in a secure,
environmentally protected, geographically separate area. The Contractor shall maintain a log of
the actual backup media, dates, and other information needed to restore from backup. The
backup and restore procedures shall be determined by the Contractor and described in
appropriate deliverables as described in Section C.13.8 below, approved by the Government in
accordance with Section E and Section F, and implemented by the Contractor as a standard
operating procedure. The Contractor shall have a system that provides automated verification of
the daily backups. The Contractor shall perform restore tests of sample random files on a
monthly basis in order to ensure validity of media, and proper restore procedures. The Contractor
shall test a full restore of a bare system no less than annually. The Contactor shall perform a test
architecture restore of the core components of the system no less than annually. The backup
tests and status shall be reported in the Continuity of Operations Plan deliverable as detailed in
C.22.
C.13.3 Performance Monitoring
The Contractor shall develop EFAST2 to support all users submitting filings and utilizing the
web portal daily. The Contractor shall monitor and report filing submissions, web portal, IFILE,
EFAST2 RFP
Section C, Page 136 of 242
DOL069RP20266

IREG, and data dissemination subsystem usage/capacity in relevant deliverables as described in
Section C.14, Section C.10.5, Section C.10.3, and Section C.15, respectively; and Section F.
Monitored elements include but are not limited to CPU, disk usage, raid array status, process
status, memory usage, bandwidth usage, database metrics, and latency of each functional area’s
processing. The goal of monitoring is to ensure system functionality, availability, and
performance is sufficient to meet all performance standards and Government requirements as
defined in Section C.2 and Section C.14.

Findings from system infrastructure performance monitoring shall be communicated to the
Government as part of the System Performance Report and delivered in accordance with the
Schedule of Deliverables in Section F and as described in Section C.13.8.5 and Section C.14.

C.13.4 Hosting
The Contractor shall have all production hardware hosted in a data grade facility having fire
detection and fire suppression systems, redundant power supply with backup capabilities, climate
control providing data grade HVAC and humidity controls, electronic access control at all data
center entrances, and raised floors. Bandwidth shall be provided to at least two tier2 or better
Internet providers, with BGP or equivalent protocols active for redundancy and fail over. At no
time shall the 5-minute average bandwidth usage be more than 75% of the maximum available
bandwidth. The data facility shall be compliant with Telecommunications Industry Association
Standards for Data Centers TIA-942 including but not limited to data center environmental
requirements, electrical design, and security access controls. Equipment racks and cabinets shall
be placed in a “hot” and “cold” aisle configuration as defined in TIA-942 and be labeled
according to Annex B of TIA-942. Cabling and patch panels shall be compliant with TIA-942
and shall not exceed maximum lengths, shall be routed according to TIA-942, and shall be
labeled according to Annex B of TIA-942.

C.13.5 Hardware
The Contractor shall use open architecture hardware wherever feasible. Proprietary hardware
may be used for exceptional components where reliability, speed, or optimization is
necessary and is significantly greater than the rest of the architecture. The Contractor shall
manage all of the server and network infrastructure and telecommunications equipment
associated with EFAST2.
C.13.6 IPv6 Support
The Contractor shall be prepared to meet all the requirements of OMB memo M-05-22 dated
August 2, 2005 and subsequent amendments and guidance regarding the use of IPV6 in federal
systems.. In regards to the mentioned memo, the Contractor shall create the system and
networking to support both IPv6 and IPv4 Internet protocol capability.



C.13.7 Security Infrastructure and Logging

EFAST2 RFP
Section C, Page 137 of 242
DOL069RP20266

The contractor shall ensure that the EFAST2 security standards are met as defined in Section
C.22 and the infrastructure implements appropriate network security devices such as but not
limited to: Intrusion Detection System (IDS), Web Application Firewalls, XML based firewalls
and multilayer firewall solutions. Security logs of both the security devices along with security
logs of individual machines shall be enabled, monitored accordingly, and reviewed no less than
weekly. The individual machine security logs shall record events such as valid and invalid logon
attempts, as well as events related to resource use, such as the creating, opening, or deleting of
files. For example, when logon auditing is enabled, an event is recorded in the security log each
time a user attempts to log on to the computer.

Operating system and application logging shall be enabled, monitored accordingly, and reviewed
no less than weekly. The application logs shall contain events logged by programs. For example,
a database program may record a file error in the application log. Events that are written to the
application log are determined by the developers of the software program. The Operating system
logs shall contain events logged by operating system components. For example, if a driver fails
to load during startup, an event is recorded in the system log. Operating system configurations
typically predetermines the events that are logged by system components.

The Contractor shall fulfill requests by the Government for temporary increases or modifications
in the Contractor’s security monitoring and network restrictions.

C.13.7.1 Logging and Reporting

The Contractor shall log each system interfaces throughout the infrastructure for reporting and
tracking needs in conjunction with monitoring requirements in Section C.14, Data Management.
As part of the Operating Capacity Report specified in C.13.8.3, a detailed diagram and
description of the various logical levels of EFAST2 and its associated validation mechanisms
and logging methods shall be provided by the Contractor. Exhibit C.13.1 shows an example of
such a diagram that tries to closely emulate the ISO/OSI model of EFAST2. It is understood the
actual logging methodology and structure is highly dependent on the Contractors EFAST2
solution and chosen architecture.

EFAST2 RFP
Section C, Page 138 of 242
DOL069RP20266


E
x
h
i
b
i
t

C
.
1
3
.
1



E
x
a
m
p
l
e

E
F
A
S
T
2

C
o
m
m
u
n
i
c
a
t
i
o
n

a
n
d

L
o
g
g
i
n
g
EFAST2 RFP
Section C, Page 139 of 242
DOL069RP20266



C.13.8 System Infrastructure Deliverables

The Contractor shall develop and deliver to the Government the following documents in
accordance with the Schedule of Deliverables in Section F.

C.13.8.1 Service Level Agreement
The Contractor shall provide to the Government a Service Level Agreement (SLA), in
accordance with Section F, defining the parameters of EFAST2 infrastructure support, the
mandatory levels of availability, and the response time in emergency situations. The SLA shall
address five key aspects: 1) what the Contractor is promising, 2) how the Contractor shall deliver
on those promises, 3) who shall measure delivery and how, 4) what happens if the Contractor
fails to deliver as promised, and 5) how the SLA shall change over time in response to system
life-cycle evolution and other developments. In the definition of the SLA, the Contractor shall
address: the importance of realistic and measurable commitments, the importance of performing
as promised, and the overriding importance of swift and well communicated resolution of issues.

Upon request, the Contractor shall provide copies of all supporting SLAs and related contractual
agreements employed by the Contractor to support and maintain EFAST2 throughout the
duration of this contract.

C.13.8.2 Reserved

C.13.8.3 Operating Capacity Report
The Contractor shall provide to the Government an Operating Capacity Report (OCR), in
accordance with Section F, describing measurements of the ability of the system to meet the
performance standards specified in Section C.2 and produce required products including
metrics that quantify actual, not theoretical, input/output timings of all functional units,
individual servers, and communication, input/output volumes processed, time expended,
resources required, response times, and other quantified measurements for each major
processing step of the system. The OCR shall be split up into two sections: Current Operating
Capacity, and System Sizing Analysis.
C.13.8.3.1 Current Operating Capacity

The intent of the Current Operating Capacity section is to show and explain in quantitative terms
the ability of the entire system to perform properly based on given known operating volumes.
These operating volumes shall be in terms relevant to each subsystem and shall consist of, but
not be limited to number of filings, transactions, requests, submissions, and users. Total volumes,
along with maximum, peak, and concurrent volumes shall all be included. It is important to note
that the scope of the OCR extends beyond the actual EFAST2 servers and goes to the specific
personnel and staffing. The OCR shall answer the question “Is the EFAST2 solution able to
EFAST2 RFP
Section C, Page 140 of 242
DOL069RP20266

handle estimated processing volumes, and if so, how is each functional area able to handle that
capacity?” In addition, The OCR report shall document standard server configurations and
operating system settings.


The Contractor shall describe in the OCR how its system meets the operating capacity required
by the EFAST2 performance standards. The OCR shall also include the Contractor's measures
for allocating equipment and personnel during peak processing periods or unusual situations.
The Contractor shall describe the operating capacity of equipment used in EFAST2, how such
equipment is wholly or partially used in EFAST2, and how it meets the requirements set forth by
the Government. The Contractor shall describe the system capability to handle peak operating
volumes, maintain design consistency upon scale up, and the adequacy of the system hardware
by reporting on core throughput and bottlenecks throughout the system infrastructure. The
Contractor shall provide actual quantitative measured proof of these elements’ ability to perform
and meet the projected processing levels. Theoretical or calculated confirmation is not
acceptable. Diagrams and drawings such as displayed in Exhibit C.13.1 above shall be provided
in the OCR to ensure a thorough understanding and documentation of the system.


C.13.8.3.2 System Sizing Analysis
The System Sizing Analysis section of the OCR shall analyze and report both current and
historical volumes and system capacities for each component in order to determine scaling
needs. These operating volumes shall be in terms relevant to each subsystem and shall
consist of, but not be limited to number of filings, transactions, requests, submissions, and
users. Total volumes, along with maximum, peak, and concurrent volumes shall all be
included. Trend analysis shall be used to calculate the volumes, system configuration, and
staffing level required for each component and subsystem in order to satisfy (a) the system
throughput estimates contained in Attachment A and (b) the production throughput
requirements implicit in the timeliness performance standards in Section C.2. and (c) the
calculated historical and trend based estimates. Differences between past volume estimates
and new trended volume estimates shall be highlighted and investigated. The Contractor shall
deliver the document in accordance with the Schedule of Deliverables in Section F.
C.13.8.4 Benchmark Report
The Contractor shall implement sufficient benchmark tests to demonstrate that the EFAST2
solution is production ready. The System Benchmark Report specifically focuses on the EFAST2
technology. The goal of the benchmark report and benchmark tests is to determine and report
scalability metrics, disaster recovery metrics, and overall breaking points of the systems and
functional areas.

The Contractor shall provide to the Government a Benchmark Report, in accordance with
Section F, detailing core actual measurements of processing load, such as database transactions
per second, data transfer rates, network infrastructure timings and speeds, component data
processing rates, input/output timings of all functional units, individual servers, and other metrics
to validate system capability. The report shall be delivered annually, reporting on measurements
taken at least once per week. The Contractor shall also provide quantitative benchmark results of
measured metrics for maximum capacity loads, such as maximum database transactions per
EFAST2 RFP
Section C, Page 141 of 242
DOL069RP20266

second, maximum data transfer rates, maximum response times, maximum processing
capabilities of both individual servers and overall functional units, and other core metrics to
verify initial system breaking points and bottlenecks. The Contractor shall provide backup and
restore benchmarks based on actual test runs detailing the process and time needed for such
backups and restorations. Data restoration testing shall be reported on at least three criteria:
restoring a single element of data or file, restoring an entire collection of data (i.e., a database),
restoring an entire system/server.

C.13.8.5 System Performance Report

It is necessary to monitor all key aspects of the services being delivered. Service monitoring and
performance measurement is a critical element of EFAST2. Guidelines for setting monitored
elements are as follows:

Ensure elements are within the Contractor’s capabilities
Ensure elements are measurable
Ensure elements are meaningful in terms of service quality
Establish baseline elements and metrics
Ensure metrics are applicable to the service being measured

The Contractor shall monitor all necessary (network, devices, circuits, servers) services to
measure and minimize unavailability or downtime. The Contractor shall monitor all aspects of
arising downtime including planned and unplanned downtime. Measurable metrics are to be
carefully defined in respect to each service being delivered and are to be specific with target
levels in each case. The statistics arising from this monitoring process are to be analyzed and
compared to target expectations.

Because it is assumed that the Contractor shall monitor their own services and develop their own
analysis, it is important that these measurement processes are independently audited to reduce a
potential conflict of interest.

In addition to the above guidelines, the Contractor shall address system reliability and include
the following information at a minimum in the System Performance Report, in accordance with
the Schedule of Deliverables in Section F:

• Description of any system failures or unscheduled downtime
• Number of hours of uptime and downtime
• Up/down status of links from EFAST2 website
• Dates and status of completed backup jobs and verifications
• System capacity
• Current system load
• Architecture horizontal and vertical scaling needs
EFAST2 RFP
Section C, Page 142 of 242
DOL069RP20266

• Measurements indicating daily, weekly, and monthly transaction amounts and
core performance values including but not limited to:
• Database transaction rates
• Functional unit processing rates
• Server to server data transfer rates
• Functional unit data transfer rates
• Number of concurrent users
• Average and peak number of submissions
• Average and peak number of web page hits for IREG, IFILE, and Web Portal
• Average and peak number of service requests for all web services
• Peak users
• Peak rates
• Core system CPU loads
• Disk Utilizations



EFAST2 RFP
Section C, Page 143 of 242
DOL069RP20266


C.14 Data Management
The Contractor shall design, implement, and maintain a data management solution to store and
organize Form 5500 returns/reports and EFAST2 processing information. The data management
solution shall ensure Form 5500 return/report information is maintained for the duration of this
contract and archived in accordance with Section C.16. Data management shall be subject to
continuous examination including evaluation of the observed processing problems and data accuracy.
Data management shall store submitted filing information, provide a copy of filing information and
Contractor-constructed fields, provide for the archival of filing information, apply the appropriate
level of quality checks, and provide feedback on filing receipt, integrity of data, timeliness and
completeness of data flows. The Contractor’s data management solution shall support analysis to
identify filing and system trends and problems.
C.14.1 Data Management Planning and Evolution
EFAST2 is a planned and directed end-to-end data receipt and processing system that shall
deliver data sets and products to specific users for specific purposes. However, further
development of data management may be required as knowledge and applications develop. The
Contractor shall develop a data management solution that can adapt to accommodate
development of new requirements and capabilities as the system may evolve. Reference
Attachment O.

Data management responsibilities of the Contractor include:
• Storing received filing data and information
• Storing Contractor-constructed filing information such as edit test results
• Preparing products for public and Government users
• Distributing products according to Section F
• Archiving filing data
• Maintaining filing data and information records to facilitate online access by the
public and Government
• Retaining EFAST2 web pages that provide EFAST2 information and services
• Preparing products for the Contractor’s production control, quality control, and data
feedback functions
• Analyzing operational data flow and internal production control
C.14.2 Data Flows
The Contractor shall store and manage filing information beginning at the point in which the
Contractor receives web submissions at the firewall and ending at the point of filing archival.
EFAST2 RFP
Section C, Page 144 of 242
DOL069RP20266


EFAST2 data management shall extensively use automated data flows. The Contractor shall use
electronic networks to provide the data flow. Exhibit C.14.1 represents the EFAST2 data flow in
that it illustrates the flow of filings from receipt to archival.
Exhibit C.14.1 – EFAST2 Filing Data Flow


C.14.3 Data Quality
The Contractor shall evaluate the quality of EFAST2 data at several points in the life cycle of a data
set as described in Section C.2, C.6, and Section C.20. Automated checks shall be used in data flows
and critical data streams shall be routed through automated QC procedures before data dissemination
to the public or Government.
EFAST2 RFP
Section C, Page 145 of 242
DOL069RP20266


C.14.4 Data Management Monitoring, Evaluation, and Feedback
The goal of EFAST2 data management is to produce a high quality and complete database of filing
information along with a variety of useful and informative analyses and presentations of data. The
Contractor shall ensure EFAST2 data management works as designed through internal production
control including monitoring, evaluation, and feedback. Monitoring, evaluation, and feedback are an
essential part of data management and production control as described below and in Section C.6 and
Attachment J.
C.14.4.1 Data Management Monitoring
The Contractor shall monitor data management activities in the EFAST2 operational data flow and
provide feedback to the government in the form of monitoring reports. The Contractor’s data
monitoring activities shall address the major functions, system communication, and network
interface layers of EFAST2. Reference Exhibit C.13.1 for a high-level illustration of EFAST2
network interface layers.
Data and information flow monitoring shall rely on Production Control Reports described in Section
C.6 and Attachment J but may include additional monitoring tools or procedures as necessary to
ensure the system is functioning in accordance with the Government’s requirements. The
Contractor’s data monitoring activities shall address user satisfaction with EFAST2. Each phone call
received by the Contact Center in which the user expresses satisfaction or dissatisfaction with a
function, element, application, or service of EFAST2 shall be tracked as user satisfaction as
described in Section C.18 and Section C.25. Data and information flow monitoring shall endeavor to
ensure users are satisfied with the system and its performance. Data and information flow
monitoring shall include reviewing, analyzing, and responding to service tickets generated in
accordance with Section C.18.2 but may include additional monitoring tools or procedures as
necessary.
C.14.4.2 Data Management Evaluation
The Contractor shall evaluate data management by reviewing system reports generated from the
monitoring function described above. The Contractor’s evaluation shall integrate the various system
reports and use meta-analysis to research and comprehend potential problems. The Contractor shall
use monitoring tools and procedures consistent with the requirements stated in Section C.19 and
Section C.25 to identify potential problems in data management, troubleshoot the problems to
determine the root cause of the problems, and identify needed fixes. Analysis of identified problems
and implementation of needed fixes or problem resolution shall be tracked and reported in
accordance with Section C.25. The Contractor shall designate a single data management coordinator
with having the responsibility to evaluate data management.
C.14.4.3 Data Management Feedback
EFAST2 RFP
Section C, Page 146 of 242
DOL069RP20266


Information on data management problems, bottlenecks, or delays, particularly recurring ones, shall
be made available to the Contractor’s program management staff and the COTR and/or his
designated representatives in accordance with Section C.25 to facilitate the resolution of the issues.
Data management feedback shall also be included in the System Performance Report as described
below to document the Contractor’s evaluation of statistics of data flows and analyses of observed
system performances, products, and the production of products. The Contractor shall provide two
types of data management feedback: (1) feedback on problems with data receipt or data flow and (2)
feedback on user satisfaction. Data management feedback shall be provided for purposes of:
• Correcting problems in data receipt and software applications
• Correcting timeliness problems at all stages of data flow
• Correcting data repositories or at least flagging records/fields/values for erroneous,
suspect, or missing information
• Correcting edit test defects and deficiencies to produce more reliable filing information
• Improving design of distributed data to meet user needs
• Improving knowledge of user satisfaction
Data management feedback shall provide the Government with a qualitative description of the
Contractor’s data evaluation as well as quantitative monitoring metrics to support the
Contractor’s findings. Data management feedback shall address system and data reliability and
include the following information at a minimum in the System Performance Report:

• Description of any bottlenecks in data flow
• Detailed account of all filings that have not completed processing in accordance with the
planned processing procedure and applications

• Description of any software or hardware failures and subsequent patches and status
C.14.5 Duplicate Filing Identification
The Contractor shall execute a duplicate identification algorithm that allows the automatic detection
of potential and true duplicate filings so that replicate records for a single plan filing can
automatically be located and identified as such. The Contractor shall develop and perform a
duplicate filing check as described in Section C.11.1, prior to distribution of data files to end-users.
C.14.6 Data Storage and Commingling
EFAST2 RFP
Section C, Page 147 of 242
DOL069RP20266


The Contractor shall store EFAST2 data and information separately from non-EFAST2 data and
shall not commingle EFAST2 and non-EFAST2 data in any way. The Contractor shall ensure that
EFAST2 data can be distinguished and recovered separately from non-EFAST2 data and
information.
C.14.7 Data Repositories
Requirements for specific EFAST2 data repositories are described below: IREG Credentials
Database, Tracking Database, Input Message Archive (IMA), IFILE storage, and Filing Status
Database. The repositories described below have been referenced in other sections of this contract
and Exhibit C.14.1. These data repositories are not inclusive of all data repositories the Contractor
may develop as part of their data management solution. The Contractor shall develop the following
specified data repositories as well as other data repositories as necessary to implement their proposed
system design and ensure outputs are developed and disseminated to users as described in Section
C.15 and Attachment E. All data repositories shall be made available for querying for data
management monitoring purposes described in Section C.14.4.
C.14.7.1 IREG Database
The Contractor shall maintain a database of electronic filing participant credentials in the IREG
Database as described in Section C.10.3. The IREG Database shall be populated by the IREG
application. The IREG Database shall be made available to IFAS for validation of electronic
filing credentials contained in submitted filings.
C.14.7.2 Tracking Database
The Contractor shall develop a Tracking Database for all processable filings as described in
Section C.6. Data elements required of the Tracking Database are described in Attachment J.
The Tracking Database shall be initially populated by IFAS but updated subsequently by multiple
elements of the system. The Contractor shall design the Tracking Database such that records are
available for and querying by IFAS and IFILE in response to filing status requests. The Tracking
Database shall be available to the Government as described in Section C.15 and also made
available for querying and retrieval by the Contact Center.
C.14.7.3 Input Message Archive
The EFAST2 Input Message Archive (IMA) shall serve as the primary storage and retrieval
mechanism for all submitted filings not rejected at the message header level. The IMA shall be
populated by IFAS as described in Section C.10.4. The Contractor shall design the IMA to be
capable of storing data specified by Attachment P of this contract. The IMA-stored filing data
elements shall be as identical as possible to the original submission. The IMA shall not have any
less data than the unprocessed, originally submitted filing information. It is acceptable for the IMA
to store files in the XML Output format as specified in Attachment E, including Contactor added
fields as specified in Section C.10.4. The Contractor shall design the IMA such that records are
made available for querying and retrieval by the Contact Center.
EFAST2 RFP
Section C, Page 148 of 242
DOL069RP20266


C.14.7.4 IFILE Storage
The Contractor shall design and implement a temporary storage mechanism for the IFILE
application that allows for storage of uncompleted filing data. This temporary storage mechanism
shall allow the continuation of the filing through IFILE over multiple sessions. IFILE storage
shall be populated by the IFILE application as described in Section C.10.5. The length of time
for the data retention shall be no less than 365 days between sessions. The filer shall be notified
through the IFILE application as to the retention length. The Contractor shall design IFILE
storage such that records are available for retrieval and modification by authenticated IFILE
users.

Completed and submitted filings may be maintained in IFILE storage in order to allow filers to pull
up the previous years filing as required in Section C.10.5.3. If the Contractor stores this information
in IFILE storage, the length of time for this data retention shall be no less than 18 months.
C.14.7.5 Filing Status Database
The Contractor shall develop a Filing Status Database describing the status of processable filings.
The Filing Status Database shall be populated by IFAS as described in Section C.10.4. The
Contractor shall design the Filing Status Database such that records are available for and querying by
IFAS and IFILE in response to filing status requests. The Filing Status Database shall also be
available for querying and retrieval by the Contact Center.
C.14.8 Output Records
The Contractor shall create output records of filing data suitable for dissemination to Government
and public users. Output records shall be populated as described in Section C.10.4. Output records
shall be disseminated to the Government as described in Section C.15 and Section F. The structure
of output records is described in detail in Attachment E.
C.14.9 Unique Identifiers
Every submitted filing shall be assigned a unique identifier to be used for production control
purposes. There may be multiple records in the data management flow and repositories of filing
submissions for the same plan. Each of these filing submissions shall be individually stored and
accessible. Submission acknowledgements shall indicate the unique identifier of the filing attempt.
C.14.10 Capacity
The Contractor shall develop and manage EFAST2 data and information processes and repositories
such that capacities are not exceeded throughout the duration of this contract. The Contractor shall
store and manage the full number of plan years of filing data processed during Option Periods II-XI.
The Contractor shall populate the IMA with full data from filings received from filers by the
Contractor. The Contractor shall design the IMA and other data repositories in an organized and
EFAST2 RFP
Section C, Page 149 of 242
DOL069RP20266


efficient manner. The Contractor shall consider using an XML-enabled, object-relational database or
a relational database with tables representing Form 5500 forms and schedules to structure the IMA.
The Contractor shall design and size the IMA and other data management elements to accommodate
the demands of peak load processing and shall consider data processing efficiency, performance
concerns, and normal database growth over the course of the contract.
C.14.11 Backup

The Contractor shall ensure data repositories can be restored in the event of a disaster or disruption.
Reference Section C.13 for load sharing and backup requirements.
C.14.12 Repeating Data
The Contractor shall design the IMA and other data repositories so that they are capable of storing
repeating schedules (such as Schedule A) and repeating fields (such as on Schedule C) for a single
filing. Reference Attachment P for definitions of repeating schedules and repeating fields. The IMA
and other data repositories shall be capable of storing a variable number of schedules per plan filing.
C.14.13 Extracts and Reports

The Contractor shall design the data management repositories and flows with the capability to
generate extracts of the filing submissions for dissemination to the Government. The system shall
place the reports in a secure area accessible by the Government for downloading as described in
Section C.15.

EFAST2 RFP
Section C, Page 150 of 242
DOL069RP20266

C.15 Data Dissemination

The Contractor shall design, establish, and maintain a web-based data dissemination service to be
hosted on the web portal providing online access to filing data and information. Data
dissemination shall include the following functionality:

• Allow individual users from the public to view and print publicly disclosable portions of
single filing records.
• Allow authenticated Government and Contact Center users to view and print publicly
disclosable portions of single filing records and non-disclosable information such as
Contractor-constructed fields.
• Allow authenticated Government users to download Contractor-constructed files from a
secure site, through a secure telecommunications medium.
• Allow authenticated users to access the tracking database, service ticket application, and
configuration management application.

C.15.1 Filing Record Access

Dissemination of filing records shall be based on output records and provide only read-only
access to filings processed by the Contractor. Different user groups have varying information
and processing needs. Exhibit C.15.1 illustrates preliminary users and access control
requirements with regard to filing records. The final access control listing shall be determined
and provided as GFI during the Base Period.

Exhibit C.15.1 – Filing Record Access Control

User Group Submitted
and
Accepted
Filing
Records
Submitted
but Not
Accepted
Filing
Records
Filing
Records in
IFILE
Storage
Potential
Duplicate
Filing
Records
True
Duplicate
Filing
Records
Original
Filing
Records for
a Plan if
Amended
Electronic filing
participants in
MyAccount
Only filings
attributed to
that
particular
user
Only filings
attributed to
that
particular
user
Only filings
attributed to
that
particular
user
Only filings
attributed to
that
particular
user
Only filings
attributed to
that
particular
user
Only filings
attributed to
that
particular
user
General public
and
unauthenticated
users
Yes No No Yes No No
Contractor
Contact Center
and support staff
Yes Yes Yes Yes Yes Yes
DOL’s EBSA
Office
Yes Yes No Yes No Yes
EFAST2 RFP
Section C, Page 151 of 242
DOL069RP20266

User Group Submitted
and
Accepted
Filing
Records
Submitted
but Not
Accepted
Filing
Records
Filing
Records in
IFILE
Storage
Potential
Duplicate
Filing
Records
True
Duplicate
Filing
Records
Original
Filing
Records for
a Plan if
Amended
DOL’s other
offices
Yes No No Yes No Yes
IRS Yes No No Yes No Yes
PBGC Yes No No Yes No Yes

The Contractor shall provide users with read-only access to filing information for which the user
has access privileges according to user profiles. The Contractor shall establish and maintain
security controls to support access via the Internet with varying degrees of access control and
authorization, depending on the user in question. For instance, general public users authorized to
view only disclosable data will not require authentication, but Government users should be
subjected to authentication prior to being given access to non-disclosable information. The
Contractor shall rely on the user’s ID and PIN as part of its access control solution as specified in
Section C.10.3. The Contractor shall establish a system of user-profile security, to be
implemented by the systems administrator and reviewed by the Information Security Officer,
which shall restrict access to non-disclosable data.

C.15.1.1 Revoking Access to Private Information

The Contractor shall establish a means to facilitate the granting and revoking of access
permissions to specific filings or filing components according to user-profile. If it is discovered
private information has been inadvertently submitted by the filer in an accepted filing, upon
notification by the COTR, the Contractor shall revoke general public and unauthenticated user
access to that filing or filing component.
C.15.2 Filing Record Dissemination for Public Users (Public Disclosure)

The Contractor shall develop a web-based public disclosure tool that allows unauthenticated
users to search and retrieve all accepted filings as form facsimiles (see Section C.15.2.3.1).

The Contractor shall allow authenticated IFILE users to access all filings attributed to their
UserID including incomplete filings in IFILE storage, duplicate filing records, and original filing
records for a plan if amended. These records shall be viewable and retrievable using the IFILE
application as described in Section C.10.5.

C.15.2.1 Public Filing Record Queries

The Contractor shall develop a web-based query tool for unauthenticated users to enter search
criteria. At a minimum, the query tool shall allow the user to retrieve particular filings by
specifying any of the following elements or combination of the following elements as search
criteria:

EFAST2 RFP
Section C, Page 152 of 242
DOL069RP20266

1) EIN (FILING-HEADER-EIN)
2) EIN and PN (FILING-HEADER-EIN and FILING-HEADER-PN)
3) Filing ID (FILING-ID)
4) Acknowledgement ID (ACK-ID)
5) Plan name (PLAN-NAME) or a portion thereof
6) Sponsor name or DFE name (SPONSOR-DFE-NAME) or a portion thereof
7) Administrator name (ADMIN-NAME) or a portion thereof
8) Plan year end (FILING-HEADER-PLAN-YEAR-END) combined with one or more of
the fields above 1 through 7
9) Plan year begin (FILING-HEADER-PLAN-YEAR-BEGIN) combined with one or more
of the fields above 1 through 7
10) Form year (FILING-HEADER-FORM-YEAR) combined with one or more of the fields
above 1 through 7

C.15.2.2 Response to Public Filing Queries

During the query process, the data dissemination service shall display a status bar or other
indicator to inform the user of the expected length of time required to complete the query. The
query shall be completed within a reasonable amount of time, dependent on the query
parameters, per Section C.2.

The search results should only return if a search has fewer than 1000 results. If there are more
than 1000 results, the user should be prompted to refine the search criteria.

The data dissemination service shall display a list of filings matching the search criteria. If no
matches are found, the data dissemination service shall prompt the user to modify the search
criteria. In listing of filing records matching public queries, the following elements from the
Processed Filing shall be displayed:

• FILING-HEADER-EIN
• FILING-HEADER-PN
• FILING-HEADER-PLAN-YEAR-END
• PLAN-NAME

C.15.2.3 Displaying Public Filings

A user shall be able to click on one filing in the listing and have the choice of obtaining all filing
data or components of the filing in a hierarchy tree. The data dissemination service shall retrieve
the selected data and display it to the user for viewing or printing as a form facsimile (see Section
C.15.2.4). During the data retrieval process, the data dissemination service shall display a status
bar or other indicator to inform the user of the expected length of time required to complete data
retrieval. Data retrieval shall be completed within a reasonable amount of time but no retrieval
shall take more than one (1) minute for an entire filing.

A user shall be able to click on multiple filings in the listing and have the choice of retrieving all
filing data or components of the filings as a batch form facsimile request. The Contractor shall
support up to 100 filings (single PDF files) per batch request.
EFAST2 RFP
Section C, Page 153 of 242
DOL069RP20266


C.15.2.3.1 Entire Filings

The data dissemination service shall allow the user to print or view the entire filing at once in a
form facsimile as described in Section C.15.2.4. The data dissemination service shall not force
the user to print/view one component at a time in order to obtain the entire filing.

A single PDF file of the filing data in a form facsimile shall be generated by the Contractor for
each filing requested. The Contractor shall provide optional ZIP file compression of the PDF file
to allow requesters the option of receiving the PDF file in compressed file format.

The Contractor shall support batch requests for filing data in form facsimiles. In the event that a
filing batch is requested, the Contractor shall provide optional ZIP file compression of the batch
to allow requesters the option of receiving the batch request as a single ZIP file containing
multiple PDF files representing the batch.

The data dissemination service shall permit the user to save a local copy of the entire filing or
batch of filings in PDF or ZIP formats.
C.15.2.3.2 Filing Component Hierarchy

The viewing software shall present the user with a hierarchy tree of forms, schedules, and
attachments (“filing components”) for a single filing. Users shall see all the filing components in
the filing folder hierarchy tree that their user-profile permissions allow. The filing folder
hierarchy tree shall reflect multiple and repeating schedules. The user shall be able to retrieve
different components in separate requests. The user shall be able to print different components in
separate requests.

Exhibit C.15.2 Illustrates an example search results screen after an EIN search is completed. The
Contractor shall develop the listing of matched filings and filing component hierarchy “look and
feel” in accordance with web portal requirements in Section C.10.2.
















EFAST2 RFP
Section C, Page 154 of 242
DOL069RP20266














Exhibit C.15.2 – Example Filing Folder Hierarchy


C.15.2.4 Form Facsimiles

EFAST2 RFP
Section C, Page 155 of 242
DOL069RP20266


The Contractor shall produce form/schedule facsimiles by populating form facsimile templates
with structured data from the FilingData or ShortFormData schema, as defined in Section C.10.4
and Attachment P. Form/schedule facsimiles shall closely approximate the appearance of the
forms and schedules in Attachment D and shall be delivered to the user in PDF format (one PDF
file per filing). For each field displayed, the facsimile shall indicate the field “Item #” and “Form
Label” for that field (refer to Attachment P for “Item #” and “Form Label”). Filing data
displayed for an entire filing shall include all elements of the FilingData or ShortFormData
schema, as defined in Section C.10.4 and Attachment P.

C.15.2.4.1 Fonts

The font used for the item # and form labels in facsimiles shall be Helvetica. An exception to
this is the font used for the first two digits of the year in the upper right corner on page 1 of each
form is Swiss 721 Bold Outline BT. The font for data fields shall be 12 point 10 pitch Courier or
Courier New. All alphanumeric type data fields must be printed in upper case.

C.15.2.4.2 Spacing

Spacing and margins in the facsimiles shall be:
• 6 lines per vertical inch
• 10 characters per horizontal inch
• one-half (1/2) inch margin on all sides

C.15.2.4.3 Page Requirements

Page requirements for the facsimiles are:
• 8
1
/
2
” by 11” paper size
• Portrait orientation

C.15.3 Filing Record Dissemination for Government Users

The data dissemination service for Government access shall include the following features:

• Provide viewing, printing, and retrieval (download) access to filing facsimiles, including
non-disclosable fields (pulled filings).
• Permit the user to download output filing records based on static filters as defined in
Attachment E (pushed filings).

C.15.3.1 Government Pulled Filing Queries

The Contractor shall develop a web-based query tool for authenticated Government users to enter
search criteria. The query tool shall be identical to the public disclosure query tool described in
Section C.15.2.1.

EFAST2 RFP
Section C, Page 156 of 242
DOL069RP20266

C.15.3.2 Response to Government Pulled Filing Queries

The Contractor shall respond to queries by authenticated Government users. The response shall
be nearly identical to the public disclosure query response described in Section C.15.2.2 but two
additional fields will be displayed in the listing of matching filing records.

In listing of filing records matching Government or Contractor queries, the following elements
from the Processed Filing shall be displayed:
• FILING-HEADER-EIN
• FILING-HEADER-PN
• FILING-HEADER-PLAN-YEAR-END
• PLAN-NAME
• FILING-HEADER-AMENDED-IND

In addition to the Processed Filing fields above, the Suspect Duplicate Indicator and the True
Duplicate Indicator from the Tracking Database shall be displayed.

C.15.3.3 Displaying Government Pulled Filings

A user shall be able to click on one record in the listing and have the choice of obtaining all filing
data or components of the filing in a hierarchy tree. The data dissemination service shall retrieve
the selected data and display it to the user for viewing or printing, in a form facsimile. During
the data retrieval process, the data dissemination service shall display a status bar or other
indicator to inform the user of the expected length of time required to complete data retrieval.
Data retrieval shall be completed within a reasonable amount of time but no retrieval shall take
more than one (1) minute for an entire filing.

The displays of filing data and components shall be nearly identical to the public disclosure
displays described in Section C.15.2.3 but additional components and data will be displayed.
Specifically, filing data displayed for a filing shall include all elements of the ProcessedFiling
schema.

C.15.3.4 Files Pushed to Government

Daily, the Contractor shall develop filing output and tracking database records according to static
Government specifications in Attachment E and push those files to DOL, the IRS, and PBGC.
The Contractor shall push files containing the required records to Government servers through a
Virtual Private Network (VPN) described in Section C.15.3.4.1. Pushing the files will involve
connecting to the Government secure drop box servers through the VPN, FTP-ing files to a
specified directory, then renaming the files into the directory. The Contractor shall ensure each
pushed file is a reasonable file size for uploading and downloading. If necessary, the Contractor
shall create multiple files for each drop box to ensure no file sizes are unreasonably large. By
6AM the Contractor shall have completed pushing all files.

The Contractor shall have the capability to re-create the pushed files if errors are found or
problems arise. The vendor shall have the capability to re-push the files, using the original file
names, for up to 30 days after the files are originally distributed.
EFAST2 RFP
Section C, Page 157 of 242
DOL069RP20266


C.15.3.4.1 Virtual Private Network (VPN)

The Contractor shall provide an IPsec site-to-site VPN connection to Government owned secure
drop box servers. The Contractor shall ensure that proper security controls are in place for the
VPN interconnection and abide by an Interconnection Security Agreement. All computers
connected to the VPN must have the most recent versions of antivirus software and current
operating system and application security patches. The VPN shall be planned and implemented
in accordance with NIST 800-77, Guide to IPsec VPNs. The Contractor shall announce any
planned VPN outages in advance and adhere to availability requirements in Section C.13.

C.15.4 Application Access

The Contractor shall provide Government users with web-based access to the tracking database,
contact center service tickets, and configuration management application records. Depending on
needs, some Government users may require the ability to write to contact center service tickets
and configuration management records. The Contractor shall design those applications such that
they are able to accept such modifications by specific Government users. A preliminary access
control chart for applications is depicted in Exhibit C.15.3. The final access controls for
applications shall be provided as GFI during the Base Period.

Exhibit C.15.3 – Preliminary Application Access Control

User Group Tracking Database Contact Center
Service Tickets
Configuration
Management Records
Electronic filing participants in
MyAccount
None Only records attributed
to that particular user
None
General public and
unauthenticated users
None None None
Contractor Contact Center and
support staff
Read, Write, and
Modify
Read, Write, and
Modify
Read, Write, and
Modify
DOL’s EBSA Office Read only Read and Modify Read and Write
DOL’s other offices Read only Read and Modify Read only
IRS Read only Read and Modify Read only
PBGC Read only Read and Modify Read only

C.15.4.1 Tracking Application

The Contractor shall provide users with the ability to develop and submit web-based queries of
the Tracking Database. Unlike the Filing Record Dissemination requirements in C.15.2 and
C.15.3, which have a limited number of fields by which users can develop queries, queries of the
tracking database shall be based on all fields in the tracking database. The Contractor’s tracking
application shall respond to the query by providing a listing of all matching records. In listing of
EFAST2 RFP
Section C, Page 158 of 242
DOL069RP20266

tracking records matching queries, the following elements from the tracking database shall be
displayed:

• FILING-HEADER-EIN
• FILING-HEADER-PN
• FILING-HEADER-PLAN-YEAR-BEGIN
• FILING-HEADER-PLAN-YEAR-END
• FILING-ID

A user shall be able to click on one record in the listing and view all fields for that tracking
database record.

A user shall also be able to download all fields in all matching records in a single file.
Downloaded tracking record files shall be formatted as described in Attachment E.

C.15.4.2 Service Ticket Application

The Contractor shall provide users with the ability to develop and submit web-based queries of
the contact center Service Ticket Application as described in Section C.18.

C.15.4.3 Configuration Management Application

The Contractor shall provide users with the ability to develop and submit web-based queries of
the Configuration Management Application as described in Section C.25.
C.15.5 Contractor Users

The Contractor shall ensure Contact Center personnel and other Contractor support staff such as
the data monitoring coordinator and chief quality control specialist have the ability to query and
obtain filing information needed to perform their functions. The Contractor shall develop the
data dissemination service such that authenticated Contractor users have the ability to query
filing information using fields in additional to those specified in Section C.15.2.1. For example,
Contractor staff may need the ability to query and retrieve filing information by SoftwareID or
TransmitterID to identify filings associated with a particular software developer or transmitter.
C.15.6 Data Updates

The Contractor shall update all data on the data dissemination service using data from the
production system no less than once every 24 hours.

C.15.7 Data Dissemination User Guides

The Contractor shall develop user guides to support public and Government users of the data
dissemination service and deliver the guides in accordance with the Schedule of Deliverables in
Section F. The Data Dissemination User Guides shall describe how to obtain filing information
using the data dissemination service including instructions for how to locate, view, print, and
EFAST2 RFP
Section C, Page 159 of 242
DOL069RP20266

download filings. Upon Government approval, the Data Dissemination User Guides shall be
made available on the web portal.
EFAST2 RFP
Section C, Page 160 of 242
DOL069RP20266
C.16 Records Management and Archival
All Contractor records management activities are subject to the requirements outlined in this
contract, 44 USC 3101, and 36 Code of Federal Regulation (CFR), Chapter XII, Subchapter
B- Records Management.


C.16. 1 Facility Standards

The Contractor shall ensure that any facility used to store EFAST2 data is compliant with the
standards outlined in Subpart K (Facility Standards for Records Storage Facilities) of Part 1228
(Disposition of Federal Records) of Subchapter B (Records Management) in the Code of Federal
Regulations 36. This requirements applies to any facility that the Contractor uses to store
EFAST2 data including, but not limited to, the Contractor’s prototype/development facility,
production facility, contact center facility, and specialized subcontractor and consultant facilities.
The Contractor shall understand that the provisions in Subpart K are part of this contract and
ensure that the provisions are included in contracts it executes with other parties to warehouse
EFAST2 data.


C.16.2 Data Retention

The Contractor shall maintain and retain all EFAST2 data according to the requirements in this
contract. The Contractor is reminded that all EFAST2 data shall be retained for the life of the
contract, unless otherwise noted. At the end of the contract life-cycle, the Contractor shall
deliver EFAST2 data to the Government in accordance with requirements set forth in C.24.13.


C.16.3 Archival

The Contractor shall ensure the dissemination of EFAST2 data according to the requirements set
forth in Attachment E and the Schedule of Deliverables in Section F. The Contractor shall
ensure the delivery of the “EBSA Annual XML Archive File” and “EBSA Annual E-Mail
Archive File” to the Government according to the format and the requirements set forth in
Attachment E. The Government will archive EFAST2 data with the United States National
Archives and Records Administration (NARA), in accordance with archiving directives
established by NARA as they pertain to EFAST2 data.

The Contractor is reminded that all records management and archiving activities are governed by
policies and procedures set forth by NARA and/or the DOL. The Government reserves the right
to revise records management activities as new or revised policies and procedures are released by
NARA and/or DOL.




EFAST2 RFP
Section C, Page 161 of 242
DOL069RP20266

C.17 Annual Production Operations and Rollover
C.17.1 Annual Forms and Legislative Changes

The Contractor shall update and adapt EFAST2 to accommodate changes in the forms from plan
year to plan year and to accommodate system rollover changes declared by the Government
through issuance of GFIs (see Section C.23), including but not limited to adjustments to schema,
business rules, edit tests, distribution, and related downstream and/or ancillary system
functionality, components, and documentation. Forms changes can arise as a result of many
factors. The U.S. Congress may alter the statutory requirements for reporting and disclosure. One
or more of the sponsoring agencies may alter regulatory requirements for reporting and
disclosure.

The Government will provide the Contractor with all information necessary to define the annual
system rollover requirements as outlined in Section C.23, and according to the time schedule
described in Attachment V. Attachment V provides the schedule for Plan Year 2010 rollover,
however, the tasks and schedule will be similar in subsequent plan years. The Contractor shall
work in close coordination with the Government to implement all system updates. This will
include, but is not limited to, modifying the schemas, the business rules, edit tests, distribution
and all associated documentation.

Exhibit C.17.1 lists typical form changes that have been implemented over the past 3 years of the
current system’s processing (Plan Year(s) 2002, 2003, 2004). The list demonstrates the limited
number of such forms changes that typically occur each year, and demonstrates that wholesale
changes to forms and schedules are not common on an annual basis.

Typical forms changes in the Form 5500 Series reports from plan year to plan year are generally
minor, as are the related changes to schema, edit tests, and related system functionality. The
Contractor will be responsible for implementing a typical level of no-cost annual rollover
changes into all components of the production system at no additional cost to the Government,
within the prescribed schedule for rollover, and with no disruption or downtime in the production
system.

In the event that there is an unforeseen, non-typical level of annual rollover changes for any given
processing year, the Contractor shall work collaboratively with the Government to identify the
excess changes beyond a typical level, and determine an expeditious approach for working
through the technical, contractual, and/or cost implications, and implement the changes into the
production system within the prescribed schedule for rollover with no disruption or downtime in
the production system.

C.17.2 System Documentation
Per SDLCM Phase 4, the Contractor shall provide System Documentation that includes
documents providing information to describe the design, development, production, distribution,
operation, maintenance, and management of the system. The System Documentation shall meet
the standards established by SDLCM 2.1 (see Section N.1.24 and Attachment K), and IEEE/EIA
12207.2-1997 Sec 6.1 (see Section N.2.2).
EFAST2 RFP
Section C, Page 162 of 242
DOL069RP20266

Exhibit C.17.1 –
Form 5500 Forms Changes for Plan Year(s) 2002, 2003 and 2004

2004 Forms Changes
Form/ Schedule Change Description
Form 5500 The instructions to the Form and schedules are amended to advise that the
Form and public schedules and attachments are subject to future publication
on the Internet and to emphasize that inclusion of a Social Security Number
(SSN) anywhere on the Form or schedules except as required on Schedule
SSA could result in the filing being not accepted.

Form 5500 The instructions to line 4 now include a Caution to emphasize that the failure
to indicate that a plan was previously identified by a different Employer
Identification Number (EIN) or Plan Number (PN) could result in
correspondence from the DOL or the IRS.

Form 5500 The instructions for lines 8a and 8b plan characteristics codes are modified
on page 19 to include new Code 3J for a U.S.-based plan covering residents
of Puerto Rico and qualifying under both Code section 401 and section 8565
of the Puerto Rico Code Schedule B –In Line E, the order of choices for the
type of plan is changed to match the order of choices in Box A of the

Form 5500 The choices for line E are now (1) Multiemployer, (2) Single-employer, and
(3) Multiple-employer.

Schedule B Line 8c requirements for reporting average cash balance account data are
clarified.

Schedule B Changes made by the Pension Funding Equity Act of 2004 are reflected in
the instructions for lines 1d(2)(a), 1d(2)(c), 4a, 6a, 9c, 9f, 12a, and 12o.
Schedule B Lines 1d, 6a, and 9l are modified to delete references to “OBRA ’87”
Current Liability and “OBRA ’87” Full Funding Limitation because this
limitation is not applicable for plan years beginning after December 31,
2003, under section 412(c)(7)(A)(i)(l) of the Code.

Schedule D The instructions for the Form 5500 and for Schedule D are improved to
make clear that plans and DFEs filing Schedule D must use multiple
standard form pages if necessary. Non-standard attachments to the Schedule
D may be not accepted.

Schedule I The instructions to line 2c are improved to clarify the calculation of “other
income.”
Schedule SSA The instructions on page 57 are modified to clarify reporting requirements
and improve processing.
EFAST2 RFP
Section C, Page 163 of 242
DOL069RP20266



2003 Forms Changes
Form/ Schedule Change Description
Form 5500 The instructions for lines 8a and 8b plan characteristics codes are modified
on pages 18 and 19 to include: 3I for a pension plan that requires that all or
part of the employer contributions be invested and held, at least for a limited
period, in employer securities and 4U for a collectively bargained welfare
benefit arrangement under Code section 419A(f)(5).

Schedule B The instructions for line 4a, Quarterly Contributions, are modified for new
plans; the instructions for line 8c and the Schedule of Active Participant
Data are modified to incorporate average cash balance account data; and on
line 9l(2), the current liability full funding limitation is now based on 170%
of current liability.


Schedule E Line 1 is a modification of the former line 17. Subsequent line numbers are
adjusted accordingly.

Schedule H Line 3 is reordered to clarify information concerning the accountant’s
opinion.

Schedule H & I To eliminate duplicative reporting, information concerning delinquent
participant contributions reported on line 4a is no longer required to also be
reported on line 4d (or Schedule G).

Schedule SSA The instructions on page 55 are modified to clarify how to report additional
separated participants.









EFAST2 RFP
Section C, Page 164 of 242
DOL069RP20266


2002 Forms Changes
Form/ Schedule Change Description
Form 5500 Line 2d codes for principal business activity are revised on pages 59, 60 and
61.

Form 5500 Lines 8a and 8b plan characteristics codes are modified on pages 17 and 18
to include: 1l for a frozen plan, 1D for a floor-offset plan, and 4T for a 10 or
more employer plan under Code section 419A(f)(6).


Schedule B Line G is enlarged to permit an additional digit for the enrollment number.

Schedule B Lines 12r, 12s, 12t, 13, and 14 are deleted and lines 12p and 12q are
restructured due to the phasing out of the Optional Rule under Code section
412(l)(3)(E) and the Transition Rule of Code section 412(l)(11) and ERISA
section 302(d)(11).


Schedule E New lines include 16a through 16c, for elections under Code section
404(k)(2)(A)(iii), and 17a through 17e, concerning ESOPs maintained by S
corporations. Former line 16 is now renumbered line 18.
Schedule H The headings for lines 1 and 2 clarify the lines that DFEs should not
complete.

Schedule H & I Line 4a, concerning delinquent participant contributions, now includes
information about the DOL Voluntary Fiduciary Correction Program
(VFCP).

Schedule R Line 8 is deleted and line 9 renumbered as line 8 due to the phasing out of
the Transition Rule of Code section 412(I)(11) and ERISA section 302(d)11.

Schedule SSA Multiple schedules, if necessary, must be submitted to report the required
information. See the Instructions for Schedule SSA (Form 5500) on page 53.

EFAST2 RFP
Section C, Page 165 of 242
DOL069RP20266

The Contractor shall include in the documentation all system and procedural changes resulting
from legislative and/or regulatory changes and Government annual development activities. The
Contractor shall provide documentation for the entire system, including program listings, to the
Government if requested. The Contractor shall deliver the document during the during the Base
Period and, contingent upon Government exercise of option periods, the Contractor shall update
the document during each exercised option period to reflect annual rollover and related system
changes.
System documentation shall include:

• A comprehensive system overview;
• A total system flow chart relating data flow to subsystems, system files, programs,
and system products;
• Data descriptions;
• Detailed file descriptions;
• Detailed data record descriptions;
• Detailed program descriptions (program logic), including specific narratives
explaining the functions and linkages for each program;
• Detailed descriptions of inputs, outputs, and external interfaces;
• Binder covers with subtitles descriptive of contents; and cross-reference tables for
data, file, and record descriptions.

C.17.3 Final Plan Year Form/Schedule Proofs
The Contractor shall develop final plan year form proofs from the form/schedule markups
provided by the Government as GFI, per Section C.23.2 and Attachment D. The Government
will provide the Contractor with form/schedule mockups prior to each processing year, as
described in Section C.23.2 and Attachment D. The Contractor shall incorporate all Government
form/schedule markups into a final set of plan year form/schedule proofs that are suitable for
public dissemination, and for developing IFILE (see Section C.10.5), form facsimiles (see
Section C.15.2.3) and all other EFAST2 functions requiring final form faces. The Contractor
shall deliver the final form faces, clearly marked as "sample" using a watermark, as both PDF
files and as source files developed using a forms design package to be proposed by the
Contractor. The Contractor shall deliver the forms according to the Schedule of Deliverables in
Section F.

C.17.4 Hardware/Software Refresh Plan
Per SDLCM Phase 2, the Contractor shall develop a Hardware/Software replacement and
maintenance strategy that results in, at a minimum, a complete replacement by year six of
EFAST2 RFP
Section C, Page 166 of 242
DOL069RP20266

operations of all obsolete hardware, software (including COTS and custom software), databases,
firmware, networking equipment, telecommunications connections and related system
components. The Contractor shall accomplish the replacement through a one-time replacement
or a staggered approach over the course of the 10-year operations period, depending on emerging
technology evolution circumstances, and the specific characteristics of the Contractor’s proposed
solution. All replacement and maintenance strategies shall demonstrate that such an approach
would result in improved security, reliability, performance, cost and functionality. The
Contractor shall revise and redeliver the hardware/software refresh plan deliverable annually
throughout operations to incorporate adjustments and modifications as necessary to adapt to
changing and emerging technology. The plan shall be dimensioned by system component (e.g.
hardware, software, firmware, databases, networking equipment, telecommunications
connection) and shall clearly itemize the obsolete component level to be replaced, the new
replacement component, and the justification and plan for implementing the change. The
Contractor shall budget for all necessary replacement and maintenance required during the course
of this contract so as to ensure that all required replacement and maintenance occurs at no
additional cost to the Government and with minimal or no disruption to production processing.

C.17.5 Edit Test Mask/Stable List
The Contractor shall implement all edit test mask/stable list changes in the production
environment per the performance standard in Section C.2. Upon startup, and throughout
operations, the Government will issue periodic updates to the Edit test mask/stable list. The edit
test mask/stable list identifies edit tests in the production environment that are operating as
expected (stable), or are operating in an unexpected manner (unstable). In certain circumstances,
the Government will either mask or change the severity of an edit test that is operating in an
unstable manner, and consequently should not be used as a criteria to not accept filings until such
time as the source of the problem is determined and fixed, whether the problem is related to the
requirements, filing behavior, or Contractor implementation. The edit test mask/stable
definitions are as follows:

• Stable. A stable edit test operates correctly and as expected, per the requirements
• Unstable. An edit test may be considered unstable for a number of reasons. It may
not operate properly for all filings due to a systematic, repeatable bug in
implementation. It may not operate properly for all filings due to a random, non-
systematic bug. It may operate correctly but create unexpected results in certain
obscure situations, such as filer behavior that triggers the edit test, yet meets all
ERISA filing requirements.
• Unmask. A stable edit test will generally be unmasked in the production
environment, indicating that all filings should be subjected to the edit test as part of
the accept/unaccept process, assuming the proper bypasses are followed.
• Mask. An edit test may be masked in the production environment at the
Government’s discretion, indicating that no filings should be subjected to the edit test
as part of the accept/unaccept process.
EFAST2 RFP
Section C, Page 167 of 242
DOL069RP20266

The Contractor shall ensure that edit test mask/stable changes are fully implemented throughout
all relevant modules in the production system, including IFAS, the tracking database, and
automated QC functions. In IFAS, the Contractor shall ensure that the most current edit test
mask/stable list is used in the filing acceptance/unacceptance process. In the tracking function,
the Contractor shall record the edit test mask/stable/severity information in the tracking database,
such that the tracking database may be used to reconstruct the precise edit test mask/stable
conditions under which a particular filing was processed so that filing accept/unaccept
determinations can be accurately tracked and reconstructed for QC purposes. In the QC function,
the Contractor shall consider edit test mask/stable conditions when conducting manual and
automated QC on filing processing. The Contractor shall access the most current edit test
mask/stable list conditions when evaluating the quality of processing as described in Section
C.20, and when measuring and reporting the accuracy performance standards described in
Section C.2. See Attachment F for a sample edit test mask/stable list. Production versions of the
edit test mask/stable list will be issued by the Government after award, as indicated in Section
C.23.4.

EFAST2 RFP
Section C, Page 168 of 242
DOL069RP20266

C.18 Contact Center
The Contractor shall establish and operate a Contact Center that is accessible by a single
Government-furnished toll-free telephone number, email address, and web-based portal form to
all inquirers. The Contractor shall establish telephone, email, and web-based portal form support
for users. The Contractor may utilize an integrated voice response (IVR) system to provide
initial call handling and routing activities. The Contractor shall ensure that callers can
immediately contact a live contact center representative by simply entering "0" or similar code.

C.18.1 General Inquiries
The Contractor shall incorporate into the Contact Center function an established program to
provide technical assistance to assist filers who have general questions regarding the Form 5500
return/report and its completion. Technical assistance is to be provided via a combination of live
operator assistance and email. The Contractor shall provide technical assistance to the following
major groups of callers or emails:
• Plan filers with general inquires about who must complete a Form 5500return/report,
how to complete a Form 5500 return/report, and what must be completed as part of
the Form 5500 return/report.
• Plan filers with general inquiries regarding the instructions for Form 5500
return/report, including how to file electronically, how to apply for and receive an
electronic signature, and other questions related to electronic or Internet-based filing.
• Plan filers who request the status of their filing receipt and processing.
• Plan filers who have questions regarding acknowledgement messages received by the
system in response to edit test failures.
• Electronic filers who have forgotten, lost, or misplaced their electronic signature
credentials.
• Electronic filers who have forgotten, lost, or misplaced their filing acknowledgment.
• Third Party Software Developers who develop electronic filing software and have
questions regarding third party software development and certification.
• Plan filers with general inquiries regarding the EFAST2 web portal.
• Plan filers experiencing difficulty using the EFAST2 applications and services such as
IREG, IFILE and data dissemination.
• Government users (DOL, IRS, PBGC) requiring assistance.
• Plan Filers or End Users experiencing difficulties as a result of system interruptions or
downtime.
EFAST2 RFP
Section C, Page 169 of 242
DOL069RP20266


C.18.2 Service Tickets
The Contractor shall use an application to track and report all inquiries made to the Contact
Center. The service ticket application must provide service ticket processing and tracking
capabilities. The application shall perform the function of receiving, logging, tracking, referring,
and clearing service tickets. The service ticket application should be integrated with other
modules, such as the web form described in Section C.18.9, so as to populate certain fields on the
service tickets automatically.
The service ticket application should provide an integrated, automated service reporting
mechanism that assigns service tickets to Contractor staff. Desired distribution methods to
Contractor staff include paging, printing, electronic data interchange, fax, web interfaces, and e-
mail.
The application must provide for the capability for remote distribution of service tickets to
Government staff. The desired distribution method to Government staff is through the data
dissemination service as described in Section C.15.
The application should allow non-contact center personnel (i.e., the Contractor’s data
management coordinator, authorized Government staff, etc.) to append to service tickets as
appropriate. The application should allow for the electronic modification of service tickets,
either through the web portal described in Section C.10.2 or other means.
The application shall provide a method for prompting the contact center staff member through
the steps of receiving and documenting a service ticket, including service specific trouble-
shooting procedures. The application must contain a reposition of “problem identification
actions” for the person recording the service ticket. These actions shall prompt the contact center
staff to ask a series of trouble-shooting questions (are you connected to the internet, can you get
to the EFAST2 home page, etc.) while the caller is on the telephone. Actions that were
completed should be logging into the service ticket application. The service ticket application
and problem identification actions should incorporate dependencies, for example, only allowing
any given step in the process to be completed after the steps upon which it depends have been
completed.
Through standard reports and ad hoc capability, the Contractor should be able to generate or
create service analysis reports to aid in diagnosing equipment, network, or data management
problems as described in Section C.13. These reports should include but not be limited to
service ticket counts and service summaries, mean time to repair, and Contractor activity. Trend
analysis on system components should also be available.
EFAST2 RFP
Section C, Page 170 of 242
DOL069RP20266

The Contractor should be able to run standard reports and make queries from the service ticket
application to track the progress and resolution of service tickets (i.e., service ticket number,
date, assignment, component, etc.) for monthly reporting as required in Section C.18.17.
The service ticket application should provide a service history report for each service recorded
and automatically attach the history report to new service tickets for reference. The history file
should be maintained throughout the duration of the contract and should be accessible by a
number of criteria, such as telephone number, name of person who called, etc. Service ticket
history should be tied to both the person having the problem (i.e., the plan administrator) as well
as the person calling in the trouble (i.e., the preparer).
The application must have the capability of accepting an unlimited number of service tickets per
day. The application should produce standard trouble ticket aging reports. The application
should be capable of allowing the assignment of specific fields to be mandatory fields. For
example, the contact information (name, phone number) might be mandatory fields on the
service ticket application screen.
The application should allow for Contractor-defined service codes, resolution codes, and cause
codes. The application should allow for the entry of notes associated with each service ticket and
with each action item on the service ticket.
The application should allow notification to be sent to the person who called in the service ticket
through e-mail and/or the service ticket component of the web portal. This notification could
include receipt of the service ticket , assignment of the service ticket, and completion of the
service ticket.
The application should automatically assign a unique identification numbers for each service
ticket created. Ticket numbers shall be used by the Contractor to track and reference inquiries.
The ticket number is to be assigned upon initial inquiry and updated as necessary to acknowledge
and record feedback at appropriate junctures for each inquiry.
C.18.3 Technical Assistance
The Contractor shall provide technical assistance through the Contact Center to identified
software developer applicants. Technical assistance shall be provided as part of the Contractor’s
software developer support program as described in Section C.10.6 and shall include developer
registration, access to schemas and edit test specifications, technical assistance, PATS testing,
and award of certification credentials to software packages meeting all requirements for
approval. The Contractor shall record service tickets for these calls and track them by origin as
part of the software developer support program described in Section C.10.6.
EFAST2 RFP
Section C, Page 171 of 242
DOL069RP20266

C.18.4 System Performance Monitoring and Feedback
As described in Section C.14.4.1, fluctuations in volumes of calls or emails reporting user
satisfaction or dissatisfaction with or specific problems in system performance, availability, or
functionality shall be immediately reported by Contact Center staff to EFAST2 processing and
system maintenance staff for resolution. Any user-reported system problems requiring fixes,
updates, upgrades, changes or other resolutions shall be tracked and reported to the Government
as described in Section C.25. The Contractor shall ensure that Contact Center staff is
immediately informed of any planned or unexpected system downtime, service interruptions, or
other problems that would be visible to or have an effect on any EFAST2 Government or public
user of any component of the system so that the Contact Center may respond to related calls and
emails appropriately.
C.18.5 Warm Transfer
The Contractor shall provide technical assistance via a combination of live operator assistance
and email. The Contractor shall transfer to EBSAs Office of the Chief Accountant (OCA) via
"warm transfer" calls of a highly technical nature. The Contractor shall also "warm transfer"
calls to the Internal Revenue Service (IRS) and Pension Benefit Guaranty Corporation (PBGC)
where appropriate. In a "warm transfer," Contractor personnel remain on the line with the caller
while the call is transferred.
C.18.6 Telecommunications
The Contractor shall access the Government’s telecommunications link when warm transferring
calls to Government agencies. The Contractor shall be responsible for all equipment required to
connect to the Government-furnished telecommunications link.
C.18.7 Contact Center Support System
The Contractor shall be responsible for installation of any hardware, software and data-lines
necessary for Contact Center personnel to access and view filings from the data repositories
described in Section C.14 and related systems that are needed to assist contact center personnel
in answer filer inquiries, such as inquiries regarding acknowledgement messages generated by
the system.
C.18.8 Voice Mailbox
The Contractor shall establish a voice mailbox to provide callers with an option to leave a
message after the established hours of operation. The Contractor shall return any inquiries left on
the voice mail system, as appropriate, or refer the messages to Government personnel in
accordance with Government-approved procedures. During the established hours of operation,
the Contractor shall monitor the voice mailbox to ensure that any messages left during the
established hours of operation do not go unanswered.
EFAST2 RFP
Section C, Page 172 of 242
DOL069RP20266

C.18.9 Email and Web Form Inquiries
The Contractor shall provide filers the ability to request assistance through email or web form
inquiries from the EFAST2 web portal as described in Section C.10.2, to which the Contractor
shall respond by email. The support email address shall be prominently displayed as part of the
Help Desk and FAQ sections of the web portal. The Contractor shall respond with a standard set
of pre-designated email responses to standard inquiries in accordance with Government-
approved procedures, described in Section C.18.20 below. Procedures for handling and
responding to emails received by the Contact Center shall follow applicable DOL policies such
as the DOL Internet Policy Directive on Electronic Correspondence (Reference Attachment H
and Attachment N). Email or web form inquiries regarding specialized Form 5500 and ERISA
reporting requirements shall be responded to with instructions to contact the Government directly
via telephone. All email correspondence must be stored and retained for the life of the contract
in a format enabling basic searches and retrieval of email and consistent with regulations and
requirements of the National Archives and Records Administration (NARA). All email
correspondence must be furnished to the Government upon Government request, and delivered to
the Government according to the requirements set forth in Section F and Attachment E. All
activities related to email correspondence must be in accordance with 36 CFR 1234, Electronic
Records Management.
C.18.10 Reserved
C.18.11 Hours of Operation
The Contractor shall provide live operator assistance from 8:00 a.m. to 8:00 p.m., Eastern Time,
Monday through Friday, except for federal holidays. The Contractor shall ensure that the Contact
Center is adequately staffed to handle the anticipated volume of calls. Calls received by the
Contractor between 5:00 p.m. and 8:00 p.m. requiring transfer to the Government are to be
transferred to a specified Government mailbox.
C.18.12 Call Volume
Although the Government cannot predict with certainty the number of callers, Attachment S
contains caller trends and requirements from the current EFAST paper-based system. The
Contractor is forewarned that historical call volumes may not necessarily be representative of
future projected call volumes, and the Contractor should consider alternative call volume
assumptions in their calculations, including the potential for call volumes to be high at startup
and to taper gradually over time as filers become accustomed to EFAST2. The Contractor should
also consider differences in operational procedures and other factors that may influence the
volume, nature, and duration of calls, for example the complexity of inquiries and required
responses on electronic filing, changes in filing requirements and filer population, and resources
available to Customer Service Representatives (CSRs) in generating responses. These figures are
provided for information purposes only.
EFAST2 RFP
Section C, Page 173 of 242
DOL069RP20266

C.18.13 Response Times
The Contact Center shall conform to all timeliness and accuracy standards as outlined in
Section C.2. Refer to Attachment S for historic call trends.
C.18.14 Compliance & Reporting
Compliance with the Contact Center performance standards shall be reported monthly to the
Government as required in Section C.20.11.10 and Section F.
C.18.15 Transfer Monitoring
The Contractor shall ensure that callers’ inquiries are satisfied by a live operator or by directing
them to the appropriate Government agency. The Contractor shall monitor transfers to ensure
that transfers are made in a courteous and customer-friendly manner. Transfer monitoring shall
be conducted in accordance with the requirements in Section C.19, Section C.20, and Section
C.25.
C.18.16 Call Monitoring
The Contractor shall ensure that the highest level of customer service is provided. The
Contractor shall monitor 2%-3% of all incoming calls per month at a minimum for accuracy and
completeness, as well as for tone of voice, friendliness, courtesy and professionalism. The
Contractor shall monitor new employees at a higher percentage. Call monitoring shall be
conducted in accordance with the requirements in Section C.19, Section C.20, and Section C.25.
C.18.17 Monthly Reporting
The Contractor shall monitor and report the following information, at a minimum, monthly as
part of the Monthly Work and Management Report described in Section C.24.12 and the
Schedule of Deliverables in Section F:
• The total number of inquiries during the reporting period and the cumulative number
of inquiries for the contract period
• The average duration and range in duration (minimum / maximum duration) of calls,
where duration is the total time of the call, including hold time and handling time
• The average handling time and range in handling time (minimum / maximum
handling time) of calls, where handling time includes only the time during which the
Customer Service Representative (CSR) is interacting directly with the caller
• The percentage and numbers of calls monitored and the rates of accuracy of
answers/responses provided in accordance with Government approved procedures.
EFAST2 RFP
Section C, Page 174 of 242
DOL069RP20266

• The percentage and numbers of emails monitored and the rates of accuracy of
answers/responses provided in accordance with Government approved procedures.
• The total number of calls or emails reporting user inability to access any part of the
system including the web portal, or dissatisfaction with system availability or
performance
• The percentage of calls answered by Customer Service Representatives (CSRs)
• The percentage of emails answered by CSRs
• Average time to answer calls
• Average hold times for calls
• Number of calls abandoned
• Number of calls transferred
• Number of emails responses
• The range in response time and average response time for email inquiries
• The total number of inquiries by type (i.e., edit test failure inquiries, general inquiries
by subject matter, system availability or performance inquiries) during the reporting
period and cumulative number of inquiries for the contract period by type.
• The total number of inquiries for IREG registration assistance during the reporting
period and cumulative number of inquiries by type.
• The total number of inquiries by edit test and failure type for edit test failure inquiries
and the cumulative number of inquiries for the contract period by edit test and failure
type.
• The total number of inquiries transferred to the Government by agency during the
reporting period and the cumulative number of inquiries for the contract period
transferred.
• The total number of service tickets issued, resolved, and aging within the reporting
period, and cumulative number of service tickets by type for the contract period.
Refer to Attachment S for historic call trends for the reporting requirements above. The
Contractor shall maintain detailed supporting data in support of it summary reports and provide
such performance data, when requested, for inspection by the COTR and/or his designated
representatives. Monthly reporting shall be conducted in accordance with the requirements in
Section C.19, Section C.20, and Section C.24.
EFAST2 RFP
Section C, Page 175 of 242
DOL069RP20266

C.18.18 Daily Reporting
The Contractor shall generate a daily report that captures the following information in half (1/2)
hour increments, and shall deliver the report as specified in the Schedule of Deliverables in
Section F:
• The number of calls or emails received
• The number of calls abandoned
• The average time to answer
• The average duration of calls
• The percentage of calls answered
• The percentage of emails answered
• The average number of staff answering calls or emails
• The number of calls or emails answered per staff person
The daily contact center report shall be sent via email to the COTR and/or his designated
representatives by close of business Monday through Friday in accordance with the instructions
in Section F.
C.18.19 Training – Contractor Training
The Contractor shall directly conduct training and supervision in areas of basic call center
operations and procedures, inquiries regarding electronic filing, electronic filing credentials,
software developer support, public disclosure, end user queries, and general inquiries on system
availability, performance, or other areas of EFAST2 functionality not covered by the
Government’s training described below. The Contractor shall invite Government staff as
designated by the COTR to attend the Contractor’s training for the purpose of increasing
familiarity with Contact Center operations and procedures. The Contractor shall provide timely
advance notice to the COTR of the dates and locations for such training including refresher
training so that Government staff may make travel and other arrangements to attend the training.
The Contractor shall provide ongoing support to Government staff who may be responding to
filer inquiries transferred from the Contact Center in reviewing and understanding Contact
Center operations and procedures. The Contractor shall provide training and ongoing support to
Government staff who have access to the service ticket application in use of the service ticket
application. The Contractor shall ensure that any Contractor staff assigned to the Contact Center
function are sufficiently trained and demonstrate a satisfactory level of proficiency in these areas.
The Contractor shall monitor staff assigned to the Contact Center function and, where needed, re-
train or remove those staff who do not demonstrate and maintain a satisfactory level of
proficiency and customer service in these areas.

EFAST2 RFP
Section C, Page 176 of 242
DOL069RP20266

C.18.19.1 Training – Government Provided Training
The Contractor shall coordinate with the Government to determine the schedule for and level of
specialized Government training needed. The Government will provide specialized training in
the areas of general filing and edit test inquiries related to the Form 5500 and ERISA and to
answer advanced questions in those areas. The Contractor shall work with the Government in the
development of a training program for the Contractor’s Supervisors (i.e., "train-the-trainers").
Government representatives shall conduct the training sessions on-site at the Contractor’s
facilities. The Contractor shall be responsible for training its staff in the areas covered by the
“train-the-trainers” training provided by the Government. The Contractor shall ensure that any
staff assigned to the Contact Center function are sufficiently trained and demonstrate a
satisfactory level of proficiency in these areas. The Contractor shall monitor staff assigned to the
Contact Center function and, where needed, re-train or remove those staff who do not
demonstrate and maintain a satisfactory level of proficiency and customer service in these areas.
At its discretion, the Government will provide refresher training or additional training
periodically over the life of the contract as changes to filing requirements, forms, relevant DOL
regulations, or other specialized developments require. At its discretion, the Government shall
train the Contractor's trainer and staff concurrently due to the technical nature of EFAST2
material.
C.18.20 Operational Procedures Manual
The Contractor shall develop procedures manual documentation for delivery to the Government
as specified in the Schedule of Deliverables in Section F to cover all additional areas of Contact
Center operation not covered by the procedures documentation provided by the Government as
described below. The Contractor shall abide by the procedures manual to provide technical
assistance to electronic filers and transmitters who have general system and technical questions
regarding electronic and Internet filing; to provide technical assistance to electronic filing
software developers who have general system and technical questions regarding electronic filing
software development; to provide technical assistance to users of the data dissemination service;
and for all other areas of Contact Center operation, including personnel management as described
in Section C.3 and security and disaster recovery as described in Section C.22 and Section C.13.
Procedures for handling and responding to emails received by the Contact Center shall follow
applicable DOL policies such as the DOL Internet Policy Directive on Electronic
Correspondence (Reference Attachment H and Attachment N).
C.18.20.1 Government Provided Procedures
The Contractor shall abide by a separate procedures manual provided by the Government as
specified in Section C.23 covering areas of edit test problem resolution and general filing
inquires regarding ERISA, Form 5500 returns/reports, and relevant DOL regulations. The
Contractor shall abide by the manual to provide technical assistance to plan filers who receive
edit test failure acknowledgement messages generated by EFAST2 and to provide technical
assistance to filers who have general questions regarding Form 5500 return/report and its
completion. The Government will issue periodic updates to the procedures manual as required to
incorporate changes to filing requirements, forms, or relevant DOL regulations. Procedures for
EFAST2 RFP
Section C, Page 177 of 242
DOL069RP20266

handling and responding to emails received by the Contact Center shall follow applicable DOL
policies such as the DOL Internet Policy Directive on Electronic Correspondence (Reference
Attachment H and Attachment N).
EFAST2 RFP
Section C, Page 178 of 242
DOL069RP20266

C.19 QUALITY ASSURANCE
C.19.1 Program Characteristics
The Contractor shall establish and maintain a software Quality Assurance (QA) program
throughout all phases of the system life cycle in accordance with Department of Labor’s (DOL)
System Development Life Cycle Management Manual (SDLCM). The most recent version of the
SDLCM manual is included as Attachment K. The QA program shall oversee all system
development, test, and maintenance activities, including software, hardware,
telecommunications, and deliverable and internal procedures documentation. The QA program
shall remain in force throughout the duration of the contract. The Contractor shall establish a
QA program and procedures that ensure a commitment to continuous process improvement
throughout the duration of this contract.

C.19.2 Development Methodology
The Contractor shall be free to propose any software development methodology. The
Government believes that EFAST2 fits most naturally with the incremental / iterative approach
recommended by the SDLCM. Accordingly, unless the Contractor specifically requests and
receives Government approval to use an alternative software development methodology, the
Contractor shall follow an incremental / iterative software development methodology, in
conformance with the SDLCM.

C.19.3 SDLCM Division of Labor
EFAST2 will be a completely outsourced system built and operated by the EFAST2 Contractor,
and built according to DOL’s SDLCM. The majority of SDLCM deliverables shall be produced
by the EFAST2 Contractor in accordance with the schedule specified in Section F. However,
there are certain SDLCM deliverables that must inherently be performed or produced by the
Government solely or “shared” between the Government and the EFAST2 Contractor. Exhibit
C.19.1 depicts the SDLCM division of labor. The following sections describe the specific
division of labor between the Government and the Contractor for all shared deliverables.

EFAST2 RFP
Section C, Page 179 of 242
DOL069RP20266

Exhibit C.19.1 – SDLCM EFAST2 Division of Labor
D De el li iv ve er ra ab bl le es s P Ph ha as se e 1 1 P Ph ha as se e 2 2 P Ph ha as se e 3 3 P Ph ha as se e 4 4 P Ph ha as se e 5 5 P Ph ha as se e 6 6 P Ph ha as se e 7 7
RITS/Statement of Concept G
Cost Benefit Analysis G
Project Risk Management Plan S
Project Management Plan S
Data Sensitivity Assessment G
Privacy Impact Assessment G
Feasibility Study G
Acquisition Strategy/Plan G
Work Breakdown Structure S
SOW G
Functional Requirements Document G
Security Risk Assessment C
System Security Plan C
Security Plan of Action and Milestones
(POA&M)
G
Test Plans C
CM Plan C
Legacy Data Plan G
Detailed Design C
Contingency Plan C
Implementation Plan C
System Acceptance Test Plan G
Security Test & Evaluation G
System Acceptance Test Report G
System Acceptance Test Approval G
Training Plan C
Delivered System C
System Manuals C
User Manuals C
System Fielding Authorization G
Security Certification G
Security Accreditation Letter G
Implemented System C
Trained Personnel C
Implementation Certification Statement G
Disposition Plan C
Security Self-Assessment (Annual) G
Archived System S
Legend
Phase 1 - Conceptual Planning Phase
Phase 2 - Planning & Requirements Definition Phase
Phase 3 - Design Phase
Phase 4 - Development & Test Phase
Phase 5 - Implementation Phase
Phase 6 - Operations & Maintenance Phase
Phase 7 - Disposition Phase

C - Contractor
G - Government
S - Shared



C.19.4 SDLCM Phase 1 — Conceptual Planning

The shared deliverables are as follows:
• Project Risk Management Plan. The Government will create a Project Risk
Management Plan that describes the risk to the Government associated with EFAST2.
The Contractor shall create an accompanying Project Risk Management Plan that
describes the specific risk management plan associated with the Contractor’s
proposed system.
• Project Management Plan. The Government will create a Project Management Plan
EFAST2 RFP
Section C, Page 180 of 242
DOL069RP20266

that describes the Government’s management plan for EFAST2. The Contractor shall
create an accompanying Project Management Plan that describes the Contractor’s
plan for managing the Contractor’s proposed system. (The Project Management Plan
is known elsewhere in this Request for Proposal as the Integrated Master Plan (IMP).
See Section C.24.3 for further information about the IMP.)
• Contract Work Breakdown Structure. The Government will establish a preliminary
contract work breakdown structure (CWBS) and include the CWBS in the EFAST2
Statement of Work (SOW) (See Section C.17). The Contractor shall produce the final
Contract Work Breakdown Structure (CWBS), which shall be delivered to the
Government for acceptance and approval, and which shall incorporate revisions based
on the Contractor’s proposed approach to EFAST2.

C.19.5 SDLCM Phase 2 — Planning & Requirements Definition

The shared deliverables are as follows:

• None

C.19.6 SDLCM Phase 3 — Design

The shared deliverables are as follows:
• None

C.19.7 SDLCM Phase 4 — Development and Test

The shared deliverables are as follows:
• None

C.19.8 SDLCM Phase 5 — Implementation

The shared deliverables are as follows:
• None

C.19.9 SDLCM Phase 6 — Operations and Maintenance

The shared deliverables are as follows:
• None

C.19.10 SDLCM Phase 7 — Disposition

The shared deliverables are as follows:
• Archived System. The Contractor shall maintain possession of the archived system
until such time as the Government elects to take possession of the archived system.
As indicated in Section B, the Government does not intend to take possession of
EFAST2 RFP
Section C, Page 181 of 242
DOL069RP20266

EFAST2 at any point during execution of this contract. However, the Government
may elect to take possession of the system at the completion of the contract or at the
completion of any option period for purposes of transitioning EFAST2 to a successor
Contractor or the Government.

C.19.11 SEI / CMMI Level
The Government subscribes to the philosophy of the Software Engineering Institutes’ (SEI)
Capability Maturity Model Integration (CMMI) approach as the software process maturity
framework for the system. The Contractor shall be assessed at CMMI Level 3, and shall apply
Level 3 assessed processes to EFAST2. Proposals from organizations that do not meet this
requirement should be accompanied by detailed identification and analysis of the gap between
proposed processes and CMMI Level 3 guidelines as justification for the suitability of those
processes for EFAST2. For QA matters not covered by the SDLCM, the Contractor shall use a
process that is assessed at CMMI Level 3 or higher. In the event that the deliverables specified in
Section F and the requirements specified in the SDLCM differ from the Contractor’s approved
CMMI Level 3 assessed procedures, the Contractor shall identify those differences and work
with the Government to align or establish equivalencies between the Government’s Section F /
SDLCM requirements and the Contractor’s CMMI Level 3 assessed procedures and supporting
documentation. The Government will carefully consider all Contractor-proposed adjustments to
the Section F and SDLCM requirements intended to bring these requirements into alignment or
establish equivalencies with the Contractor’s CMMI Level 3 assessed procedures, processes, and
supporting documentation. Additional monitoring, tracking, and reporting requirements to be
used in conjunction with the Contractor’s CMMI Level 3 processes for system development and
Quality Assurance are described in Section C.25.
C.19.12 Technical Reviews, Inspections, and Audits
The Contractor shall establish a QA program that incorporates the CMMI Level 3 and SDLCM
processes described above to ensure Government requirements for software products, design
documents, and Section F deliverables are met. The Contractor shall make the results of any
associated technical reviews, inspections, audits, or similar QA program products or processes
available for Government inspection at the Government’s request. Identified system problems,
findings of the QA program, and associated system fixes, updates, or problem resolutions shall
be tracked and made available to the Government as described in Section C.25.

C.19.13 Reserved
C.19.14 Reserved
C.19.15 Reserved
C.19.16 Reserved

EFAST2 RFP
Section C, Page 182 of 242
DOL069RP20266

C.19.17 Reserved
C.19.18 QA Plan

The Contractor shall develop a Quality Assurance Plan as specified in the Schedule of
Deliverables in Section F that describes how the QA program will meet the QA requirements.
The QA Plan shall be designed to ensure that the Contractor’s software development procedures
meet all processing requirements and that all development defects and deficiencies are remedied
in an efficient manner. The QA Plan shall describe all procedures and processes used by the
Contractor to provide quality assurance of all system development, test and maintenance
activities, including software, hardware, telecommunications, and deliverable and internal
procedures documentation. The QA Plan shall describe instances where the Contractor’s QA
program coincides with SEI CMMI Level 3 assessed processes applied by the Contractor to the
EFAST2 program. The QA Plan shall also describe instances where the QA program varies from
SEI CMMI Level 3 assessed processes, and shall provide a description and gap impact analysis
of any such variation. The QA Plan shall specify processes used to ensure documentation
deliverables are easy to read, easy to understand, and difficult to misinterpret as well as accurate
and up to date. The Contractor shall update and re-deliver the QA Plan during Option Periods II-
XI to describe significant changes to the QA program required for monitoring of any major
system changes, such as annual rollover.

C.19.19 QA Report
The Contractor shall submit a Quality Assurance Report as specified in the Schedule of
Deliverables in Section F to inform the Government of the Contractor’s quality assurance
performance. The Contractor shall record and retain the results of technical reviews, inspections,
and audits or other QA program activities in its Quality Assurance Report. During Option
Periods II-XI, the Contractor shall submit the QA Report quarterly to cover any major system
changes or development efforts requiring software “builds,” such as annual rollover, and to
report on the status of ongoing deliverable and documentation maintenance and updates.

At a minimum, the reports shall include the following:

• A summary of the Contractor’s performance adhering to the documented formal
development methodology used by the Contractor for all systems and software
development during the reporting period
• Scheduled QA tasks and reasons for any deviation from schedule
• Statistics regarding the number of problems found, severity of problems and
resolution status
• Description of each QA technical review, inspection, audit or other similar
process conducted during the reporting period, including the subject, problems
uncovered, problem resolution activities, and reference to where relevant
documentation (such as meeting minutes) is located at the EFAST2 facility.
EFAST2 RFP
Section C, Page 183 of 242
DOL069RP20266

• Recommendations for Contractor process improvement changes and steps to
realize the recommendations
• Identification of specific deliverable and documentation QA tasks performed in
the reporting period and to be performed in the upcoming reporting period
• Identification of scheduled QA tasks to be performed in the upcoming reporting
period.
C.19.20 Government Participation in Technical Reviews, Inspections, Audits
The Contractor shall establish a pre-defined schedule of internal project technical reviews,
inspections, audits, meetings, and other activities conducted under the QA program and shall
invite attendance by Government representatives to include Government-designated subject
matter experts. The Contractor’s schedule shall be published in advance of the scheduled events
and shall allow for reasonable and sufficient time for Government representatives to make
necessary travel and other scheduling arrangements.
EFAST2 RFP
Section C, Page 184 of 242
DOL069RP20266

C.20 QUALITY CONTROL
C.20.1 Independent Quality Control Unit (IQCU)
The Contractor shall establish an independent quality control unit (IQCU) to be headed by the
Chief Quality Control Specialist. The IQCU will establish and carry out procedures to measure
and report on the performance standards defined in Section C.2 and to monitor conformance with
the processing requirements of this contract. The Chief Quality Control Specialist is designated
as key personnel as defined in Section C.3.6.3. The IQCU shall be responsible for the
development and implementation of the QC program, QC written procedures, quality control
coordination, monitoring, reporting, and quarterly quality control reviews. The IQCU shall
perform the following functions:

• Monitor contract operations to ensure that the approved quality control procedures are
adhered to by the Contractor’s line staff at all times
• Collect and maintain an official file of all quality control statistics for the project and
brief contract staff and the COTR on key findings and trends
• Independently sample data from various job streams and review them for accuracy
and adherence to established EFAST2 performance standards and procedures, in
accordance with the methodology specified in Attachment I, and include findings of
these sampling processes in the official quality control file
• Analyze and interpret quality control statistics over time and develop corrective action
proposals to be reviewed during corrective action planning meetings
• Prepare special analyses using the available data sources in support of corrective
action proposals requiring more detailed documentation for management decision-
making
• Prepare for and conduct quarterly quality control reviews with Contractor and
Government staff (all meetings to be held in Washington, DC)
• Provide signed certification for each specific performance standard associated with
the incentive payment, as specified in Section B, that EFAST2 performance either
meets or does not meet the threshold required for Contractor entitlement to an invoice
incentive payment for the specific performance standard, as measured in accordance
with the methodology specified in Attachment I.

C.20.1.1 IQCU Independent Supervisory Reporting Structure
The Contractor shall establish independent senior executive supervisory oversight of the IQCU,
preferably at the Vice President level or greater. Since this unit shall have responsibility for
functions related to measuring or reporting levels of quality and assessing corrective actions, as
the embodiment of the commitment of the Contractor’s top management to performance of the
highest quality, it is imperative that this unit report directly to top management personnel.
EFAST2 RFP
Section C, Page 185 of 242
DOL069RP20266


The Contractor shall establish a supervisory reporting structure that clearly ensures objectivity
and independent operation of the IQCU from the processing team. The Chief Quality Control
Specialist, and all other members of the IQCU, shall report to a senior executive of the
Contractor’s organization that is independent of the senior executive to which the Project
Manager and all other members of the Contractor’s EFAST2 processing and development team
report. The expectations of the Government with regard to monitoring the quality of the
Contractor’s performance seem best served by an organizational structure that allows for a
quality control unit that has direct lines of communication with the Contractor’s Project Manager
without being subordinate to that position. Neither the Chief Quality Control Specialist, nor the
IQCU team members, shall be under the direct supervision of the Contractor’s Project Manager
or the Project Manager’s supervisor or superior.

The IQCU shall be independent of all lines of authority dealing with issues concerning project
management, contract interpretation, billing, or production operations. The IQCU shall be free
from production pressures, direct operational responsibilities for activities unrelated to quality
control, profit management considerations, and any control or responsibility that potentially bias
determinations of adherence to the EFAST2 performance standards described by this contract, or
to the commitments put forward by the Contractor’s top management for performance of the
highest quality. Matters related to project administration, and the personnel responsible for them,
shall not influence the judgments arising from the unit, and shall not hamper or bias any activities
related to quality measurement, auditing, or reporting.

C.20.2 Performance Standards Measurement
The IQCU shall establish procedures to independently measure and report compliance with the
performance standards using the methodology specified in Attachment I. For the purpose of
determining eligibility for incentive payment invoicing procedures, the IQCU shall have the sole
responsibility for measuring compliance with the performance standards using the methodology
specified in Attachment I as reported in the Contractor’s invoices during Option Period II-XI.
The IQCU shall have the sole responsibility for providing certification of reported compliance
with the performance standards and calculation of the associated incentive payment as shown on
the invoice, per the requirements of Attachment R. The Government may consider proposals for
measurement methodology that differs from Attachment I as appropriate to EFAST2 design;
however, such proposals should include a detailed analysis and justification for this design
choice. The Contractor shall develop specific procedures, subject to the Government’s approval,
to ensure that the performance standards are measured properly and meet the thresholds specified
in Section C.2.

C.20.2.1 Government Quality Assurance Plan (QAP)
The Government shall independently monitor EFAST2 functions, and evaluate the Contractor’s
performance as described in Attachment R, the Quality Assurance Plan (QAP). The QAP is
provided herein for information purposes only, and describes the approach and methodology the
Government intends to use in verifying the Contractor’s reported performance to ensure that the
thresholds specified in Section C.2 are met.
EFAST2 RFP
Section C, Page 186 of 242
DOL069RP20266

C.20.3 Performance Monitoring and Feedback
The IQCU shall provide feedback of the results of monitoring to the processing team to ensure an
early warning system for error identification, probable cause analysis, and resolution and
preventive actions. The IQCU shall provide feedback on the results of monitoring to the
processing team on any observed or identified system problem or recommended change or
upgrade for the purposes of ensuring system performance, availability, and functionality per the
Government’s requirements and the performance standards specified in Section C.2. The IQCU
shall continue to monitor resolution of all system changes or problems as defined in Section C.25
and tracked through the Configuration Management reporting system as Error Reports (ERs)
related to performance standards or issues of quality control. The Contractor’s internal processes
or procedures that are assessed CMMI Level 3 or higher as described in Section C.19 may be
used for this purpose. Results of the monitoring and feedback process must be tracked and
reported to the Government as described in Section C.25.

C.20.4 Reserved
C.20.5 Written Procedures
The IQCU shall develop written instructions and procedures for measurement of the performance
standards and for conduct of quality control activities, including regular monitoring and special
audits, associated with monitoring each EFAST2 function. All procedures shall be in accordance
with the methodology specified in Attachment I, and shall be subject to Government review as
described in Section E, Section F, and Section C.20.15 below.

C.20.6 Data File, Charts, Records and Materials
The IQCU shall develop statistical procedures for process control and acceptance control. These
procedures shall provide for the collection, collation, and organization of data that shall reflect
actual performance under this contract. The IQCU shall present quality control data against
comparative data that include deviations from standards, trending performance over time, unit
ratios, etc. The IQCU shall use control charts indicating changes in control tendency. The IQCU
shall provide and retain a centralized quality control file which contains quality control statistics
and reports, implementation status of the QC program, corrective actions undertaken to remedy
any defects or deficiencies in system design or operations, and other documents that demonstrate
sampling and inspection procedures are an ongoing practice, or record the results of software
development reviews. The IQCU shall maintain the quality control file so that records are
readily accessible to users and reflect the most current information on Contractor and system
performance. The IQCU shall use the file as a source of information for the production of the
required Quality Control Reports. The Contractor shall make provisions in its QC program for
the routine inspection of the quality control data file, charts, records, materials, and other artifacts
by Government staff. The Contractor shall implement and retain inspection logs as part of the
quality control file.

EFAST2 RFP
Section C, Page 187 of 242
DOL069RP20266

C.20.7 Quarterly Briefing
During Option Periods II-XI, the IQCU shall prepare a Quarterly Quality Control Briefing at
which the performance results for that period will be presented to the Government. The
Contractor shall provide for travel for the Project Manager and Chief QC Specialist to attend all
four quarterly quality control report briefings in Washington, D.C. per processing year.

C.20.8 Training
The Contractor shall establish and enforce minimum training standards for operators of all
EFAST2 manual and attended functions as part of the QC program.

C.20.9 Government and Contractor Conducted Audits
The Contractor shall provide for the conduct of audits by the Government and conduct internal
audits that verify the integrity of the inspection process and compliance with specifications and
requirements. The Contractor shall receive Government staff for routine on-site inspection of the
quality control system to evaluate adherence to approved procedures and performance standards,
to review performance of the Contractor’s IQCU, and to review ongoing sampling or record
maintenance practices to evaluate monitoring methods and data integrity. The Contractor shall
also make available data such as the electronic filing tracking database, quality control file or
inspection logs as requested by the Government in support of such audits. Reference Section E.9
for additional requirements related to Government Audits.

C.20.10 Subcontractor Inspections
In the event a subcontractor(s) is used for any purpose, the Contractor shall establish procedures
for inspection of subcontractor work sites and work for compliance with the requirements of this
contract. This inspection shall occur prior to the beginning of any work at that site. The
Contractor shall certify to the Government that its subcontractor(s) have met all quality control
requirements prior to system start-up.

C.20.11 Monitor Processing
The IQCU shall establish procedures to independently monitor all processing actions to ensure
that the processing requirements of the Contract and the specified performance standards in
Section C.2 continue to be met. During the QC process, the Contractor shall monitor all major
processing functions using industry best practices for sampling and quality control such as
ANSI/ASQC Z1.4-2003 and ANSI/ANSQ Z1.9-2003. The Contractor shall select representative
samples from each type of filing submission processed. The IQCU shall develop quality control
procedures that quantify errors by software-developer ID code, type of filing, forms, schedules,
attachments, schema validation failure, edit test checks, acknowledgments, and other major types
of data and processing system functions. Audits for independent monitoring of all processing
actions shall be a combination of recurring scheduled periodic audits, and special audits initiated
by the Contractor or at the request of the Government to examine specific areas of system
performance or processing, or to detect and monitor resolution of perceived or identified system
problems.
EFAST2 RFP
Section C, Page 188 of 242
DOL069RP20266

C.20.11.1 Monitor IREG Processing
The IQCU shall use quality control procedures and measures to monitor the accurate, timely, and
appropriate handling of all EFAST2 electronic filing authorization credential requests submitted
to the IREG application, as described in Section C.10.3 and Section C.2. The IQCU shall
independently sample email messages to applicants (registered and unregistered) generated by
the IREG application to ensure the accuracy and timeliness of all communications with IREG
applicants. The IQCU shall record monitoring results in terms of numbers and percentages of
errors by type and retain the results as part of the quality control file. The IQCU shall enter the
findings from these quality control procedures and measures into the quality control file and
include this information in tabular or graphic format in the quality control report for use by
quality control staff and for inspection by the Government.

C.20.11.2 Monitor IFILE Processing
The IQCU shall use quality control procedures and measures to monitor the accurate, timely, and
appropriate processing of all filings created and submitted by the IFILE application. The IQCU
shall sample filings submitted to IFAS from IFILE to ensure that the Contractor’s operation of
IFILE meets all requirements in Section C.10.5 and performance standards in Section C.2. The
IQCU shall record monitoring results in terms of numbers and percentages of errors by type, and
retain the results as part of the quality control file. The IQCU shall enter the findings from these
quality control procedures and measures into the quality control file and include this information
in tabular or graphic format in the quality control report for use by quality control staff and for
inspection by the Government.

C.20.11.3 Monitor IFAS Processing
The IQCU shall use quality control procedures and measures to monitor the accurate, timely, and
appropriate handling of XML filings, such as by comparing the data that is held in the system to
the stored XML source data, to ensure that the Contractor’s operation of IFAS meets all
requirements of Section C.10.4 and all performance standards in Section C.2. The IQCU shall
sample receipts and acknowledgements generated by IFAS pertaining to schema and edit test
failures. The IQCU shall record monitoring results in terms of numbers and percentages of errors
by specific schema or edit test failure(s), and retain the results as part of the quality control file.
The IQCU shall enter the findings from these quality control procedures and measures into the
quality control file and include this information in tabular or graphic format in the quality control
report for use by quality control staff and for inspection by the Government.

C.20.11.4 Monitor SWD Support
The IQCU shall use quality monitoring procedures and measures to monitor the Contractor’s
operation of the software developer support program, as specified in Section C.10.6. The IQCU
shall sample and monitor communications between the Contractor and software developers to
ensure that the required support is provided in an accurate and timely manner, and that EFAST2
software developer certifications are being processed correctly according to Government
requirements. The IQCU shall record monitoring results in terms of numbers and percentages of
EFAST2 RFP
Section C, Page 189 of 242
DOL069RP20266

errors by type, and retain the results as part of the quality control file. The IQCU shall enter the
findings from these quality control procedures and measures into the quality control file and
include this information in tabular or graphic format in the quality control report for use by
quality control staff and for inspection by the Government.

C.20.11.5 Monitor Data Management
The IQCU shall use quality monitoring procedures and measures to monitor the data repositories
and the accurate, timely, and appropriate handling of all EFAST2 data to ensure system
performance, availability, and functionality in accordance with the performance standards
specified in Section C.2. The IQCU shall ensure that the Contractor conducts the required
backups of the data management subsystems in accordance with the requirements stated in
Section C.14. The IQCU shall sample and monitor reports and extracts, including production
control reports and system reports, from the data management subsystems to ensure their
accuracy. The IQCU shall record monitoring results in terms of numbers and percentages of
errors by type, and retain the results as part of the quality control file. The IQCU shall enter the
findings from these quality control procedures and measures into the quality control file and
include this information in tabular or graphic format in the quality control report for use by
quality control staff and for inspection by the Government.

C.20.11.6 Monitor System Problems and System Changes (Annual Rollover)
The IQCU shall use quality monitoring procedures and measures to monitor the accurate, timely,
and effective implementation of actions related to all categories of Error Reports (ERs) including
system changes and system problem resolutions as described in Section C.25. This shall include,
but not be limited to, annual rollover. The IQCU shall record monitoring results in terms of
numbers and percentages of errors by type, and retain the results as part of the quality control
file. The IQCU shall enter the findings from these quality control procedures and measures into
the quality control file and include this information in tabular or graphic format in the quality
control report for use by quality control staff and for inspection by the Government.

C.20.11.7 Monitor Distribution
The IQCU shall establish quality control measures and procedures to ensure technically
acceptable, complete, accurate, and timely delivery of data products to the Government (“push”
extracts) as specified in Section C.2, Section C.15, Section F, and Attachment E. The IQCU
shall develop quality control procedures that quantify errors by data product, distribution cycle,
data record and data element/field, and shall enter the findings from these quality control
procedures and measures into the quality control file and include this information in tabular or
graphic format in the quality control report for use by quality control staff and for inspection by
the Government. The IQCU shall calculate numbers and percentages of distribution products
meeting and not meeting established EFAST2 performance standards, and shall retain this
information in the quality control file.

EFAST2 RFP
Section C, Page 190 of 242
DOL069RP20266

C.20.11.8 Monitor Web Portal
The IQCU shall use quality control procedures and measures to monitor the web portal
functionality to ensure conformance with the requirements of Section C.10.2 and the
performance standards specified in Section C.2. The IQCU shall use automated tools to monitor
the availability of the web portal, and shall monitor the accessibility and usability of the portal
including Section 508 compliance. The IQCU shall monitor all changes made to the web portal,
including public facing functions, to ensure that all changes do not diminish availability,
accessibility, or usability. The IQCU shall record monitoring results in terms of numbers and
percentages of errors by type, and retain the results as part of the quality control file. The IQCU
shall enter the findings from these quality control procedures and measures into the quality
control report for use by quality control staff and for inspection by the Government.

C.20.11.9 Monitor Data Dissemination
The IQCU shall use quality control procedures and measures to monitor data dissemination
functionality to ensure conformance with the requirements of Section C.15 and the performance
standards in Section C.2. The IQCU shall independently sample results of queries and “pull”
data extracts returned to all users of the data dissemination service including Government users
and public users of the public disclosure system to ensure conformance with accuracy and
timeliness requirements and performance standards as defined in Section C.2. The IQCU shall
record monitoring results in terms of numbers and percentages of errors by type, and retain the
results as part of the quality control file. The IQCU shall enter the findings from these quality
control procedures and measures into the quality control report for use by quality control staff
and for inspection by the Government.

C.20.11.10 Monitor Contact Center
The IQCU shall use quality control procedures and measures to monitor the accurate, timely, and
appropriate handling of all inquiries received by the Contact Center in accordance with the
performance standards described in Section C.2. The IQCU shall independently sample calls,
voicemails, and email messages to and from the Contact Center to ensure the accuracy and
timeliness of all communications between the Contractor and filers, software developers,
Government personnel or other EFAST2 users. The IQCU shall record monitoring results in
terms of numbers and percentages of errors by type, and retain the results as part of the quality
control file. The IQCU shall enter the findings from these quality control procedures and
measures into the quality control file and include this information in tabular or graphic format in
the quality control report for use by quality control staff and for inspection by the Government.

C.20.11.11 Monitor Entity Processing
The IQCU shall use quality control procedures and measure to monitor the accurate, timely, and
appropriate handling of duplicate filing identification and amended filing processing, as describe
in Section C.11. The IQCU shall independently sample filings to ensure the accurate and timely
generation of duplicate filing identification indicators and the amended filing indicator, and
separately report both false negative and false positive occurrences of relevant indicators. The
EFAST2 RFP
Section C, Page 191 of 242
DOL069RP20266

IQCU shall independently sample filings to ensure that amended filings have been matched up to
the correct parent filing in accordance with Government approved procedures. The IQCU shall
perform periodic audits related to entity processing and provide assistance to the Government in
performing entity related technical investigations that the Government may undertake in
considering enhancing entity processing as discussed in Attachment O. The IQCU shall record
monitoring results in terms of numbers and percentages of errors by type, and retain the results as
part of the quality control file. The IQCU shall enter the findings from these quality control
procedures and measures into the quality control file and include this information in tabular or
graphic format in the quality control report for use by quality control staff and for inspection by
the Government.

C.20.12 Monitor Documentation
The IQCU shall use quality monitoring procedures and measures to monitor the accurate, timely,
and complete delivery by the Contractor to the Government of all EFAST2 documentation
required as deliverables under this contract, as specified in Section F. The IQCU shall sample
and review documentation provided by the Contractor for accuracy and completeness, and shall
develop procedures to ensure that all corrections or changes to documentation requested by the
Government are delivered in an accurate and timely manner. The IQCU shall record monitoring
results in terms of numbers and percentages of errors by type, and retain the results as part of the
quality control file. The IQCU shall enter the findings from these quality control procedures and
measures into the quality control file and include this information in tabular or graphic format in
the quality control report for use by quality control staff and for inspection by the Government.

C.20.13 Legal Acceptance
The IQCU shall monitor processing, procedures, tracking database entries, audit trails, XML
audit trail quality and integrity, security precautions, records retirement and archival, and other
procedures deemed necessary to confirm the integrity of XML filing data for purposes of
admissibility of records in evidence. The Contractors IQCU shall be prepared to explain
procedures and precautions employed to ensure the admissibility of EFAST2 records as evidence.

C.20.14 Government Participation in IQCU
The Contractor shall allow for easy Government access and inspection of the Contractor’s quality
control activities, documentation, data files, quality measures, and related materials and artifacts
pertaining to quality control. The Contractor shall publish a pre-defined schedule of regularly
held monitoring events and shall invite attendance by Government representatives to include
Government-designated subject matter experts. The Contractor’s schedule shall be published in
advance of the scheduled events and shall allow for reasonable and sufficient time for
Government representatives to make necessary travel and other scheduling arrangements.

C.20.15 Deliverables
The Contractor’s IQCU shall produce and deliver all required documentation as described below
in accordance with the schedule specified in the Schedule of Deliverables in Section F.
EFAST2 RFP
Section C, Page 192 of 242
DOL069RP20266

C.20.15.1 Quality Control Report
The Contractor shall produce Quality Control (QC) reports in accordance with the Schedule of
Deliverables in Section F. The reports shall include the following:

• Overview of processing operations and the quality control findings during the month
being analyzed
• Performance standard values for the period
• Graphical depiction of cumulative performance standards values to date
• Analysis of performance standards results
• Explanations of all defective or deficient processing, including failure to meet any
performance standard, with a description and schedule of proposed corrective actions
• Signed certification by the Chief Quality Control Specialist for each specific
performance standard associated with the incentive payment, as specified in Section
B, that the performance standard either meets or does not meet the threshold required
for Contractor entitlement to an invoice incentive payment for the specific
performance standard, as measured in accordance with the methodology specified in
Attachment I. Reference Section B and Section G for further information on invoice
incentive payments.
• A section reporting and analyzing the results of quality control activities for each of
the key processing functions, including electronic filing, contact center, web portal,
public disclosure, and distribution
• A section that reports status on all ongoing corrective actions at the individual defect
or deficiency level, as described in Section C.25. This section should include the
status of any major system change as needed, including but not limited to annual
system rollover.
• A section that addresses deliverable inspection. The inspection section shall assure
the quality of any product or process through a quantitative determination of quality.
• A section that reports on any periodic special audits undertaken at the Contractor’s
initiation or by Government request. Special audits are conducted to evaluate any
aspect of EFAST2 system performance or functionality as needed.

C.20.15.2 Procedures Manual
The IQCU shall document all QC procedures in a manual to be delivered in accordance with the
Schedule of Deliverables in Section F. The IQCU procedures manual shall include the
Contractor’s written instructions and detailed procedures for measurement of the performance
standards and for conduct of quality control activities associated with monitoring processing for
each system function. The procedures manual shall include an introductory section describing
EFAST2 RFP
Section C, Page 193 of 242
DOL069RP20266

the Contractor’s approach to quality control, including the organization, reporting structure, and
current staffing and training completed for the IQCU; relevant industry and Government
standards, conventions, and practices referenced in developing and implementing quality control
procedures; procedures for reporting feedback on monitoring to processing staff and management
as described in Section C.20.3 and reporting to the Government as described in Section C.25;
design and shell for the monthly QC report; and a description of quality control tools including
the quality control file. The procedures manual shall also include a detailed description of the
processes, procedures, and tools used by the IQCU to ensure accurate certification of reported
performance for invoicing purposes, calculation of resulting incentive payments, and certification
of the invoices in accordance with the requirements of Attachment R.

The IQCU shall update the procedures on an ongoing basis to incorporate any changes such as
additional data elements that result from legislative, regulatory or Government development
changes, or refinements to processing or quality control procedures necessitated by unanticipated
situations. The Contractor shall deliver replacement pages or sections as needed, as specified in
the Schedule of Deliverables in Section F, and clearly identify the changed item(s). All
replacement pages which result from modifications of procedures that affect Government
requirements or differ from the procedures specified in Attachment I shall be sent to the
Government prior to procedural implementation, which shall be subject to Government approval.

C.20.16 Government End User Customer Satisfaction Survey
The IQCU shall conduct one (1) Government end user customer satisfaction survey each
processing year to obtain input from customers on how to improve the system. The IQCU shall
report the results of the surveys to the Government in report format in accordance with the
Schedule of Deliverables in Section F.
EFAST2 RFP
Section C, Page 194 of 242
DOL069RP20266

C.21 Testing and Implementation

C.21.1 Overview

The Contractor shall develop a comprehensive testing program to verify and validate that the
prototype and production systems fulfill the Government’s requirements. The Contractor shall
use the testing program to test and certify the operational readiness of the prototype and
production systems prior to start-up, and to test and certify the operational readiness of the
production system prior to each processing option period of the contract exercised by the
Government. The Contractor shall specify the test procedures and develop a battery of tests and
test cases that comprehensively test the Government’s requirements in the production system.
The test battery shall provide a complete testing of all system components, phases, and
interfaces. The Contractor shall plan for as many test runs as necessary to complete testing of
EFAST2 and achieve operational readiness. The Contractor shall allow for system modification
and requisite regression testing if test results show that modifications or corrections are
necessary.

C.21.2 Independent Government Testing

Refer to Section E.8 for requirements related to independent government testing, including
requirements for Contractor to process Government test filings and distribute test outputs to the
Government throughout the duration of the Contract.

C.21.3 Contractor Testing During Base Period

The Contractor shall perform testing activities in the Base Period directed toward developing and
executing a computer-based, structured systems test for pre-production of EFAST2. The
Contractor shall adopt contemporary, structured testing methods and is encouraged to use
automated testing software. The Contractor’s testing activities shall include, but are not limited
to, the following:

• Functional testing to ensure the features and behavior of a component meets
specifications.
• Regression testing to ensure that problem fixes and system changes do not negatively
impact operation of the prototype or production systems.
• Integration testing to determine if system components function together correctly.
• End-to-end testing to test the complete system in an environment that mimics real
world use.
• Benchmark testing using test programs and data to evaluate the performance of
hardware and software in a given configuration.
• Performance or load testing using automated test tools to simulate large numbers of
users.
• Ad hoc testing to ensure system does not crash or break.
EFAST2 RFP
Section C, Page 195 of 242
DOL069RP20266

• Accessibility testing of user interfaces to verify the product is accessible to disabled
persons.
• Usability testing by actual stakeholders to ensure users can easily learn and use
interfaces.
• Security tests

The Government does not intend to specify each Contractor test and intends to rely on the
Contractor’s judgment in proposing its own series of System Test Plans and System Test Reports
that shall be incorporated into this contract via the Contractor’s proposal and shall be accorded
the same stature and treatment (including Section E inspection and acceptance) as the
Government’s Section F deliverables.

C.21.3.1 System Test Plan(s)

The Contractor shall develop detailed System Test Plan(s) for prototype and scale up that
document the test environment, resources, training, methods, schedules, evaluation, and test
descriptions for: unit, integration and system test activities. The System Test Plan(s) shall
include descriptions of test cases, test preparation instructions, test scripts, pass/fail criteria, and
checklists for recording the results of test execution. The system test plan(s) shall follow
standards established by SDLCM version 2.1 and IEEE/EIA 12207.2-1997. The Contractor shall
not proceed with the systems tests until the respective test plans have been approved by the
COTR. The detailed System Test Plan(s) shall be delivered in accordance with the Schedule of
Deliverables in Section F.

The Contractor shall propose, conduct, and document a series of tests that meet the testing
activities listed in C.21.3. Documentation of all Contractor-proposed tests shall be delivered to
the Government for inspection and acceptance according to the Contractor’s approved technical
proposal delivery schedule. The Contractor shall space the tests and deliverable test reports in a
manner that ensures the Government receives regular feedback on system component progress.

C.21.3.2 Implementation Plan

The Implementation Plan, which draws on prior documents, shall describe a plan for
implementing the system in the operational environment. The Implementation Plan shall
translate business needs into key activities (i.e. installation, training, verification, monitoring);
specify an implementation schedule; and identify specific personnel, hardware, software and site
requirements, including stand-down plans for use when necessary. The Contractor shall revise
and reissue updates to the plan as necessary to finalize implementation details as they become
better defined. The Implementation Plan shall be delivered in accordance with the Schedule of
Deliverables in Section F.

C.21.3.3 System Test Report(s)

During the Base Period the Contractor shall deliver periodic system test report(s), such as
monthly, that fully document the tests performed by the Contractor. Requirements tested, system
EFAST2 RFP
Section C, Page 196 of 242
DOL069RP20266

problems, test cases used, test method, and remediation plans shall all be documented in the
reports. The Contractor shall include requirements tested, problems identified, test cases used,
regression testing and remediation plans in the report(s). The test reports shall fully document
test case results and shall demonstrate to a reviewer that the portion of the system being tested is
functioning according to specifications. The detailed System Test Report(s) shall be delivered in
accordance with the Schedule of Deliverables in Section F.

At the end of both the Base Period the Contractor shall prepare and deliver a Comprehensive
Test Report that documents all Contractor testing activities for the Base Period, and shall
demonstrate that the Contractor’s system is ready for Government conduct of SAT.

C.21.3.4 Test Cases

During the Base Period the Contractor shall establish and maintain a representative set of test
cases, and maintain a database of test cases, expected results, and documentation, such as a
matrix, indicating how the test cases specifically represent the filing population and real world
processing conditions. The Contractor shall revise the test cases in advance of implementing
changes to either the prototype or the production system, as needed. The Contractor is
encouraged to develop a suite of test cases that are specifically designed to simulate the full
range of expected filings and input, including "exception" cases, and exercise all system
components. Test cases shall be used to test all functions of EFAST2.

The Contractor shall plan for the automated generation of a base master test file containing at
least 10,000 test filings for use in IFAS tests. The Contractor shall also plan to create a test file
of at least 50 dummy IREG applicant records. In the event that the number of test cases
indicated above is insufficient to test each component in a structured fashion, the Contractor
shall develop additional cases at the COTR’s discretion.

C.21.3.5 Testing Involving Public Participants

The Contractor may choose to use focus group(s) as part of its test approach. If focus group(s)
are used, the Contractor shall identify up to nine (9) private sector persons through a random
selection process to participate in each focus group. The Contractor may add Contractor and/or
Government staff to any focus group so long as the number of private sector persons in a focus
group is limited to nine (9) or fewer. Such focus groups may be convened for the purpose of
obtaining individual member’s comments and must not be for the purpose of obtaining a
consensus recommendation.

As part of usability test findings, the Contractor shall concretely report how satisfied
stakeholders are regarding the usability of the system. The Contractor may make the test
EFAST2 system, or portions there of, available on the Internet for public comment. Before the
test system is made available for public comment, the Contractor shall develop a usability
satisfaction questionnaire. The questionnaire should collect information regarding the type(s) of
stakeholder groups the respondent belongs to but shall not collect information identifying a
specific respondent (i.e., name, address, telephone number, etc.). If developed, the questionnaire
shall be delivered to the Contracting Officer Technical Representative (COTR) and subject to
inspection and acceptance as described in Section E.

EFAST2 RFP
Section C, Page 197 of 242
DOL069RP20266

The Contractor shall clearly indicate that participation in a focus group or public satisfaction
survey is strictly voluntary. The Contractor shall not ask questions of participants related to
filing compliance or policy.

C.21.3.6 Government Participation in Contractor Testing

The Contractor shall establish provisions for allowing the Government to attend and participate
in system testing activities, including review of test plans, test case development, on-site test
monitoring, comparison of test results to expected results, and analysis of test results.

C.21.3.7 Government Supplied Test Case Structure and Format

Refer to Section E for requirements related to Government supplied test case structure and
format.

C.21.3.8 Operational Readiness Checklist

The Contractor shall develop an Operational Readiness Checklist, with appropriate signatures, to
establish that the system satisfies the intent of the project at the pre-designated project stage, and
is ready to be released for implementation and Government conduct of FCT or SAT, as dictated
by the project stage. The Operational Readiness Checklist shall be delivered in accordance with
the Schedule of Deliverables in Section F.

The Operational Readiness Checklist shall be delivered three times during the Base Period, once
in conjunction with Prototype readiness, once for Scaleup readiness, and once for Production
(SAT, C&A, and ATO by the Government) readiness.

C.21.3.9 Operational Readiness Certification

The Contractor shall deliver an Operational Readiness Certification, with appropriate signatures,
to establish that the system satisfies the intent of the project at the pre-designated project stage,
and is ready to be released for implementation and Government conduct of FCT or SAT, as
dictated by the project stage. The Operational Readiness Certification shall be delivered in
accordance with the Schedule of Deliverables in Section F.

The Certification shall state that the system meets all Government requirements and is
operationally ready for implementation and Government conduct of FCT or SAT, as dictated by
the project stage. The signed certification shall document that the system has been successfully
implemented according to documented plans, procedures, and SDLCM 2.1 and IEEE/EIA
12207.0 1996 Section 5.3.12. The statement shall be signed by the Project Manager, System
Test Engineer, and other key personnel and verifies that the system has been successfully
implemented according to documented plans and procedures.

The Operational Readiness Certification shall be delivered three times during the Base Period,
once in conjunction with Prototype readiness, once for Scaleup readiness, and once for
Production (SAT, C&A, and ATO by the Government) readiness.

EFAST2 RFP
Section C, Page 198 of 242
DOL069RP20266

C.21.4 Contractor Testing During Processing Operations -- Option Period I (2nd
Component) through Option Period XI

The Contractor shall maintain an ongoing testing program throughout operations to verify and
validate that system changes, such as annual rollover changes to prepare the system for the
upcoming processing year, and periodic system builds are all rigorously tested in the production
system. The ongoing system change testing program shall be closely coordinated with the
Contractor’s IQCU program and CM program, and shall ensure that system changes are fully
verified, validated, and certified for operational readiness in the production system. The
Contractor’s testing program shall be considered an integral component of the system change
life-cycle, specified within the CM program. The Contractor shall revise and reissue internal
testing documentation, including System Test Plans and System Test Reports identified in the
Contractor's proposal, as necessary, to reflect the shift to ongoing testing during operations.

At a minimum, the Contractor shall perform regression testing activities during Option Periods I
through XI.

C.21.4.1 System Test Plan

The Contractor shall revise and reissue a detailed system test plan(s) for each Option Periods I-
XI, after receiving GFI documenting the Annual Rollover Changes, that details the test
environment, resources, training, methods, schedules, evaluation, and test descriptions, for: unit,
integration and system test activities. The System Test Plan shall include descriptions of test
cases, test preparation instructions, test scripts, pass/fail criteria, and checklists for recording the
results of test execution. The test plan shall follow standards established by SDLCM version 2.1
and IEEE/EIA 12207.2-1997. The System Test Plan shall be delivered in accordance with the
Schedule of Deliverables in Section F.


C.21.4.2 System Test Reports

The Contractor shall revise and reissue System Test Reports that document the unit, integration,
and any other related tests performed during the year relating to: 1) the Annual Rollover
Changes, 2) ERs remedied during the year, and 3) enhancements built into the production
system. Requirements tested, system problems, test cases used, regression testing and
remediation plans shall all be documented in the report. The System Test Reports shall be
delivered in accordance with the Schedule of Deliverables in Section F.

C.21.4.3 Test Cases

The Contractor shall establish and maintain a representative set of test cases each option period
that includes, at a minimum: 1) a database of the test cases, 2) expected results, and 3)
documentation, such as a matrix, indicating how the test cases specifically represent the filing
population. The Contractor’s test cases shall be established for ease of test execution, for use in
regression testing relating to: 1) the Annual Rollover Changes, 2) ERs remedied during the year,
and 3) enhancements built into the production system. The Contractor is encouraged to develop a
suite of test cases that are specifically designed to simulate the full range of expected filings,
including "exception" cases, and exercise all system components.
EFAST2 RFP
Section C, Page 199 of 242
DOL069RP20266


C.21.4.4 Reserved

C.21.4.5 Government Participation in Contractor Testing During Processing
Operations -- Option Period I (2nd Component) through Option Period XI

The Contractor shall establish provisions for allowing the Government to attend and participate
in system testing activities, including review of test plans, test case development, on-site test
monitoring, comparison of test results to expected results, and analysis of test results.

Prior to each processing option period the Government reserves the right to conduct independent
SATs, but may, at the Government's discretion, rely on the Contractor’s testing to ensure that all
Annual Rollover Changes, Critical and Minor ER corrections, and system enhancements are
properly implemented on the production system.

C.21.4.6 Operational Readiness Checklist

The Contractor shall develop an Operational Readiness Checklist with appropriate signatures to
establish that the production system incorporates all annual rollover changes and satisfies the
intent of the project and is ready to be released for implementation. The Operational Readiness
Checklist shall be delivered in accordance with the Schedule of Deliverables in Section F.

The Operational Readiness Checklist shall be delivered prior to the commencement of each
processing year.

C.21.4.7 Operational Readiness Certification

The Contractor shall deliver an Operational Readiness Certification after the Contractor
completes all annual rollover processing updates, completes Contractor rollover testing, and
prior to Government conduct of SAT. The Operational Readiness Certification shall be delivered
in accordance with the Schedule of Deliverables in Section F.

The Certification shall state that the system meets all Government requirements and is
operationally ready for implementation and Government conduct of SAT. The signed
certification shall document that the system has been successfully implemented according to
documented plans, procedures, and SDLCM 2.1 and IEEE/EIA 12207.0 1996 Section 5.3.12.
The statement shall be signed by the Project Manager, System Test Engineer, and other key
personnel and verifies that the system has been successfully implemented according to
documented plans and procedures

The Operational Readiness Certification shall be delivered prior to the commencement of each
processing year.

C.21.4.8 Use of the Prototype as a Development and/or Test Line During Processing
Operations -- Option Period I (2nd Component) through Option Period XI

During operations the Contractor shall establish and maintain the prototype as development
and/or test line that is capable of testing new or modified EFAST2 software in advance of
EFAST2 RFP
Section C, Page 200 of 242
DOL069RP20266

deployment to the production system. Operation of the development/test line shall not impact
ongoing production operations. The test configuration of the development/test line shall as
closely as possible reflect the system architecture and component design of the production
system except for the specific new or modified components under test, and the exception of
processing capacity. The Contractor shall maintain the development and/or test line for the
duration of the Contract for the purpose of testing planned changes to the production system.


EFAST2 RFP
Section C, Page 201 of 242
DOL069RP20266

C.22 SECURITY
C.22.1 SECURITY REQUIREMENTS
The Contractor shall maintain the confidentiality, integrity, and availability of EFAST2
and its associated hardware, software, data, and processing capability. The Contractor
shall develop and implement a security program, headed by an Information Security
Officer (ISO), to fulfill all security requirements under this contract. The ISO shall
possess the expertise and authority to exercise the roles and responsibilities described in
Section C.3.

In general, the security program shall include the following activities:
• Maintain the designated level of security compliance
• Develop, implement, and maintain security policies and procedures for security of
facilities, computer systems, telecommunications/Internet connectivity, data,
personnel, and system administration
• Enforce security controls on and during the system design, system testing, system
implementation, system maintenance, and system disposal
• Control physical and logical access
• Correct or mitigate security defects and deficiencies
• Inform all subcontractors that the subcontractors are also required to meet the
security requirements described herein
• Support Government-sponsored Security Compliance Reviews, security
inspections, tests, assessments, audits, and evaluations
C.22.1.1 Federal Security Requirements
The Federal Information Security Management Act (FISMA) of 2002 tasked the National
Institute of Standards and Technology (NIST) with providing minimum security
requirements for Federal information and information systems. NIST established the
FISMA Implementation Project to produce related security standards and guidelines.
Following guidelines in FIPS 199 and NIST SP 800-60, DOL conducted a Security
Categorization and mapped EFAST2 information types to the Moderate Security
Category. Based on this outcome, the Contractor shall implement the respective
Moderate Baseline of security controls catalogued in NIST SP 800-53, Annex 2, and the
operating system settings recommended by the manufacturers of the commercial off-the-
shelf (COTS) products selected for integration into the EFAST2 system. These controls
shall be subject to assessment and testing guidance provided in NIST SP 800-53A and
NIST SP 800-26.
In addition to NIST 800-53, NIST 800-53A, and NIST SP 800-26, the Contractor shall
EFAST2 RFP
Section C, Page 202 of 242
DOL069RP20266

ensure that the security of EFAST2 complies with all information security directives,
acts, laws, regulations, standards, and guidelines required in Attachment N. The
Contractor shall maintain and update the EFAST2 security program to comply with the
latest available revisions, amendments, supplements, and/or versions of these Federal
security requirements and in the documents they reference. Because EFAST2 includes a
network as well as a major data application, the Contractor shall comply with security
requirements for both a general support system (GSS) and major application (MA), as
defined by OMB A-130, NIST SP 800-18, and 800-53.
C.22.1.2 DOL Security Requirements
To ensure that security controls for DOL systems and information are properly selected,
authorized, implemented, and maintained in compliance with Federal guidance, the DOL
publishes security-related documentation, including the Department of Labor Manual
Series (DLMS), the DOL Technical Security Standards Manual (TSSM), the DOL
Computer Security Handbook (CSH), and the DOL System Development Life Cycle
Management Manual (SDLCM Manual).
The CSH provides policies and procedures that establish uniform policies, authorities,
responsibilities, and compliance for system security planning in accordance with NIST
standards and other Federal requirements. The CSH also defines specific security control
parameters and includes additional guidance on incorporating Federal security standards
into information systems owned or operated on behalf of the Department of Labor. The
provisions of DOL policies pertain to all DOL information systems. The Contractor shall
follow the guidance provided by the DOL, as specified in Attachment N.
The SDLCM Manual (see Attachment K) ensures that data privacy and security are
enforced throughout the EFAST2 life cycle, that is, during EFAST2 design, development,
testing, implementation, modification, enhancement, and disposal. Use of the SDLCM
Manual applies to all DOL and contractor personnel who are developing, acquiring, or
managing new systems, including making modifications or enhancements to existing
systems. The Contractor shall follow the guidance provided by the SDLCM Manual.
C.22.1.3 Security Requirements for Non-disclosable Information
Most Form 5500 and schedule data are publicly disclosable. Filings may include sensitive
but unclassified (SBU) data, which are not publicly disclosable. The Contractor shall
protect the confidentiality of all non-disclosable Form 5500 and related information in
accordance with 26 U.S.C. 6103 and IRS Pub 1075. The following information from the
Form 5500 series is considered to be SBU and, therefore, non-disclosable:
1. Information from original filings when amended is not publicly disclosable.
Information from original filings when amended should not be accessible by the
public but is disclosable to the Government to answer questions about why the
filing was amended and to ensure that EFAST2 is properly identifying amended
filings.
EFAST2 RFP
Section C, Page 203 of 242
DOL069RP20266

2. Information from not-accepted filings is not publicly disclosable. Information
from not-accepted filings should not be accessible by the public but is disclosable
to the Government to answer questions about why the filing was not accepted, to
ensure that EFAST2 is properly not accepting filings, and to analyze non-
acceptance reasons to determine if system changes and/or public education are
needed.
3. Information from un-submitted filings saved on IFILE but not yet submitted is not
publicly disclosable. Information from “in-process” filings saved on IFILE but
not yet submitted shall only be accessible by the authenticated filer attributed to
that filing.
The Contractor shall establish controls to preclude inadvertent or intentional disclosure of
SBU information to other than authorized persons and the use of SBU information for
purposes other than specified under this contract. The Contractor shall also impose
controls to prevent employees from viewing SBU information other than that necessary
to complete the employee’s assigned work. The Contractor shall minimize the risk of
employees browsing Form 5500 and schedule data in accordance with the Taxpayer
Browsing Protection Act. The Contractor’s plans for physical and data security shall be
part of the management controls. The Contractor shall use operational controls, such as
monitoring of live phone calls or reviewing of filings, to monitor the protection of SBU
information.
Any non-disclosable or Government Official Use Only information made available to the
Contractor shall be used only for the purpose of carrying out the provisions of this
contract and shall not be divulged or made known in any manner to any person except as
may be necessary in the performance of the contract. Disclosure to anyone other than an
officer or employee of the Contractor or a subcontractor shall require prior written
approval of the COTR. Requests to make such disclosure shall be addressed to the
COTR. Disclosure of any such information, by any means, for a purpose or to an extent
unauthorized herein, may subject the offender to criminal sanctions imposed by 18
U.S.C. Sections 641 and 3571. Additionally, it is incumbent upon the Contractor to
inform its officers, employees, and subcontractors of the penalties for improper
disclosure imposed by the Privacy Act of 1974, PL 93-579, 5 U.S.C. 552a. Specifically,
5 U.S.C. 552a (i)(1), which is made applicable to Contractors by 5 U.S.C. 552 (m)(1),
provides that any officer or employee of a Contractor who, by virtue of his employment
or official position, has possession of, or access to, agency records that contain
individually identifiable information, the disclosure of which is prohibited under the
Privacy Act or regulations established thereunder, and who knowing that disclosure of
the specific material is prohibited, willfully discloses the material in any manner to any
person or agency not entitled to receive it, shall be guilty of a misdemeanor and fined not
more than $5,000. Upon discovery of a possible improper disclosure of non-disclosable
data by a Contractor or subcontractor employee or any other person, the individual
making the observation or receiving the information shall inform the Contractor’s project
manager, who shall contact the COTR.
EFAST2 RFP
Section C, Page 204 of 242
DOL069RP20266

C.22.1.4 Security Requirement Assurance, Security Compliance Reviews, and
Security Inspections
The Contractor shall provide assurance in the form of evidence and convincing
arguments that EFAST2 enforces Federal and DOL security policies. The Contractor
shall provide evidence that the set of management, operational, and technical controls
that together enforce security are operating as intended within the scope of Federal and
DOL requirements. Evidence shall be in the form of documentation, interviews, and
tests, as appropriate, and shall be provided at the request of the COTR.
As described in Section E, the Government plans to conduct one Security Compliance
Review during the Base Period and each Option Period. If deemed appropriate by the
Government, additional Security Compliance Reviews will be conducted to provide the
required assurance that the EFAST2 system enforces Federal and DOL security policies
and that the set of management, operational, and technical controls are operating as
intended within the scope of Federal and DOL requirements. The Contractor shall permit
and support the Government’s Security Compliance Reviews.
The Contractor shall support security inspections conducted by Government auditors or
other Government representatives, as designated by the COTR. The Contractor shall
permit inspections of the EFAST2 facility, system configuration, and operating
environment to ensure a secure operation and protection of Federal information processed
by the EFAST2 system and operations.
The Government will have the right at any time to send representatives designated by the
COTR into the Contractor's facility for a security inspection of the facilities, installation,
technical capabilities, documentation, records, databases, and operations, including
security procedures, provided for the performance of any work under this contract; and
the Contractor shall cooperate to support such security inspections. On the basis of such
security inspections, the COTR may require specific measures in cases where the
Contractor is found to be non-compliant with contract requirements. The Contractor shall
implement such measures as soon as possible without additional cost to the Government.
For Security Compliance Reviews and security inspections, the Contractor shall allow
Government officials, auditors, or other Government representatives as designated by the
COTR to monitor live employee phone contacts, review return files, conduct disclosure
and privacy reviews, and review conformance with major information security concerns
expressed in this contract. The Contractor, Contractor’s employees, and subcontractor’s
employees shall respond to all questions and concerns arising from such monitoring and
review of work. The Contractor shall prepare and submit requested documentation, as
needed and upon request by Government officials, auditors, or other Government
representatives. The Contractor shall correct defects and deficiencies uncovered and
shall permit and support additional reviews as necessary to confirm actions taken to
correct defects and deficiencies.
EFAST2 RFP
Section C, Page 205 of 242
DOL069RP20266

C.22.2 APPLICATION SECURITY
C.22.2.1 Commercial Off-The-Shelf Security Software
The Contractor may use a combination of commercially available software and custom
developed software. The commercially available software shall have been developed by
major software vendors, be widely used, and be actively supported by the developer or
other third parties. When selecting among competing commercial off-the-shelf (COTS)
software products, the Contractor shall choose software and versions that are free from
known security vulnerabilities. The chosen COTS software shall reflect the standard
commercial practice of industry. The Contractor shall consult available security
checklists or recommendation guides in selecting secure product configurations and
parameter settings. The Contractor shall follow NIST Special Publication 800-36, Guide
to Selecting Information Technology Security Products, and NIST Special Publication
800-35, Guide to Information Technology Security Services.
Any custom developed software shall be developed in compliance with the standards for
major application development in the DOL Computer Security Handbook and NIST
Special Publication 800-27, Engineering Principles for Information Technology Security.
After assembling the COTS and custom software elements of EFAST2, the Contractor
shall undertake a thorough and methodical search for ways by which the security of the
integrated system might be undermined. The Government will perform a similar
analysis. The Contractor shall remedy any vulnerability found from the Contractor’s
review or the Government’s review in a timely manner. The Contractor shall also
provide information describing potential or identified vulnerabilities as part of the
Monthly Security Progress Report.
C.22.2.2 Telecommunications
It is critical that security measures be taken to protect the telecommunication links. The
Contractor shall configure its routers to restrict traffic through the routers to only that
needed for data dissemination access. This shall include filtering secure IP connections to
only allow IP subnets from Government locations where the Government access system
clients exist. This shall also include filtering all network port activity except that port on
which the Government access system client operates. The Contractor shall design the
Government access system to transmit data using a secure protocol, that is:
• Encrypt all transmissions between the client and host systems.
• No more than one portal for both incoming and outgoing packet transmission.
The preferred port is 5150.
• Configurable to be compatible with standard firewall hardware/software such
as Checkpoint.
EFAST2 RFP
Section C, Page 206 of 242
DOL069RP20266

C.22.2.3 Boundary Protection
The Contractor shall define a logical perimeter of EFAST2, which is roughly those
devices and data paths under the Contractor’s direct control but having interfaces to or
being accessible by devices or from data paths not under the Contractor’s direct control.
The Contractor shall implement system protections to protect this logical perimeter as a
first line of defense against malicious and inappropriate access. As part of the System
Security Plan deliverable, the Contractor shall describe the identified perimeter and
explain the methods employed to protect the system at the perimeter. As part of the
Security Risk Assessment deliverable, the Contractor shall present the demonstrated
effectiveness, vulnerabilities, and safeguards of the perimeter defense. The Contractor
shall follow NIST SP 800-47, Security Guide for Interconnecting Information
Technology Systems; NIST SP 800-31, Intrusion Detection Systems; and related
standards.
The Contractor shall provide information as needed for the Government to complete
Memoranda of Understanding (MOU) and/or Interconnection Security Agreements (ISA)
for any interconnection or data sharing between EFAST2 and IRS and EFAST2 and
PBGC. The information supplied by the Contractor shall comply with MOU and/or ISA
requirements described in the DOL Technical Security Standards Manual, the DOL
Computer Security Handbook, and NIST SP 800-47.
C.22.2.4 Incidents and Breaches
The Contractor’s EFAST2 system design shall ensure continuous protection: that is, the
security enforcement mechanisms of the system shall operate to protect the system at any
time. The security enforcement mechanisms shall be protected against attempts to
circumvent or disable their operation. The Contractor shall develop, document, and
implement policies and procedures to follow in the event the protection is breached. The
Contractor shall follow NIST Special Publication 800-86, Guide to Computer and
Network Data Analysis: Applying Forensic Techniques to Incident Response, and NIST
Special Publication 800-83, Guide to Malware Incident Prevention and Handling.
The incident handling procedures shall be consistent with the requirements of the DOL
Computer Security Handbook. All EFAST2 security incidents must be reported in
accordance with procedures established by the DOL Computer Security Handbook and
delivered to the COTR. The reporting procedures also apply to the theft or destruction of
physical assets if they cause, or could potentially cause, the loss or compromise of data,
as well as physical breaches. The Contractor shall include training on user
responsibilities with respect to incident handling as part of the computer security
awareness training provided to all new Contractor and subcontractor employees and
annually to all employees.
If new or unanticipated threats or hazards are discovered by either the Government or the
Contractor, or if existing safeguards have ceased to function or to be effective, the
discoverer shall immediately call the situation to the attention of the other party through
Government-approved incident reporting procedures.
EFAST2 RFP
Section C, Page 207 of 242
DOL069RP20266

Fraud and related activity in connection with computers, by any means, may subject the
offender to criminal sanctions imposed by 18 U.S.C. Section 1030. Additionally, it is
incumbent upon the Contractor to inform the Contractor’s officers, employees,
subcontractors, and system users of the penalties for computer fraud imposed by 18
U.S.C. 1030.
C.22.2.5 System Component Disposal and Contract Termination
When storage media are transferred or no longer usable or required, the Contractor shall
ensure that residual magnetic, optical, or electrical representation of data that has been
deleted cannot be retrieved and reconstructed. Hard copy media (for example, paper
printouts, printer and facsimile ribbons, drums, and platens) and electronic or soft copy
media (for example, bits and bytes contained in hard drives, random access memory,
read-only memory, disks, memory devices, telephones, mobile computing devices,
networking equipments) must be properly disposed, cleared, purged, or destroyed per
NIST SP 800-88.
At the conclusion of the Base Period of this contract and any exercised option periods,
the Contractor shall certify that unnecessary data processed during the performance of
this contract was purged from all data storage components of the Contractor’s computer
facility. The Contractor will retain no output after such time as the contract is completed.
If the COTR directs the Contractor to retain any data, the Contractor shall certify that any
EFAST2 data remaining in any storage component will be safeguarded to prevent
unauthorized disclosures in accordance with the terms of this contract.
C.22.3 Personnel Security
All persons having access to SBU or other sensitive EFAST2 data must have Minimum
Background Investigation clearances.
C.22.3.1 Personnel Clearance Procedures
The requirements for personnel clearance are as follows: The U.S. Department of Labor
(DOL) will use the Office of Personnel Management (OPM) to conduct all Minimum
Background Investigations (MBI), and the Internal Revenue Service to conduct all
Income Tax Security Investigations, on those Contractor employees, consultants, and
subcontractors requiring access to filings, data from filings, or information from filings,
under this contract. The Contractor shall arrange for each employee, consultant, or
subcontractor employee to have a Minimum Background Investigation (MBI), and to
provide the necessary required documentation to the Contracting Officer’s Technical
Representative (COTR) within five (5) working days of hiring a new employee
throughout the period of performance of the contract. All Contractor personnel requiring
access to ERISA data shall complete the required MBI forms package, fingerprint
requirement, Temporary Security Clearance Certification, Income Tax Check Report
Waiver, and Non-disclosure Agreement, for review and action. The Contractor is
responsible for the coordination, completion, and submission of all required MBI
documentation. If the required fingerprint requirement cannot be completed by the
EFAST2 RFP
Section C, Page 208 of 242
DOL069RP20266

Contractor at the EFAST2 facility, fingerprint requirements may be completed at any
local law enforcement agency. Fingerprint requirements completed by any authorized
individual outside the EFAST2 facility must be mailed directly to the COTR by the
person administrating the fingerprinting. The cost of fingerprinting shall be borne in full
by the Contractor, Contractor employee, or subcontractor. DOL in Washington, DC,
offers on-site fingerprinting at no charge for Contractor and subcontractor employees.
C.22.3.2 Personnel Temporary Clearance
In order to obtain access to filings or information from filings, the Contractor may
request and receive an executed Temporary Security Clearance Certification (TSCC)
from the COTR for those employees, consultants, or subcontractors working on the
project prior to the successful completion of a Minimum Background Investigation. The
TSCC allows Contractor employees, consultants, and subcontractors to have access to
filings, data from filings, or information from filings under this contract on a need-to-
know supervised basis until the regular MBI process is completed. To initiate a TSCC,
the Contractor shall submit a signed Temporary Security Clearance Certification to the
COTR for each employee, consultant, or subcontractor requiring access to filings, data
from filings, or information from filings, along with a completed MBI forms package and
fingerprint requirement. Upon receipt, the COTR will immediately execute the TSCC and
return a copy of the document to the Contractor for their files and subsequent
Government inspection and review. Employees granted a Temporary Security Clearance
Certification must successfully complete a Basic Background Investigation by the
Department’s Human Resources Services Center. Failure to successfully complete a
Basic Background Investigation may result in the immediate withdrawal of the
Temporary Security Clearance Certification and revocation of all access privileges.
Newly hired employees cannot handle filings, data from filings, or information from
filings, until the COTR has executed and the Contractor has received a TSCC from the
COTR. Upon the successful completion and certification of the MBI requirement, the
COTR will issue a letter to the Contractor rescinding the Temporary Security Clearance
Certification and granting full access to filings, data from filings, or information from
filings to the employee, consultant, or subcontractor.
C.22.3.3 Personnel Full Clearance
The estimated completion time for an MBI is one hundred and twenty (120) calendar
days from the date of receipt by DOL of the investigatory documents to the completion of
the scope of the investigation, when results are favorable. The Contractor is responsible
for maintaining an independent copy of the executed Temporary Security Clearance
Certification at the Contractor’s facility for subsequent Government inspection and
review. The Contractor shall pay the price (estimated to be approximately $450.00 per
individual) of the investigation for each person. Within two (2) Federal working days of
receiving such certification, the COTR will notify the Contractor in writing of personnel
newly certified by OPM to have access to ERISA data.
EFAST2 RFP
Section C, Page 209 of 242
DOL069RP20266

C.22.3.4 Personnel Dismissal
The Contractor shall remove from the EFAST2 program all personnel who violate the
security of EFAST2 or confidentiality of ERISA filings or data, and notify the COTR in
writing within one (1) working day of learning of the security or confidentiality breach.
In addition, security violation reports shall comply with DOL and Federal incident
response requirements.
C.22.3.5 Personnel Training and Awareness
The Contractor shall develop and implement a computer security awareness training
program for the Contractor’s employees and subcontractor employees. At a minimum,
the program will cover EFAST2 data and security requirements, the legal bases for these
requirements, users’ security roles and responsibilities, security features available to
EFAST2 users, recognizing and responding to security incidents in EFAST2, and
penalties for security violations. Every Contractor and subcontractor employee working
under the contract shall be given initial computer security awareness training and annual
refresher training. The Contractor shall provide computer security awareness training to
its staff, subcontractor staff, and consultants. At its discretion, the DOL may require
additional role-based training for Contractor or subcontractor staff members with
specialized security roles and responsibilities. In that case, the Contractor shall follow
the guidance provided in NIST Special Publication 800-50, Building an Information
Technology Security Awareness and Training Program, to select appropriate training for
those employees during each contract year.
C.22.3.6 Security Compliance Agreements
In performance of this contract, the Contractor agrees to comply, and assumes
responsibility for compliance by the Contractor’s employees, subcontractors, and
consultants, with the following requirements:
• All work shall be performed under the supervision of the Contractor or the
Contractor's management.
• All Form 5500 return/report information made available in any format shall be
used only for the purpose of carrying out the provisions of this contract.
Information contained in such material shall be treated as confidential and shall
not be divulged or made known in any manner to any person, except as may be
necessary in the performance of the contract. Disclosure to anyone other than an
officer or employee of the Contractor shall require written approval of the COTR.
• All Form 5500 return/report information shall be accounted for upon receipt and
properly stored before, during, and after processing. In addition, all related output
shall be given the same level of protection as required for the source material.
• The Contractor shall certify that the data processed during the performance of this
contract shall be completely purged from all data storage components of the
EFAST2 RFP
Section C, Page 210 of 242
DOL069RP20266

Contractor’s computer facility, and the Contractor shall retain no output at the
time the work under the contract is completed. If immediate purging of all data
storage components is not possible, the Contractor certifies that any and all Form
5500 return/report data remaining in any storage component will be safeguarded
to prevent unauthorized disclosure.
• No work involving information furnished under this contract shall be
subcontracted without the express approval of the COTR.
The Contractor agrees to insert the substance of this clause into any agreement or
subcontract hereunder. The Contractor agrees to communicate appropriate parts of the
substance of this clause to all employees as part of the employee computer security
awareness training and the system rules of behavior.
C.22.3.7 Non-disclosure Agreements
The Contractor agrees, in the performance of this contract, to keep the information
contained in source documents or on other media furnished by the Government in the
strictest confidence, said information being the sole property of the Government. The
Contractor also agrees not to publish, reproduce, or otherwise disseminate, divulge, or
disclose such information in whole or in part, in any manner, or form, nor to authorize or
permit others to do so, taking such reasonable measures as are necessary to restrict access
to such information while in its possession to those employees needing such information
to perform the work required herein, i.e., on a “need-to-know“ basis, and shall
immediately notify, in writing, the COTR named herein, in the event that it determines or
has reason to suspect a breach of this requirement.
The Contractor agrees that it shall not disclose any information concerning the work
under this contract to any person or individuals unless prior written approval is obtained
from the Contracting Officer or the COTR.
The Contractor agrees not to publish or disclose in any manner, without the written
consent of the COTR, the details of any safeguards, either designed or developed by the
Contractor under this contract or otherwise provided by the Government.
The Contractor agrees to obtain from each Contractor employee, consultant, and
subcontractor employee assigned to any activities under this contract a signed non-
disclosure pledge with regard to confidential information disclosed to or otherwise
accessed by said employee by the Department. The form of the non-disclosure agreement
shall be one mutually agreed upon by the Contractor and the COTR.
C.22.4 REPORTING AND DOCUMENTATION
C.22.4.1 Security Progress Report
As part of the Monthly Work and Management Report, the Contractor shall document the
Contractor’s efforts in identifying, assessing, prioritizing, and monitoring the progress of
security efforts, vulnerabilities, and corrective actions for fixing or mitigating security
EFAST2 RFP
Section C, Page 211 of 242
DOL069RP20266

weaknesses found in the EFAST2 system, operations, or operating environment. The
security progress report shall be delivered monthly during the Base Period and any
exercised option periods, in accordance with the Schedule of Deliverables in Section F.
This security progress report shall include a listing of security incidents and their
resolution, vulnerabilities discovered and actions taken to mitigate them, plans for
significant changes to the security controls or features of the system, and other significant
security activities for the month. It shall also include a running list of open security
issues, with recommendations for action.
The security progress report shall demonstrate that the Contractor has reviewed the audit
trail, listed major security issues highlighted in the review of the audit log, and described
the Contractor’s action(s) on those security issues. The Contractor shall promptly report
serious defects or deficiencies to appropriate supervisory and/or security personnel for
follow-up action and shall not wait to report them in the monthly report. The Contractor
shall follow NIST Special Publication 800-92, Guide to Computer Security Log
Management.
The Contractor shall report the status of Minimum Background Investigation (MBI)
approvals in the security progress report, including the following information: staff
member's name, title, function on the project, employee’s start date, MBI application
submission date, status of MBI approval (full or temporary), MBI clearance approval
date, and MBI clearance expiration date.
The Contractor shall report the estimated cost incurred by the Contractor for all security-
related activity for the reporting month. Estimated security costs shall include labor
expended on security deliverables and labor and other direct costs expended on design,
development, and testing of the security features of the EFAST2 system design. The
security cost report shall include the dollar amounts budgeted for the reported security
expenditures. In the Base Period and Option Period 1 1st Component the security cost
report may be included in the Contractor’s monthly Contract Performance Report (CPR)
or may be provided in the security progress report. In subsequent option periods, the
security cost report shall be provided in the security progress report.
C.22.4.2 Security Documentation
For each security document discussed in this section below, the Contractor shall develop
and deliver the document during the Base Period and, contingent upon Government
exercise of option periods, the Contractor shall update the document during each
exercised option period to reflect annual rollover and related system changes, in
accordance with the Schedule of Deliverables in Section F. The Contractor shall also
update the document in the event of any major system changes, incident reports, newly
discovered vulnerabilities, or weakness mitigations.
The Contractor shall provide information in support of the Government's development of
additional documents to meet Federal and DOL requirements. These may include the
following documentation: System Categorization Worksheet, Privacy Impact
EFAST2 RFP
Section C, Page 212 of 242
DOL069RP20266

Assessment, MOUs, ISAs, Security Plan of Action and Milestones, Vulnerability
Assessments, Security Self-Assessments, Security Controls Tests and Evaluations,
various data calls, and responses to security incident and vulnerability advisories and
alerts received from the Department of Homeland Security and the DOL Computer
Security Incident Response Capability.
C.22.4.2.1 System Security Plan
The Contractor shall develop and document a formal plan detailing the security policies,
procedures, and controls required for EFAST2, as required by NIST SP 800-18, Guide
for Developing Security Plans for Federal Information Systems, and the DOL Computer
Security Handbook (CSH). The System Security Plan shall be delivered to the
Government in accordance with the Schedule of Deliverables in Section F. The System
Security Plan shall address all management, operational, and technical controls specified
in NIST Special Publication 800-53, Recommended Security Controls for Federal
Information Systems, Annex 2: Minimum Security Controls, Moderate Baseline, and any
additional controls needed to maintain EFAST2 security. The Contractor shall
implement all security controls as prescribed by NIST, and shall report to and seek
approval from the COTR for any deviations from NIST 800-53. To provide assurance
that the implemented controls are operating as intended, the Contractor shall follow NIST
SP 800-53A, Guide for Assessing the Security Controls in Federal Information Systems.
The System Security Plan shall also provide all application identification and personnel
information, as described in NIST SP 800-18.
C.22.4.2.2 Security Risk Assessment (RA)
The Contractor shall develop a Security Risk Assessment that adheres to the guidance in
NIST SP 800-30, Risk Management Guide for Information Technology Systems. The
Security Risk Assessment shall be delivered to the Government in accordance with the
Schedule of Deliverables in Section F. The Security Risk Assessment shall document
known threats and vulnerabilities and make a risk determination based on implemented
controls. The Contractor shall develop a safeguard strategy acceptable to the
Government to mitigate risks, including implementing new controls. The Contractor
shall mitigate risks as described in the safeguard strategy at no additional cost to the
Government.
C.22.4.2.3 Contingency Planning
Contingency planning ensures that an information system can recover from processing
disruptions, regardless of the source of the disruption. The Contractor shall develop a
contingency planning program in accordance with NIST SP 800-34, Contingency
Planning Guide for Information Technology Systems. The Contractor shall deliver
contingency planning documentation in accordance with the Schedule of Deliverables in
Section F. Contingency planning documentation consists of three deliverables:
Continuity of Operations Plan (COOP), COOP Test Plan, and COOP Test Report.
C.22.4.2.3.1 COOP
EFAST2 RFP
Section C, Page 213 of 242
DOL069RP20266

The COOP shall include step-by-step procedures to be followed in the case of a major or
minor disruption to normal operations. The Contractor shall develop a COOP that can be
used to ensure that the EFAST2 system can continue to operate and perform its function,
as needed, during and after any processing disruption, localized emergency, or large-scale
disaster. The COOP shall include both business continuity planning and information
technology–focused contingency planning. The IT contingency planning shall follow the
guidance provided in the DOL CSH. The COOP shall address occupant evacuation
procedures, facility restoration procedures, and business resumption procedures. The
COOP shall provide detailed procedures in the cases for loss of single files, loss of
machines, and loss of the entire system.
The COOP shall be maintained in a state of current operational readiness to ensure
continuity of support if events occur that prohibit normal operations. Current operational
readiness means that the Contractor shall perform necessary reviews and updates to keep
the COOP current. For example, if a key person’s phone number has changed and that
change is not reflected in the COOP, the Contractor has not maintained the COOP in a
state of current operational readiness. The Contractor may develop separate documents
that, combined, provide the information required in the COOP. A hardcopy of the
combined and complete COOP shall be maintained at both the primary and backup
installations.
C.22.4.2.3.2 COOP Test Plan
The Contractor shall test the COOP in a manner necessitating that staff practice and
rehearse the procedures to be invoked in the event of a real-time disaster. The Contractor
shall tailor a COOP test strategy to the environment and establish an on-going testing
program. The testing strategy shall assess the Contractor’s ability to achieve the COOP’s
objectives and assure that the Contractor and subcontractor staffs are aware of their
responsibilities in the event of a disaster and are prepared to fulfill those responsibilities.
The COOP Test Plan shall describe the overall COOP testing strategy, as well as detailed
information regarding specific tests, including purpose, structure, procedures, and
individual testers.
C.22.4.2.3.3 COOP Test Report
The Contractor shall conduct the COOP test in accordance with the Government-
approved COOP Test Plan, analyze test results, report on the results in the COOP Test
Report, and subsequently modify the COOP, as appropriate. The Contractor shall present
sufficient documentation and evidence of action in the COOP Test Report to validate the
findings presented. The test report shall include details on what elements of the COOP
and COOP Test Plan did and did not work properly.
EFAST2 RFP
Section C, Page 214 of 242
DOL069RP20266

C.23.1 Government Furnished Information (GFI)
The following materials will be provided to the Contractor on or before the referenced
availability date. Upon request and subject to availability, the Government will provide the
Contractor with draft working versions prior to the referenced availability dates.

C.23.2 Annual Forms, Legislative, and Rollover System Changes
The Contractor shall carry out all required system updates annually to adapt EFAST2 to changes
in the forms from plan year to plan year, and to incorporate typical changes declared by the
Government, as specified in Section C.17. See also Exhibit C.1.1.1, EFAST2 Project Activities
By Contract Period, Plan Year, and Processing Year, for an overview depiction of the annual
forms processing and rollover activities.

Accordingly, the Government will provide the Contractor with all information necessary to
define the annual system rollover requirements, and the Contractor shall work in close
coordination with the Government to implement all system updates. This will include, but is not
limited to, modifying the schemas, edit tests, database and system infrastructure, and associated
documentation.

Prior to each processing year rollover, the Government will issue revised versions of
Attachments D, E, and P that correspond to the forms and system changes needed for the
upcoming processing year.

Reference Attachment D of this contract for the most recent official Form 5500 series forms and
schedules, corresponding to Plan Year 2008 and 2009. The exact representation of the annual
electronic forms and schedules is expected to follow prevailing Government and industry
guidelines. The Contractor is advised that under the electronic filing mandate, paper
representations of the forms and schedules may not be produced by the Government each year,
rather "virtual" electronic forms and schedules will be produced by the Government and
published in the Federal Register prior to each filing year. The Federal Register representations
of the forms and schedules will constitute Attachment D for the upcoming processing year.

Reference Attachment E of this contract for the most recent official version of the Interface
Requirements Document (IRD), corresponding to Plan Year 2008 and 2009.

Reference Attachment P of this contract for the most recent official version of the XML DER,
corresponding to Plan Year 2008 and 2009.

Sections C.23.2.1 - Section C.23.2.11 contain the specific GFI that will be issued by the
Government throughout the duration of the contract. The Government will provide GFI to the
Contractor on or before the referenced availability date.

C.23.2.1 Final Processing Year 2009 GFI (available at award)
Attachments D, E, and P of this contract are based on draft plan year 2008 and 2009 forms and
instructions that have not yet been finalized by the Government. The Government will issue
EFAST2 RFP
Section C, Page 215 of 242
DOL069RP20266

final versions of Attachments D, E, and P that reflect the final approved forms, and attendant
requirements clarifications, as these materials become available. These materials include:

1. Attachment D.2008 -- Plan Year 2008 Form 5500 Series Forms and Schedules.
The Government will issue Attachment D.2008 containing the final Plan Year 2008
forms and schedules.
2. Attachment D.2009 -- Plan Year 2009 Form 5500 Series Forms and Schedules.
The Government will issue Attachment D.2009 containing the final Plan Year 2009
forms and schedules.
3. Attachment E.2009 -- Processing Year 2009 Interface Requirements Document.
The Government will issue Attachment E.2009 containing the final Processing Year
2009 (Plan Year 2008-2009) interface and data distribution requirements.
4. Attachment P.2008-- Plan Year 2008 XML DER Vols 1 & 2. The Government will
issue Attachment P.2008 containing the final Plan Year 2008 XML schema and
related requirements.
5. Attachment P.2009-- Plan Year 2009 XML DER Vols 1 & 2. The Government will
issue Attachment P.2009 containing the final Plan Year 2009 XML schema and
related requirements.
C.23.2.2 Final Processing Year 2010 Rollover GFI (available March 2009)
1. Attachment D.2010 -- Plan Year 2010 Form 5500 Series Forms and Schedules.
The Government will issue Attachment D.2010 containing the Plan Year 2010 forms
and schedules needed by the Contractor to prepare for processing year 2010.
2. Attachment E.2010 -- Processing Year 2010 Interface Requirements Document.
The Government will issue Attachment E.2010 containing the final Processing Year
2010 (Plan Year 2008-2010) interface and data distribution requirements.
3. Attachment P.2010-- Plan Year 2010 XML DER Vols 1 & 2. The Government
will issue Attachment P.2010 containing the Plan Year 2010 XML schema and
related requirements needed by the Contractor to prepare for processing year 2010.
4. Processing Year 2010 Rollover Declaration Letter -- The Government will issue a
letter declaring the plan year 2010 forms changes that the Contractor shall implement
in the production system in preparation for processing year 2010 rollover.

C.23.2.3 Final Processing Year 2011 Rollover GFI (available March 2010)
1. Attachment D.2011 -- Plan Year 2011 Form 5500 Series Forms and Schedules.
The Government will issue Attachment D.2011 containing the Plan Year 2011 forms
and schedules needed by the Contractor to prepare for processing year 2011.
2. Attachment E.2011 -- Processing Year 2011 Interface Requirements Document.
The Government will issue Attachment E.2011 containing the final Processing Year
EFAST2 RFP
Section C, Page 216 of 242
DOL069RP20266

2011 (Plan Year 2008-2011, PYF processing plan year 2007 and prior years) interface
and data distribution requirements.
3. Attachment P.2011-- Plan Year 2011 XML DER Vols 1 & 2. The Government
will issue Attachment P.2011 containing the Plan Year 2011 XML schema and
related requirements needed by the Contractor to prepare for processing year 2011.
4. Processing Year 2011 Rollover Declaration Letter -- The Government will issue a
letter declaring the plan year 2011 forms changes that the Contractor shall implement
in the production system in preparation for processing year 2011 rollover.
C.23.2.4 Final Processing Year 2012 Rollover GFI (available March 2011)
1. Attachment D.2012 -- Plan Year 2012 Form 5500 Series Forms and Schedules.
The Government will issue Attachment D.2012 containing the Plan Year 2012 forms
and schedules needed by the Contractor to prepare for processing year 2012.
2. Attachment E.2012 -- Processing Year 2012 Interface Requirements Document.
The Government will issue Attachment E.2012 containing the final Processing Year
2012 (Plan Year 2009-2012, PYF processing plan year 2008 and prior years) interface
and data distribution requirements.
3. Attachment P.2012-- Plan Year 2012 XML DER Vols 1 & 2. The Government
will issue Attachment P.2012 containing the Plan Year 2012 XML schema and
related requirements needed by the Contractor to prepare for processing year 2012.
4. Processing Year 2012 Rollover Declaration Letter -- The Government will issue a
letter declaring the plan year 2012 forms changes that the Contractor shall implement
in the production system in preparation for processing year 2012 rollover.
C.23.2.5 Final Processing Year 2013 Rollover GFI (available March 2012)
1. Attachment D.2013 -- Plan Year 2013 Form 5500 Series Forms and Schedules.
The Government will issue Attachment D.2013 containing the Plan Year 2013 forms
and schedules needed by the Contractor to prepare for processing year 2013.
2. Attachment E.2013 -- Processing Year 2013 Interface Requirements Document.
The Government will issue Attachment E.2013 containing the final Processing Year
2013 (Plan Year 2010-2013, PYF processing plan year 2009 and prior years) interface
and data distribution requirements.
3. Attachment P.2013-- Plan Year 2013 XML DER Vols 1 & 2. The Government
will issue Attachment P.2013 containing the Plan Year 2013 XML schema and
related requirements needed by the Contractor to prepare for processing year 2013.
4. Processing Year 2013 Rollover Declaration Letter -- The Government will issue a
letter declaring the plan year 2013 forms changes that the Contractor shall implement
in the production system in preparation for processing year 2013 rollover.
C.23.2.6 Final Processing Year 2014 Rollover GFI (available March 2013)
EFAST2 RFP
Section C, Page 217 of 242
DOL069RP20266

1. Attachment D.2014 -- Plan Year 2014 Form 5500 Series Forms and Schedules.
The Government will issue Attachment D.2014 containing the Plan Year 2014 forms
and schedules needed by the Contractor to prepare for processing year 2014.
2. Attachment E.2014 -- Processing Year 2014 Interface Requirements Document.
The Government will issue Attachment E.2014 containing the final Processing Year
2014 (Plan Year 2011-2014, PYF processing plan year 2010 and prior years) interface
and data distribution requirements.
3. Attachment P.2014-- Plan Year 2014 XML DER Vols 1 & 2. The Government
will issue Attachment P.2014 containing the Plan Year 2014 XML schema and
related requirements needed by the Contractor to prepare for processing year 2014.
4. Processing Year 2014 Rollover Declaration Letter -- The Government will issue a
letter declaring the plan year 2014 forms changes that the Contractor shall implement
in the production system in preparation for processing year 2014 rollover.
C.23.2.7 Final Processing Year 2015 Rollover GFI (available March 2014)
1. Attachment D.2015 -- Plan Year 2015 Form 5500 Series Forms and Schedules.
The Government will issue Attachment D.2015 containing the Plan Year 2015 forms
and schedules needed by the Contractor to prepare for processing year 2015.
2. Attachment E.2015 -- Processing Year 2015 Interface Requirements Document.
The Government will issue Attachment E.2015 containing the final Processing Year
2015 (Plan Year 2012-2015, PYF processing plan year 2011 and prior years) interface
and data distribution requirements.
3. Attachment P.2015-- Plan Year 2015 XML DER Vols 1 & 2. The Government
will issue Attachment P.2015 containing the Plan Year 2015 XML schema and
related requirements needed by the Contractor to prepare for processing year 2015.
4. Processing Year 2015 Rollover Declaration Letter -- The Government will issue a
letter declaring the plan year 2015 forms changes that the Contractor shall implement
in the production system in preparation for processing year 2015 rollover.
C.23.2.8 Final Processing Year 2016 Rollover GFI (available March 2015)
1. Attachment D.2016 -- Plan Year 2016 Form 5500 Series Forms and Schedules.
The Government will issue Attachment D.2016 containing the Plan Year 2016 forms
and schedules needed by the Contractor to prepare for processing year 2016.
2. Attachment E.2016 -- Processing Year 2016 Interface Requirements Document.
The Government will issue Attachment E.2016 containing the final Processing Year
2016 (Plan Year 2013-2016, PYF processing plan year 2012 and prior years) interface
and data distribution requirements.
3. Attachment P.2016-- Plan Year 2016 XML DER Vols 1 & 2. The Government
will issue Attachment P.2016 containing the Plan Year 2016 XML schema and
related requirements needed by the Contractor to prepare for processing year 2016.
EFAST2 RFP
Section C, Page 218 of 242
DOL069RP20266

4. Processing Year 2016 Rollover Declaration Letter -- The Government will issue a
letter declaring the plan year 2016 forms changes that the Contractor shall implement
in the production system in preparation for processing year 2016 rollover.
C.23.2.9 Final Processing Year 2017 Rollover GFI (available March 2016)
1. Attachment D.2017 -- Plan Year 2017 Form 5500 Series Forms and Schedules.
The Government will issue Attachment D.2017 containing the Plan Year 2017 forms
and schedules needed by the Contractor to prepare for processing year 2017.
2. Attachment E.2017 -- Processing Year 2017 Interface Requirements Document.
The Government will issue Attachment E.2017 containing the final Processing Year
2017 (Plan Year 2014-2017, PYF processing plan year 2013 and prior years) interface
and data distribution requirements.
3. Attachment P.2017-- Plan Year 2017 XML DER Vols 1 & 2. The Government
will issue Attachment P.2017 containing the Plan Year 2017 XML schema and
related requirements needed by the Contractor to prepare for processing year 2017.
4. Processing Year 2017 Rollover Declaration Letter -- The Government will issue a
letter declaring the plan year 2017 forms changes that the Contractor shall implement
in the production system in preparation for processing year 2017 rollover.
C.23.2.10 Final Processing Year 2018 Rollover GFI (available March 2017)
1. Attachment D.2018 -- Plan Year 2018 Form 5500 Series Forms and Schedules.
The Government will issue Attachment D.2018 containing the Plan Year 2018 forms
and schedules needed by the Contractor to prepare for processing year 2018.
2. Attachment E.2018 -- Processing Year 2018 Interface Requirements Document.
The Government will issue Attachment E.2018 containing the final Processing Year
2018 (Plan Year 2015-2018, PYF processing plan year 2014 and prior years) interface
and data distribution requirements.
3. Attachment P.2018-- Plan Year 2018 XML DER Vols 1 & 2. The Government
will issue Attachment P.2018 containing the Plan Year 2018 XML schema and
related requirements needed by the Contractor to prepare for processing year 2018.
4. Processing Year 2018 Rollover Declaration Letter -- The Government will issue a
letter declaring the plan year 2018 forms changes that the Contractor shall implement
in the production system in preparation for processing year 2018 rollover.
C.23.2.11 Final Processing Year 2019 Rollover GFI (available March 2018)
1. Attachment D.2019 -- Plan Year 2019 Form 5500 Series Forms and Schedules.
The Government will issue Attachment D.2019 containing the Plan Year 2019 forms
and schedules needed by the Contractor to prepare for processing year 2019.
2. Attachment E.2019 -- Processing Year 2019 Interface Requirements Document.
The Government will issue Attachment E.2019 containing the final Processing Year
EFAST2 RFP
Section C, Page 219 of 242
DOL069RP20266

2019 (Plan Year 2016-2019, PYF processing plan year 2015 and prior years) interface
and data distribution requirements.
3. Attachment P.2019-- Plan Year 2019 XML DER Vols 1 & 2. The Government
will issue Attachment P.2019 containing the Plan Year 2019 XML schema and
related requirements needed by the Contractor to prepare for processing year 2019.
4. Processing Year 2019 Rollover Declaration Letter -- The Government will issue a
letter declaring the plan year 2019 forms changes that the Contractor shall implement
in the production system in preparation for processing year 2019 rollover.
C.23.3 Reserved
C.23.4 Edit Test Mask-Stable List (available at Start-up)
Reference Attachment F of this contract for a sample edit test mask-stable list. The Government
will provide an initial edit test mask list at start-up. Thereafter, the Government will provide
periodic updates to the edit test mask-stable list, as needed.

C.23.5 Contact Center (available April 2007)
The Government will provide the following materials upon contract award to assist the
Contractor in developing the Contact Center.
1. An email address and web-based portal form to receive inquiries
2. A list of most frequently asked general inquiries and standard responses
3. A sample list of types of questions that will be transferred to Government staff or
Agency
4. A list of non-discloseable data items
5. Procedures for addressing non-standards requests such as those that pertain to the
Freedom of Information Act (FOIA)
6. Requirements for identifying callers to access a specific filing (e.g., caller must
provide plan name and employer identification number (EIN/PN) before the operator
can access the filing
7. Requirements for responding to callers with questions regarding non-disclosable
filing information
8. An up-to-date list of the entity/edit tests and error messages associated with each edit
test
9. A specialized training session in the areas of general filing and edit test inquiries
related to the Form 5500 Series Return/Report and ERISA
EFAST2 RFP
Section C, Page 220 of 242
DOL069RP20266

10. Procedures manual covering areas of edit test problem resolution and general filing
inquiries regarding ERISA, Form 5500 return/reports and relevant DOL regulations
C.23.6 Contact Center Toll-Free Telephone Number and Telecommunications Link
(available January 2008)
The Government will furnish a toll free telephone number and telecommunications voice circuits
from the Public telephone System into the EFAST2 facility to carry calls from filers into the
Contact Center at the Contractor’s facility and to warm transfer Contact Center calls from the
EFAST2 facility to specified Government offices. The characteristics of the Government
furnished telecommunications link will be established after contract award and will follow
prevailing telecommunications standards, equipment, and configuration options available at the
time of award.

The Government furnished toll free number and voice circuit will include the local loop
connection from the EFAST2 facility to the phone company's central office to the demarcation
point within the facility. The Contractor is responsible for all other telephone and
telecommunication costs incurred to maintain the Contractor’s Contact Center facility.

The Government furnished voice circuit will include local loop and national connection from
EFAST2 facility to the Government's phone system at the U.S. Department of Labor. The
Government will furnish a point of contact for troubleshooting of the voice circuits in case of any
problems.

C.23.7 List of Authorized Data Dissemination Service Government Users (available July
2007 and periodically updated thereafter)
The Government will provide an initial list of Government personnel authorized, per Section
C.10.3.4, to use the Government portion of the Data Dissemination Service specified in Section
C.15, along with the specific user-profile security permission configurations for the users.
Thereafter, the Government will provide periodic updates to the list, as needed. See Section
C.10.3.4 and Section C.15.4.

C.23.8 Minimum Background Information Form Package (available at contract award)
The Government will provide the required MBI forms packages, fingerprint requirement,
Temporary Security Clearance Certification, Income Tax Check Report Waiver, and Non-
disclosure Agreement. These personnel security clearance materials must be completed,
submitted to the Government, and processed prior to the Contractor assigning employees to work
on the contract. Refer to Section C.22 for personnel clearance procedures.

C.23.9 Government-supplied Test Case Specification (available September 2007)
The Government will supply a Test Data Specification that describes the file format in which test
data may be submitted by the Government for purposes of software testing, as described in
Sections C.21 and E.

EFAST2 RFP
Section C, Page 221 of 242
DOL069RP20266

C.23.10 Government-supplied Test Cases (available as needed to support testing)
The Government will supply test cases to the Contractor throughout the period of performance
for purposes of FCT, SAT, and annual rollover testing, as described in Sections C.21 and E.

C.23.11 List of Large Plans (available January 2008 and periodically updated thereafter)
The Government will supply a list of large plans to be included in the Large Plan Monthly
Report, per Section C.6.6, during the Base Period, and thereafter as needed to adjust the list to
reflect the most current 50 largest defined benefit plans.

C.23.12 Domain and Subdomain Names (available at award)
The Government will supply the Contractor with the appropriate domain and subdomain names,
per Section C.10.2.

C.23.13 Drop-box Server Characteristics (available August 2008)
The Government will supply drop-box servers to be connected by VPN to the Contractor’s site.
The connectivity information and characteristics of the Government’s drop-box servers will be
provided per Section C.15.3.4.

C.23.14 Due Date Table (available at award and updated annually thereafter)
The Government will supply an updated due date table to include due dates associated with form
years that have not yet been finalized. The due date table will be provided per Section
C.10.4.6.3.3.

C.23.15 Final Application Access Control Table (available July 2007)
The Government will supply a final application access control table, per Section C.15.4, Exhibit
C.15.3.
EFAST2 RFP
Section C, Page 222 of 242
DOL069RP20266
C.24 MANAGEMENT
C.24.1 Integrated Management System
The Contractor shall implement an Integrated Management System in compliance with the
American National Standards Institute/Electronic Industries Alliance Standard 748A (ANSI/EIA-
748A), Earned Value Management Systems (EVMS) (current version in effect at time of
Contract Award). This contract’s Integrated Management System shall be used to baseline and
track the cost and schedule performance of all work under this contract. This contract’s
Integrated Management System shall effectively integrate the work scope with cost and schedule
elements to maximize effective cost and schedule control. The Integrated Management System
shall be consistent with the Department of Labor (DOL) “System Development Life Cycle
Management Manual,” Version 2.1 (SDLCM) (refer to Attachment K) and shall conform to the
American National Standards Institute/Electronic Industries Alliance Standard 748A (ANSI/EIA-
748-A) (refer to Attachment N.2.1) and MIL-HDBK-881A (refer to Attachment N.1.29).

C.24.2 Project Planning Deliverables
The Contractor shall conduct project planning for this contract using this Statement of Work
(SOW) and the deliverables described below and shown in the Schedule of Deliverables in
Section F. The Integrated Management System shall integrate this SOW in a standard set of
structured cost accounting tools, including an Integrated Master Plan (IMP), an Integrated Master
Schedule (IMS), a Contract Work Breakdown Structure (CWBS), a CWBS Dictionary with
CWBS-to-SOW Traceability Matrix, and a Performance Measurement Baseline (PMB). The
IMP, IMS, CWBS, CWBS Dictionary, and PMB shall be delivered in the first month of the
contract and shall be presented to the Government by the Contractor in an Integrated Baseline
Review (IBR). Subsequent to the IBR, these products shall be maintained with current data in
accordance with the document maintenance and replacement pages requirements described in
Section C.24.15, Section C.24.16, and Section F. The Integrated Management System shall be
used to generate a set of Contract Performance Reports (CPR) in specified formats and a
Contract Funds Status Report (CFSR). The CPR and CFSR shall be generated monthly in
accordance with the Schedule of Deliverables in Section F and as described in this contract’s
IMS.

C.24.3 Integrated Master Plan (IMP)
The Contractor shall deliver an Integrated Master Plan (IMP) that documents project planning
information and the Contractor’s project management approach. The Contractor shall deliver the
IMP in accordance with the Schedule of Deliverables in Schedule F. The Contractor shall update
the IMP to reflect agreed-upon changes, including changes directed by contract modifications
and changes agreed upon between the Contracting Officer or COTR and the Contractor’s project
manager.

The Contractor shall develop an IMP that documents the project scope and the Contractor’s
planned project management approach for accomplishing the scope of work of this SOW and for
EFAST2 RFP
Section C, Page 223 of 242
DOL069RP20266
achieving the major and interim milestones established in this SOW. The IMP shall provide
details on planned tasks, task dependencies, task schedules, and allocated resources.

The IMP shall describe the Contractor’s approach for accommodating the Government’s review
of Contractor-developed draft documents, including program management and technical
deliverables, and incorporation of the Government’s comments and recommendations into final
documents. The IMP shall address, at a minimum, the following topics:
• Project description and background
• Organization of the IMP
• Project organizational structure and assigned organizational responsibilities, including
subcontractors and consultants
• System development approach and methodology
• Description and definition of system life cycle phases and the activities occurring in
each phase
• Definition of each major subsystem to be developed and managed through the life
cycle
• Security and privacy issues
• Work breakdown structure and master schedule
For the work breakdown structure and master schedule, the Contractor shall provide references to
the standalone Contract Work Breakdown Structure (CWBS), the CWBS Dictionary, and the
Integrated Master Schedule (IMS).

The IMP shall be prepared in the Contractor’s format. As a guide to preparing the contract’s
IMP, the Contractor may refer to the Department of Defense “Integrated Master Plan and
Integrated Master Schedule Preparation and Use Guide,” Version 0.9, October 21, 2005 (refer to
Attachment N.1.33).

C.24.4 Integrated Master Schedule (IMS)
The Contractor shall deliver an Integrated Master Schedule (IMS) that lists all tasks and activities
to be completed within each component of the contract Base Period (Cost Plus Award Fee –
CPAF) and Option Period I (1st Component) (Cost Plus Fixed Fee – CPFF). The IMS shall be
prepared using Microsoft Project and structured in accordance with DID DI-MGMT-81650 (refer
to Attachment N.1.34). As a guide to preparing the contract’s IMS, the Contractor may also refer
to the Department of Defense “Integrated Master Plan and Integrated Master Schedule
Preparation and Use Guide,” Version 0.9, October 21, 2005 (refer to Attachment N.1.33).

The Contractor shall deliver the IMS in accordance with the Schedule of Deliverables in
Schedule F. The IMS shall be maintained to reflect current schedule status. An electronic
EFAST2 RFP
Section C, Page 224 of 242
DOL069RP20266
snapshot of the IMS reflecting schedule status as of the close of each monthly reporting period
shall be delivered to the Government with the Monthly Work and Management Report
(MWMR).

The IMS shall be structured in direct alignment with the contract’s Level 4 Contract Work
Breakdown Structure (CWBS). The IMS shall clearly indicate task durations, major and interim
milestones, inter-task dependencies, scheduling constraints, and optimization criteria. The IMS
shall be constructed in Microsoft Project, as specified by agency requirements, to permit
production of reports as Gantt charts, milestone tables, and deliverables and date lists. The IMS
shall clearly indicate the critical path of the schedule’s activity network.

C.24.5 Contract Work Breakdown Structure (CWBS) & CWBS Dictionary
The Work Breakdown Structure (WBS) is a shared structure between the Contractor and the
Government, as described in Section C.19. The Contractor-produced Contract Work Breakdown
Structure (CWBS) must align to the Government’s EFAST2 Program Work Breakdown
Structure (PWBS). The Level 2 CWBS included in this SOW is in full alignment with the
EFAST2 PWBS. The CWBS shall maintain this structure to Level 2. The CWBS shall
decompose the Level 2 elements to lower-level elements in accordance with MIL-HDBK-881A
(refer to Attachment N.1.29) and DID DI-MGMT-81334A (refer to Attachment N.1.30). The
CWBS shall depict the WBS to at least Level 4, one level below Level 3, the reporting level for
cost and schedule performance.

The CWBS provides an integrated framework for project planning and control. The CWBS
defines the total contract effort and the products to be developed and delivered. The CWBS
relates the various elements of the work effort to each other and to the end products. The CWBS
describes these relationships in a manner that promotes verification and measurement of
technical accomplishment and earned value measurement and reporting.

The CWBS comprises the entire CWBS, the CWBS Dictionary, and the CWBS-to-SOW
Traceability Matrix. The Contractor shall develop and maintain a companion CWBS-to-SOW
Traceability Matrix that provides a logical cross-reference between the CWBS’s individual WBS
elements and their applicable sections within this SOW. The CWBS Dictionary shall conform to
IEEE/EIA 12207.2-1997, Sec 5.2.4.5 (c) (refer to Attachment N.2.2).

The Contractor shall deliver the CWBS, including the CWBS Dictionary and a CWBS-to-SOW
Traceability Matrix, in accordance with the Schedule of Deliverables in Section F. The CWBS,
CWBS Dictionary, and the CWBS-to-SOW Traceability Matrix shall be maintained to reflect all
contract modifications subsequent to Contract Award in accordance with the document
maintenance and replacement pages requirements described in Section C.24.15, Section C.24.16,
and Section F.

The Contractor shall develop the contract CWBS based on this SOW. The CWBS shall structure
all the contract requirements and efforts under identifiable product elements, including physical
products, software modules, hardware components, documentation, and related products and
EFAST2 RFP
Section C, Page 225 of 242
DOL069RP20266
data. The CWBS shall be a direct representation of the scope of work defined in this SOW and
shall break that scope of work down into appropriate and manageable elements for cost
accounting and earned value measurement and reporting.

The CWBS shall be structured in alignment with the Level 2 CWBS shown in Exhibit C.24.1.

Exhibit C.24.1 EFAST2 Level 2 Contract Work Breakdown Structure
CWBS
ID Description of Item Due Date
1.0 Base Period (1st Component) — Prototype System Modules
1.1 Project Planning
1.1.X Interim Milestone: Integrated Baseline Review (IBR) 5/31/2007
1.2 Requirements Clarification
1.2.X Interim Milestone: System Requirements Clarification Complete 6/30/2007
1.3 System Design
1.3.X Interim Milestone: System Design Complete 7/31/2007
1.4 Prototype Development
1.4.X Interim Milestone: Requirements & Documentation Review Complete 9/30/2007
1.5 Prototype Test
1.5.X Interim Milestone: Prototype Test Complete 12/7/2007
1.6 Prototype Certification
1.6.X Major Milestone: FCT #1 – Prototype Certification Delivered 12/31/2007

2.0 Base Period (2nd Component) — Scaleup
2.1 Requirements Clarification
2.1.X Interim Milestone: Planning & Requirements Clarification Complete 2/28/2008
2.2 Detailed Design
2.2.X Interim Milestone: Detailed Design Complete 3/31/2008
2.3 Scaleup Development & Test
2.3.X Interim Milestone: Test Readiness Review (TRR1) 6/30/2008
2.4 Scaleup End-to-End Test
2.4.X Major Milestone: FCT #2 – Scaleup End-to-End Test Complete 7/31/2008

3.0 Base Period (3rd Component) — Certification & Implementation
3.1 Regression Testing
3.1.X Interim Milestone: Test Readiness Review (TRR2) 9/15/2008
3.2 System Acceptance Test
3.2.X Interim Milestone: System Acceptance Test Complete 10/31/2008
3.3 Security Certification
3.3.X Interim Milestone: Security Certification Delivered 10/31/2008
EFAST2 RFP
Section C, Page 226 of 242
DOL069RP20266
3.4 Disposition
3.4.X Major Milestone: Base Period Complete 12/31/2008

4.0 Option Period I (1st Component) — Advance Pre-Processing Activities
4.1 Operations Planning
4.1.X Interim Milestone: Sample Reports Completed 10/15/2008
4.1.Y Major Milestone: Advance Pre-Processing Activities Complete 12/31/2008

C.24.6 Performance Measurement Baseline (PMB)
The Contractor shall establish and maintain a Performance Measurement Baseline (PMB) for the
entire development contract, including the Base Period (CPAF) and Option Period I (1st
Component) (CPFF). The PMB shall conform to ANSI/EIA-748-A (refer to Attachment N.2.1)
and be prepared using Microsoft Project and structured in accordance with DID DI-MGMT-
81466A, Contract Performance Report, Format 3, Baseline (refer to Attachment N.1.35).

The PMB shall be based upon the Level 2 CWBS provided by the Government in this SOW.
The CWBS shall be decomposed by the Contractor to Level 4 “control accounts,” which shall be
time-phased on a monthly basis, and consistent with the Schedule of Deliverables in Section F.
The Contractor shall graphically define the work, schedule the work, assign control accounts and
budgets, and allocate resources, defining labor, other direct costs (ODC), materials, and
subcontract effort, where applicable.
The Contractor shall use the PMB to measure actual performance of work in relationship to the
work scheduled. The Contractor shall establish work packages at CWBS Level 5 to achieve the
major and interim milestones identified at CWBS Level 3 in Exhibit C.24.1.
The PMB shall comprise the aggregate work of all CWBS Level 4 control accounts, including
rollups to CWBS Levels 3, 2, and 1.
The PMB shall establish the schedule for expenditure of resources necessary to complete the
requirements and achieve the contract major and interim milestones. The PMB shall be indexed
to the specific work components specified in the CWBS. The Contractor shall update and
maintain the PMB as a working management tool that is representative of current program plans,
which are subject to review and revision as program plans are refined and revised. When work is
authorized by the Government, the budget for that effort shall be assigned to appropriate control
accounts. In no case shall a budget for authorized work be placed in Undistributed Budget for
more than one reporting cycle.

The methodology selected to calculate earned value (i.e., the Budgeted Cost of Work Performed)
for each work package shall be appropriate to the type of work being performed in that work
package. In no case shall the Contractor use “level of effort” or “percent complete” as an earned
value methodology. The methodologies selected shall be identified in the PMB.

EFAST2 RFP
Section C, Page 227 of 242
DOL069RP20266
The Contractor shall deliver the PMB, including the identification of the earned value
methodology or methodologies for each CWBS Level 4 control account, in accordance with the
Schedule of Deliverables in Section F. The initial PMB shall include all negotiated, priced, and
authorized work and shall not include any Undistributed Budget. The PMB shall not include any
Management Reserve.

The PMB shall be maintained to reflect all contract modifications subsequent to Contract Award.
The Contractor shall deliver an updated PMB as changes are made.

C.24.7 Contract Performance Report (CPR)
During the Base Period and Option Period I (1st Component), the Contractor shall deliver to the
Government a Contract Performance Report (CPR). The Contractor shall deliver the CPR in
accordance with the Schedule of Deliverables in Section F.
The Contractor shall prepare the CPR in accordance with applicable sections of DID DI-MGMT-
81466A, Contract Performance Report (CPR) (refer to Attachment N.1.35). The applicable
sections of the DID are those for CPR Formats 1, 3, and 5. The DID shall be used in conjunction
with the Integrated Master Schedule (IMS) DID, DI-MGMT-81650 (refer to Attachment N.1.34),
the Contract Work Breakdown Structure (CWBS) DID, DI-MGMT-81334A (refer to Attachment
N.1.30), and the Contract Funds Status Report (CFSR) DID, DI-MGMT-81468 (refer to
Attachment N.1.32). The CPR shall be delivered to the Government in both hard copy and
electronic formats.

The CPR shall report cost and schedule performance status at Level 3 of the CWBS. Reports
may reflect data either as of the end of the calendar month or as of the Contractor’s accounting
period cutoff date, provided it is consistent with the IMS. CPRs shall be submitted to the
EFAST2 Program Manager no later than the 12th of the month or 12 working days following the
Contractor’s accounting period cutoff date.

The CPR data shall accurately reflect how work is being planned and performed. The same
CWBS shall be utilized for the Integrated Master Plan (IMP), the Integrated Management System
(IMS), and the CPR.

The CPR data elements shall reflect the output of the of the Contractor’s ANSI/EIA-748-A–
compliant Integrated Management System. CPR data submitted by the Contractor will be used
by the Government to: (1) integrate cost and schedule performance data with technical
performance measures; (2) identify the magnitude and impact of actual and potential problem
areas causing significant cost and schedule variances; (3) provide valid, timely program status
information to the Contracting Officer and DOL management; and (4) determine an appropriate
Award Fee for the Base Period.

The CPR is a management report. To be useful, it must provide timely, reliable summary-level
data that can be used to assess current and projected contract performance. The CPR’s primary
value to the Government is its ability to reflect current contract status and reasonably project
EFAST2 RFP
Section C, Page 228 of 242
DOL069RP20266
future program performance. For this reason, it is important that the CPR be as accurate and
comprehensive as possible.

The actual costs reported in the CPR (i.e., the Actual Cost of Work Performed) shall include all
costs incurred as of the closing date of the reporting period. Incurred costs shall include all
committed costs for work performed to date, whether these costs have been billed to the
Government, expensed in the Contractor’s accounting system for future billing to the
Government, or accrued for a future expense. Incurred costs shall include all costs incurred by
the Contractor, whether by the Contractor’s employees, by procurements, or by subcontractors,
contract labor, or consultants. Data reported in the CPR shall pertain to all authorized contract
work, including both priced and unpriced effort.

CPR Formats 1, 3, and 5 shall be prepared and submitted monthly. Format 1 provides data to
measure cost and schedule performance by product-oriented CWBS elements, the hardware,
software, and services the Government is buying. Format 3 provides the budget baseline plan
against which performance is measured, i.e., the Performance Measurement Baseline (PMB).
Format 5 is a narrative report used to explain significant cost and schedule variances and other
identified contract problems and topics.

CPR Format 1, Work Breakdown Structure, shall incorporate a product-oriented CWBS in
accordance with the WBS Handbook, MIL-HDBK-881A (refer to Attachment N.1.29), and the
CWBS DID DI-MGMT-81334A (refer to Attachment N.1.30). The level of detail to be reported
in Format 1 will be at Level 3 of the CWBS, but lower levels may be specified by the
Government for high-cost or high-risk items. The Government and the Contractor shall
periodically review and adjust, as necessary, CWBS reporting levels on Format 1 to ensure they
continue to provide appropriate visibility without requiring excessive information. If a
significant problem arises at a lower level, detailed reporting for that CWBS element may be
required, at the Government’s discretion, until the problem is resolved to the Government’s
satisfaction.

CPR Format 3, Baseline, shall be submitted to the Government in both hard copy and electronic
formats. The first monthly CPR Format 3 contract submission shall be consistent with the initial
PMB. The initial CPR Format 3 shall include the entire contracted Cost Plus Award Fee (CPAF)
and Cost Plus Fixed Fee (CPFF) contract, as reflected in the CWBS Elements 1.0, 2.0, 3.0, and
4.0. The third monthly CPR submission shall include a CPR Format 3 that reflects the
Government’s requested changes to the PMB resulting from the Integrated Baseline Review
(IBR).

CPR Format 5, Explanations and Problem Analyses, shall be prepared, submitted, and, if
requested by the Government, briefed to the Government by the Contractor’s project manager.
The variance analysis threshold for cost and schedule variance on reportable CWBS elements
shall be ±10%, as calculated per ANSI/EIA-748-A. Variance analysis thresholds shall be
reviewed periodically by the Government and adjusted as necessary to ensure they continue to
provide appropriate visibility. Problem analysis and narrative explanations in Format 5 are
required for all Level 3 CWBS elements for which variance analysis thresholds are exceeded.
EFAST2 RFP
Section C, Page 229 of 242
DOL069RP20266

C.24.8 Integrated Baseline Review (IBR)
The Contractor shall present its proposed Integrated Management System at an Integrated
Baseline Review (IBR). The IBR shall be conducted early in the contract’s Base Period (1st
Component), as shown in Exhibit C.24.1, WBS ID 1.1.X: Interim Milestone: Integrated Baseline
Review (IBR).

At the IBR, the Contractor shall present for discussion with the Government the various elements
of the Integrated Management System. These elements include the Integrated Master Plan (IMP),
the Integrated Master Schedule (IMS), the Level 4 Contract Work Breakdown Structure
(CWBS), the CWBS Dictionary with CWBS-to-SOW Traceability Matrix, and the Performance
Measurement Baseline (PMB), prepared as specified in this SOW.

At the IBR, the Contractor shall explain the rationale for the proposed IMS and CWBS. The
Government may ask questions about these elements and about the proposed PMB. The
Contractor shall identify and explain the rationale for the selection of earned value
methodologies for the various work packages in the PMB. The Government may direct that the
Contractor make changes to the earned value methodologies applied in the PMB.

C.24.9 Contract Funds Status Report (CFSR)
The Contractor shall deliver to the Government a Contract Funds Status Report (CFSR) that
provides funding data and is prepared in accordance with DI-MGMT-81468 (refer to Attachment
N.1.32). The CFSR shall be delivered in accordance with the Schedule of Deliverables in
Section F.

C.24.10 Project Risk Management Plan
The Contractor shall develop a Risk Management Plan (RMP) to document all risk identification,
management, and mitigation activities. The RMP shall identify risks posed to the successful
completion of the project on time and within budget. This includes identification of project
risks; analysis, assessment, and prioritization of those project risks; and development of a plan of
action and milestones to implement mitigations to reduce the impact of identified risks
throughout the project’s life cycle.

The RMP shall be delivered in accordance with the Schedule of Deliverables in Section F.
Contingent upon the Government’s exercise of each subsequent option period, the Contractor
shall update the RMP to reflect annual rollover, related system changes, and any other system
changes that may be implemented. The RMP shall follow standards established by SDLCM 2.1
(refer to Attachment K).

Security risks and mitigations (i.e., threats / vulnerabilities and countermeasures) inherent in the
operation of the system are documented and addressed in the Security Risk Assessment. It is not
necessary or desired that all security risks be addressed in the RMP. Only those security risks
related to the successful completion of the project, on time and within budget, should be
EFAST2 RFP
Section C, Page 230 of 242
DOL069RP20266
addressed in the RMP. These would typically be only those risks posed to the security
certification of the system.

C.24.11 Production Recruiting and Training Plan
The Production Recruiting and Training Plan outlines the objectives, needs, strategy, and
curriculum to be addressed for training users on the new EFAST2 system. The plan presents the
activities needed to support the development of training materials, coordination of training
schedules, reservation of personnel and facilities, planning for training needs, and other training-
related tasks. Training activities are conducted in accordance with the Training Plan to teach
users how to operate the system.

The Production Recruiting and Training Plan shall be delivered in accordance with the Schedule
of Deliverables in Section F. Contingent upon the Government’s exercise of each option period,
the Contractor shall update the document to reflect annual rollover, related system changes, and
any other system changes that may be implemented. The Production Recruiting and Training
Plan shall follow standards established by SDLCM 2.1 (refer to Attachment K), IEEE/EIA
12207.0-1997 Sec 7.4.1.1 (refer to Attachment N.2.2), OMB A-130, Appendix III A 3.a.2)b)
(refer to Attachment N.1.16), and Clinger-Cohen Act 1996 Section 5112(i) (refer to Attachment
N.1.1).

C.24.12 Monthly Work and Management Report (MWMR)
During the entire period of performance (Base Period and all exercised option periods) the
Contractor shall provide Monthly Work and Management Reports (MWMR) regularly to the
Government. During the Base Period (CPAF) and Option Period I (1st Component) (CPFF),
MWMRs will be delivered monthly, in accordance with the Schedule of Deliverables in Section
F. During Option Period I (2nd Component) through Option Period XI (operations fixed-price
contract), MWMRs will be delivered concurrent with the Contractor’s invoicing cycle, such as 4-
4-5 (4 weeks, 4 weeks, 5 weeks).

The reports shall include:

• Report on progress, problems, schedule, plans, and costs. Narrative that shows
achievement of milestones, adherence to operational schedules, the kinds and degrees
of activity undertaken to accomplish broad processing objectives, major corrective
actions taken or proposed, and activities scheduled for completion during subsequent
reporting periods. The progress reports shall include exceptions reports, an overall
view of system operations, and a status report with respect to program management
and statutory goals.
• Summary of issues and problems occurring within the reporting period and the status
of their resolution, including when problems occurred, the nature and extent of the
problems, approved problem resolution with a timetable for implementation, and the
date the problem was resolved.
EFAST2 RFP
Section C, Page 231 of 242
DOL069RP20266
• Presentation of key information in graphic format with a sufficient number of data
plots to show a true depiction of “events” over the course of the reporting period.
• Security progress report to include Minimum Background Investigation (MBI)
applications and approvals, IT security budget estimates, monthly estimated security
costs, and a cumulative security cost estimate (refer to Section C.22 and Section F).
• Quality Assurance Report, per the requirements in Section C.19.
• Contact Center Call Report, per the requirements in Section C.18 and the statistics in
Attachment S.
• List of Third Party Software Developer certifications, per the requirements in Section
C.10.6.
C.24.13 Notification to COTR of Problems, Errors, or Breach of Security
Within one (1) work day of becoming aware of an occurrence, the Contractor shall notify the
Contracting Officer’s Technical Representative (COTR) or designee of any problem that could
impact the receipt or analysis of data, data entry, electronic transmission, or security of the
EFAST2 system, in accordance with the Schedule of Deliverables in Section F. Within three (3)
work days, the Contractor shall provide a corrective action plan to the COTR or designee that
conveys the complete nature of the problem, the extent and impact of the problem on processing
or transmitting data, the Contractor’s approach for reaching an appropriate resolution of the
problem, and the time estimates for implementation of recommended resolutions. The
Contractor shall proceed with system or processing adjustments as necessary to resolve the
problem. The Contractor shall notify the COTR or designee regularly through subsequent
problem notification status reports until the problem is resolved to the satisfaction of the
Government.

C.24.14 Disposition / Closeout Plan
The Contractor shall produce an annual Disposition / Closeout Plan that identifies the process to
be followed to transition the system to a successor contractor or to the Government, and deliver
the Plan in accordance with the Schedule of Deliverables in Section F. The “system” shall
include all source code, program materials, documentation, media, and all Government-furnished
information (GFI) and Government-owned system components. The Disposition / Closeout Plan
shall be prepared following the standards established by SDLCM 2.1.

The Disposition / Closeout Plan shall state the approach and processes for disposing of the
production system in a planned orderly manner, and to ensure that the system is properly
archived or incorporated into other systems prior to closeout. The initial Disposition / Closeout
Plan shall be developed during the Base Period and updated during each option period. The
Contractor shall finalize the Disposition / Closeout Plan once notification has been received from
the Government to retire the system, which may not occur until later in the period.

EFAST2 RFP
Section C, Page 232 of 242
DOL069RP20266
The Disposition / Closeout Plan shall address all facets of archiving, transferring, and disposing
of the system and the data. Particular emphasis shall be given to proper preservation of the data
processed by the system so that it can be effectively migrated to another system or archived and
restored in accordance with applicable record management regulations and policies.

For each contract period, the Contractor shall prepare a Disposition / Closeout Plan to be
executed in the event that the Government does not exercise the subsequent option or at the end
of the contract. The Disposition / Closeout Plan shall comprise the following components:

• Transition Plan
• Source Code
• Program materials, documentation, media, and all GFI and Government-owned
system components
The Disposition / Closeout Plan shall address the activities necessary for closeout at the
conclusion of each contract period. The plan shall include step-by-step activities and schedules
for each of the eleven option period closeouts, including the following:

• Detailed procedures, schedules, and tasks required to make the system operational by
a different contractor within thirty (30) calendar days following the end of the current
option period
• Arrangements necessary for transition to a different contractor
• Handling of data received after the deadline dates
• Handling and disposition of system software
• Archival of system documentation, manuals, and contract files, and retrieval of files
• Schedule of dates and tasks for successful closeout
• Full library of system files, commercial off-the-shelf (COTS) software, custom
software, system documentation and Section F deliverables
Upon receipt of the Government’s request, the Contractor shall execute the Disposition /
Closeout Plan. The Contractor shall cooperate with the Government or with a new successor
vendor to ensure the orderly transfer of materials upon contract closeout. All files, software,
documentation, and other Government-furnished or -owned information shall be clearly
identified and delivered to the Government or to a new vendor. The Contractor shall return all
GFI. The Contractor shall ensure that all materials are complete, accurate, and prepared for
system start-up operation at the new location designated by the Government. The Contractor
shall cooperate, in good faith, with the Government or a new vendor, to ensure the transfer and
subsequent operation of the system is successfully completed.

EFAST2 RFP
Section C, Page 233 of 242
DOL069RP20266
C.24.15 Documentation Maintenance
The Contractor shall maintain all system documentation and Section F deliverables (developed
by the Contractor in the execution of this contract) on-site at the Contractor’s EFAST2 facility.
The Contractor shall make all contract documentation available for a review, inspection, or audit
by Government staff at any time. The Contractor shall maintain a full documentation library on-
site at the EFAST2 facility, with clear procedures established for Contractor or Government
personnel to check-in / check-out materials for use or inspection.

The Contractor shall develop and maintain full system documentation throughout the duration of
this contract. The Contractor shall update documentation throughout the Base Period and all
subsequent option periods to reflect all system changes, corrections, clarifications, and related
adjustments that are made by the Contractor. The Contractor shall include in the documentation
all system and procedural changes resulting from legislative and / or regulatory changes and
Government annual development activities as documented in and authorized by contract
modifications.

C.24.16 Documentation Replacement Pages
As certain deliverables are living documents that are constantly being updated, the Contractor
shall provide replacement pages and / or wholesale documentation replacements to the
Government, as documents are updated. The Contractor shall follow the standards for timely
delivery of replacement pages established in SDLCM 2.1.

C.24.17 Documentation Inspection, Acceptance, and Defect Remediation
The Contractor shall submit documentation deliverables to the Government for inspection and
acceptance as specified in Section E of the contract.

C.24.18 Documentation Rights of Ownership
The Government retains rights to EFAST2 data and copyright, as specified in Section H.6 of the
contract, Rights in Data and Copyright.
EFAST2 RFP
Section C, Page 234 of 242
DOL069RP20266

C.25 CONFIGURATION MANAGEMENT
The Contractor shall develop a Configuration Management (CM) reporting capability to provide
the Government with up-to-date information on the results of system performance, availability,
and functionality monitoring; system problem resolutions and fixes; and system changes,
updates, or upgrades. The reporting capability shall be provided to the Government in the form
of an automated tracking and reporting system to which the COTR and / or his designated
representatives shall have direct access as described below and in Section C.15. Specific focus
areas for monitoring, testing, and corrective action are described throughout Section C including
Section C.13, Section C.14, Section C.19, Section C.20, Section C.21, and Section C.22. System
monitoring, testing, and corrective action shall be conducted in accordance with the DOL’s
SDLCM and the Contractor’s CMMI Level 3 or higher assessed processes and procedures, as
described in Section C.19, and shall ensure system performance, availability, and functionality in
accordance with the performance standards specified in Section C.2 and detailed in requirements
for each functional area of the system. The Contractor shall use the CM reporting system to
provide up-to-date information to the Government about the stages and status of each element,
task and product at any time during the Contract. The Contractor shall identify existing CMMI
Level 3 or higher assessed processes or procedures where appropriate that provide for, meet or
exceed, or could be equivalently substituted for the reporting requirements described below. See
Section C.19.11 for procedures for identifying and establishing equivalencies between the
Contractor’s CMMI Level 3 assessed procedures and the Government’s requirements.

Records in the CM reporting system, known as Error Reports (ERs), shall be tracked and
managed throughout the life of the contract. The two categories of ERs are described in Section
C.25.2 and C.25.3 below, and shall be further classified as either Contractor-specific ERs or
Government-specific ERs. The Contractor shall ensure that all system problems, incidents,
errors, changes, upgrades, or updates as described below which are identified through the
Contractor’s ongoing monitoring, testing, quality assurance, quality control, or review procedures
shall be reported through the system and tracked as individually numbered ERs, known as
Contractor-specific ERs. The Contractor shall ensure that all system problems, incidents, errors,
changes, upgrades, or updates as described below which are identified by the Government shall
be reported through the system and tracked as individually numbered ERs, known as
Government-specific ERs. Contractor or Government-specific ERs shall be considered either
“critical” or “minor” as defined in Section B and Attachment Q. Government-specific ERs will
be issued by the Government’s independent testing program (see Section E.8), annual rollover
declaration letter (see Section C.23), system enhancement requests (see Attachment O), and
through routine monitoring and oversight activities, including annual system rollover testing,
review of documentation or data deliverables, and observations of system performance,
functionality, and availability in accordance with the performance standards specified in Section
C.2.

C.25.1 Build and Change Control
The Contractor’s CM reporting capability shall include build and change control measures to
track, authorize, control, and prioritize all system changes. The Contractor shall identify change
categories covered by the CM program as critical or minor, Contractor-specific or Government-
EFAST2 RFP
Section C, Page 235 of 242
DOL069RP20266

specific. The Contractor shall specify methods for identifying each aspect and subsystem that
will be affected by a proposed change and the nature, extent and status of the proposed change.
The Contractor shall establish procedures to prioritize change requests by importance and
criticality.

C.25.1.1 Critical and Minor ERs
Section B and Attachment Q define “critical” and “minor” ERs applicable to the Base Period.
During all subsequent option periods, ERs shall be considered “critical” if the associated system
problem, incident, error, change, upgrade, or update is or would be detectable by the public end
users of the system or does or would pose a risk to data or system confidentiality, integrity, or
availability. ERs shall be considered “minor” if the associated system problem, incident, error,
change, upgrade, or update is not or would not be detectable by the public end users of the
system or does not or would not pose a risk to data or system confidentiality, integrity, or
availability.

C.25.2 Error Reports — System Problems
The CM reporting system shall record all system problems uncovered during development and
operations, both manual and automated, that affect system performance, functionality,
availability or security per the Government’s requirements and the performance standards
specified in Section C.2. All defects and deficiencies as defined in Attachment M uncovered
during Government or Contractor testing shall be individually tracked and numbered as system
problems. Security incidents as described in Section C.22 or any incidents of loss of data, system
availability, or functionality as described in Section C.13 shall be tracked as system problems.
The system shall include a complete description of problems, including the date of occurrence or
discovery, associated functional area(s), number of affected filing data records and users, how
damage control shall be managed, the corrective action to be taken, and any remedial action for
affected filings, if required. System problems shall be tracked and reported to the Government in
terms of the categories described below.

C.25.2.1 System Problem Reporting
The system problem and resolution reporting shall include at a minimum:

• Identification, unique numbering, and reporting of system problems and associated
problem resolutions, system fixes, updates, or upgrades. The Contractor shall
establish a standardized form and numbering system for system problem reports.
• Indicator for requirement(s) associated with the system problem. This information
should be cross-referenced to the latest version of the Contractor’s maintained
Requirements Traceability Matrix (RTM) described below.
• Indicator for the affected functional area(s) of the system.
• Indicator for the critical or minor status of the system problem.
EFAST2 RFP
Section C, Page 236 of 242
DOL069RP20266

• Assignment of a Contractor representative to serve as “owner” of the system problem,
and clear indication of the status of the problem in the problem resolution life cycle.
The Contractor shall clearly establish the stages in the system problem resolution life
cycle, and shall update the CM reporting system with dates / times that a problem
enters and leaves each stage in the life cycle.
• For system defects and deficiencies as defined in Attachment M, indicator for
identification of the system problem as a defect or deficiency, and identification of
and indicator for the Government or Contractor conducted test under which the
system defect or deficiency was identified.
• A reference to the full set of documentation maintained on the system problem,
including system function affected, identification of filings that trigger the problem,
test cases established to verify and validate the fix, IQCU notes, priority, and
designation of signoffs and certification package required prior to implementing fix in
the production system.
• Detailed tracking of all problem resolutions or fixes to be implemented in response to
the system problem, including an anticipated implementation date, description of the
change or fix to be implemented, cross-reference to other related system problem /
change report(s) and / or system fixes, upgrades, or updates, QA information, IQCU
notes, and associated testing plans, results, and reports.
• Indicator and detailed description for any affected area(s) of system security, physical
security, or data security. For security incidents or system problem reports that affect
system security, physical security, or data security, references to and a clear detailed
description of response measures taken in accordance with requirements described in
Section C.22 and any required changes to security procedures, policies, or protocols
shall be included.
• For system problems uncovered through testing as described in Section C.21 or
Section E.8 or during initial development, subsequent upgrades, major “build” efforts,
or annual system rollover, an indicator of the associated test, references to associated
test documentation and deliverables, and clear detailed description of the test result
related to the identified system problem.
• Indicator for and references to any filings for which processing was affected, for
incidents or system problems associated with lost filing data and / or filings that were
submitted but could not complete processing. A description using any available
information to identify the filings should be included, as well as tracking on any
remediation steps taken to recover lost data and / or notify the filers, as described in
Section C.13.
• Indicator for and references to any end user data distributions or data dissemination
service access or availability affected by the system problem or incident, with clear
and detailed description of the number and type of users affected, anticipated or
identified duration of the problem, data repositor(ies) affected, data distribution(s)
EFAST2 RFP
Section C, Page 237 of 242
DOL069RP20266

affected, classes of filings, data, or fields affected, and plan to restore full access and
availability.
• Indicator for any performance standards as specified in Section C.2 for which
measured rates of compliance or performance may be affected as a result of the
system problem, with description of measurement period affected. The IQCU shall
bear sole responsibility for updating this information in the CM reporting system.
• Indicator for and references to any documentation deliverables affected by the system
problem, including deliverables for which changes pages will be required as a result
of the system problem and / or associated fix, system change, upgrade, or update.
• Contractor signoffs and certifications at each stage of problem resolution, including
integration into the production system.

C.25.3 Error Reports — System Changes
The CM reporting system shall record all system changes related to system performance,
functionality, availability or security per the Government’s requirements and the performance
standards specified in Section C.2. System changes include all changes, updates, or upgrades
initiated in response to agreed upon requirements changes, routine system maintenance including
updates to the web portal, or annual updates such as annual rollover for each new form
processing year. System changes may also include changes, upgrades or updates initiated not as
a result of a requirements change or system problem and that do not affect requirements, for
example Contractor-initiated changes, updates, or upgrades to enhance system performance,
functionality, or capacity. System changes initiated to partially or entirely remediate identified
system defects and deficiencies as described in Attachment M shall be tracked as part of this
system and reported to the Government. The system shall include a complete description of the
system change, including the date of occurrence or initiation, associated functional area(s), and
associated requirements changes. System changes shall be tracked and reported to the
Government in terms of the categories described below.

C.25.3.1 System Changes Reporting
The system change reporting shall include at a minimum:

• Identification, unique numbering, and reporting of system changes and associated
updates or upgrades. The Contractor shall establish a standardized form and
numbering system for system change reports.
• Indicator for requirement(s) associated with the system change and detailed
description of whether and how the requirement is affected and/or changed. This
information should be cross-referenced to the latest version of the Contractor’s
maintained Requirements Traceability Matrix (RTM) described below.
• Indicator for the affected functional area(s) of the system.
EFAST2 RFP
Section C, Page 238 of 242
DOL069RP20266

• Indicator for the critical or minor status of the system change.
• Assignment of a Contractor representative to serve as “owner” of the system change,
and clear indication of the status of the change in the system change life cycle. The
Contractor shall clearly establish the stages in the system change life cycle, and shall
update the CM reporting system with dates / times that a problem enters and leaves
each stage in the life cycle.
• For system defects and deficiencies as defined in Attachment M, indicator for
identification of the system change as pertaining to a system defect or deficiency, and
identification of and indicator for the Government or Contractor conducted test under
which the system defect or deficiency was identified.
• A reference to the full set of documentation maintained on the system change,
including system function affected, test cases established to verify and validate the
change, IQCU notes, priority, and designation of signoffs and certification package
required prior to implementing the change in the production system.
• Detailed tracking of the system change, including an anticipated implementation date,
description of the change or fix to be implemented, cross-reference to other related
system problem / change report(s) and / or system fixes, upgrades, or updates, QA
information, IQCU notes, and associated testing plans, results, and reports.
• Indicator and detailed description for any affected area(s) of system security, physical
security, or data security and any required changes to security procedures, policies, or
protocols as described in Section C.22.
• For system changes initiated through testing as described in Section C.21 or Section
E.8 or during initial development, subsequent upgrades, major “build” efforts, or
annual system rollover, an indicator of the associated test, references to associated test
documentation and deliverables, and clear detailed description of the test result
related to the identified system change.
• Indicator for and references to any filings for which processing may be affected by the
change, including description of risk associated with lost filing data and / or filings
that may be submitted but may not complete processing. A description using any
available information to identify the filings should be included, as well as tracking on
any contingency plans for recovery of lost data and/or filer notification, as described
in Section C.13.
• Indicator for and references to any end user data distributions or data dissemination
service access or availability affected by the system change, with clear and detailed
description of the number and type of users affected, anticipated or identified duration
of any lack of access or availability, data repositor(ies) affected, data distribution(s)
affected, classes of filings, data, or fields affected, and plan to ensure full access and
availability are restored upon implementation of the system change.
EFAST2 RFP
Section C, Page 239 of 242
DOL069RP20266

• Indicator for any performance standards as specified in Section C.2 for which
measured rates of compliance or performance may be affected as a result of the
system change, with description of measurement period affected. The IQCU shall
bear sole responsibility for updating this information in the CM reporting system.
• Indicator for and references to any documentation deliverables affected by the system
change, including deliverables for which changes pages will be required as a result of
the system change, upgrade, or update.
• Contractor signoffs and certifications at each stage of system change implementation,
including integration into the production system.

C.25.5 Closure of Error Reports
The Contractor shall implement policies, procedures, and protocols for reporting closure of
individual ERs that are consistent with best practices of quality control, quality assurance,
SDLCM, and CMMI Level 3 assessed procedures. A status of “closed” shall be marked in an ER
system problem report upon the Contractor’s determination and full documentation that the
system problem has been fully resolved and no longer affects system performance, functionality,
availability or security per the Government’s requirements and the performance standards
specified in Section C.2. A status of “closed” shall be marked in an ER system change report
upon the Contractor’s determination and full documentation that the change has been fully
implemented with no adverse impact on system performance, functionality, availability or
security per the Government’s requirements and the performance standards specified in Section
C.2. System problem resolutions or system changes shall not be implemented, and a status of
“closed” shall not be indicated, until the problem resolution or change has been fully tested and
reviewed in accordance with quality assurance, quality control, and testing procedures. ERs
created by the Government shall not be given a status of “closed” or considered resolved without
the written consent of the COTR. At the Government’s request, the Contractor shall provide the
Government with documentation that these requirements have been met for specified ERs, and
shall allow the Government access to independently verify that the system problem resolution or
change has been implemented as described in the CM reporting system.

C.25.6 Government Access
The Contractor shall provide the Government with real time access to the CM reporting system
as described in Section C.15.

While read-only access with query capability is acceptable for records in the CM reporting
system created by the Contractor, some Government users as specified by the COTR shall also
have the ability to create new records in the system for the purpose of documenting Government-
specific ERs. Records created by the Government shall not be given a status of “closed” or
considered resolved without the written consent of the COTR.

C.25.6.1 Government User Queries & Reporting
EFAST2 RFP
Section C, Page 240 of 242
DOL069RP20266

The CM reporting system shall include the ability for authorized Government users to query the
CM reporting system and create reports that can be viewed onscreen and printed. Users shall be
able to query records in the system by all reported categories described in Section C.25.2 and
C.25.3.

C.25.7 Error Reports Resolution and Closure
The Contractor shall ensure that all error reports are satisfactorily resolved and closed within 90
days of ER opening, unless otherwise agreed-upon and approved by the Government. Reference
Section H for warranty requirements pertaining to error reports considered documentation
pertaining to identified system defects/deficiencies and those considered non-defect error reports.
The Contractor shall work constructively with the Government to examine and resolve all entries
in a timely manner. The Contractor shall consider critical error reports to be of highest priority,
including Government-specific entries of identified system problems, change requests, incident
or error reports, and test result reports. Government-specific ERs shall not be given a status of
“closed” or considered resolved by the Contractor without the written consent of the COTR.

C.25.8 Configuration Management (CM) Plan
The Configuration Management (CM) Plan identifies the CM application and procedures to be
used to meet the reporting and tracking requirements described above. The CM Plan shall
include descriptions of the Contractor’s CM reporting system and associated protocols and
procedures for entering and maintaining records as well as closing records. The CM Plan shall
include sample record layouts with all reporting categories described and defined in detail, as
well as user guide documentation for Government users of the system. The CM Plan shall
include descriptions of the Contractor’s processes and procedures related to Configuration
Management including those relevant to Quality Assurance, Quality Control, or CMMI Level 3
or higher assessed procedures. In cases where those procedures are described in detail in other
deliverable documentation, the CM Plan may include a clear reference to such documentation.

The CM Plan shall follow the Contractor’s CMMI Level 3 or higher assessed processes and
procedures, and standards established by SDLCM version 2.1, IEEE/EIA 12207.2-1997 Sec
6.2/ISO 10007, and IEEE/EIA 12207.0-1996 Sec 5.2.4.5. The Contractor shall deliver the
document in accordance with the Schedule of Deliverables in Section F.

C.25.9 Requirements Traceability Matrix (RTM)
The Contractor shall establish and maintain a Requirements Traceability Matrix (RTM) that
specifies the relationship between system requirements and system modules for delivery in
accordance with the Schedule of Deliverables in Section F. The Contractor shall update its RTM
on a regular basis to ensure complete and accurate system requirements documentation is
maintained at all times. The Contractor shall build into the RTM the capability to routinely trace
system requirements and specifications through all levels of system design documentation and
system modules down to and including compiled source code and test design. The Contractor
shall update the RTM within 5 business days of receipt of Government requirements
EFAST2 RFP
Section C, Page 241 of 242
DOL069RP20266

clarifications, annual updates, contract modifications, or configuration control approved
requirements changes.

C.25.10 Annual Requirements Analysis Report
The Contractor shall produce a comprehensive Annual Requirements Analysis Report for
EFAST2 that shall include the Contractor’s detailed recommendations for system changes and
improvements with regard to procedures and processing. The Contractor shall deliver the Report
in accordance with the Schedule of Deliverables in Section F. The purpose of the analysis is to
improve the integration, efficiency, timeliness and feasibility of the processing functions of the
Contractor’s system. The Government’s suggestions for potential enhancements are listed in
Attachment O.
EFAST2 RFP
Section C, Page 242 of 242
DOL069RP20266













EFAST2 RFP
Section D
Packaging and Marking
EFAST2 RFP
Section D, Page 1 of 4
DOL069RP20266





This Page is Intentionally Left Blank
EFAST2 RFP
Section D, Page 2 of 4
DOL069RP20266

PART I - THE SCHEDULE
SECTION D – PACKAGING AND MARKING


D.1 Protective Packaging
All items shall be packed for domestic shipment in compliance with standards and practices of
the industry to ensure safe delivery without marks, scratches, dents, or other damage. Packaging
shall be such that shock and vibration incidental to shipping and handling does not affect the
characteristics of the packed items. Magnetic and/or optical media shall be protected from
extremes of temperature, humidity, and exposure to X-rays or other damaging environmental
factors.
D.2 Package Marking
Shipping containers shall be plainly and substantially marked to show DOL contract number and
title, delivery address, point of contact (including name and telephone number), sequential
container number, and a brief description of the contents. All sensitive data deliverables shall be
clearly marked as “Federal Confidential Data” and “Sensitive But Unclassified”. A packing list
shall accompany all deliveries that clearly describe all items contained in the package.
EFAST2 RFP
Section D, Page 3 of 4
DOL069RP20266





This Page is Intentionally Left Blank
EFAST2 RFP
Section D, Page 4 of 4
DOL069RP20266













EFAST2 RFP
Section E
Inspection and Acceptance

EFAST2 RFP
Section E, Page 1 of 16
DOL069RP20266





This Page is Intentionally Left Blank
EFAST2 RFP
Section E, Page 2 of 16
DOL069RP20266

PART I - THE SCHEDULE
SECTION E - INSPECTION AND ACCEPTANCE


E.1 52.252-2 CLAUSES INCORPORATED BY REFERENCE
This contract incorporates one or more clauses by reference, with the same force and effect as if
they were given in full text. These clauses are applicable to all periods after system acceptance.
Upon request, the Contracting Officer will make their full text available.

52.246-2 INSPECTION OF SUPPLIES – FIXED PRICE AUGUST 1996

E.2. GENERAL REQUIREMENTS FOR INSPECTION AND ACCEPTANCE
Inspection and acceptance of all work performed under this contract shall be by the Contracting
Officer or a duly authorized representative.

E.3 DELIVERABLE CERTIFICATION
The Contractor shall certify in writing to the Contracting Officer that the deliverables are
complete and ready for inspection and acceptance in accordance with the contractual
requirements of this contract.

E.4 INSPECTION AND ACCEPTANCE
Only the Contracting Officer, or other duly authorized representative, will perform inspection of
all deliverable items provided under this contract in accordance with the requirements outlined
herein. Only the Contracting Officer or his/her duly authorized representative may formally
accept deliverables under this contract. EFAST2 deliverables are segmented into two main
categories: project management deliverables, and technical deliverables.

E.4.1 INSPECTION AND ACCEPTANCE OF PROJECT MANAGEMENT
DELIVERABLES
For select project management deliverables identified in Section F, the Contractor shall submit
both draft and final versions. The Government will review, comment, and/or provide
recommendations to the Contractor on draft project management deliverables. Draft documents
shall only be submitted once for Government comment and/or recommendation. The Contractor
shall, in accordance with Section C.24, be responsive to the Government’s comments and/or
recommendations in completing the final version of the deliverable. The Government shall
inspect the final version of the deliverable for final Government acceptance in accordance with
Section E of the Contract. Any required revisions to correct identified deficiencies in the
Contractor’s final deliverable submission shall be performed and completed at “No Additional
Cost to the Government”.

E.4.2 INSPECTION AND ACCEPTANCE OF TECHNICAL DELIVERABLES

EFAST2 RFP
Section E, Page 3 of 16
DOL069RP20266

For select technical deliverables identified in Section F, the Contractor shall submit both draft
and final versions. The Government will review, comment, and/or provide recommendations to
the Contractor on draft technical deliverables. Draft documents shall only be submitted once for
Government comment and recommendation. The Contractor shall, in accordance with Section
C.24, be responsive to the Government’s comments and/or recommendations in completing the
final version of the deliverable. The Government shall inspect the final version of the deliverable
for final Government acceptance in accordance with Section E of the Contract. Any required
revisions to correct identified deficiencies in the Contractor’s final deliverable submission shall
be performed and completed at “No Additional Cost to the Government.”

E.5 INSPECTION AND ACCEPTANCE OF BASE PERIOD DELIVERABLES
E.5.1 DELIVERY OF BASE PERIOD DELIVERABLES
Base Period deliverables shall be submitted to the COTR in accordance with the delivery
requirements stated in Section C and Section F, except as otherwise specified by the
Government.

E.5.2 INSPECTION AND ACCEPTANCE OF BASE PERIOD DOCUMENTATION
DELIVERABLES
During Base Period, unless otherwise specified in the contract, or by mutual agreement in
writing, the Government will inspect each deliverable within 21 calendar days of delivery to
determine the acceptability of the deliverable. The Government will report on its inspection to
the Contractor in writing. Any comments, recommendations, and/or deficiencies shall be
remedied by the Contractor and incorporated into the deliverable for resubmission to the
Government within 14 calendar days after the Contractor’s receipt of the Government’s written
comments, recommendations and/or deficiencies. The Government will evaluate Base Period
design and documentation deliverables based on the following factors:

• Completeness, feasibility, and realism of the Offeror’s designs and plans for developing a
working prototype that meets the performance standards and functional requirements in
Section C.2.
• Compliance with Government and Industry Standards in Attachment N.
• Conformity with generally accepted best practices with regard to system design,
development, testing, implementation, validation, configuration control, staffing and
management, and operation.
• Addressing each component of EFAST2 at the fourth level of the Contract Work
Breakdown Structure (CWBS).
• Risk assessment, management, and mitigation, including technical risks, security risks,
cost risks, and risks associated with transition to another Contractor.
• Quality management aspects of the design, including quality assurance.
• Quality, completeness, clarity, and ease of use of the documentation.
EFAST2 RFP
Section E, Page 4 of 16
DOL069RP20266

When the identified deficiencies have been corrected, written notice of the Government’s
acceptance of the deliverable will be provided to the Contractor.

E.5.3 INSPECTION AND ACCEPTANCE OF BASE PERIOD FCT, SAT, SECURITY,
DATA, AND WEB-BASED DELIVERABLES
The Government will evaluate Functional Capability Test (FCT) results, Systems Acceptance
Test (SAT) results, security compliance requirements, data, and web-based deliverables during
the Base Period. Unless otherwise specified in the contract, or by mutual agreement in writing,
the Government will evaluate each deliverable within 21 calendar days of delivery to determine
the acceptability of the deliverable. The Government will report deficiencies to the Contractor in
writing. The Contractor shall correct all deficiencies prior to conduct of subsequent Government
FCTs or SAT and Security Compliance Review. The Government’s evaluation of FCT, SAT,
security compliance requirements, data, and web-based deliverables will be used based on the
following factors:

• Conformance with the data distribution requirements in Section C.15, and Attachment P
(Data Element Requirements), Attachment E (Interface Requirements Document), and
other relevant contract sections.
• Determination whether the deliverable fulfills all relevant functional requirements in
Section C and related contract sections.
• Conformance with the performance standards in Section C.2.
• Conformance with the security compliance requirements in Section C.22.
• Reliability, usability, and adequacy of web-based functionality.
Refer to contract Section E.8 for related FCT and SAT requirements, and contract Section H.12
for Warranty requirements.

E.6 INSPECTION AND ACCEPTANCE OF OPTION PERIOD I (1ST
COMPONENT) DELIVERABLES
During Option Period I (1
st
Component), the Contractor shall deliver, and the Government will
review for acceptance, contract deliverables in accordance with the delivery requirements stated
in Section C and Section F.

E.6.1 DELIVERY OF OPTION PERIOD I (1ST COMPONENT) DELIVERABLES
During Option Period I (1
st
Component), contract deliverables shall be submitted to the COTR in
accordance with the delivery requirements of Section C and Section F, except as otherwise
specified by the Government.

E.6.2 INSPECTION AND ACCEPTANCE OF OPTION PERIOD I (1ST
COMPONENT) DOCUMENTATION DELIVERABLES
During Option Period I (1
st
Component), unless otherwise specified in the contract, or by mutual
agreement in writing, the Government will inspect each deliverable within 21 calendar days of
EFAST2 RFP
Section E, Page 5 of 16
DOL069RP20266

delivery to determine the acceptability of the deliverable. The Government will report on its
inspection to the Contractor in writing. Any comments, recommendations, and/or deficiencies
shall be remedied by the Contractor and incorporated into the deliverable for resubmission to the
Government within 14 calendar days after the Contractor’s receipt of the Government’s written
comments, recommendation and/or deficiencies. The Government will evaluate Option Period I
design and documentation deliverables based on the following factors:

• Completeness, feasibility, and realism of the Offeror’s procedures and documentation
in support of a fully functional production system that meets the performance
standards and functional requirements in Section C.2.
• Compliance with Government and Industry Standards as specified in Attachment N.
• Conformity with generally accepted best practices with regard to system design,
development, testing, implementation, validation, configuration control, staffing and
management, and operation.
• Addressing each component of EFAST2 at the Level 4 of the CWBS.
• Risk assessment, management, and mitigation, including technical risks, security
risks, cost risks, and risks associated with transition to another Contractor.
• Quality management aspects of the design, including quality assurance.
• Quality, completeness, clarity, and ease of use of the documentation.
When the identified deficiencies have been corrected, written notice of the Government’s
acceptance of the deliverable will be provided to the Contractor.

E.6.3 INSPECTION AND ACCEPTANCE OF OPTION PERIOD I (1ST
COMPONENT) ADVANCED PRE-PROCESSING DATA DISSEMINATION
DELIVERABLES AND SECURITY COMPLIANCE
During Option Period I (1
st
Component), the Government will evaluate advanced pre-processing
data dissemination deliverables and compliance with security requirements based on the
following factors:

• Conformance with the data dissemination requirements in Section C.15, and
Attachment P (Data Element Requirements) and Attachment E (Interface
Requirements Document), and other relevant contract sections.
• Determination whether the deliverable fulfills all relevant functional requirements in
Section C, Attachment P, Attachment C, Attachment E, and Attachment F, and
related contract sections.
• Conformance with the performance standards in Section C.2.
• Conformance with the security compliance requirements in Section C.22.
The Government will base its decision to grant a Notice-To-Proceed (NTP) to Option Period I
(2
nd
Component) on the review of Base Period FCTs, SAT, the Government Security
Compliance Review, and all Base Period and Option Period I (1st Component) deliverables.
EFAST2 RFP
Section E, Page 6 of 16
DOL069RP20266

Refer to contract Section E.8 for related FCT and SAT requirements, contract Section C.22 for
security compliance requirements, and contract Section H.12 for warranty requirements.

E.7 INSPECTION AND ACCEPTANCE OF OPTION PERIOD I (2ND
COMPONENT) THROUGH OPTION PERIOD XI DELIVERABLES
During Option Period I (2
nd
Component) through Option Period XI, the Contractor shall deliver,
and the Government will review for acceptance, contract deliverables in accordance with the
delivery requirements stated in Section C and Section F.

E.7.1 DELIVERY OF OPTION PERIOD I (2ND COMPONENT) THROUGH
OPTION PERIOD XI DELIVERABLES
During Option Period I (2
nd
Component) through Option Period XI, contract deliverables shall be
submitted to the COTR in accordance with the delivery requirements of Section C and Section F.
The Contractor shall provide final confirmation of successful conduct of all tests, test reports,
and documentation, by letter to the Government.

E.7.2 INSPECTION AND ACCEPTANCE OF OPTION PERIOD I (2ND
COMPONENT) THROUGH OPTION PERIOD XI DOCUMENTATION
DELIVERABLES
During Option Period I (2
nd
Component) through Option Period XI, unless otherwise specified in
the contract, or by mutual agreement in writing, the Government will evaluate each deliverable
within 21 calendar days of delivery to determine the acceptability of the deliverable. The
Government will report on its inspection to the Contractor in writing. Any comments,
recommendations, and/or deficiencies shall be remedied by the Contractor and incorporated into
the deliverable for resubmission to the Government within 14 calendar days after the
Contractor’s receipt of the Government’s written comments, recommendation and/or
deficiencies. The Government will evaluate Option Period I (2
nd
Component) through Option
Period XI documentation deliverables based on the following factors:

• Completeness, feasibility, and realism of the Offeror’s procedures and documentation
in support of a fully functional production system that meets the performance
standards and functional requirements in Section C.2.
• Compliance with Government and Industry Standards specified in Attachment N.
• Conformity with generally accepted best practices with regard to system design,
development, testing, implementation, validation, configuration control, staffing and
management, and operation.
• Addressing each component of EFAST2 at the fourth level of the Contract Work
Breakdown Structure (CWBS).
• Risk assessment, management, and mitigation, including technical risks, security
risks, cost risks, and risks associated with transition to another Contractor.
• Quality management aspects of the design, including quality assurance and quality
control.
EFAST2 RFP
Section E, Page 7 of 16
DOL069RP20266

• Quality, completeness, clarity, and ease of use of the documentation.

E.7.3 INSPECTION AND ACCEPTANCE OF OPTION PERIOD I (2ND
COMPONENT) THROUGH OPTION PERIOD XI PROCESSING
DELIVERABLES
During Option Period I (2
nd
Component) through Option Period XI, the Government will
evaluate data disseminated based on the following factors:
• Conformance with the data dissemination requirements in Section C.15, and
Attachment P (Data Element Requirements) and Attachment E (Interface
Requirements Document), and other relevant contract sections.
• Determination whether the deliverable fulfills all relevant functional requirements in
Section C, Attachment P, Attachment C, Attachment E, and Attachment F, and
related contract sections.
• Conformance with the performance standards in Section C.2.
• Conformance with the security compliance requirements in Section C.22.
Each year during Option Period I (2
nd
Component) through Option Period XI, and before the
exercise of the succeeding option period, the Government will conduct an acceptance test of
structured data deliverables received during production to ensure that these deliverables can be
successfully loaded into the Government’s end user systems. The acceptance test will be based
on the validation checks, range checks, and related criteria documented in Attachment P (DER)
and Attachment E (IRD). At a minimum, the acceptance test will consist of the following
checks:

• SPONS-DFE-EIN must have 9 numbers and must not start with 00, 07, 08, 09, 17,
18, 19, 28, 29, 49, 78, 79, 89, 96 or 97
• SPONS-DFE-PN must be 001-999
• TAX-PRD must be valid YYYYMMDD (TAX-PRD will be renamed as Plan Year
End Date with valid value of YYYYMMDD)
• TRANS-CD must be valid (150, 151, 155, 156, 977)
• DOCUMENT-LOCATOR-NUMBER must start with 84, 86, 91, 56, 62, or 72
• DOCUMENT-LOCATOR-NUMBER must have valid doc code, and doc code must
match the format of the record
• TRANS-DATE must be a valid date (valid date = YYYYMMDD)
• RECORD-TYPE-CODE must be valid (C, D, E, I, J, K, L, M, N, O, P, R, S, T, W)
• Form 5500 Series record must be present and must always be the first record for a
filing
EFAST2 RFP
Section E, Page 8 of 16
DOL069RP20266

• Cannot have more than one Form 5500 Series record for a single filing (can’t have
duplicate DOCUMENT-LOCATOR-NUMBERs)
The Government will base its decision to exercise each successive option, from Option Period II
through Option Period XI, partly on the basis of its review of all production deliverables
delivered during the current production option period. Refer to contract Section E.8 for related
Functional Capability Test and System Acceptance Test requirements, contract Section C.22 for
Security Compliance requirements, and contract Section H.12 for warranty requirements.
EFAST2 RFP
Section E, Page 9 of 16
DOL069RP20266

E.8 INDEPENDENT GOVERNMENT TESTING & REVIEWS
The Government plans to conduct periodic independent functional testing, in-process reviews,
and security compliance reviews during the contract period. During the Base Period, such tests
and reviews will be conducted on the prototype and scale up systems. During Option Period I
(2nd Component) through Option Period XI, such tests and reviews will be conducted on the
production system. For functional tests, the Government will supply test cases (i.e., test filings),
as needed, and the Contractor shall produce the required outputs for Government inspection and
evaluation. For in-process and security compliance reviews, the Contractor’s support will be
required to operate the system or provide development and/or processing artifacts for the
Government’s inspection and evaluation. The Government reserves the right to conduct such
testing and reviews at any time during the contract period, at no additional cost to the
Government. The Government may use a third party contractor in support of the activities
discussed in this section.

E.8.1 BASE PERIOD GOVERNMENT TESTING & REVIEWS
During the Base Period, the Government will conduct a series of two independent Functional
Capability Tests (FCT) that target specific areas of functionality. FCT 1 will occur at the end of
the Base Period (1
st
Component) and will be a demonstration of the EFAST2 prototype system.
FCT 2 will occur at the end of the Base Period (2nd Component) and will be an end-to-end test
of the EFAST2 production system. During the Base Period (3
rd
Component), the Government
will perform an end-to-end System Acceptance Test (SAT) and a Security Compliance Review
to verify that the Contractor’s system is compliant with all requirements of the contract, and that
all necessary functionality, security controls, and scalability are provided. Deficiencies noted in
an FCT shall be corrected and retested, including system regression testing, prior to conduct of
the next FCT or SAT. Satisfactory completion of the SAT will be required before the
Government will conduct the Security Compliance Review. Satisfactory completion of the FCTs,
SAT, and the Government Security Compliance Review will be required before the Government
will grant a Notice-To-Proceed (NTP) to Option Period I (2
nd
Component) and commencement
of production operations. These formal tests are described below.

E.8.1.1 BASE PERIOD FCT 1 – PROTOTYPE TEST
FCT 1 will consist of a full end-to-end demonstration and test of the prototype system. The
Government will supply the Contractor with a series of up to 10,000 test cases (i.e., test filings)
to be run through the prototype. Government staff will be present to observe and conduct the
FCT at the Contractor’s site. The Contractor shall be responsible for processing the test cases
through the prototype system and producing all required outputs, including but not limited to:
filing acknowledgements, end-user data distributions, populating the public disclosure website,
tracking database extract, production control reports, and sample invoice reflecting the outcome
of the test.

E.8.1.2 BASE PERIOD FCT 2 – SCALEUP END-TO-END TEST
FCT 2 will consist of a full end-to-end test of the scale up system. The Government will supply
the Contractor with a series of up to 10,000 test cases (i.e., test filings) to be run through the
scale up system. Government staff will be present to observe and conduct the FCT at the
Contractor’s site. The Contractor shall be responsible for processing the test cases through the
EFAST2 RFP
Section E, Page 10 of 16
DOL069RP20266

scale up system and producing all required system outputs, including but not limited to: filing
acknowledgements, end-user data distributions, populating the public disclosure website,
tracking database extract, production control reports, and sample invoice reflecting the outcome
of the test.

E.8.1.3 BASE PERIOD SYSTEM ACCEPTANCE TEST (SAT)
During the Base Period (3
rd
Component), the Government will conduct an end-to-end System
Acceptance Test (SAT) to determine the EFAST2 system’s readiness for startup of processing
operations. The Government will supply the Contractor with up to 10,000 test cases to be run
through the production system. Government staff will be present to observe and conduct the SAT
at the Contractor’s site. The Contractor shall be responsible for processing the test cases through
the production system and producing all required outputs, including but not limited to: filing
acknowledgements, end-user data distributions, populating the public disclosure website,
tracking database extract, production control reports, and sample invoice reflecting the outcome
of the test. The Government will evaluate such factors as scalability, timeliness, accuracy, and
performance standards adherence.

Following SAT, the Contractor shall provide a written certification that the EFAST2 system
meets all contract requirements, including all performance and security requirements; that all of
the security controls specified in the National Institute of Standards and Technology (NIST)
Special Publication (SP) 800-53, Annex 2, Recommended Security Controls for Federal
Information Systems: Minimum Security Controls – Moderate Baseline, have been implemented
and tested satisfactorily; and that all critical and minor ERs have been corrected and retested,
including system regression testing.

E.8.1.4 BASE PERIOD SECURITY COMPLIANCE REVIEW
The Government will conduct an independent Security Compliance Review of the EFAST2
production system. The purpose of the Security Compliance Review is to verify that all security
controls specified in the NIST SP 800-53, Moderate Baseline, have been implemented in the
EFAST2 system. Prior to conducting the Security Compliance Review, the Government will
review all outputs and materials from the FCTs, SAT, and subsequent system regression testing
performed by the Contractor to verify correction of ERs, as well as the Contractor’s written
certification, and make a determination whether to perform the Security Compliance Review.

The Security Compliance Review will be an unstructured inspection of the EFAST2 security
controls, including the management, operational, and technical controls specified for a NIST SP
800-53 Moderate Baseline. The Government will also perform intrusive penetration testing of
the EFAST2 security boundary, internal and external testing, and testing of all external system
interconnections, as appropriate. The Government will also perform a thorough vulnerability
assessment of the EFAST2 operating environment, which may include social engineering
targeting the Contractor’s production and support staff.

The purpose of the formal FCTs, SAT, and Security Compliance Review planned for the Base
Period is to demonstrate the functional capability of the EFAST2 system, identify deficiencies
and anomalies in the prototype and production systems, and expose latent security vulnerabilities
in the EFAST2 operating environment. The Government does not intend to conduct more than
the planned tests and reviews during the Base Period. The Government's expectation is that the
EFAST2 RFP
Section E, Page 11 of 16
DOL069RP20266

planned tests and reviews will be sufficient to confirm that: (1) all required functionality
specified in the contract has been implemented in the production system; (2) all deficiencies and
anomalies have been identified and corrected in the production system; and (3) all latent security
vulnerabilities in the EFAST2 operating environment have been exposed and mitigated by
effective security controls. The Government requires this assurance prior to commencement of
processing operations. The Government reserves the right, however, to re-run either or both
FCTs, the SAT, and the Security Compliance Review if, in the Government’s determination,
these tests and reviews have exposed an excessive number of critical ERs or unmitigated security
vulnerabilities that would prevent the Government from commencing processing operations.

Based in part on the SAT and in part on the Security Compliance Review, the Government will
make a determination whether to commence processing operations. If the Government elects to
commence processing operations, a formal Notice-To-Proceed (NTP) to Option Period I (2
nd

Component) will be granted to the Contractor.

E.8.1.5 BASE PERIOD IN-PROCESS REVIEWS
In addition to the two FCTs, SAT, and the Security Compliance Review, the Government, at its
discretion, may conduct one or more In-Process Reviews (IPR) of the Contractor’s system
development processes. The Government may, at its discretion, schedule an IPR at any time
during the Base Period. The IPR(s) will be conducted by the COTR and/or other Government
staff or representatives, as designated by the COTR.

The Government plans to conduct one IPR during the Base Period. The purpose of the planned
IPR is to ensure that the Government’s System Development Life Cycle Management (SDLCM)
methodology and the Contractor’s internal Software Engineering Institute (SEI) Capability
Maturity Model Integration (CMMI) procedures are clearly documented and are being followed
on the EFAST2 contract.

The planned IPR will consist of a documentation review, including both deliverable
documentation specified in Section F as due prior to the review, as well as additional, non-
deliverable documentation prepared by the Contractor for use by EFAST2 staff and providing
corporate or project-specific policies, procedures, and documentation. The review shall include,
but will not be limited to, inspection and review of the following materials:

• The Contractor's Requirements Traceability Matrix (RTM), as described in Section
C.25

• Quality Assurance (QA) and Quality Control (QC) materials, such as specifications,
plans, and sample reports, as described in Section C.19 and Section C.20

• Web content management documentation and procedures, as described in Section
C.10.2

• Design documentation, as described in Section C.1.2

EFAST2 RFP
Section E, Page 12 of 16
DOL069RP20266

• Internal procedures documentation, invoicing materials, software development
materials, and all other documentation related to design, development, and testing of
the prototype system.

Government staff will be present to conduct the IPR(s) at the Contractor’s site. The Contractor is
not required or expected to make preparations for the IPR(s) beyond simply hosting Government
staff charged with carrying out the IPR and making copies of all requested documentation
available for Government inspection and review. The Government will provide documentation
describing all findings from the IPR(s) to the Contractor. Critical findings shall be tracked and
reported through the configuration management reporting system described in Section C.25, and
remediated by the Contractor in accordance with the requirements of Section E, Section F, and
Section H.

E.8.2 OPTION PERIOD I (2ND COMPONENT) THROUGH OPTION PERIOD XI
GOVERNMENT TESTING & REVIEWS
Prior to rollover to each processing year during Option Period I (2nd Component) through
Option Period XI, the Government will require assurance that all Annual Rollover Changes,
critical and minor error report (ER) corrections, and system enhancements, including applicable
system security updates, are properly implemented on the production system. Rollover will occur
in January of each option year. Prior to rollover, the Government will evaluate such factors as
scalability, timeliness, accuracy, performance standards adherence, security, and annual rollover
changes.

At the Government’s discretion, the Government may elect to rely on the Contractor’s testing to
provide the required assurance. The Government reserves the right, however, to conduct an
independent System Acceptance Test (SAT) and Security Compliance Review to provide the
required assurance. The Government’s independent test and review shall in no way serve as a
substitute for the Contractor’s internal testing program, and the Contractor shall provide written
certification that the rollover system meets all contract requirements, including compliance with
security requirements. Deficiencies noted in any Contractor or Government test or review shall
be corrected and retested, including system regression testing, before the Government will grant
a Notice-To-Proceed (NTP) to rollover to the next processing year.

If the Government elects to conduct an independent SAT and Security Compliance Review, the
Government will evaluate such factors as scalability, timeliness, accuracy, performance
standards adherence, security, and annual rollover changes. The Government will supply the
Contractor with up to 10,000 test cases (i.e., test filings) to exhibit the identified functionality.
Government staff will be present to observe and conduct the SAT and perform the Security
Compliance Review at the Contractor’s EFAST2 facility. The Contractor shall be responsible for
processing the test cases through the production system and producing all required outputs,
including but not limited to, filing acknowledgements, end-user data distributions, populating the
public disclosure website, tracking database extract, production control reports, and sample
invoice reflecting the outcome of the test.

The Government SAT will be designed primarily to independently test all annual rollover
changes to the Government's satisfaction.

EFAST2 RFP
Section E, Page 13 of 16
DOL069RP20266

All outputs and materials will be reviewed in accordance with Section E, Inspection and
Acceptance, clauses.

The Government’s expectation is that only one SAT and Security Compliance Review will be
required during each of Option Period I (2nd Component) through Option Period XI to confirm
that all identified deficiencies and anomalies have been corrected in the production system. The
Government reserves the right, however, to re-run SAT and/or the Security Compliance Review
if, in the Government’s determination, an excessive number of critical ERs or security
vulnerabilities have been exposed that would prevent the Government from authorizing rollover
operations.

E.8.3 GOVERNMENT-SUPPLIED TEST CASE STRUCTURE AND FORMAT AND
IFILE-BASED TEST FILING TOOL
Throughout the duration of the Contract, the Contractor shall establish provisions for allowing
approved Government representatives to supply test cases to the Contractor for purposes of
running the test cases through the prototype and production processing systems and producing
the required test system outputs. The Contractor shall supply the required test distribution files
resulting from the test cases, as specified in Attachment E.

The Government intends to use the Contractor's IFILE software as the preferred Test Filing Tool
to author, sign, and submit test filings to the Contractor. Accordingly, the Contractor shall
deliver preliminary versions of IFILE to the Government during the Base Period and throughout
the duration of the Contract, that are suitable for use by the Government. The Contractor shall
ensure that these versions of IFILE provide the Government with the capability to author, sign,
and submit test filings to the Contractor, including “exception” filings that fail one or more XML
schema or edit test validation checks for testing purposes, and batch filing submissions. The
Contractor shall work collaboratively with the Government to establish an approved test case
structure using the IFILE test tool that is conducive to submitting test cases to the prototype or
production systems, and receiving the required outputs.

The Contractor shall develop a batch submission capability that shall allow the Government to
submit batches of filings using the IFILE test tool. The IFILE test tool batch filing submission
capability shall be subject to the batch filing submission limits contained in C.10.4.1.

E.8.4 GOVERNMENT-SUPPLIED TEST CASES AND TEST EXECUTION
The Government will supply test filings to the Contractor for three primary purposes:

• FCT and SAT testing (up to 10,000 test filings per FCT or SAT).

• ER retesting (up to 500 test filings per month) as will be required to confirm that
critical and minor ER fixes have been successfully implemented in the prototype or
production environments.

• Annual system rollover testing to confirm that system rollover changes have been
successfully implemented (up to 10,000 test cases per annual rollover). At least two
months prior to rollover, the Government will supply test cases to the Contractor to
be run through the development system.
EFAST2 RFP
Section E, Page 14 of 16
DOL069RP20266


The Contractor shall establish a process and procedures by which the Government may log into
either the prototype/development or production systems, submit test filings using the IFILE-
based Test Filing Tool, and create test distribution(s) containing only those test filings. Within 24
hours of receipt of Government test filings, the Contractor shall accept and process Government-
supplied test cases through the prototype/development or production systems and produce the
required outputs. The Contractor shall submit test filings to either the prototype/development or
production systems, per the Government’s request, and shall ensure that the test filings are
processed by the EFAST2 prototype/development or production processing flows as if they were
actual received electronic filings.

The Government will require successful processing of specific test cases in order for the
Contractor to pass FCT or SAT, to verify and validate the closing of minor or critical ERs, and to
authorize operations at startup or rollover.

E.8.5 TEST DISTRIBUTION FILES BASED ON GOVERNMENT TEST CASES
The Contractor shall deliver test outputs in response to the Government’s supplied test cases for
inspection and acceptance. Test outputs shall include, at a minimum, the tracking database and
“push” data distributions described in Attachment E. The Contractor shall deliver test outputs in
a format and manner that clearly labels the outputs as test outputs and not production outputs.
Test outputs shall not be commingled with production outputs but shall be clearly segmented
from production outputs in a readily identifiable manner, such as a separate file.

E.9 PROCESSING COMPLIANCE REVIEWS
The Contractor shall assist the DOL EFAST2 Program Office, DOL Inspector General, General
Accounting Office, DOL and IRS systems and operations staff, Treasury Inspector General for
Tax Administration (TIGTA), and any other Government oversight groups approved by the
Contracting Officer or the COTR in the conduct of reviews of EFAST2 system, management,
and invoicing operations.

The Contractor shall support Government conduct of periodic Processing Compliance Reviews
to audit the Contractor’s EFAST2 operations. Processing Compliance Reviews may include
reviews of the following activities: 1) audit the Contractor’s QC Report; 2) independently
replicate Contractor performance standard calculations; 3) audit the Contractor's invoicing and
incentive payment calculations; 4) evaluate compliance with security requirements; and 5)
review other EFAST2 system processes and functions, as deemed necessary by the Contracting
Officer or the COTR. The Contractor shall provide routine access to Contractor facilities,
databases, logs, personnel, and records to auditors and designated Government review teams.
Upon Government request, the Contractor shall provide copies of documents to include, but not
limited to, system documentation, computer programs, transaction flow charts, tables, invoice
and incentive calculation materials, QC artifacts, and related information. The Contractor shall
provide read-only access to any specialized accounting, invoicing, QC, personnel, or
management software packages that can be audited only via direct access through the specialized
software package.

Up to six Processing Compliance Reviews may be conducted by the Government per contract
award period. The Government may designate one or more third party contractor(s) specifically
EFAST2 RFP
Section E, Page 15 of 16
DOL069RP20266

tasked with conducting EFAST2 reviews to conduct the Processing Compliance Reviews of
EFAST2 system, management, and invoicing operations.
EFAST2 RFP
Section E, Page 16 of 16
DOL069RP20266













EFAST2 RFP
Section F
Schedule of Deliverables
EFAST2 RFP
Section F, Page 1 of 30
DOL069RP20266





This Page is Intentionally Left Blank
EFAST2 RFP
Section F, Page 2 of 30
DOL069RP20266

PART I - THE SCHEDULE
SECTION F - DELIVERIES OR PERFORMANCE
F.1 52.252-2 Clauses Incorporated by Reference
This contract incorporates one or more clauses by reference, with the same force and effect as if
they were given in full text. Upon request, the Contracting Officer will make their full text
available. Clauses may be electronically accessed at http://www.arnet.gov/far

F.2 52.242-15 Stop-Work Order (August 1989) [Incorporated by Reference]
F.3 Period of Performance
Refer to Exhibit C.1.1.1 for definitions of relevant EFAST2 Periods of Performance as described
in this section.

F.4 Delivery Medium
The Contractor shall deliver all documentation deliverables in both paper and electronic (PDF)
format. The Contractor shall deliver all media deliverables in the media specified in the
Statement of Work.

F.5 Schedule of Deliverables
The Contractor shall furnish to the Program Office the items listed in the Schedule of
Deliverables by the listed due date. The Contractor shall notify the Program Office of all
deliveries by submitting a signed certification to the Program Office notifying the Program
Office that the deliverable has been submitted in accordance with the requirements of this
Contract. Deliverable dates that fall on a Government holiday, a Saturday, or Sunday, shall be
due on the next business day.

F.6 Use of Contractor Internal Documentation to Satisfy Section F Deliverable
Requirements
The deliverable documentation requirements for this project are listed in Section F, with cross-
references provided to the Contract clause describing the specific deliverable. The Contractor
may submit internal documentation required to meet company system development guidelines as
a substitute for comparable documentation required under Section F, as described in Section
C.19, provided the Contractor provides adequate justification for the proposed substitution and
receives Contracting Officer approval in writing for the substitution. The Contractor shall
request Contracting Officer permission to submit substitute documentation, and clearly identify
the substitute deliverable and the deliverable being substituted. Substitute deliverables shall be
subject to the Section E inspection and acceptance procedures.

EFAST2 RFP
Section F, Page 3 of 30
DOL069RP20266





This Page is Intentionally Left Blank
EFAST2 RFP
Section F, Page 4 of 30
DOL069RP20266
SCHEDULE OF DELIVERABLES
Base Period -- Contract Award to 12/31/2008
Planning, Requirements Review, Design, Development, Testing, Certification, Implementation, and Disposition
Num Item Description of Deliverable Quantity Due Date Section Reference
Base Period (1st Component) Prototype
Award through 12/31/2007
D1 Draft Integrated Master Plan 1 5/1/2007
F1 Integrated Master Plan 1 6/30/2007 C.24.3
D2 Draft Integrated Master Schedule 1 5/1/2007
F2 Integrated Master Schedule 1 6/30/2007 C.24.4
D3 Draft Contract Work Breakdown Structure
1 Draft CWBS 1 5/1/2007
2 Draft CWBS Dictionary 1 5/1/2007
3 Draft CWBS-to-SOW Traceability Matrix 1 5/1/2007
F3 Contract Work Breakdown Structure
1 CWBS 1 6/30/2007 C.24.5
2 CWBS Dictionary 1 6/30/2007 C.24.5
3 CWBS-to-SOW Traceability Matrix 1 6/30/2007 C.24.5
D4 Draft Performance Measurement Baseline 1 5/1/2007
F4 Performance Measurement Baseline 1 6/30/2007 C.24.6
D5 Draft Project Risk Management Plan 1 5/1/2007
F5 Project Risk Management Plan 1 6/30/2007 C.24.10
6 Contract Performance Report 1 Monthly C.24.7
7 Contract Funds Status Report 1 Monthly C.24.9
8 Monthly Work and Management Report
1 Report on progress, problems, schedule, plans and cost 1 Monthly C.24.12
2 Security Progress Report 1 Monthly C.24.12, C.22.4.1
3 Quality Assurance Report 1 Monthly C.24.12, C.19.19
4 Contact Center Call Report 1 Monthly C.24.12, C.18.17
5 List of Third Party Software Developer Certifications 1 Monthly C.24.12, C.10.6.6.4
9 Notification to COTR of Problems, Errors, or Breach of Security 1 As Needed C.24.13
D10 Draft Security Risk Assessment 1 5/1/2007
F10 Security Risk Assessment 1 6/15/2007 C.22.4.2.2
11 Production Recruiting and Training Plan 1 6/15/2007 C.24.11
12 Requirements Traceability Matrix (RTM) 1 6/15/2007 C.25.9
13 Quality Assurance Plan 1 6/15/2007 C.19.18
D14 Draft Quality Control Procedures Manual 1 5/1/2007
F14 Quality Control Procedures Manual 1 6/15/2007 C.20.15.2
15 Configuration Management Plan 1 6/15/2007 C.25.8
D16 Draft Detailed System Design 1 5/1/2007
F16 Detailed System Design 1 6/15/2007 C.1.2.1.3
17 Third Party Software Test Plan & Certification Procedures 1 6/15/2007 C.10.6.6.4
18 Procedures for Web Review & Approval 1 6/15/2007 C.10.2.11
19 Web Portal Design
1 1st Iteration 1 6/30/2007 C.10.2.6
2 2nd Iteration 1 9/30/2007 C.10.2.6
20 IFILE Functional Specification 1 7/1/2007 C.10.5.14
D21 Draft System Security Plan 1 7/1/2007
F21 System Security Plan 1 8/15/2007 C.22.4.2.1
22 Final Plan Year 2008 and Plan Year 2009 Form / Schedule Proofs
1 PDF Files 1 8/1/2007 C.17.3
2 Source Files 1 8/1/2007 C.17.3
23 Government & Contractor User Authorization and Credentials 1 8/1/2007 C.10.3.4
D24 Draft IFILE / Test Filing Tool 1 8/1/2007
F24 IFILE / Test Filing Tool 1 9/15/2007 C.10.5.15
25 IFILE User's Guide 1 9/15/2007 C.10.5.13
26 Contingency Plan (Continuity of Operations Plan) -- Initial
1 COOP 1 11/1/2007 C.22.4.2.3
2 Test Plan 1 11/1/2007 C.22.4.2.3
EFAST2 RFP
Section F, Page 5 of 30
DOL069RP20266
SCHEDULE OF DELIVERABLES
Base Period -- Contract Award to 12/31/2008
Planning, Requirements Review, Design, Development, Testing, Certification, Implementation, and Disposition
Num Item Description of Deliverable Quantity Due Date Section Reference
27 Software Developer Specification
1 Software Developer User's Guide and Specifications 1 12/1/2007 C.10.6.5
2 Transmission File Structure 1 12/1/2007 C.10.6.5
3 XML DER Vol 1 & 2 1 12/1/2007 C.10.6.5
28 Participant Acceptance Testing System (PATS) Package
1 PATS Application 1 12/1/2007 C.10.6.6.3
2 PATS Procedures and Certification Criteria 1 12/1/2007 C.10.6.6.3
3 PATS Test Filings 1 12/1/2007 C.10.6.6.3
29 Third Party Software Developer Conference Materials 1 12/1/2007 C.10.6.3
30 System Test Plan(s) 1 As Proposed C.21.3.1
31 System Test Report(s) 1 As Proposed C.21.3.3
32 Prototype Operational Readiness Declaration
1 Checklist 1 12/1/2007 C.21.3.8
2 Certification 1 12/1/2007 C.21.3.9
33 FCT #1 -- Test Prototype
1 Agency-specific distributions 1 12/8/2007 E.8.3, E.8.5
2 Other FCT outputs 1 12/8/2007 E.8.1.1
Base Period (2nd Component) Scale up
1/1/2008 through 7/31/2008
34 Integrated Master Schedule Update 1 1/15/2008 C.24.3
35 Contract Performance Report 1 Monthly C.24.7
36 Contract Funds Status Report 1 Monthly C.24.9
37 Monthly Work and Management Report
1 Report on progress, problems, schedule, plans and cost 1 Monthly C.24.12
2 Security Progress Report 1 Monthly C.24.12, C.22.4.1
3 Quality Assurance Report 1 Monthly C.24.12, C.19.19
4 Contact Center Call Report 1 Monthly C.24.12, C.18.17
5 List of Third Party Software Developer Certifications 1 Monthly C.24.12, C.10.6.6.4
38 Notification to COTR of Problems, Errors, or Breach of Security 1 As Needed C.24.13
39 Detailed System Design Update 1 1/15/2008 C.1.2.1.3
40 Implementation Plan 1 3/15/2008 C.21.3.2
41 HW / SW Refresh Plan 1 3/15/2008 C.17.4
42 Service Level Agreement 1 4/15/2008 C.13.8.1
43 IFILE / Test Filing Tool Update 1 5/1/2008 C.10.5.15
44 IFILE User's Guide Update 1 5/1/2008 C.10.5.13
45 EFAST2 Guide for Filers & Service Providers 1 5/1/2008 C.10.6.4
46 Annual Security Risk Assessment 1 6/1/2008 C.22.4.2.2
47 Project Risk Management Plan Update 1 6/1/2008 C.24.10
D48 Draft System Documentation 1 4/15/2008
F48 System Documentation 1 6/1/2008 C.17.2
49 Contact Center Operational Procedures Manual 1 6/1/2008 C.18.20
50 Data Dissemination Service (DDS) User's Guide(s)
1 Public User Guide 1 6/1/2008 C.15.7
2 Government User Guide 1 6/1/2008 C.15.7
51 Government End User Customer Satisfaction Survey 1 6/30/2008 C.20.16
52 Operating Capacity Report
1 Current Operating Capacity 1 7/15/2008 C.13.8.3.1
2 System Sizing Analysis 1 7/15/2008 C.13.8.3.2
53 Benchmark Report 1 7/15/2008 C.13.8.4
54 System Test Plan(s) 1 As Proposed C.21.3.1
55 System Test Report(s) 1 As Proposed C.21.3.3
56 Scale up Operational Readiness Declaration
1 Checklist 1 6/16/2008 C.21.3.8
2 Certification 1 6/16/2008 C.21.3.9
57 FCT #2 -- Scale up End-to-End Test
EFAST2 RFP
Section F, Page 6 of 30
DOL069RP20266
SCHEDULE OF DELIVERABLES
Base Period -- Contract Award to 12/31/2008
Planning, Requirements Review, Design, Development, Testing, Certification, Implementation, and Disposition
Num Item Description of Deliverable Quantity Due Date Section Reference
1 Agency-specific distributions 1 7/1/2008 E.8.3, E.8.5
2 Other FCT outputs 1 7/1/2008 E.8.1.2
Base Period (3rd Component) SAT
8/1/2008 through 12/31/2008
58 Integrated Master Schedule Update 1 8/1/2008 C.24.3
59 Contract Performance Report 1 Monthly C.24.7
60 Contract Funds Status Report 1 Monthly C.24.9
61 Monthly Work and Management Report
1 Report on progress, problems, schedule, plans and cost 1 Monthly C.24.12
2 Security Progress Report 1 Monthly C.24.12, C.22.4.1
3 Quality Assurance Report 1 Monthly C.24.12, C.19.19
4 Contact Center Call Report 1 Monthly C.24.12, C.18.17
5 List of Third Party Software Developer Certifications 1 Monthly C.24.12, C.10.6.6.4
62 Notification to COTR of Problems, Errors, or Breach of Security 1 As Needed C.24.13
63 COOP Test Report -- Initial 1 9/1/2008 C.22.4.2.3
64 SAT and Operational Readiness Declaration
1 Checklist 1 9/1/2008 C.21.3.8
2 Certification 1 9/1/2008 C.21.3.9
65 SAT
1 Agency-specific distribution products 1 9/18/2008 E.8.3, E.8.5
2 Other SAT outputs 1 9/18/2008 E.8.1.3
66 Base Year Disposition/Closeout Plan
1 Transition Plan 1 12/21/2008 C.24.14
2 Source Code 1 12/21/2008 C.24.14
3 Program materials, documentation, media, GFI, and equipment 1 12/21/2008 C.24.14
Other Key Base Period Activities
Integrated Baseline Review (IBR) C.24.8
Base Period In-Process Review E.8.1.5
Requirements Clarification Meetings C.1.2.1.2
Third Party Software Developer Conference C.10.6.3
Security Compliance Review C.8.1.4, C.22.1.4
Personnel Clearances C.22.3
Functional Capability Test #1 E.8.1.1
Functional Capability Test #2 E.8.1.2
Systems Acceptance Test E.8.1.3
EFAST2 RFP
Section F, Page 7 of 30
DOL069RP20266
SCHEDULE OF DELIVERABLES
Option Period I -- 8/1/2008 to 6/30/2009
Advance Pre-processing activities, Startup, Processing
Num Item Description of Deliverable Quantity Due Date Section Reference
Option Period I (1st Component) Advance Pre-processing
8/1/2008 through 12/31/2008
101 Integrated Master Schedule Update 1 8/15/2008 C.24.3
102 Contract Work Breakdown Structure Update
1 CWBS Update 1 8/15/2008 C.24.5
2 CWBS Dictionary Update 1 8/15/2008 C.24.5
3 CWBS-to-SOW Traceability Matrix Update 1 8/15/2008 C.24.5
103 Performance Measurement Baseline Update 1 8/15/2008 C.24.6
104 Contract Performance Report 1 Monthly C.24.7
105 Monthly Work and Management Report (sample)
1 Report on progress, problems, schedule, plans and cost 1 9/1/2008 C.24.12
2 Security Progress Report 1 9/1/2008 C.24.12, C.22.4.1
3 Quality Assurance Report 1 9/1/2008 C.24.12, C.19.19
4 Contact Center Call Report 1 9/1/2008 C.24.12, C.18.17
5 List of Third Party Software Developer Certifications 1 9/1/2008 C.24.12, C.10.6.6.4
106 Notification to COTR of Problems, Errors, or Breach of Security 1 As Needed C.24.13
107 Annual System Security Plan 1 8/15/2008 C.22.4.2.1
108 Implementation Plan 1 8/15/2008 C.21.3.2
109 Stakeholder Outreach Conference Materials 1 8/15/2008 C.1.3.1.4
110 Production Recruiting and Training Plan 1 8/15/2008 C.24.11
111 Electronic Filing Kickoff Postcard 1 9/1/2008 C.10.3.7
112 Fixed-Price Invoice (sample) 1 9/1/2008
113 PC Reports (sample) 1 9/15/2008 C.6.5
114 Quality Control Reports (sample) 1 9/15/2008 C.20.15.1
115 Contact Center Daily Report (sample) 1 9/15/2008 C.18.18
116 Call Center Service Ticket (sample) 1 9/15/2008 C.18.2
117 Transmission of Structured Data Records to End Users (sample)
1 EBSA XML Return Transaction File 1 10/15/2008 C.15.3.4, Attachment E
2 EBSA Structured Return Transaction File 1 10/15/2008 C.15.3.4, Attachment E
3 IRS XML Return Transaction File 1 10/15/2008 C.15.3.4, Attachment E
4 IRS Structured Return Transaction File 1 10/15/2008 C.15.3.4, Attachment E
5 PBGC XML Return Transaction File 1 10/15/2008 C.15.3.4, Attachment E
6 PBGC Structured Return Transaction File 1 10/15/2008 C.15.3.4, Attachment E
7 PBGC Control File 1 10/15/2008 C.15.3.4, Attachment E
8 EBSA Annual XML Archive File 1 10/15/2008 C.16.3, Attachment E
9 EBSA Annual E-Mail Archive File 1 10/15/2008 C.16.3, C.18.9, Attachment E
118 Contingency Plan (Continuity of Operations Plan) -- Update I
1 COOP 1 11/1/2008 C.22.4.2.3
2 Test Plan 1 11/1/2008 C.22.4.2.3
119 Certification and Warranty 1 10/15/2008 H.12
120 Documentation replacement pages 1 As Needed C.24.16
Option Period I (2nd Component) Startup Processing
1/1/2009 through 6/30/2009
D121 Draft Project Risk Management Plan 1 2/1/2009
F121 Project Risk Management Plan 1 3/15/2009 C.24.9
122 Monthly Work and Management Report
1 Report on progress, problems, schedule, plans and cost 1 Monthly C.24.12
2 Security Progress Report 1 Monthly C.24.12, C.22.4.1
3 Quality Assurance Report 1 Monthly C.24.12, C.19.19
4 Contact Center Call Report 1 Monthly C.24.12, C.18.17
5 List of Third Party Software Developer Certifications 1 Monthly C.24.12, C.10.6.6.4
123 Notification to COTR of Problems, Errors, or Breach of Security 1 As Needed C.24.13
124 Contact Center Daily Report 1 Daily C.18.18
125 PC Reports 1 Weekly C.6.5
126 Quality Control Reports 1 Monthly C.20.15.1
EFAST2 RFP
Section F, Page 8 of 30
DOL069RP20266
SCHEDULE OF DELIVERABLES
Option Period I -- 8/1/2008 to 6/30/2009
Advance Pre-processing activities, Startup, Processing
Num Item Description of Deliverable Quantity Due Date Section Reference
127 System Performance Report 1 Monthly C.13.8.5, C.14.4.3
128 Large Plan Monthly Report 1 Monthly C.6.6
129 Listing of Government & Contractor Users with Credentials 1 Monthly C.10.3.4
130 Record Retrieval 1 As Needed C.9.2
131 Documentation replacement pages 1 As Needed C.24.16
132 Transmission of Structured Data Records to End Users
1 EBSA XML Return Transaction File 1 Daily C.15.3.4, Attachment E
2 EBSA Structured Return Transaction File 1 Daily C.15.3.4, Attachment E
3 IRS XML Return Transaction File 1 Daily C.15.3.4, Attachment E
4 IRS Structured Return Transaction File 1 Daily C.15.3.4, Attachment E
5 PBGC XML Return Transaction File 1 Weekly C.15.3.4, Attachment E
6 PBGC Structured Return Transaction File 1 Weekly C.15.3.4, Attachment E
7 PBGC Control File 1 Weekly C.15.3.4, Attachment E
8 EBSA Annual XML Archive File 1 6/30/2009 C.16.3, Attachment E
9 EBSA Annual E-Mail Archive File 1 6/30/2009 C.16.3, C.18.9, Attachment E
133 Requirements Traceability Matrix (RTM) 1 3/15/2009 C.25.9
134 Quality Assurance Plan 1 3/15/2009 C.19.18
D135 Draft Detailed System Design 1 2/1/2009
F135 Detailed System Design 1 3/15/2009 C.1.2.1.3
D136 Draft Quality Control Procedures Manual 1 2/15/2009
F136 Quality Control Procedures Manual 1 4/1/2009 C.20.15.2
137 HW / SW Refresh Plan 1 4/1/2009 C.17.4
138 Configuration Management Plan 1 4/1/2009 C.25.8
139 Service Level Agreement 1 4/15/2009 C.13.8.1
140 Annual Requirements Analysis Report 1 5/1/2009 C.25.10
D141 Draft Security Risk Assessment 1 4/15/2009
F141 Security Risk Assessment 1 6/1/2009 C.22.4.2.2
D142 Draft System Documentation 1 4/15/2009
F142 System Documentation 1 6/1/2009 C.17.4
143 Operating Capacity Report
1 Current Operating Capacity 1 6/30/2009 C.13.8.3.1
2 System Sizing Analysis 1 6/30/2009 C.13.8.3.2
144 Benchmark Report 1 6/30/2009 C.13.8.4
145 Government End User Customer Satisfaction Survey 1 6/30/2009 C.20.16
146 System Test Plan(s) 1 As Proposed C.21.4.1
147 System Test Report(s) 1 As Proposed C.21.4.2
148 Option Period I Disposition/Closeout Plan
1 Transition Plan 1 6/1/2009 C.24.14
2 Source Code 1 6/1/2009 C.24.14
3 Program materials, documentation, media, GFI, and equipment 1 6/1/2009 C.24.14
Other Key Option Period I Activities
Stakeholder Outreach Conference C.1.3.1.4
Personnel Clearances C.22.3
Government Testing and Reviews E.8.2
Processing Compliance Reviews E.9
EFAST2 RFP
Section F, Page 9 of 30
DOL069RP20266
SCHEDULE OF DELIVERABLES
Option Period II -- 7/01/2009 to 6/30/2010
Processing Year 2009 Operations, Rollover to Processing Year 2010
Num Item Description of Deliverable Quantity Due Date Section Reference
Processing Year 2009
7/1/2009 through 6/30/2010
D201 Draft Project Risk Management Plan 1 8/1/2009
F201 Project Risk Management Plan 1 9/15/2009 C.24.10
202 Monthly Work and Management Report 1 Monthly C.24.12
1 Report on progress, problems, schedule, and plans 1 Monthly C.24.12
2 Security Progress Report 1 Monthly C.24.12, C.22.4.1
3 Quality Assurance Report 1 Quarterly C.24.12, C.19.19
4 Contact Center Call Report 1 Monthly C.24.12, C.18.17
5 List of Third Party Software Developer Certifications 1 Monthly C.24.12, C.10.6.6.4
203 Notification to COTR of Problems, Errors, or Breach of Security 1 As Needed C.24.13
204 Contact Center Daily Report 1 Daily C.18.18
205 PC Reports 1 Weekly C.6.5
206 Quality Control Reports 1 Monthly C.20.15.1
207 System Performance Report 1 Monthly C.13.8.5, C.14.4.3
208 Large Plan Monthly Report 1 Monthly C.6.6
209 Listing of Government & Contractor Users with Credentials 1 Monthly C.10.3.4
210 Record Retrieval 1 As Needed C.9.2
211 Documentation replacement pages 1 As Needed C.24.16
212 Transmission of Structured Data Records to End Users
1 EBSA XML Return Transaction File 1 Daily C.15.3.4, Attachment E
2 EBSA Structured Return Transaction File 1 Daily C.15.3.4, Attachment E
3 IRS XML Return Transaction File 1 Daily C.15.3.4, Attachment E
4 IRS Structured Return Transaction File 1 Daily C.15.3.4, Attachment E
5 PBGC XML Return Transaction File 1 Weekly C.15.3.4, Attachment E
6 PBGC Structured Return Transaction File 1 Weekly C.15.3.4, Attachment E
7 PBGC Control File 1 Weekly C.15.3.4, Attachment E
8 EBSA Annual XML Archive File 1 6/30/2010 C.16.3, Attachment E
9 EBSA Annual E-Mail Archive File 1 6/30/2010 C.16.3, C.18.9, Attachment E
213 Quality Assurance Plan 1 8/1/2009 C.19.18
214 Final Plan Year 2010 Form / Schedule Proofs
1 PDF Files 1 8/1/2009 C.17.3
2 Source Files 1 8/1/2009 C.17.3
215 Detailed System Design 1 8/1/2009 C.1.2.1.3
216 Configuration Management Plan 1 8/1/2009 C.25.8
217 System Security Plan 1 8/1/2009 C.22.4.2.1
218 Production Recruiting and Training Plan 1 8/15/2009 C.24.11
219 COOP Test Report -- Update I 1 9/1/2009 C.22.4.2.3
220 Quality Control Procedures Manual 1 10/1/2009 C.20.15.2
221 HW / SW Refresh Plan 1 10/1/2009 C.17.4
222 Implementation Plan 1 11/1/2009 C.21.3.2
223 Annual Requirements Analysis Report 1 11/1/2009 C.25.10
224 Contingency Plan (Continuity of Operations Plan) -- Update II
1 COOP 1 11/1/2009 C.22.4.2.3
2 Test Plan 1 11/1/2009 C.22.4.2.3
225 Operational Readiness Declaration
1 Checklist 1 11/1/2009 C.21.3.8
2 Certification 1 11/1/2009 C.21.3.9
226 SAT
1 Agency-specific distribution products 1 11/15/2009 E.8.3, E.8.5
2 Other SAT outputs 1 11/15/2009 E.8.1.3
227 Certification and Warranty 1 12/1/2009 H.12
228 IFILE Functional Specification 1 2/1/2010 C.10.5.14
D229 Draft IFILE / Test Filing Tool 1 1/15/2010
F229 IFILE / Test Filing Tool 1 3/1/2010 C.10.5.15
EFAST2 RFP
Section F, Page 10 of 30
DOL069RP20266
SCHEDULE OF DELIVERABLES
Option Period II -- 7/01/2009 to 6/30/2010
Processing Year 2009 Operations, Rollover to Processing Year 2010
Num Item Description of Deliverable Quantity Due Date Section Reference
230 Requirements Traceability Matrix (RTM) 1 3/15/2010 C.25.9
231 IFILE User's Guide 1 3/15/2010 C.10.5.13
232 EFAST2 Guide for Filers & Service Providers 1 3/15/2010 C.10.6.4
233 Data Dissemination Service (DDS) User's Guide(s)
1 Public User Guide 1 3/15/2010 C.15.7
2 Government User Guide 1 3/15/2010 C.15.7
234 System Test Plan(s) 1 As Proposed C.21.3.1
235 System Test Report(s) 1 As Proposed C.21.3.3
236 Contact Center Operational Procedures Manual 1 4/15/2010 C.18.20
237 Service Level Agreement 1 4/15/2010 C.13.8.1
238 Software Developer Specification
1 Software Developer User's Guide and Specifications 1 4/15/2010 C.10.6.5
2 Transmission File Structure 1 4/15/2010 C.10.6.5
3 XML DER Vol 1 & 2 1 4/15/2010 C.10.6.5
239 Participant Acceptance Testing System (PATS) Package
1 PATS Application 1 4/15/2010 C.10.6.6.3
2 PATS Procedures and Certification Criteria 1 4/15/2010 C.10.6.6.3
3 PATS Test Filings 1 4/15/2010 C.10.6.6.3
240 Third Party Software Developer Conference Materials 1 4/15/2010 C.10.6.3
D241 Draft Security Risk Assessment 1 4/15/2010
F241 Security Risk Assessment 1 6/1/2010 C.22.4.2.2
D242 Draft System Documentation 1 4/15/2010
F242 System Documentation 1 6/1/2010 C.17.2
243 Operating Capacity Report
1 Current Operating Capacity 1 6/30/2010 C.13.8.3.1
2 System Sizing Analysis 1 6/30/2010 C.13.8.3.2
244 Benchmark Report 1 6/30/2010 C.13.8.4
245 Government End User Customer Satisfaction Survey 1 6/30/2010 C.20.16
246 Option Period II Disposition/Closeout Plan
1 Transition Plan 1 6/30/2010 C.24.14
2 Source Code 1 6/30/2010 C.24.14
3 Program materials, documentation, media, GFI, and equipment 1 6/30/2010 C.24.14
Other Key Option Period II Activities
Third Party Software Developer Conference C.10.6.3
Quarterly Quality Control Briefings C.20.7
Personnel Clearances C.22.3
Government Testing and Reviews E.8.2
Processing Compliance Reviews E.9
Systems Acceptance Test E.8.1.3
EFAST2 RFP
Section F, Page 11 of 30
DOL069RP20266
SCHEDULE OF DELIVERABLES
Option Period III -- 7/01/2010 to 6/30/2011
Processing Year 2010 Operations, Rollover to Processing Year 2011
Num Item Description of Deliverable Quantity Due Date Section Reference
Processing Year 2010
7/1/2010 through 6/30/2011
D301 Draft Project Risk Management Plan 1 8/1/2010
F301 Project Risk Management Plan 1 9/15/2010 C.24.10
302 Monthly Work and Management Report 1 Monthly C.24.12
1 Report on progress, problems, schedule, and plans 1 Monthly C.24.12
2 Security Progress Report 1 Monthly C.24.12, C.22.4.1
3 Quality Assurance Report 1 Quarterly C.24.12, C.19.19
4 Contact Center Call Report 1 Monthly C.24.12, C.18.17
5 List of Third Party Software Developer Certifications 1 Monthly C.24.12, C.10.6.6.4
303 Notification to COTR of Problems, Errors, or Breach of Security 1 As Needed C.24.13
304 Contact Center Daily Report 1 Daily C.18.18
305 PC Reports 1 Weekly C.6.5
306 Quality Control Reports 1 Monthly C.20.15.1
307 System Performance Report 1 Monthly C.13.8.5, C.14.4.3
308 Large Plan Monthly Report 1 Monthly C.6.6
309 Listing of Government & Contractor Users with Credentials 1 Monthly C.10.3.4
310 Record Retrieval 1 As Needed C.9.2
311 Documentation replacement pages 1 As Needed C.24.16
312 Transmission of Structured Data Records to End Users
1 EBSA XML Return Transaction File 1 Daily C.15.3.4, Attachment E
2 EBSA Structured Return Transaction File 1 Daily C.15.3.4, Attachment E
3 IRS XML Return Transaction File 1 Daily C.15.3.4, Attachment E
4 IRS Structured Return Transaction File 1 Daily C.15.3.4, Attachment E
5 PBGC XML Return Transaction File 1 Weekly C.15.3.4, Attachment E
6 PBGC Structured Return Transaction File 1 Weekly C.15.3.4, Attachment E
7 PBGC Control File 1 Weekly C.15.3.4, Attachment E
8 EBSA Annual XML Archive File 1 6/30/2011 C.16.3, Attachment E
9 EBSA Annual E-Mail Archive File 1 6/30/2011 C.16.3, C.18.9, Attachment E
313 Quality Assurance Plan 1 8/1/2010 C.19.18
314 Final Plan Year 2011 Form / Schedule Proofs
1 PDF Files 1 8/1/2010 C.17.3
2 Source Files 1 8/1/2010 C.17.3
315 Detailed System Design 1 8/1/2010 C.1.2.1.3
316 Configuration Management Plan 1 8/1/2010 C.25.8
317 System Security Plan 1 8/1/2010 C.22.4.2.1
318 Production Recruiting and Training Plan 1 8/15/2010 C.24.11
319 COOP Test Report -- Update II 1 9/1/2010 C.22.4.2.3
320 Quality Control Procedures Manual 1 10/1/2010 C.20.15.2
321 HW / SW Refresh Plan 1 10/1/2010 C.17.4
322 Implementation Plan 1 11/1/2010 C.21.3.2
323 Annual Requirements Analysis Report 1 11/1/2010 C.25.10
324 Contingency Plan (Continuity of Operations Plan) -- Update III
1 COOP 1 11/1/2010 C.22.4.2.3
2 Test Plan 1 11/1/2010 C.22.4.2.3
325 Operational Readiness Declaration
1 Checklist 1 11/1/2010 C.21.3.8
2 Certification 1 11/1/2010 C.21.3.9
326 SAT
1 Agency-specific distribution products 1 11/15/2010 E.8.3, E.8.5
2 Other SAT outputs 1 11/15/2010 E.8.1.3
327 Certification and Warranty 1 12/1/2010 H.12
328 IFILE Functional Specification 1 2/1/2011 C.10.5.14
D329 Draft IFILE / Test Filing Tool 1 1/15/2011
F329 IFILE / Test Filing Tool 1 3/1/2011 C.10.5.15
EFAST2 RFP
Section F, Page 12 of 30
DOL069RP20266
SCHEDULE OF DELIVERABLES
Option Period III -- 7/01/2010 to 6/30/2011
Processing Year 2010 Operations, Rollover to Processing Year 2011
Num Item Description of Deliverable Quantity Due Date Section Reference
330 Requirements Traceability Matrix (RTM) 1 3/15/2011 C.25.9
331 IFILE User's Guide 1 3/15/2011 C.10.5.13
332 EFAST2 Guide for Filers & Service Providers 1 3/15/2011 C.10.6.4
333 Data Dissemination Service (DDS) User's Guide(s)
1 Public User Guide 1 3/15/2011 C.15.7
2 Government User Guide 1 3/15/2011 C.15.7
334 System Test Plan(s) 1 As Proposed C.21.3.1
335 System Test Report(s) 1 As Proposed C.21.3.3
336 Contact Center Operational Procedures Manual 1 4/15/2011 C.18.20
337 Service Level Agreement 1 4/15/2011 C.13.8.1
338 Software Developer Specification
1 Software Developer User's Guide and Specifications 1 4/15/2011 C.10.6.5
2 Transmission File Structure 1 4/15/2011 C.10.6.5
3 XML DER Vol 1 & 2 1 4/15/2011 C.10.6.5
339 Participant Acceptance Testing System (PATS) Package
1 PATS Application 1 4/15/2011 C.10.6.6.3
2 PATS Procedures and Certification Criteria 1 4/15/2011 C.10.6.6.3
3 PATS Test Filings 1 4/15/2011 C.10.6.6.3
340 Third Party Software Developer Conference Materials 1 4/15/2011 C.10.6.3
D341 Draft Security Risk Assessment 1 4/15/2011
F341 Security Risk Assessment 1 6/1/2011 C.22.4.2.2
D342 Draft System Documentation 1 4/15/2011
F342 System Documentation 1 6/1/2011 C.17.2
343 Operating Capacity Report
1 Current Operating Capacity 1 6/30/2011 C.13.8.3.1
2 System Sizing Analysis 1 6/30/2011 C.13.8.3.2
344 Benchmark Report 1 6/30/2011 C.13.8.4
345 Government End User Customer Satisfaction Survey 1 6/30/2011 C.20.16
346 Option Period III Disposition/Closeout Plan
1 Transition Plan 1 6/30/2011 C.24.14
2 Source Code 1 6/30/2011 C.24.14
3 Program materials, documentation, media, GFI, and equipment 1 6/30/2011 C.24.14
Other Key Option Period III Activities
Third Party Software Developer Conference C.10.6.3
Quarterly Quality Control Briefings C.20.7
Personnel Clearances C.22.3
Government Testing and Reviews E.8.2
Processing Compliance Reviews E.9
Systems Acceptance Test E.8.1.3
EFAST2 RFP
Section F, Page 13 of 30
DOL069RP20266
SCHEDULE OF DELIVERABLES
Option Period IV -- 7/01/2011 to 6/30/2012
Processing Year 2011 Operations, Rollover to Processing Year 2012
Num Item Description of Deliverable Quantity Due Date Section Reference
Processing Year 2011
7/1/2011 through 6/30/2012
D401 Draft Project Risk Management Plan 1 8/1/2011
F401 Project Risk Management Plan 1 9/15/2011 C.24.10
402 Monthly Work and Management Report 1 Monthly C.24.12
1 Report on progress, problems, schedule, and plans 1 Monthly C.24.12
2 Security Progress Report 1 Monthly C.24.12, C.22.4.1
3 Quality Assurance Report 1 Quarterly C.24.12, C.19.19
4 Contact Center Call Report 1 Monthly C.24.12, C.18.17
5 List of Third Party Software Developer Certifications 1 Monthly C.24.12, C.10.6.6.4
403 Notification to COTR of Problems, Errors, or Breach of Security 1 As Needed C.24.13
404 Contact Center Daily Report 1 Daily C.18.18
405 PC Reports 1 Weekly C.6.5
406 Quality Control Reports 1 Monthly C.20.15.1
407 System Performance Report 1 Monthly C.13.8.5, C.14.4.3
408 Large Plan Monthly Report 1 Monthly C.6.6
409 Listing of Government & Contractor Users with Credentials 1 Monthly C.10.3.4
410 Record Retrieval 1 As Needed C.9.2
411 Documentation replacement pages 1 As Needed C.24.16
412 Transmission of Structured Data Records to End Users
1 EBSA XML Return Transaction File 1 Daily C.15.3.4, Attachment E
2 EBSA Structured Return Transaction File 1 Daily C.15.3.4, Attachment E
3 IRS XML Return Transaction File 1 Daily C.15.3.4, Attachment E
4 IRS Structured Return Transaction File 1 Daily C.15.3.4, Attachment E
5 PBGC XML Return Transaction File 1 Weekly C.15.3.4, Attachment E
6 PBGC Structured Return Transaction File 1 Weekly C.15.3.4, Attachment E
7 PBGC Control File 1 Weekly C.15.3.4, Attachment E
8 EBSA Annual XML Archive File 1 6/30/2012 C.16.3, Attachment E
9 EBSA Annual E-Mail Archive File 1 6/30/2012 C.16.3, C.18.9, Attachment E
413 Quality Assurance Plan 1 8/1/2011 C.19.18
414 Final Plan Year 2012 Form / Schedule Proofs
1 PDF Files 1 8/1/2011 C.17.3
2 Source Files 1 8/1/2011 C.17.3
415 Detailed System Design 1 8/1/2011 C.1.2.1.3
416 Configuration Management Plan 1 8/1/2011 C.25.8
417 System Security Plan 1 8/1/2011 C.22.4.2.1
418 Production Recruiting and Training Plan 1 8/15/2011 C.24.11
419 COOP Test Report -- Update III 1 9/1/2011 C.22.4.2.3
420 Quality Control Procedures Manual 1 10/1/2011 C.20.15.2
421 HW / SW Refresh Plan 1 10/1/2011 C.17.4
422 Implementation Plan 1 11/1/2011 C.21.3.2
423 Annual Requirements Analysis Report 1 11/1/2011 C.25.10
424 Contingency Plan (Continuity of Operations Plan) -- Update IV
1 COOP 1 11/1/2011 C.22.4.2.3
2 Test Plan 1 11/1/2011 C.22.4.2.3
425 Operational Readiness Declaration
1 Checklist 1 11/1/2011 C.21.3.8
2 Certification 1 11/1/2011 C.21.3.9
426 SAT
1 Agency-specific distribution products 1 11/15/2011 E.8.3, E.8.5
2 Other SAT outputs 1 11/15/2011 E.8.1.3
427 Certification and Warranty 1 12/1/2011 H.12
428 IFILE Functional Specification 1 2/1/2012 C.10.5.14
D429 Draft IFILE / Test Filing Tool 1 1/15/2012
F429 IFILE / Test Filing Tool 1 3/1/2012 C.10.5.15
EFAST2 RFP
Section F, Page 14 of 30
DOL069RP20266
SCHEDULE OF DELIVERABLES
Option Period IV -- 7/01/2011 to 6/30/2012
Processing Year 2011 Operations, Rollover to Processing Year 2012
Num Item Description of Deliverable Quantity Due Date Section Reference
430 Requirements Traceability Matrix (RTM) 1 3/15/2012 C.25.9
431 IFILE User's Guide 1 3/15/2012 C.10.5.13
432 EFAST2 Guide for Filers & Service Providers 1 3/15/2012 C.10.6.4
433 Data Dissemination Service (DDS) User's Guide(s)
1 Public User Guide 1 3/15/2012 C.15.7
2 Government User Guide 1 3/15/2012 C.15.7
434 System Test Plan(s) 1 As Proposed C.21.3.1
435 System Test Report(s) 1 As Proposed C.21.3.3
436 Contact Center Operational Procedures Manual 1 4/15/2012 C.18.20
437 Service Level Agreement 1 4/15/2012 C.13.8.1
438 Software Developer Specification
1 Software Developer User's Guide and Specifications 1 4/15/2012 C.10.6.5
2 Transmission File Structure 1 4/15/2012 C.10.6.5
3 XML DER Vol 1 & 2 1 4/15/2012 C.10.6.5
439 Participant Acceptance Testing System (PATS) Package
1 PATS Application 1 4/15/2012 C.10.6.6.3
2 PATS Procedures and Certification Criteria 1 4/15/2012 C.10.6.6.3
3 PATS Test Filings 1 4/15/2012 C.10.6.6.3
440 Third Party Software Developer Conference Materials 1 4/15/2012 C.10.6.3
D441 Draft Security Risk Assessment 1 4/15/2012
F441 Security Risk Assessment 1 6/1/2012 C.22.4.2.2
D442 Draft System Documentation 1 4/15/2012
F442 System Documentation 1 6/1/2012 C.17.2
443 Operating Capacity Report
1 Current Operating Capacity 1 6/30/2012 C.13.8.3.1
2 System Sizing Analysis 1 6/30/2012 C.13.8.3.2
444 Benchmark Report 1 6/30/2012 C.13.8.4
445 Government End User Customer Satisfaction Survey 1 6/30/2012 C.20.16
446 Option Period IV Disposition/Closeout Plan
1 Transition Plan 1 6/30/2012 C.24.14
2 Source Code 1 6/30/2012 C.24.14
3 Program materials, documentation, media, GFI, and equipment 1 6/30/2012 C.24.14
Other Key Option Period IV Activities
Third Party Software Developer Conference C.10.6.3
Quarterly Quality Control Briefings C.20.7
Personnel Clearances C.22.3
Government Testing and Reviews E.8.2
Processing Compliance Reviews E.9
Systems Acceptance Test E.8.1.3
EFAST2 RFP
Section F, Page 15 of 30
DOL069RP20266
SCHEDULE OF DELIVERABLES
Option Period V -- 7/01/2012 to 6/30/2013
Processing Year 2012 Operations, Rollover to Processing Year 2013
Num Item Description of Deliverable Quantity Due Date Section Reference
Processing Year 2012
7/1/2012 through 6/30/2013
D501 Draft Project Risk Management Plan 1 8/1/2012
F501 Project Risk Management Plan 1 9/15/2012 C.24.10
502 Monthly Work and Management Report 1 Monthly C.24.12
1 Report on progress, problems, schedule, and plans 1 Monthly C.24.12
2 Security Progress Report 1 Monthly C.24.12, C.22.4.1
3 Quality Assurance Report 1 Quarterly C.24.12, C.19.19
4 Contact Center Call Report 1 Monthly C.24.12, C.18.17
5 List of Third Party Software Developer Certifications 1 Monthly C.24.12, C.10.6.6.4
503 Notification to COTR of Problems, Errors, or Breach of Security 1 As Needed C.24.13
504 Contact Center Daily Report 1 Daily C.18.18
505 PC Reports 1 Weekly C.6.5
506 Quality Control Reports 1 Monthly C.20.15.1
507 System Performance Report 1 Monthly C.13.8.5, C.14.4.3
508 Large Plan Monthly Report 1 Monthly C.6.6
509 Listing of Government & Contractor Users with Credentials 1 Monthly C.10.3.4
510 Record Retrieval 1 As Needed C.9.2
511 Documentation replacement pages 1 As Needed C.24.16
512 Transmission of Structured Data Records to End Users
1 EBSA XML Return Transaction File 1 Daily C.15.3.4, Attachment E
2 EBSA Structured Return Transaction File 1 Daily C.15.3.4, Attachment E
3 IRS XML Return Transaction File 1 Daily C.15.3.4, Attachment E
4 IRS Structured Return Transaction File 1 Daily C.15.3.4, Attachment E
5 PBGC XML Return Transaction File 1 Weekly C.15.3.4, Attachment E
6 PBGC Structured Return Transaction File 1 Weekly C.15.3.4, Attachment E
7 PBGC Control File 1 Weekly C.15.3.4, Attachment E
8 EBSA Annual XML Archive File 1 6/30/2013 C.16.3, Attachment E
9 EBSA Annual E-Mail Archive File 1 6/30/2013 C.16.3, C.18.9, Attachment E
513 Quality Assurance Plan 1 8/1/2012 C.19.18
514 Final Plan Year 2013 Form / Schedule Proofs
1 PDF Files 1 8/1/2012 C.17.3
2 Source Files 1 8/1/2012 C.17.3
515 Detailed System Design 1 8/1/2012 C.1.2.1.3
516 Configuration Management Plan 1 8/1/2012 C.25.8
517 System Security Plan 1 8/1/2012 C.22.4.2.1
518 Production Recruiting and Training Plan 1 8/15/2012 C.24.11
519 COOP Test Report -- Update IV 1 9/1/2012 C.22.4.2.3
520 Quality Control Procedures Manual 1 10/1/2012 C.20.15.2
521 HW / SW Refresh Plan 1 10/1/2012 C.17.4
522 Implementation Plan 1 11/1/2012 C.21.3.2
523 Annual Requirements Analysis Report 1 11/1/2012 C.25.10
524 Contingency Plan (Continuity of Operations Plan) -- Update V
1 COOP 1 11/1/2012 C.22.4.2.3
2 Test Plan 1 11/1/2012 C.22.4.2.3
525 Operational Readiness Declaration
1 Checklist 1 11/1/2012 C.21.3.8
2 Certification 1 11/1/2012 C.21.3.9
526 SAT
1 Agency-specific distribution products 1 11/15/2012 E.8.3, E.8.5
2 Other SAT outputs 1 11/15/2012 E.8.1.3
527 Certification and Warranty 1 12/1/2012 H.12
EFAST2 RFP
Section F, Page 16 of 30
DOL069RP20266
SCHEDULE OF DELIVERABLES
Option Period V -- 7/01/2012 to 6/30/2013
Processing Year 2012 Operations, Rollover to Processing Year 2013
Num Item Description of Deliverable Quantity Due Date Section Reference
528 IFILE Functional Specification 1 2/1/2013 C.10.5.14
D529 Draft IFILE / Test Filing Tool 1 1/15/2013
F529 IFILE / Test Filing Tool 1 3/1/2013 C.10.5.15
530 Requirements Traceability Matrix (RTM) 1 3/15/2013 C.25.9
531 IFILE User's Guide 1 3/15/2013 C.10.5.13
532 EFAST2 Guide for Filers & Service Providers 1 3/15/2013 C.10.6.4
533 Data Dissemination Service (DDS) User's Guide(s)
1 Public User Guide 1 3/15/2013 C.15.7
2 Government User Guide 1 3/15/2013 C.15.7
534 System Test Plan(s) 1 As Proposed C.21.3.1
535 System Test Report(s) 1 As Proposed C.21.3.3
536 Contact Center Operational Procedures Manual 1 4/15/2013 C.18.20
537 Service Level Agreement 1 4/15/2013 C.13.8.1
538 Software Developer Specification
1 Software Developer User's Guide and Specifications 1 4/15/2013 C.10.6.5
2 Transmission File Structure 1 4/15/2013 C.10.6.5
3 XML DER Vol 1 & 2 1 4/15/2013 C.10.6.5
539 Participant Acceptance Testing System (PATS) Package
1 PATS Application 1 4/15/2013 C.10.6.6.3
2 PATS Procedures and Certification Criteria 1 4/15/2013 C.10.6.6.3
3 PATS Test Filings 1 4/15/2013 C.10.6.6.3
540 Third Party Software Developer Conference Materials 1 4/15/2013 C.10.6.3
D541 Draft Security Risk Assessment 1 4/15/2013
F541 Security Risk Assessment 1 6/1/2013 C.22.4.2.2
D542 Draft System Documentation 1 4/15/2013
F542 System Documentation 1 6/1/2013 C.17.2
543 Operating Capacity Report
1 Current Operating Capacity 1 6/30/2013 C.13.8.3.1
2 System Sizing Analysis 1 6/30/2013 C.13.8.3.2
544 Benchmark Report 1 6/30/2013 C.13.8.4
545 Government End User Customer Satisfaction Survey 1 6/30/2013 C.20.16
546 Option Period V Disposition/Closeout Plan
1 Transition Plan 1 6/30/2013 C.24.14
2 Source Code 1 6/30/2013 C.24.14
3 Program materials, documentation, media, GFI, and equipment 1 6/30/2013 C.24.14
Other Key Option Period V Activities
Third Party Software Developer Conference C.10.6.3
Quarterly Quality Control Briefings C.20.7
Personnel Clearances C.22.3
Government Testing and Reviews E.8.2
Processing Compliance Reviews E.9
Systems Acceptance Test E.8.1.3
EFAST2 RFP
Section F, Page 17 of 30
DOL069RP20266
SCHEDULE OF DELIVERABLES
Option Period VI -- 7/01/2013 to 6/30/2014
Processing Year 2013 Operations, Rollover to Processing Year 2014
Num Item Description of Deliverable Quantity Due Date Section Reference
Processing Year 2013
7/1/2013 through 6/30/2014
D601 Draft Project Risk Management Plan 1 8/1/2013
F601 Project Risk Management Plan 1 9/15/2013 C.24.10
602 Monthly Work and Management Report 1 Monthly C.24.12
1 Report on progress, problems, schedule, and plans 1 Monthly C.24.12
2 Security Progress Report 1 Monthly C.24.12, C.22.4.1
3 Quality Assurance Report 1 Quarterly C.24.12, C.19.19
4 Contact Center Call Report 1 Monthly C.24.12, C.18.17
5 List of Third Party Software Developer Certifications 1 Monthly C.24.12, C.10.6.6.4
603 Notification to COTR of Problems, Errors, or Breach of Security 1 As Needed C.24.13
604 Contact Center Daily Report 1 Daily C.18.18
605 PC Reports 1 Weekly C.6.5
606 Quality Control Reports 1 Monthly C.20.15.1
607 System Performance Report 1 Monthly C.13.8.5, C.14.4.3
608 Large Plan Monthly Report 1 Monthly C.6.6
609 Listing of Government & Contractor Users with Credentials 1 Monthly C.10.3.4
610 Record Retrieval 1 As Needed C.9.2
611 Documentation replacement pages 1 As Needed C.24.16
612 Transmission of Structured Data Records to End Users
1 EBSA XML Return Transaction File 1 Daily C.15.3.4, Attachment E
2 EBSA Structured Return Transaction File 1 Daily C.15.3.4, Attachment E
3 IRS XML Return Transaction File 1 Daily C.15.3.4, Attachment E
4 IRS Structured Return Transaction File 1 Daily C.15.3.4, Attachment E
5 PBGC XML Return Transaction File 1 Weekly C.15.3.4, Attachment E
6 PBGC Structured Return Transaction File 1 Weekly C.15.3.4, Attachment E
7 PBGC Control File 1 Weekly C.15.3.4, Attachment E
8 EBSA Annual XML Archive File 1 6/30/2014 C.16.3, Attachment E
9 EBSA Annual E-Mail Archive File 1 6/30/2014 C.16.3, C.18.9, Attachment E
613 Quality Assurance Plan 1 8/1/2013 C.19.18
614 Final Plan Year 2014 Form / Schedule Proofs
1 PDF Files 1 8/1/2013 C.17.3
2 Source Files 1 8/1/2013 C.17.3
615 Detailed System Design 1 8/1/2013 C.1.2.1.3
616 Configuration Management Plan 1 8/1/2013 C.25.8
617 System Security Plan 1 8/1/2013 C.22.4.2.1
618 Production Recruiting and Training Plan 1 8/15/2013 C.24.11
619 COOP Test Report -- Update V 1 9/1/2013 C.22.4.2.3
620 Quality Control Procedures Manual 1 10/1/2013 C.20.15.2
621 HW / SW Refresh Plan 1 10/1/2013 C.17.4
622 Implementation Plan 1 11/1/2013 C.21.3.2
623 Annual Requirements Analysis Report 1 11/1/2013 C.25.10
624 Contingency Plan (Continuity of Operations Plan) -- Update VI
1 COOP 1 11/1/2013 C.22.4.2.3
2 Test Plan 1 11/1/2013 C.22.4.2.3
625 Operational Readiness Declaration
1 Checklist 1 11/1/2013 C.21.3.8
2 Certification 1 11/1/2013 C.21.3.9
626 SAT
1 Agency-specific distribution products 1 11/15/2013 E.8.3, E.8.5
2 Other SAT outputs 1 11/15/2013 E.8.1.3
627 Certification and Warranty 1 12/1/2013 H.12
628 IFILE Functional Specification 1 2/1/2014 C.10.5.14
D629 Draft IFILE / Test Filing Tool 1 1/15/2014
F629 IFILE / Test Filing Tool 1 3/1/2014 C.10.5.15
EFAST2 RFP
Section F, Page 18 of 30
DOL069RP20266
SCHEDULE OF DELIVERABLES
Option Period VI -- 7/01/2013 to 6/30/2014
Processing Year 2013 Operations, Rollover to Processing Year 2014
Num Item Description of Deliverable Quantity Due Date Section Reference
630 Requirements Traceability Matrix (RTM) 1 3/15/2014 C.25.9
631 IFILE User's Guide 1 3/15/2014 C.10.5.13
632 EFAST2 Guide for Filers & Service Providers 1 3/15/2014 C.10.6.4
633 Data Dissemination Service (DDS) User's Guide(s)
1 Public User Guide 1 3/15/2014 C.15.7
2 Government User Guide 1 3/15/2014 C.15.7
634 System Test Plan(s) 1 As Proposed C.21.3.1
635 System Test Report(s) 1 As Proposed C.21.3.3
636 Contact Center Operational Procedures Manual 1 4/15/2014 C.18.20
637 Service Level Agreement 1 4/15/2014 C.13.8.1
638 Software Developer Specification
1 Software Developer User's Guide and Specifications 1 4/15/2014 C.10.6.5
2 Transmission File Structure 1 4/15/2014 C.10.6.5
3 XML DER Vol 1 & 2 1 4/15/2014 C.10.6.5
639 Participant Acceptance Testing System (PATS) Package
1 PATS Application 1 4/15/2014 C.10.6.6.3
2 PATS Procedures and Certification Criteria 1 4/15/2014 C.10.6.6.3
3 PATS Test Filings 1 4/15/2014 C.10.6.6.3
640 Third Party Software Developer Conference Materials 1 4/15/2014 C.10.6.3
D641 Draft Security Risk Assessment 1 4/15/2014
F641 Security Risk Assessment 1 6/1/2014 C.22.4.2.2
D642 Draft System Documentation 1 4/15/2014
F642 System Documentation 1 6/1/2014 C.17.2
643 Operating Capacity Report
1 Current Operating Capacity 1 6/30/2014 C.13.8.3.1
2 System Sizing Analysis 1 6/30/2014 C.13.8.3.2
644 Benchmark Report 1 6/30/2014 C.13.8.4
645 Government End User Customer Satisfaction Survey 1 6/30/2014 C.20.16
646 Option Period VI Disposition/Closeout Plan
1 Transition Plan 1 6/30/2014 C.24.14
2 Source Code 1 6/30/2014 C.24.14
3 Program materials, documentation, media, GFI, and equipment 1 6/30/2014 C.24.14
Other Key Option Period VI Activities
Third Party Software Developer Conference C.10.6.3
Quarterly Quality Control Briefings C.20.7
Personnel Clearances C.22.3
Government Testing and Reviews E.8.2
Processing Compliance Reviews E.9
Systems Acceptance Test E.8.1.3
EFAST2 RFP
Section F, Page 19 of 30
DOL069RP20266
SCHEDULE OF DELIVERABLES
Option Period VII -- 7/01/2014 to 6/30/2015
Processing Year 2014 Operations, Rollover to Processing Year 2015
Num Item Description of Deliverable Quantity Due Date Section Reference
Processing Year 2014
7/1/2014 through 6/30/2015
D701 Draft Project Risk Management Plan 1 8/1/2014
F701 Project Risk Management Plan 1 9/15/2014 C.24.10
702 Monthly Work and Management Report 1 Monthly C.24.12
1 Report on progress, problems, schedule, and plans 1 Monthly C.24.12
2 Security Progress Report 1 Monthly C.24.12, C.22.4.1
3 Quality Assurance Report 1 Quarterly C.24.12, C.19.19
4 Contact Center Call Report 1 Monthly C.24.12, C.18.17
5 List of Third Party Software Developer Certifications 1 Monthly C.24.12, C.10.6.6.4
703 Notification to COTR of Problems, Errors, or Breach of Security 1 As Needed C.24.13
704 Contact Center Daily Report 1 Daily C.18.18
705 PC Reports 1 Weekly C.6.5
706 Quality Control Reports 1 Monthly C.20.15.1
707 System Performance Report 1 Monthly C.13.8.5, C.14.4.3
708 Large Plan Monthly Report 1 Monthly C.6.6
709 Listing of Government & Contractor Users with Credentials 1 Monthly C.10.3.4
710 Record Retrieval 1 As Needed C.9.2
711 Documentation replacement pages 1 As Needed C.24.16
712 Transmission of Structured Data Records to End Users
1 EBSA XML Return Transaction File 1 Daily C.15.3.4, Attachment E
2 EBSA Structured Return Transaction File 1 Daily C.15.3.4, Attachment E
3 IRS XML Return Transaction File 1 Daily C.15.3.4, Attachment E
4 IRS Structured Return Transaction File 1 Daily C.15.3.4, Attachment E
5 PBGC XML Return Transaction File 1 Weekly C.15.3.4, Attachment E
6 PBGC Structured Return Transaction File 1 Weekly C.15.3.4, Attachment E
7 PBGC Control File 1 Weekly C.15.3.4, Attachment E
8 EBSA Annual XML Archive File 1 6/30/2015 C.16.3, Attachment E
9 EBSA Annual E-Mail Archive File 1 6/30/2015 C.16.3, C.18.9, Attachment E
713 Quality Assurance Plan 1 8/1/2014 C.19.18
714 Final Plan Year 2015 Form / Schedule Proofs
1 PDF Files 1 8/1/2014 C.17.3
2 Source Files 1 8/1/2014 C.17.3
715 Detailed System Design 1 8/1/2014 C.1.2.1.3
716 Configuration Management Plan 1 8/1/2014 C.25.8
717 System Security Plan 1 8/1/2014 C.22.4.2.1
718 Production Recruiting and Training Plan 1 8/15/2014 C.24.11
719 COOP Test Report -- Update VI 1 9/1/2014 C.22.4.2.3
720 Quality Control Procedures Manual 1 10/1/2014 C.20.15.2
721 HW / SW Refresh Plan 1 10/1/2014 C.17.4
722 Implementation Plan 1 11/1/2014 C.21.3.2
723 Annual Requirements Analysis Report 1 11/1/2014 C.25.10
724 Contingency Plan (Continuity of Operations Plan) -- Update VII
1 COOP 1 11/1/2014 C.22.4.2.3
2 Test Plan 1 11/1/2014 C.22.4.2.3
725 Operational Readiness Declaration
1 Checklist 1 11/1/2014 C.21.3.8
2 Certification 1 11/1/2014 C.21.3.9
726 SAT
1 Agency-specific distribution products 1 11/15/2014 E.8.3, E.8.5
2 Other SAT outputs 1 11/15/2014 E.8.1.3
727 Certification and Warranty 1 12/1/2014 H.12
728 IFILE Functional Specification 1 2/1/2015 C.10.5.14
D729 Draft IFILE / Test Filing Tool 1 1/15/2015
F729 IFILE / Test Filing Tool 1 3/1/2015 C.10.5.15
EFAST2 RFP
Section F, Page 20 of 30
DOL069RP20266
SCHEDULE OF DELIVERABLES
Option Period VII -- 7/01/2014 to 6/30/2015
Processing Year 2014 Operations, Rollover to Processing Year 2015
Num Item Description of Deliverable Quantity Due Date Section Reference
730 Requirements Traceability Matrix (RTM) 1 3/15/2015 C.25.9
731 IFILE User's Guide 1 3/15/2015 C.10.5.13
732 EFAST2 Guide for Filers & Service Providers 1 3/15/2015 C.10.6.4
733 Data Dissemination Service (DDS) User's Guide(s)
1 Public User Guide 1 3/15/2015 C.15.7
2 Government User Guide 1 3/15/2015 C.15.7
734 System Test Plan(s) 1 As Proposed C.21.3.1
735 System Test Report(s) 1 As Proposed C.21.3.3
736 Contact Center Operational Procedures Manual 1 4/15/2015 C.18.20
737 Service Level Agreement 1 4/15/2015 C.13.8.1
738 Software Developer Specification
1 Software Developer User's Guide and Specifications 1 4/15/2015 C.10.6.5
2 Transmission File Structure 1 4/15/2015 C.10.6.5
3 XML DER Vol 1 & 2 1 4/15/2015 C.10.6.5
739 Participant Acceptance Testing System (PATS) Package
1 PATS Application 1 4/15/2015 C.10.6.6.3
2 PATS Procedures and Certification Criteria 1 4/15/2015 C.10.6.6.3
3 PATS Test Filings 1 4/15/2015 C.10.6.6.3
740 Third Party Software Developer Conference Materials 1 4/15/2015 C.10.6.3
D741 Draft Security Risk Assessment 1 4/15/2015
F741 Security Risk Assessment 1 6/1/2015 C.22.4.2.2
D742 Draft System Documentation 1 4/15/2015
F742 System Documentation 1 6/1/2015 C.17.2
743 Operating Capacity Report
1 Current Operating Capacity 1 6/30/2015 C.13.8.3.1
2 System Sizing Analysis 1 6/30/2015 C.13.8.3.2
744 Benchmark Report 1 6/30/2015 C.13.8.4
745 Government End User Customer Satisfaction Survey 1 6/30/2015 C.20.16
746 Option Period VII Disposition/Closeout Plan
1 Transition Plan 1 6/30/2015 C.24.14
2 Source Code 1 6/30/2015 C.24.14
3 Program materials, documentation, media, GFI, and equipment 1 6/30/2015 C.24.14
Other Key Option Period VII Activities
Third Party Software Developer Conference C.10.6.3
Quarterly Quality Control Briefings C.20.7
Personnel Clearances C.22.3
Government Testing and Reviews E.8.2
Processing Compliance Reviews E.9
Systems Acceptance Test E.8.1.3
EFAST2 RFP
Section F, Page 21 of 30
DOL069RP20266
SCHEDULE OF DELIVERABLES
Option Period VIII -- 7/01/2015 to 6/30/2016
Processing Year 2015 Operations, Rollover to Processing Year 2016
Num Item Description of Deliverable Quantity Due Date Section Reference
Processing Year 2015
7/1/2015 through 6/30/2016
D801 Draft Project Risk Management Plan 1 8/1/2015
F801 Project Risk Management Plan 1 9/15/2015 C.24.10
802 Monthly Work and Management Report 1 Monthly C.24.12
1 Report on progress, problems, schedule, and plans 1 Monthly C.24.12
2 Security Progress Report 1 Monthly C.24.12, C.22.4.1
3 Quality Assurance Report 1 Quarterly C.24.12, C.19.19
4 Contact Center Call Report 1 Monthly C.24.12, C.18.17
5 List of Third Party Software Developer Certifications 1 Monthly C.24.12, C.10.6.6.4
803 Notification to COTR of Problems, Errors, or Breach of Security 1 As Needed C.24.13
804 Contact Center Daily Report 1 Daily C.18.18
805 PC Reports 1 Weekly C.6.5
806 Quality Control Reports 1 Monthly C.20.15.1
807 System Performance Report 1 Monthly C.13.8.5, C.14.4.3
808 Large Plan Monthly Report 1 Monthly C.6.6
809 Listing of Government & Contractor Users with Credentials 1 Monthly C.10.3.4
810 Record Retrieval 1 As Needed C.9.2
811 Documentation replacement pages 1 As Needed C.24.16
812 Transmission of Structured Data Records to End Users
1 EBSA XML Return Transaction File 1 Daily C.15.3.4, Attachment E
2 EBSA Structured Return Transaction File 1 Daily C.15.3.4, Attachment E
3 IRS XML Return Transaction File 1 Daily C.15.3.4, Attachment E
4 IRS Structured Return Transaction File 1 Daily C.15.3.4, Attachment E
5 PBGC XML Return Transaction File 1 Weekly C.15.3.4, Attachment E
6 PBGC Structured Return Transaction File 1 Weekly C.15.3.4, Attachment E
7 PBGC Control File 1 Weekly C.15.3.4, Attachment E
8 EBSA Annual XML Archive File 1 6/30/2016 C.16.3, Attachment E
9 EBSA Annual E-Mail Archive File 1 6/30/2016 C.16.3, C.18.9, Attachment E
813 Quality Assurance Plan 1 8/1/2015 C.19.18
814 Final Plan Year 2016 Form / Schedule Proofs
1 PDF Files 1 8/1/2015 C.17.3
2 Source Files 1 8/1/2015 C.17.3
815 Detailed System Design 1 8/1/2015 C.1.2.1.3
816 Configuration Management Plan 1 8/1/2015 C.25.8
817 System Security Plan 1 8/1/2015 C.22.4.2.1
818 Production Recruiting and Training Plan 1 8/15/2015 C.24.11
819 COOP Test Report -- Update VII 1 9/1/2015 C.22.4.2.3
820 Quality Control Procedures Manual 1 10/1/2015 C.20.15.2
821 HW / SW Refresh Plan 1 10/1/2015 C.17.4
822 Implementation Plan 1 11/1/2015 C.21.3.2
823 Annual Requirements Analysis Report 1 11/1/2015 C.25.10
824 Contingency Plan (Continuity of Operations Plan) -- Update VIII
1 COOP 1 11/1/2015 C.22.4.2.3
2 Test Plan 1 11/1/2015 C.22.4.2.3
825 Operational Readiness Declaration
1 Checklist 1 11/1/2015 C.21.3.8
2 Certification 1 11/1/2015 C.21.3.9
826 SAT
1 Agency-specific distribution products 1 11/15/2015 E.8.3, E.8.5
2 Other SAT outputs 1 11/15/2015 E.8.1.3
827 Certification and Warranty 1 12/1/2015 H.12
EFAST2 RFP
Section F, Page 22 of 30
DOL069RP20266
SCHEDULE OF DELIVERABLES
Option Period VIII -- 7/01/2015 to 6/30/2016
Processing Year 2015 Operations, Rollover to Processing Year 2016
Num Item Description of Deliverable Quantity Due Date Section Reference
828 IFILE Functional Specification 1 2/1/2016 C.10.5.14
D829 Draft IFILE / Test Filing Tool 1 1/15/2016
F829 IFILE / Test Filing Tool 1 3/1/2016 C.10.5.15
830 Requirements Traceability Matrix (RTM) 1 3/15/2016 C.25.9
831 IFILE User's Guide 1 3/15/2016 C.10.5.13
832 EFAST2 Guide for Filers & Service Providers 1 3/15/2016 C.10.6.4
833 Data Dissemination Service (DDS) User's Guide(s)
1 Public User Guide 1 3/15/2016 C.15.7
2 Government User Guide 1 3/15/2016 C.15.7
834 System Test Plan(s) 1 As Proposed C.21.3.1
835 System Test Report(s) 1 As Proposed C.21.3.3
836 Contact Center Operational Procedures Manual 1 4/15/2016 C.18.20
837 Service Level Agreement 1 4/15/2016 C.13.8.1
838 Software Developer Specification
1 Software Developer User's Guide and Specifications 1 4/15/2016 C.10.6.5
2 Transmission File Structure 1 4/15/2016 C.10.6.5
3 XML DER Vol 1 & 2 1 4/15/2016 C.10.6.5
839 Participant Acceptance Testing System (PATS) Package
1 PATS Application 1 4/15/2016 C.10.6.6.3
2 PATS Procedures and Certification Criteria 1 4/15/2016 C.10.6.6.3
3 PATS Test Filings 1 4/15/2016 C.10.6.6.3
840 Third Party Software Developer Conference Materials 1 4/15/2016 C.10.6.3
D841 Draft Security Risk Assessment 1 4/15/2016
F841 Security Risk Assessment 1 6/1/2016 C.22.4.2.2
D842 Draft System Documentation 1 4/15/2016
F842 System Documentation 1 6/1/2016 C.17.2
843 Operating Capacity Report
1 Current Operating Capacity 1 6/30/2016 C.13.8.3.1
2 System Sizing Analysis 1 6/30/2016 C.13.8.3.2
844 Benchmark Report 1 6/30/2016 C.13.8.4
845 Government End User Customer Satisfaction Survey 1 6/30/2016 C.20.16
846 Option Period VIII Disposition/Closeout Plan
1 Transition Plan 1 6/30/2016 C.24.14
2 Source Code 1 6/30/2016 C.24.14
3 Program materials, documentation, media, GFI, and equipment 1 6/30/2016 C.24.14
Other Key Option Period VIII Activities
Third Party Software Developer Conference C.10.6.3
Quarterly Quality Control Briefings C.20.7
Personnel Clearances C.22.3
Government Testing and Reviews E.8.2
Processing Compliance Reviews E.9
Systems Acceptance Test E.8.1.3
EFAST2 RFP
Section F, Page 23 of 30
DOL069RP20266
SCHEDULE OF DELIVERABLES
Option Period IX -- 7/01/2016 to 6/30/2017
Processing Year 2016 Operations, Rollover to Processing Year 2017
Num Item Description of Deliverable Quantity Due Date Section Reference
Processing Year 2016
7/1/2016 through 6/30/2017
D901 Draft Project Risk Management Plan 1 8/1/2016
F901 Project Risk Management Plan 1 9/15/2016 C.24.10
902 Monthly Work and Management Report 1 Monthly C.24.12
1 Report on progress, problems, schedule, and plans 1 Monthly C.24.12
2 Security Progress Report 1 Monthly C.24.12, C.22.4.1
3 Quality Assurance Report 1 Quarterly C.24.12, C.19.19
4 Contact Center Call Report 1 Monthly C.24.12, C.18.17
5 List of Third Party Software Developer Certifications 1 Monthly C.24.12, C.10.6.6.4
903 Notification to COTR of Problems, Errors, or Breach of Security 1 As Needed C.24.13
904 Contact Center Daily Report 1 Daily C.18.18
905 PC Reports 1 Weekly C.6.5
906 Quality Control Reports 1 Monthly C.20.15.1
907 System Performance Report 1 Monthly C.13.8.5, C.14.4.3
908 Large Plan Monthly Report 1 Monthly C.6.6
909 Listing of Government & Contractor Users with Credentials 1 Monthly C.10.3.4
910 Record Retrieval 1 As Needed C.9.2
911 Documentation replacement pages 1 As Needed C.24.16
912 Transmission of Structured Data Records to End Users
1 EBSA XML Return Transaction File 1 Daily C.15.3.4, Attachment E
2 EBSA Structured Return Transaction File 1 Daily C.15.3.4, Attachment E
3 IRS XML Return Transaction File 1 Daily C.15.3.4, Attachment E
4 IRS Structured Return Transaction File 1 Daily C.15.3.4, Attachment E
5 PBGC XML Return Transaction File 1 Weekly C.15.3.4, Attachment E
6 PBGC Structured Return Transaction File 1 Weekly C.15.3.4, Attachment E
7 PBGC Control File 1 Weekly C.15.3.4, Attachment E
8 EBSA Annual XML Archive File 1 6/30/2017 C.16.3, Attachment E
9 EBSA Annual E-Mail Archive File 1 6/30/2017 C.16.3, C.18.9, Attachment E
913 Quality Assurance Plan 1 8/1/2016 C.19.18
914 Final Plan Year 2017 Form / Schedule Proofs
1 PDF Files 1 8/1/2016 C.17.3
2 Source Files 1 8/1/2016 C.17.3
915 Detailed System Design 1 8/1/2016 C.1.2.1.3
916 Configuration Management Plan 1 8/1/2016 C.25.8
917 System Security Plan 1 8/1/2016 C.22.4.2.1
918 Production Recruiting and Training Plan 1 8/15/2016 C.24.11
919 COOP Test Report -- Update VIII 1 9/1/2016 C.22.4.2.3
920 Quality Control Procedures Manual 1 10/1/2016 C.20.15.2
921 HW / SW Refresh Plan 1 10/1/2016 C.17.4
922 Implementation Plan 1 11/1/2016 C.21.3.2
923 Annual Requirements Analysis Report 1 11/1/2016 C.25.10
924 Contingency Plan (Continuity of Operations Plan) -- Update IX
1 COOP 1 11/1/2016 C.22.4.2.3
2 Test Plan 1 11/1/2016 C.22.4.2.3
925 Operational Readiness Declaration
1 Checklist 1 11/1/2016 C.21.3.8
2 Certification 1 11/1/2016 C.21.3.9
926 SAT
1 Agency-specific distribution products 1 11/15/2016 E.8.3, E.8.5
2 Other SAT outputs 1 11/15/2016 E.8.1.3
927 Certification and Warranty 1 12/1/2016 H.12
928 IFILE Functional Specification 1 2/1/2017 C.10.5.14
D929 Draft IFILE / Test Filing Tool 1 1/15/2017
F929 IFILE / Test Filing Tool 1 3/1/2017 C.10.5.15
EFAST2 RFP
Section F, Page 24 of 30
DOL069RP20266
SCHEDULE OF DELIVERABLES
Option Period IX -- 7/01/2016 to 6/30/2017
Processing Year 2016 Operations, Rollover to Processing Year 2017
Num Item Description of Deliverable Quantity Due Date Section Reference
930 Requirements Traceability Matrix (RTM) 1 3/15/2017 C.25.9
931 IFILE User's Guide 1 3/15/2017 C.10.5.13
932 EFAST2 Guide for Filers & Service Providers 1 3/15/2017 C.10.6.4
933 Data Dissemination Service (DDS) User's Guide(s)
1 Public User Guide 1 3/15/2017 C.15.7
2 Government User Guide 1 3/15/2017 C.15.7
934 System Test Plan(s) 1 As Proposed C.21.3.1
935 System Test Report(s) 1 As Proposed C.21.3.3
936 Contact Center Operational Procedures Manual 1 4/15/2017 C.18.20
937 Service Level Agreement 1 4/15/2017 C.13.8.1
938 Software Developer Specification
1 Software Developer User's Guide and Specifications 1 4/15/2017 C.10.6.5
2 Transmission File Structure 1 4/15/2017 C.10.6.5
3 XML DER Vol 1 & 2 1 4/15/2017 C.10.6.5
939 Participant Acceptance Testing System (PATS) Package
1 PATS Application 1 4/15/2017 C.10.6.6.3
2 PATS Procedures and Certification Criteria 1 4/15/2017 C.10.6.6.3
3 PATS Test Filings 1 4/15/2017 C.10.6.6.3
940 Third Party Software Developer Conference Materials 1 4/15/2017 C.10.6.3
D941 Draft Security Risk Assessment 1 4/15/2017
F941 Security Risk Assessment 1 6/1/2017 C.22.4.2.2
D942 Draft System Documentation 1 4/15/2017
F942 System Documentation 1 6/1/2017 C.17.2
943 Operating Capacity Report
1 Current Operating Capacity 1 6/30/2017 C.13.8.3.1
2 System Sizing Analysis 1 6/30/2017 C.13.8.3.2
944 Benchmark Report 1 6/30/2017 C.13.8.4
945 Government End User Customer Satisfaction Survey 1 6/30/2017 C.20.16
946 Option Period IX Disposition/Closeout Plan
1 Transition Plan 1 6/30/2017 C.24.14
2 Source Code 1 6/30/2017 C.24.14
3 Program materials, documentation, media, GFI, and equipment 1 6/30/2017 C.24.14
Other Key Option Period IX Activities
Third Party Software Developer Conference C.10.6.3
Quarterly Quality Control Briefings C.20.7
Personnel Clearances C.22.3
Government Testing and Reviews E.8.2
Processing Compliance Reviews E.9
Systems Acceptance Test E.8.1.3
EFAST2 RFP
Section F, Page 25 of 30
DOL069RP20266
SCHEDULE OF DELIVERABLES
Option Period X -- 7/01/2017 to 6/30/2018
Processing Year 2017 Operations, Rollover to Processing Year 2018
Num Item Description of Deliverable Quantity Due Date Section Reference
Processing Year 2017
7/1/2017 through 6/30/2018
D1001 Draft Project Risk Management Plan 1 8/1/2017
F1001 Project Risk Management Plan 1 9/15/2017 C.24.10
1002 Monthly Work and Management Report 1 Monthly C.24.12
1 Report on progress, problems, schedule, and plans 1 Monthly C.24.12
2 Security Progress Report 1 Monthly C.24.12, C.22.4.1
3 Quality Assurance Report 1 Quarterly C.24.12, C.19.19
4 Contact Center Call Report 1 Monthly C.24.12, C.18.17
5 List of Third Party Software Developer Certifications 1 Monthly C.24.12, C.10.6.6.4
1003 Notification to COTR of Problems, Errors, or Breach of Security 1 As Needed C.24.13
1004 Contact Center Daily Report 1 Daily C.18.18
1005 PC Reports 1 Weekly C.6.5
1006 Quality Control Reports 1 Monthly C.20.15.1
1007 System Performance Report 1 Monthly C.13.8.5, C.14.4.3
1008 Large Plan Monthly Report 1 Monthly C.6.6
1009 Listing of Government & Contractor Users with Credentials 1 Monthly C.10.3.4
1010 Record Retrieval 1 As Needed C.9.2
1011 Documentation replacement pages 1 As Needed C.24.16
1012 Transmission of Structured Data Records to End Users
1 EBSA XML Return Transaction File 1 Daily C.15.3.4, Attachment E
2 EBSA Structured Return Transaction File 1 Daily C.15.3.4, Attachment E
3 IRS XML Return Transaction File 1 Daily C.15.3.4, Attachment E
4 IRS Structured Return Transaction File 1 Daily C.15.3.4, Attachment E
5 PBGC XML Return Transaction File 1 Weekly C.15.3.4, Attachment E
6 PBGC Structured Return Transaction File 1 Weekly C.15.3.4, Attachment E
7 PBGC Control File 1 Weekly C.15.3.4, Attachment E
8 EBSA Annual XML Archive File 1 6/30/2018 C.16.3, Attachment E
9 EBSA Annual E-Mail Archive File 1 6/30/2018 C.16.3, C.18.9, Attachment E
1013 Quality Assurance Plan 1 8/1/2017 C.19.18
1014 Final Plan Year 2018 Form / Schedule Proofs
1 PDF Files 1 8/1/2017 C.17.3
2 Source Files 1 8/1/2017 C.17.3
1015 Detailed System Design 1 8/1/2017 C.1.2.1.3
1016 Configuration Management Plan 1 8/1/2017 C.25.8
1017 System Security Plan 1 8/1/2017 C.22.4.2.1
1018 Production Recruiting and Training Plan 1 8/15/2017 C.24.11
1019 COOP Test Report -- Update IX 1 9/1/2017 C.22.4.2.3
1020 Quality Control Procedures Manual 1 10/1/2017 C.20.15.2
1021 HW / SW Refresh Plan 1 10/1/2017 C.17.4
1022 Implementation Plan 1 11/1/2017 C.21.3.2
1023 Annual Requirements Analysis Report 1 11/1/2017 C.25.10
1024 Contingency Plan (Continuity of Operations Plan) -- Update X
1 COOP 1 11/1/2017 C.22.4.2.3
2 Test Plan 1 11/1/2017 C.22.4.2.3
1025 Operational Readiness Declaration
1 Checklist 1 11/1/2017 C.21.3.8
2 Certification 1 11/1/2017 C.21.3.9
1026 SAT
1 Agency-specific distribution products 1 11/15/2017 E.8.3, E.8.5
2 Other SAT outputs 1 11/15/2017 E.8.1.3
1027 Certification and Warranty 1 12/1/2017 H.12
1028 IFILE Functional Specification 1 2/1/2018 C.10.5.14
D1029 Draft IFILE / Test Filing Tool 1 1/15/2018
F1029 IFILE / Test Filing Tool 1 3/1/2018 C.10.5.15
EFAST2 RFP
Section F, Page 26 of 30
DOL069RP20266
SCHEDULE OF DELIVERABLES
Option Period X -- 7/01/2017 to 6/30/2018
Processing Year 2017 Operations, Rollover to Processing Year 2018
Num Item Description of Deliverable Quantity Due Date Section Reference
1030 Requirements Traceability Matrix (RTM) 1 3/15/2018 C.25.9
1031 IFILE User's Guide 1 3/15/2018 C.10.5.13
1032 EFAST2 Guide for Filers & Service Providers 1 3/15/2018 C.10.6.4
1033 Data Dissemination Service (DDS) User's Guide(s)
1 Public User Guide 1 3/15/2018 C.15.7
2 Government User Guide 1 3/15/2018 C.15.7
1034 System Test Plan(s) 1 As Proposed C.21.3.1
1035 System Test Report(s) 1 As Proposed C.21.3.3
1036 Contact Center Operational Procedures Manual 1 4/15/2018 C.18.20
1037 Service Level Agreement 1 4/15/2018 C.13.8.1
1038 Software Developer Specification
1 Software Developer User's Guide and Specifications 1 4/15/2018 C.10.6.5
2 Transmission File Structure 1 4/15/2018 C.10.6.5
3 XML DER Vol 1 & 2 1 4/15/2018 C.10.6.5
1039 Participant Acceptance Testing System (PATS) Package
1 PATS Application 1 4/15/2018 C.10.6.6.3
2 PATS Procedures and Certification Criteria 1 4/15/2018 C.10.6.6.3
3 PATS Test Filings 1 4/15/2018 C.10.6.6.3
1040 Third Party Software Developer Conference Materials 1 4/15/2018 C.10.6.3
D1041 Draft Security Risk Assessment 1 4/15/2018
F1041 Security Risk Assessment 1 6/1/2018 C.22.4.2.2
D1042 Draft System Documentation 1 4/15/2018
F1042 System Documentation 1 6/1/2018 C.17.2
1043 Operating Capacity Report
1 Current Operating Capacity 1 6/30/2018 C.13.8.3.1
2 System Sizing Analysis 1 6/30/2018 C.13.8.3.2
1044 Benchmark Report 1 6/30/2018 C.13.8.4
1045 Government End User Customer Satisfaction Survey 1 6/30/2018 C.20.16
1046 Option Period X Disposition/Closeout Plan
1 Transition Plan 1 6/30/2018 C.24.14
2 Source Code 1 6/30/2018 C.24.14
3 Program materials, documentation, media, GFI, and equipment 1 6/30/2018 C.24.14
Other Key Option Period X Activities
Third Party Software Developer Conference C.10.6.3
Quarterly Quality Control Briefings C.20.7
Personnel Clearances C.22.3
Government Testing and Reviews E.8.2
Processing Compliance Reviews E.9
Systems Acceptance Test E.8.1.3
EFAST2 RFP
Section F, Page 27 of 30
DOL069RP20266
SCHEDULE OF DELIVERABLES
Option Period XI -- 7/01/2018 to 6/30/2019
Processing Year 2018 Operations, Rollover to Processing Year 2019
Num Item Description of Deliverable Quantity Due Date Section Reference
Processing Year 2018
7/1/2018 through 6/30/2019
D1101 Draft Project Risk Management Plan 1 8/1/2018
F1101 Project Risk Management Plan 1 9/15/2018 C.24.10
1102 Monthly Work and Management Report 1 Monthly C.24.12
1 Report on progress, problems, schedule, and plans 1 Monthly C.24.12
2 Security Progress Report 1 Monthly C.24.12, C.22.4.1
3 Quality Assurance Report 1 Quarterly C.24.12, C.19.19
4 Contact Center Call Report 1 Monthly C.24.12, C.18.17
5 List of Third Party Software Developer Certifications 1 Monthly C.24.12, C.10.6.6.4
1103 Notification to COTR of Problems, Errors, or Breach of Security 1 As Needed C.24.13
1104 Contact Center Daily Report 1 Daily C.18.18
1105 PC Reports 1 Weekly C.6.5
1106 Quality Control Reports 1 Monthly C.20.15.1
1107 System Performance Report 1 Monthly C.13.8.5, C.14.4.3
1108 Large Plan Monthly Report 1 Monthly C.6.6
1109 Listing of Government & Contractor Users with Credentials 1 Monthly C.10.3.4
1110 Record Retrieval 1 As Needed C.9.2
1111 Documentation replacement pages 1 As Needed C.24.16
1112 Transmission of Structured Data Records to End Users
1 EBSA XML Return Transaction File 1 Daily C.15.3.4, Attachment E
2 EBSA Structured Return Transaction File 1 Daily C.15.3.4, Attachment E
3 IRS XML Return Transaction File 1 Daily C.15.3.4, Attachment E
4 IRS Structured Return Transaction File 1 Daily C.15.3.4, Attachment E
5 PBGC XML Return Transaction File 1 Weekly C.15.3.4, Attachment E
6 PBGC Structured Return Transaction File 1 Weekly C.15.3.4, Attachment E
7 PBGC Control File 1 Weekly C.15.3.4, Attachment E
8 EBSA Annual XML Archive File 1 6/30/2019 C.16.3, Attachment E
9 EBSA Annual E-Mail Archive File 1 6/30/2019 C.16.3, C.18.9, Attachment E
1113 Quality Assurance Plan 1 8/1/2018 C.19.18
1114 Final Plan Year 2019 Form / Schedule Proofs
1 PDF Files 1 8/1/2018 C.17.3
2 Source Files 1 8/1/2018 C.17.3
1115 Detailed System Design 1 8/1/2018 C.1.2.1.3
1116 Configuration Management Plan 1 8/1/2018 C.25.8
1117 System Security Plan 1 8/1/2018 C.22.4.2.1
1118 Production Recruiting and Training Plan 1 8/15/2018 C.24.11
1119 COOP Test Report -- Update X 1 9/1/2018 C.22.4.2.3
1120 Quality Control Procedures Manual 1 10/1/2018 C.20.15.2
1121 HW / SW Refresh Plan 1 10/1/2018 C.17.4
1122 Implementation Plan 1 11/1/2018 C.21.3.2
1123 Annual Requirements Analysis Report 1 11/1/2018 C.25.10
1124 Contingency Plan (Continuity of Operations Plan) -- Update XI
1 COOP 1 11/1/2018 C.22.4.2.3
2 Test Plan 1 11/1/2018 C.22.4.2.3
1125 Operational Readiness Declaration
1 Checklist 1 11/1/2018 C.21.3.8
2 Certification 1 11/1/2018 C.21.3.9
1126 SAT
1 Agency-specific distribution products 1 11/15/2018 E.8.3, E.8.5
2 Other SAT outputs 1 11/15/2018 E.8.1.3
1127 Certification and Warranty 1 12/1/2018 H.12
1128 IFILE Functional Specification 1 2/1/2019 C.10.5.14
D1129 Draft IFILE / Test Filing Tool 1 1/15/2019
F1129 IFILE / Test Filing Tool 1 3/1/2019 C.10.5.15
EFAST2 RFP
Section F, Page 28 of 30
DOL069RP20266
SCHEDULE OF DELIVERABLES
Option Period XI -- 7/01/2018 to 6/30/2019
Processing Year 2018 Operations, Rollover to Processing Year 2019
Num Item Description of Deliverable Quantity Due Date Section Reference
1130 Requirements Traceability Matrix (RTM) 1 3/15/2019 C.25.9
1131 IFILE User's Guide 1 3/15/2019 C.10.5.13
1132 EFAST2 Guide for Filers & Service Providers 1 3/15/2019 C.10.6.4
1133 Data Dissemination Service (DDS) User's Guide(s)
1 Public User Guide 1 3/15/2019 C.15.7
2 Government User Guide 1 3/15/2019 C.15.7
1134 System Test Plan(s) 1 As Proposed C.21.3.1
1135 System Test Report(s) 1 As Proposed C.21.3.3
1136 Contact Center Operational Procedures Manual 1 4/15/2019 C.18.20
1137 Service Level Agreement 1 4/15/2019 C.13.8.1
1138 Software Developer Specification
1 Software Developer User's Guide and Specifications 1 4/15/2019 C.10.6.5
2 Transmission File Structure 1 4/15/2019 C.10.6.5
3 XML DER Vol 1 & 2 1 4/15/2019 C.10.6.5
1139 Participant Acceptance Testing System (PATS) Package
1 PATS Application 1 4/15/2019 C.10.6.6.3
2 PATS Procedures and Certification Criteria 1 4/15/2019 C.10.6.6.3
3 PATS Test Filings 1 4/15/2019 C.10.6.6.3
1140 Third Party Software Developer Conference Materials 1 4/15/2019 C.10.6.3
D1141 Draft Security Risk Assessment 1 4/15/2019
F1141 Security Risk Assessment 1 6/1/2019 C.22.4.2.2
D1142 Draft System Documentation 1 4/15/2019
F1142 System Documentation 1 6/1/2019 C.17.2
1143 Operating Capacity Report
1 Current Operating Capacity 1 6/30/2019 C.13.8.3.1
2 System Sizing Analysis 1 6/30/2019 C.13.8.3.2
1144 Benchmark Report 1 6/30/2019 C.13.8.4
1145 Government End User Customer Satisfaction Survey 1 6/30/2019 C.20.16
1146 Option Period XI Disposition/Closeout Plan
1 Transition Plan 1 6/30/2019 C.24.14
2 Source Code 1 6/30/2019 C.24.14
3 Program materials, documentation, media, GFI, and equipment 1 6/30/2019 C.24.14
Other Key Option Period XI Activities
Third Party Software Developer Conference C.10.6.3
Quarterly Quality Control Briefings C.20.7
Personnel Clearances C.22.3
Government Testing and Reviews E.8.2
Processing Compliance Reviews E.9
Systems Acceptance Test E.8.1.3
EFAST2 RFP
Section F, Page 29 of 30
DOL069RP20266





This Page is Intentionally Left Blank
EFAST2 RFP
Section F, Page 30 of 30
DOL069RP20266













EFAST2 RFP
Section G
Contract Administration Data
EFAST2 RFP
Section G, Page 1 of 8
DOL069RP20266





This Page is Intentionally Left Blank
EFAST2 RFP
Section G, Page 2 of 8
DOL069RP20266
SECTION G. CONTRACT ADMINISTRATION DATA

G.1 CONTRACTING OFFICER’S TECHNICAL REPRESENTATIVE

The Contracting Officer’s Technical Representative (COTR) is ________________, telephone
number _________________. The COTR is responsible for daily oversight of the Contractor’s
work and progress and for review of the Contractor’s invoices. In general, the COTR serves the
following functions:

• Acting as technical liaison between the Contracting Officer and contractor;
• Recommending whether to provide government property;
• Providing technical assistance;
• Conducting market research;
• Monitoring the acquisition, control, and disposition of government property;
• Monitoring contractor performance;
• Performing inspection and acceptance;
• Documenting contractor past performance;
• Providing technical evaluation of contractor proposals;
• Recommending contractor modifications;
• Recommending whether an option should be exercised;
• Notifying the Contracting Officer regarding delays;
• Evaluating contractor submissions of claims and termination settlement proposals;
• Assisting the Contracting Officer in the administration of stop work orders;
• Suggesting remedies for inadequate or nonperformance;
• Processing invoices and recommending payment; and
• Participating in contract closeout.

The COTR is not authorized to direct any action that would result in a change in scope, price,
terms, or conditions of this contract, the authority for which rests with the Contracting Officer.

G.2 SUBMISSION OF INVOICES

G.2.1 Designated Billing Office

The Contractor shall submit an original and four (4) copies of the Contractor’s invoices to the
following address:

U.S. Department of Labor
Financial Services Center
OASAM
Attn: Invoice/Contract Payments
Room S-5526
200 Constitution Avenue, N.W.
Washington, DC 20210

EFAST2 RFP
Section G, Page 3 of 8
DOL069RP20266
G.2.2 Invoicing Cycle

The Contractor shall submit an invoice each month on a schedule that coincides with the
Contractor’s accounting cycle, such as 4-4-5 (4 weeks, 4 weeks, 5 weeks), as identified in the
Contractor’s proposal. Each invoice shall cover the costs incurred by the Contractor in the
previous month.

G.2.3 Supplemental Invoicing Requirements

The Contractor shall include the following information in each of the invoices, in addition to the
information required by FAR 52.232-25, Prompt Payment:

• The billing period shall be identified.

• The total charge for the billing period, as well as a breakdown of the total charge into
its component parts, shall be identified as follows:

− Base Period. Identify the actual costs incurred during the preceding month in
meeting the Government’s minimum requirements for the Base Period (1st
Component), the Base (2nd Component), or the Base Period (3rd
Component), as appropriate. The invoice shall include all Contractor costs
associated with the Base Period, including project planning, requirements
definition, system design, build, and test, hardware and software acquisition
and maintenance expenses, commercial off-the-shelf (COTS) software
licenses, documentation, plant acquisition, labor, training, security
certification, and all other costs associated with prototype development,
scaleup, and certification and implementation of EFAST2, in accordance with
Section B of the Contract Schedule. These costs include, but are not limited
to, the cost for direct labor, overhead, other indirect charges; subcontracts and
purchased labor; other direct costs (ODC); and expensed materials.

− Option Period I (1st Component). Identify the actual costs incurred during the
preceding month in meeting the Government’s minimum requirements for
Option Period I (1st Component). The invoice shall include all Contractor
costs associated with advance pre-processing activities necessary to prepare
for EFAST2 system startup, in accordance with Section B of the Contract
Schedule. These costs include, but are not limited to, the cost for direct labor,
overhead, other indirect charges; subcontracts and purchased labor; ODCs;
and expensed materials.

− Option Period I (2nd Component) through Option Period XI. Identify the
executed Contract Line Item Number (CLIN) prices specified under Section B
of the Contract Schedule.

• Include in the invoice a statement signed by a responsible official of the concern
substantially similar if not identical to the following: “I certify that the services
EFAST2 RFP
Section G, Page 4 of 8
DOL069RP20266
identified in this invoice have been performed in accordance with the contract and
that personnel and/or other costs are true and correct and have not been previously
billed.”

G.3 GOVERNMENT APPROVAL OF CONTRACTOR PERSONNEL

The Government reserves the right to review the qualifications of Contractor personnel proposed
for assignment under this contract to establish conformity with the qualifications of the labor
categories shown in Section C.3 of the Schedule, as follows:

(1) The Government may, at any time during the course of this contract, request resumes
from the Contractor for those individuals that the Contractor proposes to use in the
approved labor categories, and the Contractor shall furnish the requested resumes to the
Government within two (2) Government business days.

(2) The Contractor shall remove from work under this contract those Contractor personnel
that the Government has found to be unacceptable. The Contractor shall remove the
unacceptable personnel within fourteen (14) calendar days after being notified to do so.
The Contracting Officer will deliver the notification to the Contractor in writing.

G.4 OPTION TO EXTEND THE PERIOD OF PERFORMANCE – CLOSEOUT AND
TRANSITION

The Government may unilaterally extend the existing period of performance for up to 12 months
by written notice to the Contractor within thirty (30) calendar days of contract expiration,
provided that the Government issues a preliminary written notice of its intent to extend the
period of performance at least sixty (60) calendar days before the contract expires. The purpose
of this extension is to afford the Contractor sufficient time to perform and complete all
processing requirements associated with the orderly closeout and transition of the EFAST2
program. As part of this process, the Government will issue a request for an Engineering Change
Proposal (ECP) to the Contractor at least one hundred and sixty (160) calendar days prior to the
expiration of the contract identifying the Government’s minimum requirements for the orderly
closeout and transition of the EFAST2 Program. The Contractor shall submit a responsive
technical and business proposal to the Government within thirty (30) calendar days following
receipt of the request for ECP. The ECP shall identify those considerations and cost/pricing
estimates for the purpose of completing the orderly closeout and transition of the EFAST
Program. The ECP shall be prepared in a format that reflects a clear understanding of the nature
of the work to be undertaken and that utilizes actual cost/pricing.

G.5 52.217-9 OPTION TO EXTEND THE TERM OF THE CONTRACT

(a) The Government may extend the term of this contract by written notice to the Contractor
within sixty (60) calendar days of contract expiration, provided that the Government
gives the Contractor a preliminary written notice of its intent to extend at least thirty (30)
calendar days before the contract expires. The preliminary notice does not commit the
Government to an extension.
EFAST2 RFP
Section G, Page 5 of 8
DOL069RP20266

(b) If the Government exercises this option, the extended contract shall be considered to
include this option clause.

(c) The total duration of this contract, including the exercise of any options under this clause,
shall not exceed 11 years.

G.6 INCORPORATION OF CONTRACTOR’S PROPOSAL

It is understood and agreed that the Contractor, in meeting the requirements of this contract, shall
perform the work in accordance with its proposal to the U.S. Department of Labor, dated
________. To the extent that any provisions of the Articles set forth herein are in conflict or
inconsistent with the definition and/or provisions of the Contractor’s proposal, the provisions of
the Articles of the contract, including executed modifications, shall be controlling and shall
supersede the provisions of the Contractor’s proposal(s). Additionally, where the provisions of
the contract, including executed modifications, represent further clarification or definitization of
Government requirements also covered under the Contractor’s proposal(s), the provisions of the
Articles of the contract, including executed modifications, are controlling and supersede the
provisions of said proposal(s).

G.7 STANDARDS OF WORK

It is understood and agreed that the performance of work under this contract shall conform to
high professional standards.

G.8 NOTICE TO GOVERNMENT OF DELAY

Whenever the Contractor has knowledge that any actual or potential situation is delaying or
threatens to delay the timely performance of this contract, the Contractor shall, within fourteen
(14) calendar days, give notice thereof, including all relevant information with respect thereto, to
the Contracting Officer.

G.9 KEY PERSONNEL

The persons named below are considered by the Government to be key personnel and essential
for the successful completion of all work assigned under the contract:



NAME TITLE

TBD Program Manager
TBD Computer Systems Analyst
TBD Chief Quality Control Specialist
TBD Information Security Officer
TBD System Administrator
EFAST2 RFP
Section G, Page 6 of 8
DOL069RP20266
TBD System Test Engineer
TBD Configuration Management Specialist

All changes in key personnel will require the written approval of the COTR and the Contracting
Officer. At least fourteen (14) calendar days prior to the effective date of a proposed change in
key personnel, the Contractor shall submit a description of the change, a justification for the
change, and detailed qualifications of the proposed substitute personnel, in sufficient detail to
permit evaluation by the Government of the potential impact on the program. The COTR does
not intend to approve any changes in key personnel within the first one hundred eighty (180)
calendar days following contract award.

Subcontractors are not exempt from this requirement and must supply resumes for the COTR’s
review prior to any additional or replacement key personnel being assigned to the contract.

G.10 REPORTING

Throughout the contract, the Contractor shall submit monthly activity reports to the COTR. The
contents of each report are specified in Section C.24. The delivery cycle for each report is
specified in Section F. This section addresses the additional contract administration data that is
required for the Cost Plus Award Fee (CPAF), Cost Plus Fixed Fee (CPFF), and Firm Fixed
Price (FFP) contract periods.

G.10.1 Base Period (CPAF) & Option Period I (1st Component) (CPFF) Reporting

During the Base Period and Option Period I (1st Component), the Contractor shall submit a
Monthly Work and Management Report (MWMR). The MWMR shall be delivered on a monthly
schedule, as specified in Section F, and shall address activity during the previous month. The
contents of the MWMR for the Base Period and Option Period I (1st Component) are specified in
Section C.24.

Concurrent with the MWMR, the Contractor shall provide a Contract Performance Report (CPR)
and a Contract Funds Status Report (CFSR) each month to the COTR, as specified in Section
C.24. The CPR shall report cost and schedule performance status at Level 3 of the Contract
Work Breakdown Structure (CWBS).

In addition to the reporting required for the MWMR, as specified in Section C.24, the Contractor
shall submit a report to the COTR each month that demonstrates progress on correcting system
defects and deficiencies identified in Functional Capability Tests (FCT), the System Acceptance
Test (SAT), and the Government’s Security Compliance Review. Specifically, the monthly
report shall address the outstanding error reports (ER) that factor into the calculation of the
Award Fee for each component of the Base Period, as specified in Attachment Q. The two types
of ER that shall be reported each month are as follows:

• Critical Error Reports—Critical ERs are defined as observed defects or deficiencies
that would be detectable by the public end users of the system or that could pose a
risk to data or system confidentiality, integrity, or availability.
EFAST2 RFP
Section G, Page 7 of 8
DOL069RP20266

• Minor Error Reports—Minor errors are defined as observed defects or deficiencies
that would not be detectable by the public end users of the system and that would not
pose a risk to data or system confidentiality, integrity, or availability.

The MWMR and CFSR shall be delivered as specified in Section F. CPRs shall be submitted to
the COTR no later than the 12
th
of the month or 12 working days following the Contractor’s
accounting period cutoff date.

G.10.2 Option Period I (2nd Component) through Option Period XI

During Option Period I (2nd Component) through Option Period XI, the MWMR shall coincide
with the Contractor’s monthly invoice and shall address activity during the period covered by the
invoice. The contents of the MWMR for Option Period I (2nd Component) through Option
Period XI are specified in Section C.24. The MWMR shall be delivered as specified in Section F.

In addition to the reporting required for the MWMR, as specified in Section C.24, the Contractor
shall submit a report to the COTR each month that identifies the filing components processed by
the Contractor during the reporting period, pursuant to the Cost and Pricing Schedule specified in
Section B of the contract. The number and breakdown of filing components processed for the
reporting period shall collectively match the Contractor’s weekly Production Control Report and
certified invoice submitted for payment.

G.11 HOLIDAYS

The following is a schedule of the Government’s holidays:

(1) New Year’s Day
(2) Birthday of Martin Luther King, Jr.
(3) Washington’s Birthday
(4) Memorial Day
(5) Independence Day
(6) Labor Day
(7) Veteran’s Day
(8) Thanksgiving Day
(9) Columbus Day
(10) Christmas Day
(11) Inauguration Day (every fourth calendar year in Washington, DC, e.g., January 20, 2009)

The schedule of Government holidays is provided for information purposes only. While the
Contractor is not required to operate in accordance with the Government’s holiday schedule, it is
recommended that the Contractor implement this schedule to facilitate effective communication
and operations of EFAST2.
EFAST2 RFP
Section G, Page 8 of 8
DOL069RP20266












EFAST2 RFP
Section H
Special Contract Requirements
EFAST2 RFP
Section H, Page 1 of 16
DOL069RP20266





This Page is Intentionally Left Blank
EFAST2 RFP
Section H, Page 2 of 16
DOL069RP20266
PART I - THE SCHEDULE
SECTION H - SPECIAL CONTRACT REQUIREMENTS


H.1 WAIVER OF DELIVERY SCHEDULE

While the Government may accept delinquent deliveries, any assistance rendered to the
contractor on this contract or acceptance by the Government of delinquent goods or services
hereunder will be solely for the purpose of mitigating damages and is not to be construed as an
intention on the part of the Government to condone any delinquency, or as a waiver of any rights
the Government may have under the EFAST2 including the right to terminate the contract.

H.2 MODIFICATIONS AND REVISIONS
The Contractor shall furnish full documentation of all Contractor changes and/or
modifications to the applications and/or operating system software provided to meet Government
requirements. In the case of new software releases, the Government may elect to accept the later
versions of software. If accepted, software support will be provided at no additional cost to the
Government during the period of this contract.


H.3 RESERVED

H.4 RESTRICTIONS IN THE RELEASE, PUBLICATION AND USE OF DATA
Pursuant to Federal Acquisition Regulation (FAR) 27.204-1, the Contractor is hereby restricted
from using, releasing to others, reproducing, distributing or publishing any data produced within
EFAST2 or any data delivered to the Contractor by the Government for purposes other than meeting
the requirements of the EFAST2 Contract. The language stated herein, is stated for the purpose of
meeting applicable FAR requirements to limit Contractor use of EFAST2 data. The Contractor is
reminded that EFAST2 data is composed of sensitive Tax data and is therefore subject to 26 USC
6103(p)(4) and other applicable statutes.

The Contractor, in pursuit of goals not covered by this contract, shall not make any extra-
contractual use (i.e., perform any analysis, processing or disposition), at any time, on the federal data
obtained from processing the Form 5500 series Returns/Reports. Use of any federal data obtained
through the contract for any activity/use outside the scope of this contract shall be strictly prohibited.
The Contractor shall not abridge, diminish or otherwise compromise EFAST2 data in any manner.

The Contractor shall operate within the requirements of the Internal Revenue Code
encompassing the non-disclosure and security of non-disclosable tax material for all Form 5500
series returns/reports and all data derived therefrom, in whatever form. This requirement applies to
all Form 5500 series data, whether disclosable or not, while under the control of the Contractor. All
records developed during the course of this contract shall be protected from examination by
unauthorized agencies or persons. Such records include all electronically filed forms, computer files,
program listings, manuals, documentation, correspondence files, contract records and reports, related
EFAST2 RFP
Section H, Page 3 of 16
DOL069RP20266
to EFAST2 Form 5500 return/report processing whether produced by the Government or the
Contractor in performance of EFAST2 contractual requirements. All copies shall be retained in a
secure manner by the Contractor. No materials or any summary of these materials shall be released
to any individual or organization without prior written permission from the Contracting Officer,
except as required under this contract.

The Contractor is prohibited from preparing presentations of statistical or analytical material or
reports, based on information obtained from EFAST2 covered by this contract, except as required
under this contract.

In performance of this contract, the Contractor agrees to comply and assume responsibility for
compliance by its employees and by the employees of its subcontractors, with the following
requirements:

• All work shall be performed under the supervision of the Contractor or the Contractor’s
responsible employees.

• Any Form 5500 series return/report information made available in any format shall be used
only for the purpose of carrying out the provisions of this contract. Information contained in
such material shall be treated as confidential and shall not be divulged or made known in any
manner to any person except as may be necessary in the performance of the contract.
Disclosure to anyone other than an officer or employee of the Contractor shall require written
approval of the COTR.

• The Contractor certifies that the data processed during the performance of this contract shall
be completely purged from all data storage components of his/her computer facility, and no
output will be retained by the Contractor at the time the work under the contract is
completed. If immediate purging of all data storage components is not possible, the
Contractor certifies that any Form 5500 series return/report data remaining in any storage
component will be safeguarded to prevent unauthorized disclosure.

• No work involving information furnished under this contract will be subcontracted without
the specific approval of the COTR.

Any Government information made available, which is marked “Official Use Only”, shall be
used only for the purpose of carrying out the provisions of this contract and shall not be divulged or
made known in any manner to any person except as may be necessary in the performance of the
contract. Disclosure to anyone other than an officer or employee of the Contractor shall require prior
written approval of the COTR. Requests to make such disclosure shall be addressed to the COTR.

Each officer or employee of any person to whom non-disclosable EFAST2 information is or
may be disclosed shall be notified in writing by the Contractor that returns or return information
disclosed to such officer or employee can be used only for a purpose and to the extent authorized
herein, and that further disclosure of any such returns or return information for a purpose or to an
extent unauthorized herein constitutes a felony, punishable upon conviction by a fine of as much as
$5,000 or imprisonment for as long as five years, or both, together with the costs of prosecution. The
Contractor shall also notify each such officer and employee that any such unauthorized further
disclosure of returns or return information may also result in an award of civil damages against the
Officer or employee in an amount not less than $1,000 with respect to each instance of unauthorized
EFAST2 RFP
Section H, Page 4 of 16
DOL069RP20266
disclosure. These penalties are prescribed by IRC 7213 and 7431 and set forth at 26 CFR 301.6103
(n)-1.

Additionally, it is incumbent upon the Contractor to inform its officers and employees of the
penalties for improper disclosure imposed by the Privacy Act of 1974, 5 U.S.C. 552a. Specifically, 5
U.S.C. 552a (i) (1), which is made applicable to Contractors by 5 U.S.C. 552 (m) (1), provides that
any officer or employee of a Contractor who by virtue of his employment or official position, has
possession of, or access to, agency records which contain individually identifiable information the
disclosure of which is prohibited under the Privacy Act or regulations established thereunder, and
who knowing that disclosure of the specific material is prohibited, willfully discloses the material in
any manner to any person or agency not entitled to receive it, shall be guilty of a misdemeanor and
fined not more than $5,000.

Each officer or employee of the Contractor or subcontractor at any tier to whom “Official Use
Only” information may be made available or disclosed shall be notified in writing by the Contractor
that “Official Use Only” information disclosed to such officer or employee can be used only for a
purpose and to the extent authorized herein, and that further disclosure of any such “Official Use
Only” information, by any means, for a purpose or to an extent unauthorized herein, may subject the
offender to criminal sanctions imposed by 18 U.S.C. 641. Section 641 of 18 U.S.C. provides, in
pertinent part, that whoever knowingly converts to his use or the use of another, or without authority,
sells, conveys, or disposes of any record of the United States or whoever receives the same with the
intent to convert it to his use or gain, knowing it to have been converted, shall be guilty of a crime
punishable by a fine or imprisoned up to ten years or both.

The Government shall have the right at any time to send its officers and employees into the
offices and plants of the Contractor for inspection of the facilities and operations provided for the
performance of any work under this contract. On the basis of such inspection the COTR may require
specific measures in cases where the Contractor is found to be non-compliant with the contract
safeguards.

H.5 SECURITY AND CONFIDENTIALITY OF NON-DISCLOSURE TAX
INFORMATION

(a) The contractor shall establish controls to preclude inadvertent or intentional disclosure of
any sensitive, non-disclosable tax information, and the use of EFAST2 information for any purposes
outside the scope of this contract. The contractor shall also impose controls to prevent employees
from “browsing” documents other than those documents on which employees are actively working.
The contractor shall use other management techniques, such as monitoring of live phone calls,
review of files, to monitor the protection of tax information. Any tax information provided to the
contractor under this contract shall be used only for the purpose of carrying out the provisions of this
contract.

(b) In the course of this contract, Government material marked “Official Use Only” and other
proprietary information may be provided to the contractor. The contractor shall use such information
for the purposes of the contract only. Such material shall be kept under lock and key when not in use.

(c) Unless authorized by the Contracting Officer in writing, the Contractor shall keep the
information contained in source documents or other media furnished by the Government in the
EFAST2 RFP
Section H, Page 5 of 16
DOL069RP20266
strictest confidence, said information being the sole property of the Government. The Contractor
also agrees not to publish, reproduce or otherwise divulge such information in whole or in part,
in any manner, or form, nor to authorize or permit others to do so, taking such reasonable
measures as are necessary to restrict access to such information while in its possession to those
employees needing such information to perform the work required herein, i.e., on a “need-to-
know” basis, and shall immediately notify in writing, the Contracting Officer’s Technical
Representative named herein, in the event that it determines or has reason to suspect a breach of
this requirement.

(d)The Contractor agrees that it shall not disclose any information concerning the work under
this contract to any person or individuals unless prior written approval is obtained from the
Contracting Officer.

(e) The Contractor shall require each contractor employee to review and sign a Government
approved non-disclosure agreement prior to beginning work on the EFAST2 contract. The form
of the disclosure statement will be one mutually agreed upon by the Contractor and the COTR and
shall be delivered to and approved by the Government prior to the execution of the EFAST2
Contract. The Contractor must send a signed copy to the COTR of the agreement for each
Contractor employee or subcontractor.

(f)The Contractor agrees to insert the substance of this clause in any agreement or subcontract
hereunder.

H.6 RIGHT IN DATA AND COPYRIGHT
Throughout the period of the EFAST2 Contract, the Contractor shall perform in accordance with
Section I. The Government and the Contractor shall each have rights in data and copyright in
accordance with this clause and Section I of the Contract. In the case of any conflict, this caluse
shall govern. For the Government, these rights include unlimited data rights, limited data and
restricted software rights, rights prohibiting unauthorized marking, rights addressing
subcontractor performance, copyrights, and patent rights. For the Contractor, these rights include
the right to protect from unauthorized disclosure and use of any data deemed limited rights data
or restricted software, and the right to establish claim to technical or scientific articles based on
EFAST2 data published in professional trade journals or similar works. The following
addresses, in detail, each of the Government and Contractor’s rights in data.

Throughout the period of this contract, the Government reserves unlimited rights to data
contained in or derived from Form 5500 series returns/reports prior to and after such data is made
available to the public by the Government. This data includes data produced by the EFAST2
system as a result of the contractor performing the requirements of the contract; form, fit and
function data required under the contract to enable the Government to fully identify and/or access
EFAST2 data; any data provided to the Contractor by the Government (GFI) for performing
contract requirements including tax information, manuals, instructional or training material; and
all other data delivered under this contract, not specifically identified by the contractor as limited
rights data or restricted software.

EFAST2 RFP
Section H, Page 6 of 16
DOL069RP20266
Throughout the period of this contract, the Government shall have limited rights to data, and
restricted rights to EFAST2 custom software developed by the Contractor at its own private
expense under the EFAST2 Contract. The Government shall also have limited rights to selective,
proprietary information deliverables listed in Section F, procedures, configurations, and any other
intellectual property developed by the Contractor under this project. Proprietary information
deliverables include those documents revealing system design or technical solution. This limited
rights data and restricted software shall be clearly identified in each contractually required
deliverable submission. However, the Government shall have the right to form, fit and function
data in lieu of limited data and restricted software. The Government shall also have the right to
modify the contract at a later date, should the Government require delivery of limited rights data
and/or restricted custom computer software for the purpose of transitioning the EFAST2 system
to another contractor.

The Contractor shall have the right to copyright aspects of EFAST2 data to which it holds limited
or restricted rights, having developed these data/software items at private expense, including
deliverables listed in Section F, procedures, configurations, and other intellectual property
developed under this contract. The Contractor is prohibited from copyrighting any other EFAST2
data that is first produced within the EFAST2 system without a written request to and the
permission of the Contracting Officer. Regardless of copyright, the Government shall maintain a
nonexclusive, irrevocable license to reproduce and distribute to the public all data first produced
in EFAST2.

Throughout the period of this contract, the Government shall not establish claim or rights to
COTS Software, COTS Hardware, or any other software or hardware component purchased by
the Contractor in performance of the EFAST2 contract. The Government shall reserve no rights
nor claim title to the physical facilities purchased and/or used in performance of this Contract.
The costs of the use of this identified hardware and software shall be paid by the Government as
depreciation expenses according to the provisions of Section B and Section C of the Contract
Schedule. However, any licenses and warranties associated with COTS software used in the
performance of this contract shall revert to the Government in the event that the contract is
terminated while they are still in effect. These rights in no way limit the Government’s ability to
take title to any and all computers, COTS licenses, or other non-GFI equipment obtained,
purchased, leased or rented by the Contractor in execution of this contract at the end of the
Contract period of performance for the purposes of transitioning EFAST2 to another contractor.
If the Government does elect to take title to such items, the Government shall request the
Contractor to submit a responsive proposal for the unreimbursed portion of the equipment and
software items identified.

Throughout the period of the contract, the Government reserves the right for the Government or
its designee to inspect any aspect of EFAST2 including EFAST2 unlimited rights data and
facilities at the Contractor’s site. The Government also reserves the right to modify the EFAST2
contract and inspect any limited rights data or restricted software being used to perform the
EFAST2 contract.

Throughout the period of this contract, the Contractor shall not place any unauthorized restrictive
or limiting markings or labels on unlimited rights EFAST2 data contained in or derived from
Form 5500 series filings any unlimited rights in Section F, procedures, configurations, and all
EFAST2 RFP
Section H, Page 7 of 16
DOL069RP20266
other intellectual property developed under this project. The Government reserves the right to
return the marked data to the Contractor, or cancel or ignore the markings should any data
delivered to the Government be marked in a manner unauthorized by the EFAST2 contract.

The Contractor has the responsibility to obtain from its subcontractors all rights in data described
herein to satisfy the Contractor’s obligations to the Government under the EFAST2 contract.

H.7 DISPOSAL OF INFORMATION UPON COMPLETION OF USE
The Contractor shall follow all guidelines required by 26 USC 6103(p)(4)(F) to take certain
actions upon completion of use of the information to protect its confidentiality. The Contractor
certifies that the data processed during the performance of this contract shall be completely
purged from all data storage components of his/her facility, and no output will be retained by the
Contractor at the time the work under the contract is completed. If immediate purging of all data
storage components is not possible, the Contractor certifies that any Form 5500 series data
remaining in any storage component will be safeguarded to prevent unauthorized disclosure until
a purge of the data can be conducted.

H.8 INSURANCE
The EFAST2 Contract is composed of a Cost Plus Award Fee (CPAF) component for Base
Period, and a Firm Fixed Price (FFP) component for EFAST2 operations. Beginning at Contract
award, the Contractor shall assume all risk and liabilities involved with performing the work of
the EFAST2 Contract, and shall maintain at least a minimum amount of insurance throughout the
EFAST2 Contract period of performance. As a minimum, the Contractor shall maintain the
following insurance during the life of this contract:

(1) Worker’s compensation and employer’s liability. The Contractor is required to
comply with applicable Federal and State worker’s compensation and occupational disease
statutes. If occupational diseases are not compensable under those statutes, they shall be covered
under the employer’s liability section of the insurance policy, except when contract operations
are so commingled with a Contractor’s commercial operations that it would not be practical to
require this coverage. Employer’s liability coverage of at least $100,000 shall be required,
except in States with exclusive or monopolistic funds that do not permit worker’s compensation
to be written by private carriers.

(2) General Liability. The Contractor shall provide bodily injury liability insurance coverage
written on the comprehensive form of policy of at least $500,000 per occurrence.

(3) Automobile Liability. The Contractor shall provide automobile liability insurance
written on the comprehensive form of policy. The policy shall provide for bodily injury and
property damage liability covering the operation of all automobiles used in connection with
performing the contract. Policies covering automobiles operated in the United States shall
provide coverage of at least $200,000 per person and $500,000 per occurrence for bodily injury
and $20,000 per occurrence for property damage.

(4) Aircraft public and passenger liability. The Contractor shall provide aircraft public and
EFAST2 RFP
Section H, Page 8 of 16
DOL069RP20266
passenger liability insurance of at least $200,000 per person and $500,000 per occurrence for
bodily injury, other than passenger liability, and $200,000 per occurrence for property damage.
The Contractor shall also provide passenger liability coverage at least $200,000 multiplied by the
number of seats or passengers, whichever is greater.

H.9 ORGANIZATIONAL CONFLICTS OF INTEREST
The Employee Retirement Income Security Act (ERISA) of 1974 requires employee benefit
plans to file information each year on Form 5500 returns/reports. These returns/reports must be
submitted in accordance with ERISA and in some cases verified by financial experts in order to
be considered complete and accurate. Given the potential prevalence of employee benefit
consulting services and firms that prepare, verify and submit Form 5500 returns/reports to
EFAST2, the firms that develop and operate EFAST2 must have absolutely no interest in
preparing returns/reports prior to submission to EFAST2. If the Prime Contractor had interest in
preparing Form 5500 returns/reports in addition to operating EFAST2, the Contractor may have
the ability or incentive to submit inaccurate or untimely Form 5500 returns/reports. This conflict
would seriously jeopardize the security, timeliness and accuracy of the EFAST2 data, and hinder
the Government’s ability to fulfill its statutory and regulatory obligations under ERISA.

Therefore, in accordance with FAR 9.507-1, persons and organizations in the business of
preparing Form 5500 returns/reports, providing employee benefit consulting services, or
occupying a fiduciary position for any employee benefit plan are precluded from being the Prime
Contractor. Until the data contained in or derived from the Form 5500 series returns/reports are
made public by the Government, such data are confidential. While the data are confidential, no
such person or business organization may have access to the data. If a person or organization in
such business is proposed as a subcontractor, the Contractor shall present assurances that such
persons or organizations shall not have access to EFAST2 or data. The Contractor shall present
procedures and safeguards for ensuring such persons or organizations do not have access to
EFAST2 data. These terms shall last throughout the Contract period of performance, and shall
not be subject to negotiation.

H.10 ENGINEERING CHANGES
(a) After contract award, the Government may solicit, and the Contractor is encouraged to
propose independently, engineering changes to system components. These changes may be
proposed to save money, to improve performance, to save energy, or to satisfy increased data
processing requirements. If the proposed changes are acceptable to both parties, the Contractor
shall submit a price change proposal to the Government for evaluation. Those proposed
engineering changes that are acceptable to the Government will be processed as modifications to
the contract.

(b) Proposed new technologies shall have the following characteristics:

1. The advantage to the Government must be a real improvement in productivity of processing,
accuracy of processing, and/or personnel performance;

2. Addition of a component, or replacement of an existing component to the system, can have
EFAST2 RFP
Section H, Page 9 of 16
DOL069RP20266
no disruptive affect on performance or on the regular daily activity of the system;

3. Any training of personnel resulting from the new component can have no disruptive effect;

4. The component shall conform to the standards of compatibility and inter-operability required
from all original system components, and to all the contractual requirements including, but
not limited to, performance standards, maintenance, operation, documentation, and
compliance with industry standards;

5. The proposal for the upgrade shall contain, at a minimum, clear justifications and proofs for
items (a) through (d), and a management/installation/training plan designed to implement the
upgrade;

6. The components shall be priced and offered in keeping with the provisions of this contract,
and presented to the Contracting Officer and the COTR.

(c) At a minimum, the following information shall be submitted by the Contractor with each
proposal:

1. A description of the difference between the existing contract requirement and the
proposed change, and the comparative advantages and disadvantages of each;

2. Itemized requirements of the contract which must be changed if the proposal is
adopted, and the proposed revision to the contract for each such changes;

3. An estimate of the changes in performance and cost, if any, that will result from
adoption of the proposal;

4. An evaluation of the effects the proposed change would have on collateral costs to the
Government, such as Government-furnished property costs, costs of related items, and
costs of maintenance and operation; and

5. A statement of the time by which the change order adopting the proposal must be
issued so as to obtain the maximum benefits of the changes during the remainder of
this contract. Also, any effect on the contract completion time or delivery schedule
shall be identified.

(d) The Government shall not be liable for proposal preparation costs or any delay in
acting upon any proposal submitted pursuant to this clause. The Contractor has the right to
withdraw, in whole or in part, any engineering change proposal not accepted by the Government
within the period specified in the engineering change proposal. The decision of the Contracting
Officer as to the acceptance of any such proposal under this contract shall be final and shall not
be subject to the "Disputes" clause of this contract.

(e) The Contracting Officer may accept any engineering change proposal submitted
pursuant to this clause by giving the Contractor written notice thereof. This written notice shall
be given by issuance of a modification to this contract. Unless and until a modification is
EFAST2 RFP
Section H, Page 10 of 16
DOL069RP20266
executed to incorporate an engineering change proposal under this contract, the Contractor shall
remain obligated to perform in accordance with the terms of the existing contract.

(f) If an engineering change proposal submitted pursuant to this clause is accepted and
applied to this contract, an equitable adjustment in the contract price and in any other affected
provisions of this contract shall be made in accordance with this clause and other applicable
clauses of this contract. When the cost of performance of this contract is increased or decreased
as a result of the change, the equitable adjustment increasing or decreasing the contract price
shall be in accordance with the "Changes" clause and this section of the contract rather than
under this clause, but the resulting contract modification shall state that it is made pursuant to
this clause.

(g) The Contractor is requested to identify specifically any information contained in the
engineering change proposal which the Contractor considers confidential and/or proprietary and
which the Contractor prefers not be disclosed to the public. The identification of information as
confidential and/or proprietary is for information purposes only and shall not be binding on the
Government to prevent disclosure of such information. Offerors are advised that such
information may be subject to release upon request pursuant to the Freedom of Information Act.
(5 U.S.C. 552).

H.11 RENEWAL OPTIONS
At the end of the each contract period, the Government reserves the right to accelerate or delay
the exercise of option periods for up to 90 days prior to or following the anticipated award dates.

The anticipated award date for Option Period I (1
st
Component) is August 1, 2008.

The anticipated award date for Option Period I (2
nd
Component) is January 1, 2009.

The anticipated award date for Option Period II is July 1, 2009.

The anticipated award date for Option Period III is July 1, 2010.

The anticipated award date for Option Period IV is July 1, 2011.

The anticipated award date for Option Period V is July 1, 2012.

The anticipated award date for Option Period VI is July 1, 2013.

The anticipated award date for Option Period VII is July 1, 2014.

The anticipated award date for Option Period VIII is July 1, 2015

The anticipated award date for Option Period IX is July 1, 2016.

The anticipated award date for Option Period X is July 1, 2017.

EFAST2 RFP
Section H, Page 11 of 16
DOL069RP20266
The anticipated award date for Option Period XI is July 1, 2018.

H.12 DEFECT, DEFICIENCY, AND WARRANTY
The Contractor shall certify and warrant that all services and deliverables provided under this
Contract meet the requirements and performance standards of this Contract. The Contractor shall
follow the certification, warranty, and defect/deficiency remediation requirements specified
below, and as defined in Attachment M.

H.12.1 Base Period and Option Period I (1st Component)
The Base Period will be structured into three distinct components, which combined reflect the
required 21-month Base Period of Performance for Development and Scale up of EFAST2.
During this period, the Government will conduct a series of two Functional Capability Tests
(FCTs) of the Contractor’s prototype/scale up systems and a final Systems Acceptance Test
(SAT) of the production system prior to granting official Authority to Operate (ATO) the Firm
Fixed Price (FFP) EFAST2 operations.

The Option Period I (1st Component) will be a 6 month period during which the Contractor shall
conduct advance, preprocessing activities necessary to prepare for system startup. Option Period I
(1st Component) will be a Cost Plus Fixed Fee contract period that occurs concurrently with the
last 6 months of the Base Period.

At the conclusion of Base Period, and prior to commencement of Option Period I (2nd
Component), the Contractor shall correct all system defects and deficiencies identified by the
Government in its FCTs and/or SAT. If the Contractor cannot demonstrate the ability to correct
system defects and deficiencies by the end of the Government’s review of FCT2, or provide an
acceptable remediation plan within 30 days of the Government’s review of FCT2, the
Government has the right to terminate for default. For the purpose of this contract, a defect shall
be defined as a critical nonconformance that is likely to prevent performance of a vital agency
mission under EFAST2; a deficiency shall be defined as a major or minor nonconformance that
reduce the usability of EFAST2 supplies or services for their intended purpose, as specified in
Attachment M. Defects and deficiencies must be recorded in the CM reporting system as Error
Reports (ERs) as specified in Section C.25.

H.12.2 Option Period I (2nd Component) Certification and Warranty
At the conclusion of Option Period I of this Contract, and prior to Government exercise of
Option Period II, the Contractor shall certify and warrant, in writing, the security and operational
readiness of EFAST2, as specified in Contract Sections C.20, C.21, Section F, and other relevant
Contract sections. The timing of this certification is to allow the Contractor sufficient time to
perform system shakeout activities subsequent to system startup, and to remedy any remaining
defects or deficiencies in any of the system components or services. For all future option periods,
this certification will be required prior to system rollover on January 1
st
of each year, rather than
at the end of the option period. The Contractor’s certification and warranty shall serve as the
Contractor’s official notification to the Government that the system is secure, free of defects and
EFAST2 RFP
Section H, Page 12 of 16
DOL069RP20266
deficiencies, and is operationally ready to produce all required system functionality, deliverables,
and services required under Option Period II of the Contract. The Contractor shall submit the
following certification and warranty:

[Insert name of Contractor] certifies, and warrants that the system is secure and
operates according to the requirements and performance standards specified in
this Contract. Should any defects or deficiencies be discovered prior to Processing
Year 2010 system rollover, either by the Government or [Insert name of
Contractor], the [Insert name of Contractor] shall correct those defects or
deficiencies, reprocess, and redeliver defective or deficient deliverables at no
additional cost to the Government.

In the event a defect or deficiency is discovered after the Contractor’s certification is delivered to
the Government, the Contractor shall immediately notify the Government. Should the
Government discover a defect or deficiency, the Government shall notify the Contractor of that
defect or deficiency in writing within 14 days of first discovery, per FAR 52.246-20. Regardless
of the discovering party, any identified defects or deficiencies shall be corrected by the
Contractor within 90 calendar days of discovery or according to a Government approved
corrective action plan schedule, which the Contractor shall furnish at the Government’s request
within 30 days of defect/deficiency discovery. Regardless of the corrective action, the Contractor
shall correct any and all identified defect(s) and deficiencies at no additional cost to the
Government. All defects and deficiencies shall be recorded in the CM reporting system as Error
Reports (ERs) as specified in Section C.25. The Contractor shall also furnish the Government
with all data and reports applicable to the correction, including revision and updating of all other
affected data called for under the contract.

If required, the Contractor’s corrective action plan shall clearly state the known system defects
and deficiencies, or any other services or deliverables that are not in compliance with the
requirements and performance standards in this Contract. The Contractor shall specifically
identify system components, functionality, processes and performance requirements that are
affected by the defect(s) or deficiencies. The Contractor shall specify and commit to a remedial
course of action to correct each defect and deficiency, including planned resource expenditures to
correct the defect or deficiency, timeline for correction, interim mitigation actions, and a
commitment to providing full service by a specified date.

The Government will base its decision to exercise Option Period II of the Contract on a review of
the Contractor’s performance, including its ability to comply with the terms of this contract as
well as its ability to timely submit and implement a corrective action plan.

H.12.3 Option Period II-XI Certification and Warranty

At the conclusion of each processing year in Option Periods II-XI of this Contract, and prior to
implementing the rollover system for processing the next plan year forms, the Contractor shall
certify and warrant, in writing, the security and operational readiness of the rollover system, as
specified in Contract Sections C.20, C.21, Section F, and other relevant Contract sections. The
Contractor’s certification and warranty shall serve as the Contractor’s official notification to the
Government that the system is secure, free of defects and deficiencies, and is operationally ready
EFAST2 RFP
Section H, Page 13 of 16
DOL069RP20266
to produce all required system functionality, deliverables, and services required under the
subsequent processing year. The Contractor shall clearly state, certify, and warrant that the
system is secure and operates according to the requirements and performance standards specified
in this Contract. The Contractor shall clearly state that, should any defects or deficiencies be
discovered prior to the subsequent processing year system rollover, either by the Government or
the Contractor, the Contractor shall correct those defects or deficiencies, reprocess, and redeliver
defective or deficient deliverables at no additional cost to the Government.

In the event a defect or deficiency is discovered after the Contractor’s certification is delivered to
the Government, the Contractor shall immediately notify the Government. Should the
Government discover a defect or deficiency, the Government shall notify the Contractor of that
defect or deficiency in writing within 14 days of first discovery, per FAR 52.246-20. Regardless
of the discovering party, any identified defects or deficiencies shall be corrected by the
Contractor within 90 calendar days of discovery or according to a Government approved
corrective action plan schedule, which the Contractor shall furnish at the Government’s request
within 30 days of defect or deficiency discovery. Regardless of the corrective action, the
Contractor shall correct any and all identified defect(s) and deficiencies at no additional cost to
the Government. All defects and deficiencies shall be recorded in the CM reporting system as
Error Reports (ERs) as specified in Section C.25. The Contractor shall also furnish the
Government with all data and reports applicable to the correction, including revision and
updating of all other affected data called for under the contract.

If required, the Contractor’s corrective action plan shall clearly state the known system defects
and deficiencies, or any other services or deliverables that are not in compliance with the
requirements and performance standards in this Contract. The Contractor shall specifically
identify system components, functionality, processes and performance requirements that are
affected by the defect(s) or deficiencies. The Contractor shall specify and commit to a remedial
course of action to correct each defect or deficiency, including planned resource expenditures to
correct the defect or deficiency, timeline for correction, interim mitigation actions, and a
commitment to providing full service by a specified date.

The Government will base its decision to approve of the rollover system in Option Periods II-XI
of the Contract on a review of the Contractor’s certification, warranty, and corrective action plan,
if applicable.

H.12.4 Transition Warranty
At the conclusion of each option period , the Contractor shall certify and warrant, in writing, that
EFAST2 software and documentation shall be sufficient to enable the Government to transition
EFAST2 to full, independent implementation and operation by the Government or by another
Contractor within thirty (30) calendar days of the termination of this contract.

In the event a defect or deficiency is discovered in the identified documentation or software after
the Contractor’s certification is delivered to the Government, the Contractor shall immediately
notify the Government. Should the Government discover a defect or deficiency, the Government
shall notify the Contractor of that defect or deficiency in writing within 7 days of first discovery.
EFAST2 RFP
Section H, Page 14 of 16
DOL069RP20266
Regardless of the discovering party, any identified defects or deficiencies shall be corrected by
the Contractor within 30 calendar days of discovery or according to a Government approved
corrective action plan schedule, which the Contractor shall furnish at the Government’s request
within 14 days of defect or deficiency discovery. Regardless of the corrective action, the
Contractor shall correct any and all identified defect(s) and deficiencies at no additional cost to
the Government.

The warranties and guaranties associated with any COTS software used in the performance of
this contract shall revert to the Government in the event that they are in effect at the termination
of this contract.

H.13 CITIZENSHIP
All contractor employees shall be U.S. citizens or permanent residents.



EFAST2 RFP
Section H, Page 15 of 16
DOL069RP20266





This Page is Intentionally Left Blank
EFAST2 RFP
Section H, Page 16 of 16
DOL069RP20266












EFAST2 RFP
Section I
Contract Clauses
EFAST2 RFP
Section I, Page 1 of 18
DOL069RP20266





This Page is Intentionally Left Blank
EFAST2 RFP
Section I, Page 2 of 18
DOL069RP20266
PART II - CONTRACT CLAUSES
SECTION I - CONTRACT CLAUSES
Section I of this RFP is based on the CPAF/FFP contract structure presented in Section B of this
RFP. However, should the Government elect to change the contract structure for the final RFP,
the Government will reformulate the Section I contract clauses to match the final contract
structure.

I.1 NOTICE OF HYBRID CONTRACT

This is a FFP/CPAF type contract.

See the listing below for applicable contract types:

FFP = Firm Fixed Price
FP-E = Fixed Price with Economic Price Adjustment
FP-I = Fixed Price Incentive
FP-P = Fixed Price Redetermination-Propspective
FP-R = Fixed Price Redetermination-Retroactive
FFP-L = Firm Fixed Price, Level of Effort Term
LH = Labor Hour
TM = Time and Material
CPAF = Cost Plus Award Fee Completion
CPAF-T = Term
CPIF = Cost Plus Incentive Fee Completion;
CPIF-T = Term
CR = Cost Reimbursement (No Fee) Completion;
CR-T = Term
CS = Cost Sharing Completion;
CS-T = Term
TM = Time and Materials

When applicable, the following symbols will appear in the column marked “SC” for
applicable clauses and provisions through out this document.

$ = applicable to FIXED-PRICE line items only.

@ = applicable to COST-REIMBURSEMENT line items only.

& = applicable to TIME-&-MATERIAL/LABOR-HOUR line items only .

I.2.a Clauses Applying to Cost Plus Sections of the Contract- Incorporated by Reference

The following contract clauses pertinent to this section are hereby incorporated by
reference (by Citation Number, Title, and Date) in accordance with the clause at FAR "52.252-2
EFAST2 RFP
Section I, Page 3 of 18
DOL069RP20266
CLAUSES INCORPORATED BY REFERENCE" in Section I of this contract. See FAR
52.252-2 for an internet address (if specified) for electronic access to the full text of a clause.



FAR SECTION SC DESCRIPTION DATE
52.216-07 @ ALLOWABLE COST AND PAYMENT Dec-02
52.216-11 @ COST CONTRACT -- NO FEE Apr-84
52.232-22 @ LIMITATION OF FUNDS Apr-84
52.242-03 @ PENALTIES FOR UNALLOWABLE COSTS May-01
52.242-04 @ CERTIFICATION OF FINAL INDIRECT COSTS Jan-97
52.243-02 @ CHARGES – COST REIMBURSEMENT ALTERNATE I (APR 1984) Aug-87
52.244-02A @ SUBCONTRACTS ALTERNATE I (JAN 2006 Jan-06
52.249-06 @ TERMINATION (COST REIMBURSEMENT) May-04


I.2.b Clauses Applying to Firm Fixed Price Sections of the Contract - Incorporated by
Reference

The following contract clauses pertinent to this section are hereby incorporated by reference
(by Citation Number, Title, and Date) in accordance with the clause at FAR "52.252-2
CLAUSES INCORPORATED BY REFERENCE" in Section I of this contract. See FAR
52.252-2 for an internet address (if specified) for electronic access to the full text of a clause.

FAR SECTION SC DESCRIPTION DATE
52.217-02 $ CANCELLATION UNDER MULTI-YEAR CONTRACTS Oct-97
52.227-01 $ AUTHORIZATION AND CONSENT Jul-95
52.227-09 $ REFUND OF ROYALTIES Apr-84
52.228-05 $ INSURANCE – WORK ON A GOVERNMENT INSTALLATION Jan-97
52.229-03 $ FEDERAL, STATE, AND LOCAL TAXES Apr-03
52.232-08 $ DISCOUNTS FOR PROMPT PAYMENT Feb-02
52.232-11 $ EXTRAS Apr-84
52.242-01 NOTICE OF INTENT TO DISALLOW COSTS Apr-84
52.243-01 $ CHANGES - FIXED PRICE - ALTERNATE I (APR 1984) Aug-87
EFAST2 RFP
Section I, Page 4 of 18
DOL069RP20266
FAR SECTION SC DESCRIPTION DATE
52.245-02 $ GOVERNMENT PROPERTY (FIXED PRICE CONTRACTS) May-04
52.245-04 $ GOVERNMENT - FURNISHED PROPERTY (SHORT FORM) Jun-03
52.245-09 $ USE AND CHARGES Aug-05
52.249-02 $
TERMINATION FOR CONVENIENCE OF THE GOVERNMENT (FIXED
PRICE)
May-04
52.249-08 $ DEFAULT (FIXED-PRICE SUPPLY AND SERVICE) Apr-84


I.2.c Clauses Applying to Entire Life Cycle of Contract - Incorporated by Reference

FAR SECTION SC DESCRIPTION DATE
52.202-01 DEFINITIONS Jul-04
52.203-03 GRATUITIES Apr-84
52.203-05 COVENANT AGAINST CONTINGENT FEES Apr-84
52.203-06 RESTRICTIONS ON SUBCONTRACTOR SALES TO THE GOVERNMENT Jul-95
52.203-07 ANTI-KICKBACK PROCEDURES Jul-95
52.203-08
CANCELLATION, RECESSION AND RECOVERY OF FUNDS FOR
ILLEGAL OR IMPROPER ACTIVITY
Jan-97
52.203-10 PRICE OR FEE ADJUSTMENT FOR ILLEGAL OR IMPROPER ACTIVITY Jan-97
52.203-12
LIMITATION ON PAYMENTS TO INFLUENCE CERTAIN FEDERAL
TRANSACTIONS
Sep-05
52.204-02 SECURITY REQUIREMENTS Aug-96
52.204-04 PRINTING/COPYING DOUBLE-SIDED ON RECYCLED PAPER Aug-00
52.204-07 CENTRAL CONTRACTOR REGISTRATION (OCT 2003) Oct-03
52.204-09
PERSONAL IDENTITY VERIFICATION OF CONTRACTOR PERSONNEL
(JAN 2006)
Jan-06
EFAST2 RFP
Section I, Page 5 of 18
DOL069RP20266
FAR SECTION SC DESCRIPTION DATE
52.209-06
PROTECTING THE GOVERNMENT’S INTEREST WHEN
SUBCONTRACTING WITH CONTRACTORS DEBARRED, SUSPENDED,
OR PROPOSED FOR DEBARMENT
Jan-05
52.215-01 INSTRUCTIONS TO OFFERORS Jan-04
52.215-02 AUDIT AND RECORDS--NEGOTIATION Jun-99
52.215-08 ORDER OF PRECEDENCE - UNIFORM CONTRACT FORMAT Oct-97
52.215-10 PRICE REDUCTION FOR DEFECTIVE COST OR PRICING DATA Oct-97
52.215-11
PRICE REDUCTION FOR DEFECTIVE COST OR PRICING DATA –
MODIFICATIONS
Oct-97
52.215-12 SUBCONTRACTOR COST OR PRICING DATA Oct-97
52.215-13 SUBCONTRACTOR COST OR PRICING DATA – MODIFICATIONS Oct-97
52.215-14 INTEGRITY OF UNIT PRICES Oct-97
52.215-15 PENSION ADJUSTMENTS AND ASSET REVERSIONS Jan-04
52.215-16 FACILITIES CAPITAL COST OF MONEY Jun-03
52.215-18
REVERSION OR ADJUSTMENT OF PLANS FOR POSTRETIREMENT
BENEFITS OTHER THAN PENSIONS (PRB)
Jul-05
52.217-08 OPTION TO EXTEND SERVICES Nov-99
52.219-04
NOTICE OF PRICE EVALUATION PREFERENCE FOR HUBZONE SMALL
BUSINESS CONCERNS
Jul-05
52.219-08 UTILIZATION OF SMALL BUSINESS CONCERNS May-04
52.219-09
SMALL BUSINESS SUBCONTRACTING PLAN ALTERNATE II (OCT
2001)
Jul-05
52.219-16 LIQUIDATED DAMAGES--SMALL BUSINESS SUBCONTRACTING PLAN Jan-99
52.219-25
SMALL DISADVANTAGED BUSINESS PARTICIPATION PROGRAM --
DISADVANTAGED STATUS AND REPORTING
Oct-99
52.222-01 NOTICE TO THE GOVERNMENT OF LABOR DISPUTES Feb-97
52.222-03 CONVICT LABOR Jun-03
52.222-04 CONTRACT WORK HOURS AND SAFETY STANDARDS ACT-OVERTIME
COMPENSATION
Jul-05
EFAST2 RFP
Section I, Page 6 of 18
DOL069RP20266
FAR SECTION SC DESCRIPTION DATE
52.222-21 PROHIBITION OF SEGREGATED FACILITIES Feb-99
52.222-24 PREAWARD ON-SITE EQUAL OPPORTUNITY COMPLIANCE REVIEW Feb-99
52.222-26 EQUAL OPPORTUNITY Apr-02
52.222-35
EQUAL OPPORTUNITY FOR SPECIAL DISABLED VETERANS,
VETERANS OF THE VIETNAM ERA, AND OTHER ELIGIBLE VETERANS
Dec-01
52.222-36 AFFIRMATIVE ACTION FOR WORKERS WITH DISABILITIES Jun-98
52.222-37
EMPLOYMENT REPORTS ON SPECIAL DISABLED VETERANS,
VETERANS OF THE VIETNAM ERA, AND OTHER ELIGIBLE VETERANS
Dec-01
52.223-06 DRUG-FREE WORKPLACE May-01
52.223-14 TOXIC CHEMICAL RELEASE REPORTING Aug-03
52.224-01 PRIVACY ACT NOTIFICATION Apr-84
52.224-02 PRIVACY ACT Apr-84
52.225-01 BUY AMERICAN ACT--SUPPLIES Jun-03
52.225-13 RESTRICTIONS ON CERTAIN FOREIGN PURCHASES Feb-06
52.227-14 RIGHTS IN DATA - GENERAL Jun-87
52.227-21
TECHNICAL DATA DECLARATION, REVISION, AND WITHHOLDING OF
PAYMENT - MAJOR SYSTEM
Jan-97
52.227-22 MAJOR SYSTEM - MINIMUM RIGHTS Jun-87
52.227-23 RIGHT TO PRPOSAL DATA (TECHNICAL) Jun-87
52.230-02 COST ACCOUNTING STANDARDS Apr-98
52.230-03 DISCLOSURE AND CONSISTENCY OF COST ACCOUNTING PRACTICES Apr-98
52.230-04 CONSISTENCY IN COST ACCOUNTING PRACTICES Aug-92
52.230-06 ADMINISTRATION OF COST ACCOUNTING STANDARDS Apr-05
52.232-09 LIMITATION ON WITHHOLDING OF PAYMENTS Apr-84
52.232-17 INTEREST Jun-96
52.232-18 AVAILABILITY OF FUNDS Apr-84
EFAST2 RFP
Section I, Page 7 of 18
DOL069RP20266
FAR SECTION SC DESCRIPTION DATE
52.232-23 ASSIGNMENT OF CLAIMS Jan-86
52.232-25 PROMPT PAYMENT Oct-03
52.232-33
PAYMENT BY ELECTRONIC FUNDS TRANSFER — CENTRAL
CONTRACTOR REGISTRATION
Oct-03
52.232-34
PAYMENT BY ELECTRONIC FUNDS TRANSFER-- OTHER THAN
CENTRAL CONTRACTOR REGISTRATION
May-99
52.232-37 MULTIPLE PAYMENT ARRANGEMENTS May-99
52.233-03 PROTEST AFTER AWARD Aug-96
52.233-04 APPLICABLE LAW FOR BREACH OF CONTRACT CLAIM Oct-04
52.237-03 CONTINUITY OF SERVICES Jan-91
52.239-01 PRIVACY OR SECURITY SAFEGUARDS Aug-96
52.242-01 NOTICE OF INTENT TO DISALLOW COSTS Apr-84
52.242-13 BANKRUPTCY Jul-95
52.243-07 NOTIFICATION OF CHANGES Apr-84
52.244-02 SUBCONTRACTS Aug-98
52.244-05 COMPETITION IN SUBCONTRACTING Dec-96
52.244-06
SUBCONTRACTS FOR COMMERCIAL ITEMS AND COMMERCIAL
COMPONENTS
Feb-06
52.245-01 PROPERTY RECORDS Apr-84
52.245-19 GOVERNMENT PROPERTY FURNISHED “AS IS” Apr-84
52.248-01 VALUE ENGINEERING Feb-00
52.253-01 COMPUTER GENERATED FORMS Jan-91

I.3 52.215-19 NOTIFICATION OF OWNERSHIP CHANGES (OCT 1997)
As prescribed in 15.408(k), insert the following clause:
Notification of Ownership Changes (Oct 1997)
EFAST2 RFP
Section I, Page 8 of 18
DOL069RP20266
(a) The Contractor shall make the following notifications in writing:
(1) When the Contractor becomes aware that a change in its ownership has occurred, or is certain
to occur, that could result in changes in the valuation of its capitalized assets in the accounting
records, the Contractor shall notify the Administrative Contracting Officer (ACO) within
30 days.
(2) The Contractor shall also notify the ACO within 30 days whenever changes to asset
valuations or any other cost changes have occurred or are certain to occur as a result of a change
in ownership.
(b) The Contractor shall—
(1) Maintain current, accurate, and complete inventory records of assets and their costs;
(2) Provide the ACO or designated representative ready access to the records upon request;
(3) Ensure that all individual and grouped assets, their capitalized values, accumulated
depreciation or amortization, and remaining useful lives are identified accurately before and after
each of the Contractor’s ownership changes; and
(4) Retain and continue to maintain depreciation and amortization schedules based on the asset
records maintained before each Contractor ownership change.
(c) The Contractor shall include the substance of this clause in all subcontracts under this
contract that meet the applicability requirement of FAR 15.408(k).

I.4 52.216-18 ORDERING (OCT 1995)

(a) Any supplies and services to be furnished under this contract shall be ordered by
issuance of delivery orders or task orders by the individuals or activities designated in the
Schedule. Such orders may be issued from Base Period through Option Period XI.

(b) All delivery orders or task orders are subject to the terms and conditions of this
contract. In the event of conflict between a delivery order or task order and this contract, the
contract shall control.

(c) If mailed, a delivery order or task order is considered "issued" when the Government
deposits the order in the mail. Orders may be issued orally, by facsimile, or by electronic
commerce methods only if authorized in the Schedule.


I.5 RESERVED


I.6 52.216-22 INDEFINITE QUANTITY (OCT 1995)

EFAST2 RFP
Section I, Page 9 of 18
DOL069RP20266
(a) This is an indefinite-quantity contract for the supplies or services specified, and
effective for the period stated, in the Schedule. The quantities of supplies and services specified
in the Schedule are estimates only and are not purchased by this contract.

(b) Delivery or performance shall be made only as authorized by orders issued in
accordance with the Ordering clause. The Contractor shall furnish to the Government, when and
if ordered, the supplies or services specified in the Schedule up to and including the quantity
designated in the Schedule as the "maximum." The Government shall order at least the quantity
of supplies or services designated in the Schedule as the "minimum."

(c) Except for any limitations on quantities in the Order Limitations clause or in the
Schedule, there is no limit on the number of orders that may be issued. The Government may
issue orders requiring delivery to multiple destinations or performance at multiple locations.

(d) Any order issued during the effective period of this contract and not completed within
that period shall be completed by the Contractor within the time specified in the order. The
contract shall govern the Contractor’s and Government’s rights and obligations with respect to
that order to the same extent as if the order were completed during the contract’s effective period.


I.7 52.227-23 RIGHTS TO PROPOSAL DATA (TECHNICAL) (JUN 1987)

Except for data contained on pages ___ , it is agreed that as a condition of award of this
contract, and notwithstanding the conditions of any notice appearing thereon, the Government
shall have unlimited rights (as defined in the "Rights in Data--General" clause contained in this
contract) in and to the technical data contained in the proposal upon which this contract is based.


I.8 52.232-19 AVAILABILITY OF FUNDS FOR THE NEXT FISCAL YEAR (APR
1984)

Funds are not presently available for performance under this contract beyond September
30, 2006. The Government’s obligation for performance of this contract beyond that date is
contingent upon the availability of appropriated funds from which payment for contract purposes
can be made. No legal liability on the part of the Government for any payment may arise for
performance under this contract beyond September 30, 2006, until funds are made available to
the Contracting Officer for performance and until the Contractor receives notice of availability,
to be confirmed in writing by the Contracting Officer.


I.9 52.232-25 PROMPT PAYMENT (OCT 2003)

Notwithstanding any other payment clause in this contract, the Government will make
invoice payments under the terms and conditions specified in this clause. The Government
considers payment as being made on the day a check is dated or the date of an electronic funds
transfer (EFT). Definitions of pertinent terms are set forth in sections 2.101, 32.001, and 32.902
of the Federal Acquisition Regulation. All days referred to in this clause are calendar days, unless
EFAST2 RFP
Section I, Page 10 of 18
DOL069RP20266
otherwise specified. (However, see paragraph (a)(4) of this clause concerning payments due on
Saturdays, Sundays, and legal holidays.)

(a) Invoice payments--

(1) Due date.

(i) Except as indicated in paragraphs (a)(2) and (c) of this clause, the due date for
making invoice payments by the designated payment office is the later of the following two
events:

(A) The 30th day after the designated billing office receives a proper invoice from the
Contractor (except as provided in paragraph (a)(1)(ii) of this clause).

(B) The 30th day after Government acceptance of supplies delivered or services
performed. For a final invoice, when the payment amount is subject to contract settlement
actions, acceptance is deemed to occur on the effective date of the contract settlement.

(ii) If the designated billing office fails to annotate the invoice with the actual date of
receipt at the time of receipt, the invoice payment due date is the 30th day after the date of the
Contractor’s invoice, provided the designated billing office receives a proper invoice and there is
no disagreement over quantity, quality, or Contractor compliance with contract requirements.

(2) Certain food products and other payments.

(i) Due dates on Contractor invoices for meat, meat food products , or fish; perishable
agricultural commodities; and dairy products, edible fats or oils, and food products prepared from
edible fats or oils are--

(A) For meat or meat food products, as defined in section 2(a)(3) of the Packers and
Stockyard Act of 1921 (7 U.S.C. 182(3)), and as further defined in Pub. L. 98-181, including any
edible fresh or frozen poultry meat, any perishable poultry meat food product, fresh eggs, and any
perishable egg product, as close as possible to, but not later than, the 7th day after product
delivery.

(B) For fresh or frozen fish, as defined in section 204(3) of the Fish and Seafood
Promotion Act of 1986 (16 U.S.C. 4003(3)), as close as possible to, but not later than, the 7th day
after product delivery.

(C) For perishable agricultural commodities, as defined in section 1(4) of the
Perishable Agricultural Commodities Act of 1930 (7 U.S.C. 499a(4)), as close as possible to, but
not later than, the 10th day after product delivery, unless another date is specified in the contract.

(D) For dairy products, as defined in section 111(e) of the Dairy Production
Stabilization Act of 1983 (7 U.S.C. 4502(e)), edible fats or oils, and food products prepared from
edible fats or oils, as close as possible to, but not later than, the 10th day after the date on which a
proper invoice has been received. Liquid milk, cheese, certain processed cheese products, butter,
yogurt, ice cream, mayonnaise, salad dressings, and other similar products, fall within this
EFAST2 RFP
Section I, Page 11 of 18
DOL069RP20266
classification. Nothing in the Act limits this classification to refrigerated products. When
questions arise regarding the proper classification of a specific product, prevailing industry
practices will be followed in specifying a contract payment due date. The burden of proof that a
classification of a specific product is, in fact, prevailing industry practice is upon the Contractor
making the representation.

(ii) If the contract does not require submission of an invoice for payment (e.g., periodic
lease payments), the due date will be as specified in the contract.

(3) Contractor’s invoice. The Contractor shall prepare and submit invoices to the
designated billing office specified in the contract. A proper invoice must include the items listed
in paragraphs (a)(3)(i) through (a)(3)(x) of this clause. If the invoice does not comply with these
requirements, the designated billing office will return it within 7 days after receipt (3 days for
meat, meat food products, or fish; 5 days for perishable agricultural commodities, dairy products,
edible fats or oils, and food products prepared from edible fats or oils), with the reasons why it is
not a proper invoice. The Government will take into account untimely notification when
computing any interest penalty owed the Contractor.

(i) Name and address of the Contractor.

(ii) Invoice date and invoice number. (The Contractor should date invoices as close as
possible to the date of the mailing or transmission.)

(iii) Contract number or other authorization for supplies delivered or services performed
(including order number and contract line item number).

(iv) Description, quantity, unit of measure, unit price, and extended price of supplies
delivered or services performed.

(v) Shipping and payment terms (e.g., shipment number and date of shipment, discount
for prompt payment terms). Bill of lading number and weight of shipment will be shown for
shipments on Government bills of lading.

(vi) Name and address of Contractor official to whom payment is to be sent (must be the
same as that in the contract or in a proper notice of assignment).

(vii) Name (where practicable), title, phone number, and mailing address of person to
notify in the event of a defective invoice.

(viii) Taxpayer Identification Number (TIN). The Contractor shall include its TIN on the
invoice only if required elsewhere in this contract.

(ix) Electronic funds transfer (EFT) banking information.

(A) The Contractor shall include EFT banking information on the invoice only if
required elsewhere in this contract.

EFAST2 RFP
Section I, Page 12 of 18
DOL069RP20266
(B) If EFT banking information is not required to be on the invoice, in order for the
invoice to be a proper invoice, the Contractor shall have submitted correct EFT banking
information in accordance with the applicable solicitation provision (e.g., 52.232- 38,
Submission of Electronic Funds Transfer Information with Offer), contract clause (e.g., 52.232-
33, Payment by Electronic Funds Transfer--Central Contractor Registration, or 52.232-34,
Payment by Electronic Funds Transfer--Other Than Central Contractor Registration), or
applicable agency procedures.

(C) EFT banking information is not required if the Government waived the
requirement to pay by EFT.

(x) Any other information or documentation required by the contract (e.g., evidence of
shipment).

(4) Interest penalty. The designated payment office will pay an interest penalty
automatically, without request from the Contractor, if payment is not made by the due date and
the conditions listed in paragraphs (a)(4)(i) through (a)(4)(iii) of this clause are met, if applicable.
However, when the due date falls on a Saturday, Sunday, or legal holiday, the designated
payment office may make payment on the following working day without incurring a late
payment interest penalty.

(i) The designated billing office received a proper invoice.

(ii) The Government processed a receiving report or other Government documentation
authorizing payment, and there was no disagreement over quantity, quality, or Contractor
compliance with any contract term or condition.

(iii) In the case of a final invoice for any balance of funds due the Contractor for
supplies delivered or services performed, the amount was not subject to further contract
settlement actions between the Government and the Contractor.

(5) Computing penalty amount. The Government will compute the interest penalty in
accordance with the Office of Management and Budget prompt payment regulations at 5 CFR
part 1315.

(i) For the sole purpose of computing an interest penalty that might be due the
Contractor, Government acceptance is deemed to occur constructively on the 7th day (unless
otherwise specified in this contract) after the Contractor delivers the supplies or performs the
services in accordance with the terms and conditions of the contract, unless there is a
disagreement over quantity, quality, or Contractor compliance with a contract provision. If actual
acceptance occurs within the constructive acceptance period, the Government will base the
determination of an interest penalty on the actual date of acceptance. The constructive acceptance
requirement does not, however, compel Government officials to accept supplies or services,
perform contract administration functions, or make payment prior to fulfilling their
responsibilities.

(ii) The prompt payment regulations at 5 CFR 1315.10(c) do not require the
Government to pay interest penalties if payment delays are due to disagreement between the
EFAST2 RFP
Section I, Page 13 of 18
DOL069RP20266
Government and the Contractor over the payment amount or other issues involving contract
compliance, or on amounts temporarily withheld or retained in accordance with the terms of the
contract. The Government and the Contractor shall resolve claims involving disputes and any
interest that may be payable in accordance with the clause at FAR 52.233-1, Disputes.

(6) Discounts for prompt payment. The designated payment office will pay an interest
penalty automatically, without request from the Contractor, if the Government takes a discount
for prompt payment improperly. The Government will calculate the interest penalty in
accordance with the prompt payment regulations at 5 CFR part 1315.

(7) Additional interest penalty.

(i) The designated payment office will pay a penalty amount, calculated in accordance
with the prompt payment regulations at 5 CFR part 1315 in addition to the interest penalty
amount only if--

(A) The Government owes an interest penalty of $1 or more;

(B) The designated payment office does not pay the interest penalty within 10 days
after the date the invoice amount is paid; and

(C) The Contractor makes a written demand to the designated payment office for
additional penalty payment, in accordance with paragraph (a)(7)(ii) of this clause, postmarked
not later than 40 days after the invoice amount is paid.

(ii)(A) The Contractor shall support written demands for additional penalty payments
with the following data. The Government will not request any additional data. The Contractor
shall--

(1) Specifically assert that late payment interest is due under a specific invoice, and
request payment of all overdue late payment interest penalty and such additional penalty as may
be required;

(2) Attach a copy of the invoice on which the unpaid late payment interest is due; and

(3) State that payment of the principal has been received, including the date of receipt.

(B) If there is no postmark or the postmark is illegible--

(1) The designated payment office that receives the demand will annotate it with the
date of receipt, provided the demand is received on or before the 40th day after payment was
made; or

(2) If the designated payment office fails to make the required annotation, the
Government will determine the demand’s validity based on the date the Contractor has placed on
the demand, provided such date is no later than the 40th day after payment was made.

EFAST2 RFP
Section I, Page 14 of 18
DOL069RP20266
(iii) The additional penalty does not apply to payments regulated by other Government
regulations (e.g., payments under utility contracts subject to tariffs and regulation).

(b) Contract financing payment. If this contract provides for contract financing, the
Government will make contract financing payments in accordance with the applicable contract
financing clause.

(c) Fast payment procedure due dates. If this contract contains the clause at 52.213-1, Fast
Payment Procedure, payments will be made within 15 days after the date of receipt of the
invoice.

(d) Overpayments. If the Contractor becomes aware of a duplicate contract financing or
invoice payment or that the Government has otherwise overpaid on a contract financing or
invoice payment, the Contractor shall immediately notify the Contracting Officer and request
instructions for disposition of the overpayment.

I.10 52.232-35 DESIGNATION OF OFFICE FOR GOVERNMENT RECEIPT OF
ELECTRONIC FUNDS TRANSFER INFORMATION (MAY 1999)

(a) As provided in paragraph (b) of the clause at 52.232-34, Payment by Electronic Funds
Transfer--Other than Central Contractor Registration, the Government has designated the office
cited in paragraph (c) of this clause as the office to receive the Contractor’s electronic funds
transfer (EFT) information, in lieu of the payment office of this contract.

(b) The Contractor shall send all EFT information, and any changes to EFT information to
the office designated in paragraph (c) of this clause. The Contractor shall not send EFT
information to the payment office, or any other office than that designated in paragraph (c). The
Government need not use any EFT information sent to any office other than that designated in
paragraph (c).

(c) Designated Office:

Name: TBD

Mailing Address: TBD




Telephone Number: TBD

Person to Contact: TBD

Electronic Address: TBD
EFAST2 RFP
Section I, Page 15 of 18
DOL069RP20266

$ I.12 52.246-20 WARRANTY OF SERVICES (MAY 2001)

(a) Definition. "Acceptance," as used in this clause, means the act of an authorized
representative of the Government by which the Government assumes for itself, or as an agent of
another, ownership of existing and identified supplies, or approves specific services, as partial or
complete performance of the contract.

(b) Notwithstanding inspection and acceptance by the Government or any provision
concerning the conclusiveness thereof, the Contractor warrants that all services performed under
this contract will, at the time of acceptance, be free from defects in workmanship and conform to
the requirements of this contract. The Contracting Officer shall give written notice of any defect
or nonconformance to the Contractor . This notice shall state either (1) that the Contractor shall
correct or reperform any defective or nonconforming services, or (2) that the Government does
not require correction or reperformance.

(c) If the Contractor is required to correct or reperform, it shall be at no cost to the
Government, and any services corrected or reperformed by the Contractor shall be subject to this
clause to the same extent as work initially performed. If the Contractor fails or refuses to correct
or reperform, the Contracting Officer may, by contract or otherwise, correct or replace with
similar services and charge to the Contractor the cost occasioned to the Government thereby, or
make an equitable adjustment in the contract price.

(d) If the Government does not require correction or reperformance, the Contracting
Officer shall make an equitable adjustment in the contract price.


I.13 52.247-67 SUBMISSION OF TRANSPORTATION DOCUMENTS FOR AUDIT
(FEB 2006)

(a) The Contractor shall submit to the address identified below, for prepayment audit,
transportation documents on which the United States will assume freight charges that were paid--

(1) By the Contractor under a cost-reimbursement contract; and

(2) By a first-tier subcontractor under a cost-reimbursement subcontract thereunder.

(b) Cost-reimbursement Contractors shall only submit for audit those bills of lading with
freight shipment charges exceeding $100. Bills under $100 shall be retained on-site by the
Contractor and made available for on-site audits. This exception only applies to freight shipment
bills and is not intended to apply to bills and invoices for any other transportation services.

(c) Contractors shall submit the above referenced transportation documents to--

@ I.14 52.234-3 NOTICE OF EARNED VALUE MANAGEMENT SYSTEM - POST
AWARD IBR (JULY 2006)
EFAST2 RFP
Section I, Page 16 of 18
DOL069RP20266

(a) The offeror shall provide documentation that the Cognizant Federal Agency has
determined that the proposed earned value management system (EVMS) complies with the
EVMS guidelines in ANSI/EIA Standard - 748 (current version at time of solicitation).

(b) If the offeror proposes to use a system that has not been determined to be in compliance
with the requirements of paragraph (a) of this provision, the offeror shall submit a comprehensive
plan for compliance with the EVMS guidelines.

(1) The plan shall—

(i) Describe the EVMS the offeror intends to use in performance of the contracts;

(ii) Distinguish between the offeror’s existing management system and modifications
proposed to meet the guidelines;

(iii) Describe the management system and its application in terms of the EVMS guidelines;

(iv) Describe the proposed procedure for administration of the guidelines, as applied to
subcontractors; and

(v) Provide documentation describing the process and results of any third-party or self-
evaluation of the system’s compliance with the EVMS guidelines.

(2) The offeror shall provide information and assistance as required by the Contracting
Officer to support review of the plan.

(3) The Government will review and approve the offeror’s plan for an EVMS before
contract award.

(4) The offeror’s EVMS plan must provide milestones that indicate when the offeror
anticipates that the EVM system will be compliant with the ANSI/EIA Standard -748 guidelines.

(c) Offerors shall identify the major subcontractors, or major subcontracted effort if major
subcontractors have not been selected, planned for application of the guidelines. The prime
Contractor and the Government shall agree to subcontractors selected for application of the
EVMS guidelines.

@ I. 15 52.234-4 EARNED VALUE MANAGEMENT SYSTEM (JULY 2006)

(a) The Contractor shall use an earned value management system (EVMS) that has been
determined by the Cognizant Federal Agency (CFA) to be compliant with the guidelines in
ANSI/EIA Standard - 748 (current version at the time of award) to manage this contract. If the
Contractor’s current EVMS has not been determined compliant at the time of award, see
paragraph (b) of this clause. The Contractor shall submit reports in accordance with the
requirements of this contract.

EFAST2 RFP
Section I, Page 17 of 18
DOL069RP20266
(b) If, at the time of award, the Contractor’s EVM System has not been determined by the
CFA as complying with EVMS guidelines or the Contractor does not have an existing
cost/schedule control system that is compliant with the guidelines in ANSI/EIA Standard - 748
(current version at time of award), the Contractor shall—

(1) Apply the current system to the contract; and

(2) Take necessary actions to meet the milestones in the Contractor’s EVMS plan approved
by the Contracting Officer.

(c) The Government will conduct an Integrated Baseline Review (IBR). If a pre-award IBR
has not been conducted, a post award IBR shall be conducted as early as practicable after contract
award.
(d) The Contracting Officer may require an IBR at—

(1) Exercise of significant options; or

(2) Incorporation of major modifications.

(e) Unless a waiver is granted by the CFA, Contractor proposed EVMS changes require
approval of the CFA prior to implementation. The CFA will advise the Contractor of the
acceptability of such changes within 30 calendar days after receipt of the notice of proposed
changes from the Contractor. If the advance approval requirements are waived by the CFA, the
Contractor shall disclose EVMS changes to the CFA at least 14 calendar days prior to the
effective date of implementation.

(f) The Contractor shall provide access to all pertinent records and data requested by the
Contracting Officer or a duly authorized representative as necessary to permit Government
surveillance to ensure that the EVMS conforms, and continues to conform, with the performance
criteria referenced in paragraph (a) of this clause.

(g) The Contractor shall require the subcontractors specified below to comply with the
requirements of this clause: [Insert list of applicable subcontractors.]

I.16 52.252-2 CLAUSES INCORPORATED BY REFERENCE (FEB 1998)

This contract incorporates one or more clauses by reference, with the same force and effect
as if they were given in full text. Upon request, the Contracting Officer will make their full text
available. Also, the full text of a clause may be accessed electronically at this/ address:
http://www.arnet.gov/far/


EFAST2 RFP
Section I, Page 18 of 18
DOL069RP20266













EFAST2 RFP
Section J
List of Attachments


EFAST2 RFP
Section J, Page 1 of 4
DOL069RP20266





This Page is Intentionally Left Blank
EFAST2 RFP
Section J, Page 2 of 4
DOL069RP20266

PART III - LIST OF DOCUMENTS, EXHIBITS, AND OTHER ATTACHMENTS
SECTION J – LIST OF ATTACHMENTS



Attachment A: Return Processing Volumes for Processing Years 2002, 2003, and 2004

Attachment B: Requirements Traceability Matrix

Attachment C: Edit Test Failure Rates for Processing Y