Professional Documents
Culture Documents
Notes
Use this template to create a robust RFP to determine the best Digital
Workspace solution for your needs.
Choose the tabs and questions you want or use as-is.
Add and modify questions to meet your IT and business needs.
Supplier Profile
Compliance
# Question (Y, N, N/A)
1 Legal Company Name
2 Company Address
3 General Description of your Company
4 Years in business
5 Specify your revenue for the past 3 years
6 Provide a minimum 3 years of Company Financial Information
7 Report any significant mergers/acquisitions over the last 5 years
8 Do you have any Fortune 500 companies as your clients?
9 What percentage of your annual revenue would this contract represent?
Response
Solution Overview
Compliance
# Question (Y, N, N/A)
1 How does the solution address employee experience?
2 Does the solution aggregate content, data, apps, desktops, and identity?
3 How does the solution provide guidance & assistance?
Does the solution provide easy-to-use pre-built microapps and allow you to
4 build microapps?
5 Does the solution provide an omnichannel experiences?
Solution Benefits
6 How does the solution organize information?
7 How does the solution guide workflows?
8 How does the solution automate work?
9 Does the solution improve business agility?
10 Does the solution modernize IT?
11 How does your solution compare to other work platforms?
How does your solution compare to workstream collaboration solutions like
12 Microsoft Teams, Facebook, Slack?
How often are product upgrades and patches made to your current
13 platform?
Architecture
14 Do you provide the solution as a service?
15 Do you host the solution?
Compliance
# Question (Y, N, N/A)
User experience
Is your solution a leader in the market for application and
1 desktop virtualization?
Does your solution work across various platforms and devices
2 with superior end user experience?
Does your solution provide a consistent user experience across
3 different device types and platforms?
Does your solution support dynamic moving from one end-
4 point device to another without losing user’s current state?
Compliance
# Question (Y, N, N/A)
Mobile Device Management
Is your solution a leader in the market for Unified Endpoint
1 Management?
What features does your product have that allows for distinction
2 between company-owned devices and BYOD devices?
Does your solution allow for the integration of platform level
3 MAM integration?
Does your solution support other devices such as laptops, Surface
4 Tablets, and BYOD laptops?
Can your solution distribute and manage apps to devices that are
managed by other EMM suites or that have no EMM device
31 management profiles installed?
Does your solution allow admins to create policies for application
32 access that are network-aware?
Does your solution provide SDKs for MAM specific features for in-
33 house applications?
Does your solution provide integration with Office 365 and
34 Microsoft Endpoint Manager?
Security Management
Is the container NIST Federal Information Processing Standard
35 (FIPS) 140-2 validated?
36 Can the solution force encryption of all data at rest on the device?
Can the solution limit "open in" functionality for apps in the
37 container?
38 Can the solution limit pasting content outside the container?
Can the solution limit "save as" functionality for apps in the
39 container?
40 Can the solution block screen shots?
41 Can the solution block printing?
Compliance
# Question (Y, N, N/A)
1 Does the solution provide a mechanism to securely receive files?
What access restrictions can be placed on shared links (e.g.
2 authentication)?
What content restrictions can be placed on shared links (e.g. expiration or
3 view only)?
4 Can the solution add (dynamic) watermarks on shared content?
5 Do external users contribute to the license count?
Can the solution share content from external data repositories (e.g.,
6 network shares)?
7 Does the solution provide a mobile client with content viewer?
8 Does the solution provide a mobile client with built-in content editor?
Does the solution provide a mobile client that supports external content
9 editors such as Microsoft Office 365?
Is there a plug-in available for Microsoft Outlook to replace attachments
10 with secure links?
Does the solution provide a plug-in for Google Mail (e.g. to replace
11 attachments with secure links)?
Workforce productivity: Lightweight workflows
12 Does the solution provide lightweight workflows?
Are lightweight workflows accessible via the native file system (e.g. in
13 Windows Explorer or macOS Finder)?
14 Are lightweight workflows accessible via Microsoft Outlook?
Does the solution include the ability to request and execute electronic
15 signatures?
Does the solution provide no code workflows to digitize business
16 processes?
Infrastructure modernization: Connecting hybrid cloud storage
repositories
17 Does the solution provide cloud hosted storage?
18 Does the solution provide unlimited cloud hosted storage?
23 Does the solution provide check-in and check-out for network file shares?
24 Does the solution provide (free) tooling for data migration?
Does the solution provide immediate time to value or does it require a
25 data migration?
26 Does the solution
Content support
governance: the migration
Centralized to Microsoft
content SharePoint?
protection and
compliance
Does the solution provide data repositories across the globe to meet data
27 residency requirements?
28 Where does the management plane of the SaaS service run?
29 Where does the SaaS service store metadata?
30 Does the solution provide out-of-the-box reports?
Does the solution provide detailed sharing reports and document
31 activities?
Does the solution provide a programmatic way to export logs (e.g. to a
32 SIEM)?
Does the solution support CASB for cloud hosted storage? If yes, which are
33 supported?
Does the solution support Data Loss Prevention (DLP) for on-premises
34 storage? If yes, which are supported?
Does the solution enable customers to encrypt data with customer
35 managed encryption keys?
Intelligent content capabilities
36 Does the solution provide closed loop security analytics?
Compliance
# Question
Does your solution allow us to consolidate/replace existing SSL VPN, SSO to SaaS, (Y, N, N/A)
1 Isolated browser, and reverse proxy to our virtual apps and desktops?
Does the solution have built-in controls for restricting end-user actions granularly
2 based on type of app and/or users?
Does the solution provide a clientless VPN mode for accessing on-premises
3 hosted web applications?
4 Does your SaaS solution provide access to both SaaS and web applications?
Does the solution provide a way to access the Internet securely using remote
5 browser or web isolation technology?
6 Can this solution prevent employees from visiting restricted websites?
Can security administrators enable browser isolation for selective content? If so,
7 can this be automated as a policy decision?
8 Does the solution offer single sign-on capabilities?
9 Does your solution protect data in SaaS and web apps?
10 Can your solution help consolidate security vendors?
11 Is your company an Identity Provider (IdP)?
12 How does your solution offer contextual access control?
13 How do you optimize performance for end users that are distributed globally?
Does your solution offer multi-factor authentication (MFA) that is based on
14 contextual and adaptive policies?
Does your solution protect corporate resources that are being accessed from
15 malware-infected unmanaged or BYO devices?
Response
Analytics
Compliance
# Question (Y, N, N/A)
Performance analytics
1 What performance characteristics does your tool monitor?
2 What key factors are measured related to performance?
3 Is youryour
Does performance tool limited
solution deliver humantoreadable
a single site?
information without being fed
4 to another tool?
5 Does your performance monitoring tool uncover root cause issues?
6 What types of operations analytics do you provide?
Security analytics
7 Does your solution offer user behavior analytics? If so, how does it work?
8 Is your offering a one-time assessment of user risk?
Can your solution help us to realize security outcomes like continuous
9 authentication?
10 Is your solution limited to the pre-built user risk scenarios?
11 Can your solution integrate with other vendors and product?
Is your solution a closed system by using the events from your environment
12 alone?
13 Does your offering
How flexible apply isAIyour
or granular and offering
ML to help
as itsolve security
relates challenges?
to grouping users?
14 Does it just cover users by geography, department domain etc.?
15 Can high-risk users be easily displayed or sorted?
16 Can your solution take action based on certain activities?
17 What actions can be taken in Cotent Collaboration?
18 What actions can be taken in Endpoint Management?
19 What actions can be taken in Virtual Apps and Desktops?
Response
Intelligent Features
Compliance
# Question (Y, N, N/A)
1 Describe the architecture and process flow of your solution.
2 Is your architecture secure?
3 Describe how the system determines the workflows to present
4 Which apps are currently supported within the solution?
Can the solution create custom microapps based on other apps? What key
5 benefits do these provide over macroapps?
6 Describe how an end-user interacts with microapps
7 What types of actions can an end-user perform within microapps?
8 Can the microapps have specific branding?
9 Can the microapps look and feel be customized?
10 How can an administrator add microapps?
11 Explain the capabilities of your virtual assistance.
12 How do users interact with the virtual assistance?
13 What systems does the virtual assistance interact with on the backend?
14 Does the virtual assistance interact with one backend system or multiple?
15 Is the virtual assistant a native component of the platform?
16 Who trains the skills in the virtual assistant?
17 What content can end users see within their workspace?
18 Where can notifications be sent across an end user's experience?
19 Can notifications be customized?
20 How are notifications kept relevant for the end users?
21 What are the requirements for each individual out-of-the-box integration?
What development plans are in place to add additional integrations to the
22 product?
23 Are customizations available within the out-of-the-box integrations?
24 Is the behavior of the out-of-the-box integration configurable?
25 Are the integrations out-of-the-box or provided as template?
26 Are out-of-the-box integrations maintained by the provider?
27 Does the solution provide write-back to the system of record?
28 How do you authenticate with the systems of record integrations?
29 Is it possible to build custom integrations in the solutions?
30 What are the requirements for custom integrations?
31 Do custom integrations require approval by the vendor?
32 Are custom integrations build with no- or low-code?
33 Are custom integrations built in code? If so, what language?
34 Are custom integrations hosted by the vendor or by the customer?
35 What capabilities are available for the custom integrations?
36 Can the solution integrate with on-premises systems of record?
37 Does the solution provide connectivity to the on-premises site?
38 Does the solution cache data from the system of record?
39 Can the solution track changes in active data of the system of record?
40 Does the solution cache data in the cloud?
41 How is data purged from the solution?
42 What is the process of adding new integrations?
43 How can the your solution customize microapps?
44 How does your solution integrate with SoR that is not out-of-the box?
45 Which coding skills required to build microapps within your solution?
46 Where is the microapp builder hosted?
47 Is the microapp builder single tenant?
48 Can you preview the microapp while building it?
49 Can you add custom images to microapps within your solution?
50 What inputs can be set within a microapp?
51 How much lead-time will your solution provide for upcoming changes?
Response
Implementation, Maintenance, and Training
# Question
Implementation
Will company (customer) resources be required to implement
1 the solution?
2 Is your organization available to implement the full solution?
Maintenance & Support
3 What is the SLA for your cloud-hosted solution?
Do you have a regular update and patching cycle and/or
4 maintenance windows?
5 Describe your support offerings.
6 In what languages do you offer support?
7 How are support cases escalated?
What are the processes for managing testing, QA, and user
8 acceptance phases of the implementation?
Training
What delivery options are available for live training sessions?
9 (Classroom-based vs. online/hands-on vs. demonstration)