Professional Documents
Culture Documents
FOR
Selection of Agency for Supply, Commissioning, Testing, Integration and Operation and Maintenance
of Aadhaar Data Vault for AUA/KUA Project of Directorate of Information Technology, Electronics
and Communication, DITEC, Government of Assam.
Page 1 of 66
This page is intentionally left blank.
Page 2 of 66
Disclaimer
The information contained in this RFP document or any information provided subsequently to Bidder(s)
whether verbally or in documentary form by or on behalf of the DITEC is provided to the Bidder(s) on the terms
and conditions set out in this RFP document and all other terms and conditions subject to which such information
is provided. This RFP is neither an agreement nor an offer and is only an invitation by DITEC to the interested
parties for submission of bids. The purpose of this RFP is to provide the Bidder(s) with information to assist the
formulation of their proposals. While effort has been made to include all information and requirements of the
DITEC with respect to the solution requested, this RFP does not claim to include all the information each Bidder
may require. Each Bidder should conduct its own investigation and analysis and should check the accuracy,
reliability and completeness of the information in this RFP and wherever necessary obtain independent advice.
The DITEC makes no representation or warranty and shall incur no liability under any law, statute, rules or
regulations as to the accuracy, reliability or completeness of this RFP. The DITEC may in its absolute discretion,
but without being under any obligation to do so, update, amend or supplement the information in this RFP.
Page 3 of 66
Table of Contents
Contents
Disclaimer ................................................................................................................................................. 3
ABBREVIATIONS & DEFINITIONS .................................................................................................................. 8
1. Invitation for Proposal ........................................................................................................................ 12
1. RFP Notice ................................................................................................................................. 12
2. Data Sheet ................................................................................................................................. 13
2. Project Profile & Background Information.......................................................................................... 14
1. Introduction .............................................................................................................................. 14
Page 4 of 66
5.2 Technical Specification: ............................................................................................................. 21
5.3 Third Party Audit: ...................................................................................................................... 40
5.4 Roles and Responsibilities of DITEC and its authorized agency(s): ........................................... 40
6. Project Deliverables-cum-Time Line & Payment Schedule ................................................................. 40
7. Manpower Specifications ................................................................................................................... 41
7.1 Implementation Phase .............................................................................................................. 41
7.2 Operations & Maintenance Phase ............................................................................................ 41
8. Bidding Process................................................................................................................................... 42
8.1 Site Visit .................................................................................................................................... 42
8.2 Cost of Bidding .......................................................................................................................... 42
8.3 Validity of Proposals ................................................................................................................. 42
8.4 Clarification of Tender Document ............................................................................................. 43
8.5 Pre-Bid meeting ........................................................................................................................ 43
8.6 Amendment of Tender Document ............................................................................................ 43
8.7 Bid Preparation ......................................................................................................................... 43
Page 5 of 66
8.15.7 Bid Currency ............................................................................................................ 46
8.15.8 Disqualifications...................................................................................................... 46
8.16 Criteria for Evaluation of Bid .................................................................................................... 46
8.17 Submission, Receipt and Opening of Proposals ........................................................................ 47
8.18 Correction of Arithmetic Errors in Financial Bids ...................................................................... 48
8.19 Right to Accept or Reject Proposal ........................................................................................... 48
8.20 Bid Selection Method ................................................................................................................ 48
8.21 Disqualification ......................................................................................................................... 48
9. General Terms and Conditions ........................................................................................................... 48
9.1 Application ................................................................................................................................ 48
9.2 Applicable Law .......................................................................................................................... 49
9.3 Relationship Between Parties ................................................................................................... 49
9.4 Documents/Knowledge Transfer .............................................................................................. 49
9.5 Governing Language .................................................................................................................. 49
9.6 Intellectual Property Rights (IPR) .............................................................................................. 49
9.8 Award of Contract ..................................................................................................................... 50
9.9 Monitoring of Contract ............................................................................................................. 50
9.10 Performance Bank Guarantee (PBG) ......................................................................................... 50
9.11 Execution of Agreement ........................................................................................................... 51
9.14 Penalty ...................................................................................................................................... 51
9.15 Fraud and Corruption ............................................................................................................... 53
9.16 Confidentiality ........................................................................................................................... 53
9.17 Termination ............................................................................................................................... 54
9.18 Force Majeure ........................................................................................................................... 54
9.19 Resolution of Disputes .............................................................................................................. 54
9.20 Amicable Settlement ................................................................................................................. 55
9.21 Legal Jurisdiction ....................................................................................................................... 55
9.22 Notice ........................................................................................................................................ 55
9.23 Limitation of Liability ................................................................................................................. 55
9.24 Deliverables ............................................................................................................................... 55
9.25 Validity of Contract.................................................................................................................... 55
9.26 Others ....................................................................................................................................... 55
Page 6 of 66
10 Exit Management ............................................................................................................................... 56
10.1 Purpose ..................................................................................................................................... 56
10.2 Cooperation and Provision of Information ................................................................................ 57
11 Annexure: Forms and Template for Bid Response .............................................................................. 57
11.1 Technical Proposal Forms .......................................................................................................... 57
12 TECHNICAL PROPOSAL FORMS............................................................................................................ 58
12.1 Form – 1: Covering Letter.......................................................................................................... 58
12.2 Form – 2: Declaration of Acceptance of Terms and Conditions in RFP ............................................. 60
12.3 Form – 3: General Information about bidders ................................................................................. 61
12.4 Form – 4: Bidder’s Relevant Experience Certificate ........................................................................ 62
12.5 Form – 5: Particulars of key professionals ...................................................................................... 63
12.6 Form – 6: CV’s of key professionals ................................................................................................ 64
12.7 Form – 7: Power of Attorney for signing authorities ...................................................................... 65
12.8 Form – 8: Undertaking on being not black listed............................................................................ 66
Page 7 of 66
ABBREVIATIONS & DEFINITIONS
The laws and any other instruments having force of law in India as
Applicable Law
they may be issued and in force from time to time.
CA Chartered Accountant
Page 8 of 66
Proposals
Contract/ Procurement A contract entered into between the procuring entity and a successful
Contract bidder concerning the subject matter of procurement.
EID Enrolment ID
Effective date The date on which the contract comes into force and effect
IT Information Technology
Page 9 of 66
O&M Operation & Maintenance
SP Service Provider
UID Unique ID
Page 10 of 66
This page is intentionally left blank.
Page 11 of 66
1. Invitation for Proposal
1. RFP Notice
b) The requirement under this RFP is to provide an integrated software solution, hardware
required (with related AMC), encompassing Aadhaar Data Vault & Aadhaar based
Authentication services as required by various State government line departments to on-board
and integrate services of Aadhaar-enabled Citizen Centric Services under various government
schemes.
c) Any contract that may result from this public procurement competition will be issued for a
“Term” of six (06) months for implementation phase of the intended application (“Go Live”)
and thereafter followed by 18th months for support and maintenance.
d) DITEC reserves the right to extend the Term further for period of a maximum three (03) years
for support and maintenance on the same terms and conditions, if required. During the
extension(s) fee may be revised based upon mutual agreement acceptable to both the parties.
e) The RFP include the followings:
Page 12 of 66
f) Interested firms / companies may download the RFP document from the website
https://assamtenders.gov.in
g) DITEC reserves the right to reject any or all the Proposals in whole or part without
assigning any reasons.
2. Data Sheet
S. No Information Details
1. Tender Processing Fee INR 1000/- (Non-Refundable)
Earnest Money Deposit (EMD) INR 8,00,000/- (Refundable) submitted in form
3. of BG.
Last date and time for submission of Date : 13th July 2022
4.
pre-bid queries Time: 10 PM
Last date and time of Submission of Bid
Date: 29th July 2022
5.
Time: 3 PM
Time: 4 PM
6. Opening of Technical Bids
The Director
Address at which proposal in response to
RFP notice is to be submitted through Directorate of Information Technology,
9.
online mode only. Electronics and Communications (DITEC),
Behind CM Block, Assam Secretariat,
Dispur, Guwahati-781006
e-Mail: ditec-asm@gov.in
Date of Presentation Will be informed in later stage.
11.
Page 13 of 66
Tender Processing Fee:
A non-refundable fee of Rs 1000/- (One Thousand) shall be made towards the cost of tender
processing fee through Internet Banking from State Bank of India (SBI) or any other banks listed
at SBMOPS on https://assamtenders.gov.in or NEFT/RTGS in case of offline payment from any
Bank.
The bid document must be accompanied by the Earnest Money Deposit of Rs. 8,00,000.00
(Rupees Eight Lakh Only) through – i) Option 1- Internet Banking from State Bank of India (SBI) or
any other banks listed at SBMOPS on https://assamtenders.gov.in ii) Option 2- In case of non-
availability of Net Banking facility, Bidders may submit Tender Processing Fees and Bid Security
using NEFT/RTGS option from any Bank against system generated prefilled challan. iii) EMD
exemption is applicable for MSE Manufacturer participating as Bidder. iv) Detail process can be
found in the URL below:-
https://assamtenders.gov.in
1. Introduction
The overall growth of information technology (IT) across India has resulted in creation of high-
quality employment and wealth creation – both localized as well as for the country. Government
of Assam (GoA) recognizes the strategic importance of Technology as a key catalyst for
development and hence, has continuously focused on constructive exploitation of the
opportunities within the ITsector.
As a first step towards developing a strong technology base in the state, the GoA had laid out
the following construct for itself:
Vision
“Using Information and Communication Technology (ICT) to empower the masses
through easier access to information, transforming governance for better service
delivery and, as avehicle, for economic development of the state.”
The project is expected to improve the service delivery mechanism for residents of state
especially the rural and under-privileged population.
DITEC proposes to formulate a roadmap to proceed with a strategy to define the most effective
mechanism to leverage Aadhaar in delivering services to the intended citizens. The State
proposesto have a centralized infrastructure to facilitate Aadhaar enablement of its’ citizen
centric departments and schemes in a holistic manner and to authenticate identity of residents
in the State through Aadhaar ID, for the purpose of processing resident benefits arising out
Page 14 of 66
of Government Welfare Schemes. The State Government also envisages in long term to setup a
single centralized platform which shall provide the citizen of Assam with a distinct digital
identity and unique profile to map all the services he/she is entitled for, tracking the benefit
disbursement against the same for better governance, enable provision of secure ‘Anytime,
anywhere’ access to Government services and to facilitate better planning and design of
Welfare schemes based on resident data.
This Centralized Digital Identity & Entitlement Platform is proposed to be developed around
Aadhaar and shall also account for state level citizen identity management, targeted profiling of
the services for identification of intended beneficiaries and social accounting for the services
delivered.The State Government would like to design and develop a robust service delivery
platform which shall be integrated with multiple service delivery channels like Physical Service
Delivery Centers, Web Portal, Mobile Platforms, Kiosks etc. in the frontend and various
department applications in the backend to enable seamless service delivery to the citizens.
The primary objective of this project is to become Authentication User Agency (AUA) / e-KYC
user agency (KUA) for the state of Assam and to set up Aadhar Data Vault (ADV) at State Data
Centre.
This project constitutes the creation of Assam Aadhaar Data Vault (AADV), which has to adhere
to the guidelines from UIDAI, Government of Assam. The guidelines for the Aadhaar Data Vault
to be created has been detailed in relevant paras in the Scope of Work section of this RFP,
however any additional guidelines released by UIDAI or Government of Assam in future
regarding the Aadhaar Data Vault and has to be incorporated from time to time and adhered
to by the SP in terms of rules and guidelines to be followed.
The Bidder is expected to submit the following supporting documents with respect to the below-
mentioned eligibility criteria together with the Technical Proposal:
1. Pre-Qualification Criteria
Only those Bidders who fulfill the following criteria are eligible to respond to the RFP. Offers received
from the Bidders who do not fulfill all or any of the following eligibility criteria will be rejected.
Page 15 of 66
SL Eligibility Criteria Documents Required
No
1. Consortium agreement with
Bid can be submitted by individual bidder or
clearly defined scope of work
consortium of bidders, wherein prime member of the
and power of attorney of the
consortium shall be the AUA/KUA application
consortium members.
developer. There shall not be more than two members
in the consortium including prime bidder.
Page 16 of 66
SL Eligibility Criteria Documents Required
No
8. All integration services should be latest version in time of Self-Declaration /
Implementation aadhaar based authentication API Certification on the entity’s
specification, aadhaar best finger detection api specification letterhead
aadhaar e-kyc specification, aadhaar OTP request API
specification, aadhaar mobile update api specification.
10 The Sole/Lead bidder should provide 24x7 application Relevant document(s) must
support be submitted.
b) Breach of general or specific instructions for bidding, general and special conditions of
contract with GoA or any of its user organizations during the past 3 years may make a firm
ineligible to participate in bidding process.
c) Any specific Company can submit only one bid, and a single company submitting more than
one bid shall be disqualified.
d) Terms and conditions of e-procurement tendering process is mandatory to all the bidders.
1. Module of AAAF
Page 17 of 66
i) Data Management
Bidder will do effective data management of various citizen databases. The Data
management is broadly categorized in two parts
✓ SRDH data Management (Data Received from the CIDR database)
✓ Management of beneficiary data which are integrated with the SRDH from the
various departments of Assam.
ii) User Access Management
To use the proposed SRDH application the admin user needs to create Department wise
userlogin ID for verification and validation. The features of the user management module
are listedas below:
✓ Log in Id creation
✓ Change Password
✓ Forgot Password
✓ Role Based Menu access
iii) KYR Search
The portal allows the user following search options to know the KYR information of the
beneficiary. To use the KYR search the user need to log in to the SRDH portal and select
the type of search.
✓ Simple Search
✓ Advance Search
v) E-KYC validation
KYC (Know Your Customer) establishes the identity of the resident, their address, and
other basic information such as their date of birth and gender. Typically, this KYC
information is combined with other information at the point of service delivery to
determine eligibility.
The existing applications running in various state departments are integrated with the
Page 18 of 66
SRDH application through various web services. This helps the department users to
perform the search operation in the existing application itself without log in to the SRDH
application.
Apart from the above mentioned modules, bidder will also support departments in
seeding process during the period of tenure. Bidder will also propose and implement
enhancement like e-payment facility, supporting Unicode, implementation of Mobile
enabled services, self-seeding facility etc. in consultation with the department.
5. Scope of Work
The detailed scope of work is described below, and the bidder should go through all the
requirements in details. Bidder should propose a complete solution for implementation of
AUA/KUA including necessary hardware, software, connectivity and Operation and Maintenance
for 24 months after go live of the project. DITEC reserves the right to change the scope of RFP
considering the DITEC’s requirements.
5.1 Detailed Scope of Work
1. The Bidder should Supply required Hardware and develop Software (OS, DB,
Page 19 of 66
Application) with required licenses, install & deploy the solution in line with the UIDAI
guidelines in State Data Centre, Assam, integrate with ASA partner (NPCI) and test (unit test,
system test, performance and security test) the solution as per the timeline specified by the
DITEC.
2. The Bidder should provide AUA/KUA Infrastructure which include Hardware and
Software. The Bidder should provide ready to use Web and Mobile based Authentication
(including Bulk Demographic Authentication) and e-KYC platform with User Management
allowing AUA/KUA to avail Aadhaar Services at ease.
3. The Bidder should provide and manage a dynamic Aadhaar Data Vault solution
along with the AUA / KUA platform including Sub AUA/KUA platform.
4. The Bidder should conduct end-to-end testing of the application for the required
pre-production test transactions and submit the test results in line with UIDAI requirements,
Audit compliance check-list as specified to UIDAI. On confirmation from UIDAI and receipt
of production credentials, the Bidder should make necessary changes as proposed by UIDAI
to perform transactions on the production environment and confirm “Go Live”.
5. Bidder is responsible for all API integration of ASA, Sub-AUA with AUA/KUA as and
when required.
6. The Bidder should ensure the complete solution (Hardware/ Software/ Network
Connectivity) is secured and should get the solution certified by third party i.e. CERT-IN,
STQC Certified auditors/UIDAI approved auditors.
7. The Bidder should onboard other departments of GoA as Sub-AUA (Subject to
approval from UIDAI) and install required software/hardware set up at its Sub AUA location
as and when required.
8. The Bidder should comply with UIDAI and ASA/KSA guidelines for entire proposed
solution as per the needs specified by UIDAI/NPCI.
9. The Bidder should provide Billing and Administrative Module for all Sub-AUA’s
/KUA’s.
10. The Bidder should provide necessary sample application in all OS platforms to Sub
AUA’s/KUA.
11. The Bidder should onboard DITEC and its Sub-AUA onto AEPS.
12. The Bidder should provide Fraud Monitoring Mechanism as per UIDAI guidelines.
13. Bidder shall provide their expertise in delivering the various solutions. These shall
include but not limited to the following:
Page 20 of 66
13.1 Aadhaar based authentication for any financial / non-financial transactions
that require authentication.
13.2 For any other purpose that may relate to Aadhaar enabled service delivery.
14. The Bidder should procure all necessary equipment for implementing the project.
15. The Bidder should provide regular updates/ upgrades to ensure the client
application is ready whenever UIDAI publishes new version of the Aadhaar platform.
16. The Bidder should enter into Annual Maintenance Contract (AMC) with DITEC for a
period of two years and shall be responsible for timely troubleshooting, updates, patches,
upgrades and bug-fixes including additional customization/upgradation, configuration &
integration requirements as per the directions of UIDAI during the contract.
17. The bidder shall deploy necessary skilled manpower on site during implementation as
well as Operation and Maintenance phase of the proposed solution.
18. Training shall be imparted to the DITEC technical team regarding the use of
developed solution.
5.2 Technical Specification:
Bidder should provide the following hardware with the specification as mentioned
below:
Description of Quoted
Sl. No. Description Product (to be filled by Cross Reference
bidder)
Physical Cores- minimum 2 x 24 Cores
1. 1(2nd/3rd Generation Intel Xeon Scalable/AMD
EPYC processor minimum 2.0 GHz speed).
RAM - minimum 512GB (DDR4) (each RAM
2. 2
module should be of minimum 16 GB).
SSD for operating system –
3. 3
2x480 GB NVMe SSD for booting
Network Interface per physical Server-
i) Dual port 25 Gig Ethernet Card populated
with 2 nos. of 25GbE SFP28 Multimode
transceivers and
4. 4ii) Dual port 32Gbps FC Card populated with
32Gbps transceivers
iii) 4 nos. of Multimode Patch Cords of
minimum 3m length
iv) 1 no. of 1GbE dedicated management
Page 21 of 66
Description of Quoted
Sl. No. Description Product (to be filled by Cross Reference
bidder)
interface. (Direct Attached Cables should not
be proposed to meet the transceiver
requirement).
Page 22 of 66
Description of Quoted
Sl. No. Description Product (to be filled by Cross Reference
bidder)
Unpriced, complete and correct Bill of Material
to be submitted along with the bid,
16. 1mentioning part codes of line items (hardware
9and proposed software), without which Bid
will be rejected. No clarification/correction will
be sought post submission of bid.
Page 23 of 66
Description of Quoted
Cross
Sl. No. Description Product (to be filled by
Reference
bidder)
8. 1Management – Out of Band Management with
0IPMI license/feature ready.
OEM Support for 2 (two) years with advance
hardware replacement warranty for all proposed
components, sub-components (including SSD), for
9. 1
entire warranty period.
1
OEM support for 2 (two) years for proposed
storage, backup, security software, operating
system etc.
10. 1OEM should have service facility available at
2Guwahati
11. 1
TAC Support in India for last 5 years
3
12. 1
Spare warehouse should be available in Assam.
4
13. 1Spare parts to be made available by OEM within 7
5business days from the date of call log.
Page 24 of 66
Sl. Description of Quoted
Minimum Specification Cross
No. Product (to be filled by
Reference
bidder)
HSM and all the components thereof must have
2
provision for redundant/dual power supply
Should comply to standards FIPS 140-2 Level 3
3
4 Key Exchange Symmetric Algorithm: AES, Triple DES
(No separate license of Algorithms to be charged)
Support for PKCS#11, CAPI, OpenSSL, JCE/JCA or
5
equivalent, Rest API
6 Support for Hash Message Digest HMAC, SHA1
SHA2, SHA-3, SM2, SM3, SM4 etc.
Support for various cryptographic algorithms from
7
day 1:
Asymmetric Key RSA (1024-4096 bits), DSA, DH,
ECDSA, ECDH, ECC, KCDSA etc.
Symmetric: AES, AES-GCM, Triple DES, DES, ARIA,
SEED, RC2, RC4, RC5, CAST, etc.
8 provide REST based APIs for encryption and
decryption of data
9 Keys must be stored and protected in Crypto
memory of hardware within FIPS boundary of
HSM
Onboard key generation, signing inside the HSM
10
11 HSM should be scalable to support more signatures
per second i.e. usable in cluster mode
Appliance shall be network (TCP / IP) based appliance
12 and must work as cluster
13 Support for multi factor authentication (Remote and
Local)
14 The HSM Device quoted should be compatible with
all the Class-II & Class-III DSC (Digital Signature
Certificate) issued from all the Indian CAs (Certified
Authorities).
Synchronization of keys between HSMs on real-
15
time basis
Storing of event-based audit logs and standard
16
mechanisms for viewing logs
17 Should comply with the UIDAI Security Standards
and guidelines
Should integrate with UIDAI Proposed
18 Authentication Services and AADHAAR Data Vault
Applications
Should support
Operating System -Windows/Linux
19 Virtualization – VMware/Hyper-V/Xen/KVM
Key Derivation feature
20
Page 25 of 66
Sl. Description of Quoted
Minimum Specification Cross
No. Product (to be filled by
Reference
bidder)
Key Wrapping feature
21
Random Number Generation: designed to comply
22 with AIS 20/31 to DRG.4 using HW based true noise
source alongside NIST 800-90A compliant CTR-
DRBG
23 Digital Wallet Encryption: BIP32
24 5G Cryptographic Mechanisms for Subscriber
Authentication: Milenage, Tuak, and COMP128
25 Security Considerations
• FIPS 140-2 Level 3 – Password and Multi-Factor
(PED)
• Common Criteria EAL4+ (AVA_VAN.5 and
ALC_FLR.2) against the Protection Profile EN 419
221-5
• Qualified Signature or Seal Creation Device (QSCD)
listing for eIDAS compliance
• Common Criteria Scheme Host Interface
• 2 x 10G fiber network connectivity and 2 x 1Gbps
ethernet ports
• IPv4 and IPv6
26 Safety & Environmental Compliance
• UL, CSA, CE
• FCC, CE, VCCI
• RoHS
• India BIS IS 13252 (Part 1)/IEC 60950-1
27 • Dual hot-swap power supplies
• Field-serviceable components
28 2 years OEM advance hardware replacement
warranty.
2 years support, subscription/license (in any)
5.2.4 Server Load Balancer with Web Application Firewall, Qnty – 1 no.
Description of Quoted
Cross
Sl. No Minimum Specification Product (to be filled by
Reference
bidder)
1 OEM should have TAC in INDIA.
Traffic Ports supported: 4 x 1G RJ45 and 2 X
10G SFP+ port with 10G multimode
transceivers.
2 Device L7 Throughput: 1Gbps
Layer 4 connections per second: 100K CPS
Layer 7 connections per second: 100K CPS
Layer 4 concurrent connections: 1 Million
Page 26 of 66
Description of Quoted
Cross
Sl. No Minimum Specification Product (to be filled by
Reference
bidder)
The proposed Appliance should be equipped
with multicore CPU, 16GB of Memory, Storage
3
of 200GB SSD and Dual Power Supply from Day
1.
The proposed
appliance should support the below metrics:
— Minimum Misses,
— Hash,
— Persistent Hash,
4 — Weighted Hash,
— Least Connections,
— Least Connections Per Service,
— Round-Robin,
— Response Time,
— Bandwidth, etc
Description of Quoted
Cross
Sl. No. Minimum Specification Product (to be filled by
Reference
bidder)
Requirements
Should be listed in the top quadrant of the
Security Value Map (SVM) of last published NSS
1 Labs report for Next Generation Firewall (NGFW)
ICSA, Common Criteria certified models should
2 be quoted
Multi-core CPUs to protect & scale against
3 dynamic latest security threats.
4 16 GB Memory (DRAM) from day one.
Proposed NGFW appliance must have minimum
internal storage of minimum 120 GB for storing
5 event logs.
4 x 1G RJ45/SFP(loaded with multimode
transceivers) and 4 X 10G SFP+ port with 10G
6 multimode transceivers
Dedicated Management and Console Interfaces
(RJ45) in addition to requested data interfaces
7 from day 1
Threat prevention throughput minimum 1 Gbps in
real world /production environment with
Application control, IPS, antivirus, Zeroday
8 protection.
9 Minimum IPsec VPN throughput – 1 Gbps
Minimum client agent tunnels (SSL, IPSec, and
IKE V1 & V2 supported with XAUTH) – 500 from
10 day 1
Proposed appliance should support Minimum
11 New sessions per second –10000
Proposed appliance should support Minimum
12 Concurrent Connections – 100,000
Should support Active/Active and Active/Passive
13 from day one
The proposed firewall shall support Dual Stack
IPv4 / IPv6 application control and threat
14 inspection support in:
15 - Tap Mode
16 - Transparent mode (IPS Mode)
17 - Layer 2
18 - Layer 3
19 - Should be able operate mix of multiple modes
Page 28 of 66
Description of Quoted
Cross
Sl. No. Minimum Specification Product (to be filled by
Reference
bidder)
Threat Protection Feature
Should support protocol decoder-based analysis
stateful decodes the protocol and then intelligently
applies signatures to detect network and
20 application exploits
Intrusion prevention signatures should be built
based on the vulnerability itself; A single signature
should stop multiple exploits attempts on a
21 known system or application vulnerability.
Should block known network and application-
22 layer vulnerability exploits
The proposed firewall shall perform content-based
signature matching beyond the traditional hash
23 base signatures
The proposed firewall shall have on box Anti-
Virus/Malware, Anti Spyware signatures and
should have minimum signatures update window
24 of everyone hour
All the protection signatures should be created by
vendor based on their threat intelligence and
25 should not use any 3rd party IPS or AV engines.
Page 29 of 66
Description of Quoted
Cross
Sl. No. Minimum Specification Product (to be filled by
Reference
bidder)
Page 30 of 66
Description of Quoted
Cross
Sl. No. Minimum Specification Product (to be filled by
Reference
bidder)
Should be able to block unknown malicious
46 executables and PowerShell attacks.
Solution must have the ability to automatically
analyze advanced threats in real hardware
47 systems.
Advance unknown malware analysis engine
should be able to create automated high-fidelity
signature for command and control connections
and spyware to inspect command and control http
payload to create one to many payload base
signatures protection from multiple unknown
spyware and command and control channels
48 using single content based signature
The protection signatures created for unknown
malware emulation should be payload or content
based signatures that could block multiple
unknown malware that use different hash but the
49 same malicious payload.
50 SSL/SSH Decryption
The proposed firewall shall be able to identify,
decrypt and evaluate SSL traffic in an outbound
51 connection (forward-proxy)
The proposed firewall shall be able to identify,
decrypt and evaluate SSL traffic in an inbound
52 connection
The proposed firewall shall be able to identify,
decrypt and evaluate SSH Tunnel traffic in an
53 inbound and outbound connections
The NGFW shall support the ability to have a SSL
inspection policy differentiate between personal
SSL connections i.e. banking, shopping, health and
54 non-personal traffic
SSL decryption must be supported on any port
used for SSL i.e. SSL decryption must be
55 supported on non-standard SSL port as well
56 The NGFW shall support TLS version 1.3
Network Address Translation
The proposed firewall must be able to operate in
57 routing/NAT mode
The proposed firewall must be able to support
58 Network Address Translation (NAT)
The proposed firewall must be able to support
59 Port Address Translation (PAT)
The proposed firewall shall support Dual Stack
60 IPv4 / IPv6 (NAT64, NPTv6)
Page 31 of 66
Description of Quoted
Cross
Sl. No. Minimum Specification Product (to be filled by
Reference
bidder)
Should support Dynamic IP reservation, tunable
61 dynamic IP and port over subscription
IPv6 Support
63 L2, L3, Tap and Transparent mode
Should support on firewall policy with User and
64 Applications
65 Should support SSL decryption on IPv6
Should support SLAAC Stateless Address Auto
66 configuration
Routing and Multicast support
The proposed firewall must support the following
67 routing protocols:
- Static
- RIP V1/V2
- OSPFv2/v3 with graceful restart
- BGP v4 with graceful restart
68 Policy-based forwarding
69 PIM-SM, PIM-SSM, IGMP v1, v2, and v3
70 Bidirectional Forwarding Detection (BFD)
Authentication
should support the following authentication
71 protocols:
- LDAP
- Radius (vendor specific attributes)
- Token-based solutions (i.e. Secure-ID)
- Kerberos
The proposed firewall’s SSL VPN shall support
72 the following authentication protocols
- LDAP
- Radius
- Token-based solutions (i.e. Secure-ID)
- Kerberos
- SAML
- Any combination of the above
Monitoring, Management and Reporting
Should support on device or centralized
management with complete feature parity on
73 firewall administration
Page 32 of 66
Description of Quoted
Cross
Sl. No. Minimum Specification Product (to be filled by
Reference
bidder)
Should have real time logging based on all Traffic,
Threats, User IDs, URL filtering, Data filtering,
Content filtering, unknown malware analysis,
Authentication, Tunneled Traffic and correlated
74 log view base on other logging activities
Should support the report generation on a manual
75 or schedule (Daily, Weekly, Monthly, etc.) basis
Should allow the report to be exported into
another format such as PDF, HTML, CSV, XML
76 etc.
Should have built in report templates based on
77 Applications, Users, Threats, Traffic and URLs
Should be able to create reports based on user
78 activity
Should be able to create custom report based on
79 custom query base any logging attributes
On device management service should be able to
provide all the mentioned features in case of
80 central management server failure.
Original Manufacturer Authorization Certificate to
81 be submitted along with the bid
2 Years support bundle including parts with
24x7x365 days TAC support, RMA, software
82 updates and subscription update support.
The NGFW should be proposed with 2-year
subscription licenses for NGFW, NGIPS, SSL VPN,
Anti-Virus, Anti Malware, Anti Spyware, Zero
83 Day Protection
Description of Quoted
Sl. Cross
Minimum Specification Product (to be filled by
No. Reference
bidder)
4 nos. of Gigabit Ethernet (10 / 100 / 1000 Base-
1 T) Interface Ports
2 nos. of SFP ports populated with single mode
2 transceivers
3 200 Mbps packet forwarding throughput
4 Should have Redundant Power Supply
Static routes, RIPv1 and RIPv2, BGP, OSPF, IS-IS,
5 IGMv3, MPLS from day 1.
SNMP, Remote Monitoring (RMON), syslog, IP
6 Flow Information Export
Page 33 of 66
QOS: support Class-Based Weighted Fair
Queuing (CBWFQ WRED Hierarchical QoS for
Traffic Management inspections QoS
7 classification with TCP Application traffic.)
IPv6 Ready3. IPv6: OSPFv3 and static routers
ipv6 Routing IPv6 Multicast IPv6 QoS IPv6 VPN
8 over MPLS
9 Firmware should have security certification
2 years advance hardware replacement OEM
10 Warranty
Description of Quoted
Sl. Cross
Minimum Specification Product (to be filled by
No. Reference
bidder)
16 nos. 25Gbps ports (fully loaded with 25Gbps
multimode transceivers)
4x10Gbps ports (fully loaded with 10Gbps
1 multimode transceivers)
8GB RAM,
2 32MB buffer
3 Wire rate packet forwarding throughput
4 Should have Redundant Power Supply
Static routes, RIPv1 and RIPv2, BGP, OSPF, IS-IS,
5 IGMv3
SNMP, syslog
6
QOS: support Class-Based Weighted Fair
Queuing (CBWFQ WRED Hierarchical QoS for
Traffic Management inspections QoS
7 classification with TCP Application traffic.)
IPv6 Ready IPv6: OSPFv3 and static routers ipv6
Routing, IPv6 Multicast, IPv6 QoS, IPv6 VPN over
8 MPLS
9 Firmware should have security certification
2 years advance hardware replacement OEM
10 Warranty
5.2.8 Connectivity
10 Mbps Leased Line/MPLS VPN Link to established between Assam State Data Center, Dispur, Guwahati, PIN-781006
and NPCI Data Centre, Hyderabad for 2 (two) years.
Page 34 of 66
5.2.9 Application Software Solution for AUA/KUA, ADV
Generic Requirements
The system should maintain a log and report for all transactions for
7
audit purpose. Reporting of this module shall be integrated with
the Dashboard Module.
8 The system, if required, should append the license key along with
the request.
In case one ASA is down, the system should have the capabilities
to reroute the request via other alternate ASAs. There must be
9 provision for digitally signing the Auth XML requests on behalf of
AUA. The Auth XML should append the AUA code along with the
request. The Auth XML should be sent to ASA over the secured
network. For the response that is received from ASA, should be
forwarded to specific AUA/sub AUA from where the request
originated.
The Aadhaar authentication should carry out the following
10 Aadhaar Demographic Authentication:
The system should route all demographic authentication
requests i.e. requests with an aim to authenticate
resident’s details like Name,
Address, DOB, etc. are authenticated from the UIDAI’s
CIDR
Page 35 of 66
Sl. Bidder’s proposed solution
Business / Functional Requirements
No.
Page 36 of 66
Sl. Bidder’s proposed solution
Business / Functional Requirements
No.
Page 37 of 66
Sl. Bidder’s proposed solution
Business / Functional Requirements
No.
The system should be able to match each record with the entire
12
CIDR data through fuzzy logics to arrive at strict and lose matches.
Page 38 of 66
Sl. Bidder’s proposed solution
Business / Functional Requirements
No.
Special Requirements
Page 40 of 66
3 AUA/KUA, Aadhaar Duly Security Audited Aadhaar Data vault T1 = T0 + 120 days 50%
Data vault solution and associated components Of Phase
Software and (Hardware and Software) 1 cost
Hardware solution–
Development, Customization, Integration with e-KYC solution and all
Supply, Installation, the requisite client / software under
Integration, Configuration, use by various AUA /KUA or ASA as
Deployment, testing & provided by UIDAI
Commissioning
4 Setting up project environment Successful deployment of all project T2 = T1 + 15 days NIL
at Assam SDC components at Assam SDC
7. Manpower Specifications
The Implementation phase (Go-Live) is a time bound activity. The SP needs to evaluate
and provide resources to deliver as per the required scope in a timely manner.
SP shall be responsible for deployment of highly qualified resources as per the desired skill-set
and experience of various categories for smooth running of the project. The following may be
noted:
i) All manpower to be deployed in the project shall be on payroll of the s o l e / p r i m e
bidder. Outsourcing in any form will not be accepted.
ii) The bidder needs to submit CV of all quoted manpower.
iii) The service provider will provide the bio data of the engaged resources for the maintenance
support for screening. If any specific work could not be completed due to poor manpower
quality, at the time of review, the service provider will provide substitute(s) with qualification
and experience as mentioned below.
iv) Any change of resources during the period of contract should be done only with the prior
consent of DITEC. For whatsoever reason provided the target for schedule of work shall not
suffer.
Page 41 of 66
v) The minimum qualification of the resources should be B.E/B.Tech/MCA/M.Sc and should
have minimum 3 (three) years work experience in this field. The numbers of resource
required for smooth running of the project is up-to the bidder to decide. The resources
should present in office during office hour.
vi) The proposed team shall be available and stationed in Guwahati on all the working days of
Govt. of Assam, and on public holidays also as and when necessary. This is necessary since
the agency needs to support the department continuously throughout the contract period.
The attendance of the personnel will be monitored by DITEC.
vii)If at any point of time, DITEC feels that a resource is not up-to the mark, the replacement will
be demanded in writing and will need to be obliged within 2 weeks. During such replacement,
the incumbent shall be available for disposal of the task till the new resource comes on board.
8. Bidding Process
8.1 Site Visit
The Bidder if so desires, may visit and examine the project sites, and revalidate all the
informationrequired for preparing their response document to the bid. The cost of such
visits to the sites shall be at the bidder's expense. The bidder and any of its personnel or agents
will be granted permission by DITEC to enter its facilities at various locations in the state for the
purpose of such visits, but only upon the condition that the bidder, its personnel, and agents,
will indemnify the DITEC from and against all liability in respect thereof, and will be responsible
for death or personal injury, loss of or damage to property, and any other loss, damage, costs,
and expenses incurred as a result of such inspection, undertaken by the bidder. The Bidder shall
at its own risk; peril; cost and liability undertake site visits to designated facilities in the state.
The Bidder shall bear all costs associated with the preparation and submission of its bid
including cost of presentation for the purposes of clarification of the bid, if so desired by DITEC.
DITEC will in no case be responsible or liable for those costs, regardless of the outcome of the
Tendering process.
a) Proposals shall remain valid for a period of 180 days (one hundreds eighty days) after the
date of Proposal opening prescribed in RFP. A Proposal valid for shorter period may be
rejected as non-responsive.
b) DITEC may solicit the bidders’ consent to an extension of Proposal validity (but without the
modification in Proposals). A bidder may refuse the request and such refusal shall be treated
as withdrawal of Bid and in such circumstances bid security shall not be forfeited.
c) Bidders that agree to an extension of the period of validity of their bids shall extend or get
extended the period of validity of bid securities submitted by them or submit new bid
securities to cover the extended period of validity of their bids. A bidder whose bid security
is not extended, or that has not submitted a new bid security is considered to have refused
Page 42 of 66
the request to extend the period of validity of its Bid.
A prospective bidder requiring any clarification of the tender document may notify DITEC
through email only with softcopy in excel format at DITEC’s correspondence email address
before the date mentioned in under the ‘important dates’ section. DITEC representative will
respond to any request for clarification of the tender document in the pre-bid conference,
which will be held as per the table of important dates given. DITEC’s response will be sent to all
prospective bidders who have eceived the tender document. The clarification shall be asked as
per the given format. Queries not adhering to this format will not be responded to.
S.No. RFP Page No. RFP Section Content of RFP Clause Proposed Change Reason of Proposed
requiring clarification(s) Change
1
2
At any time prior to the last date / time for receipt of bids, DITEC may, for any reason, whether
at its own initiative or in response to a clarification requested by a prospective bidder, reserves
the right to modify the tender document by issuing an amendment. The amendment will be
notified in e-procurement portal and will be binding on the bidders. In order to afford
prospective bidders reasonable time in which to take the amendment into account in preparing
their bids, DITEC may, at its discretion, extend the last date for receipt of bids.
The Bids prepared by the bidder and all correspondence and documents relating to the bids
exchanged by the bidder and GoA, shall be written in the English language. If any supporting
document and printed literature furnished by the Bidder is in a language other than English
then the same should be accompanied by an accurate English translation in which case, for
purposes of interpretation of the bid, the English translation shall govern. However, such
translations shall be certified by the agency that has done the translations.
Page 43 of 66
A. Technical Bid as per specified criteria
The Technical Bid document shall detail all the information sought from the bidders and
required for DITEC to evaluate the bids as prescribed as part of the technical bid. Hence it is
mandatory that the bidders read this section in conjunction with the technical evaluation
section to provide information as necessary and adequate to evaluate the proposals.
All interested bidders shall pay EMD and Tender Processing fee and submit their Technical and
Commercial RFP responses electronically using the e-Forms in the e-Procurement platform.
Companies shall submit the tenders only through the unified e-Procurement system before the
scheduled date and time for bid submission. Tenders submitted after the due date and time
will not be considered. DITEC will not be liable or responsible for any delays due to unavailability
of the portal and the Internet link.
Prices in any form and for any reasons shall not be revealed in the pre-qualification bid or
Page 44 of 66
technicalbid or before opening the commercial bid. In case such violation happens, then the
bid shall be immediately rejected.
Bidder should submit a no deviation undertaking as per form -9 at Annexure. Any substantial
deviation may lead to rejection of bid.
1. The bid shall be submitted only as single entity or in Consortium. In case of Consortium
there should not be more than two members including the prime/lead bidder.
2. The project execution performance shall be purely the responsibility of the Lead bidder.
The lead bidder shall be purely and wholly held responsible in case the subcontracted
agency fails to perform.
8.15.2 Modification and Withdrawal of Bids
No bid shall be withdrawn in the interval between the last date for receipt of bids, and the expiry
ofthe bid validity period specified by the bidder in the bid. Withdrawal of a bid during this
interval would result in forfeiture of the bidder’s bid security.
8.15.4 Clarifications
If deemed necessary, DITEC may seek clarifications on any aspect from the bidder. However,
that would not entitle the bidder to change or cause any change in the substance of the tender
submitted or price quoted. DITEC may, if so desire, ask the bidder to give a presentation/
demonstration for the purpose of clarification of the tender. All expenses for this purpose, as
also for the preparation of documents and other meetings, will be borne by the bidders.
DITEC will satisfy themselves on the veracity of the reference works with reference to
performance indicators relevant to the requirements specified.
Page 45 of 66
submission of bid to the time the contract is awarded. During this period, all-important notices
will be published in the e-procurement portal.
Any effort by a bidder to influence bid evaluation, bid comparison or contract award decision
may result in the rejection of the bid. Such an act on the part of the Bidder shall amount to
misconduct and will be liable for appropriate action, as decided by DITEC.
8.15.8 Disqualifications
The bid is liable to be disqualified in the following cases:
DITEC formed a committee to evaluate the proposals submitted by the bidders for a detailed
scrutiny. During evaluation of proposals, DITEC may, at its discretion, ask the bidders for
clarification of their Technical Proposals. Only those proposals meeting the above
qualification criteria will be evaluated as per the criteria mentioned below:
Page 46 of 66
Sl Documentary Max.
Criteria Marks
No. Evidence Marks
Average Turnover in last 3
≥Rs.10 Crore < Rs.15 Crore
years ending 31st March 2022 from
Audited Balance =5
IT Business and related
1 Sheet and Statutory ≥ Rs.15 Crore to Rs.20 10
services of last three years.
Auditor’s Certificate Crore = 7
≥ Rs.20 Crore= 10
Detailed Approach
&
Presentation: Understanding Methodology along Approach and
of Scope of Work and Detailed with CVs of Methodology and
5 10
Approach & Methodology (45 resources proposed technical
mins) to be deployed to be resource
evaluated in
presentation
Total Score 100
Cut Off (to open the financial bid)
60
1. Financial Proposal of only those bidders will be opened who secure minimum 60 marks as
per the above evaluation criteria.
2. Bidder has to give technical presentation in such a way that Aadhaar Authentication and e-KYC
related requirements of the DITEC is covered with detailed technical architecture of the Solution,
Timelines for the completion of the project, requirement & Services to the Sub AUA/KUA,
Integration with the DITEC’s and other state applications, onboarding on AEPS of DITEC and Use
cases of Aadhaar services.
• DITEC will open all bids (only Technical Bids at the first instance) through the e- Tendering
website, in the presence of Bidders or his representatives who choose to attend.
Page 47 of 66
• In the event of the specified date of Bid opening being declared holiday for the tendering
Authority, the Bid shall be opened at the appointed time and location on the next working
day.
a) If there is a discrepancy between the unit price and the total price that is obtained by
multiplying the unit price and quantity, the unit price shall prevail and the total price shall
be corrected, unless in the opinion of the bid evaluation committee there is an obvious
misplacement of the decimal point in the unit price, in which case the total price as quoted
shall govern and the unit price shall be corrected;
8.21 Disqualification
DITEC may at its sole discretion and at any time during the evaluation of Proposal, disqualify
any bidder, if the bidder has:
a) Submitted the Proposal documents after the response deadline.
b) Made misleading or false representations in the forms, statements and attachments
submitted in proof of the eligibility requirements.
c) Exhibited a record of poor performance such as doing as abandoning works, not properly
completing the contractual obligations, inordinately delaying completion or financial
failures,etc. in any project in the preceding three years.
d) Submitted a proposal that is not accompanied by required documentation or is nonresponsive.
e) Failed to provide clarifications related thereto, when sought.
f) Declared ineligible by the Government of Assam for corrupt and fraudulent practices or
blacklisted.
g) Submitted a proposal with price adjustment / variation provision.
9.1 Application
These general conditions shall apply to the extent that provisions in other parts of the contract
Page 48 of 66
donot supersede them. For interpretation of any clause in the RFP or Contract Agreement,
the interpretation of the DITEC shall be final and binding on the firm/ company.
9.13.1 DITEC will issue Letter of Intent (LoI) to the successful bidder.
9.13.2 A procurement contract shall come into force from the date on which DITEC received
the acceptance letter of the Letter of Intent (LoI) from the successful bidder.
9.13.3 The successful bidder shall sign the procurement contract within 15 days from the date
on which the letter of acceptance or letter of intent is dispatched to the successful
bidder.
9.13.4 If the bidder, who’s Bid has been accepted, fails to sign a written procurement contract
or fails to furnish the required performance security within specified period, the
procuring entity shall take action against the successful bidder as per the provisions of
the bidding document and Act. The procuring entity may, in such case, cancel the
contract with the bidder and debar the bidder to participate in any future bid.
9.14 Penalty
Page 51 of 66
AUA/KUA and Aadhaar Data Successful delivery of T1 = T0 + After T1, a Penalty of 2.5% of Contract
vault Software solution– Duly Security Audited 120 days value of Phase-I cost per week and
Development, AUA/KUA and Aadhaar part thereof. Delay beyond Four (04)
Customization, Supply, Data Vault solution and weeks would lead to termination of
Installation, Integration, associated contract.
Configuration, Deployment,
components.
testing & Commissioning
Timeline
Project Component Deliverables (Max Limit) / Value of Penalty
Uptime
PHASE II (Operations & Maintenance)
After T3, a Penalty of 2% of Contract
%age overall value of Phase-I cost per week and part
uptime target thereof up to the maximum value of
Application Uptime 99.5%
(calculated 10% of the Phase 1 Contract Value.
monthly) Delay beyond Five (05) weeks would
lead to termination of contract.
Target in
Measurement Definition Interval Target in % Penalty
Time
Page 52 of 66
(Both AAAF & – 5% of the QGR value
ADV) >= 99.0% to [Record as Event of Default]
Maintenance 432 minutes
< 99.3% [Escalation to Customer and
Time)]}*100
Bidder Management]
• “Unfair trade practices” means supply of services different from what is ordered on,
or change in the Scope of Work, which was given in Section 4.
• “Coercive Practices” means harming or threatening to harm, directly or indirectly,
personsor their property to influence their participation in the execution of contract.
• Will reject a proposal for award, if it determines that the bidder recommended for
award, has been determined by DITEC to having been and engaged in corrupt,
fraudulent of unfair trade practices.
• Will declare a Firm/company ineligible, either indefinitely or for a stated period of
time, for awarding the contract, if it any time determines that the Firm/company has
engaged in corrupts, fraudulent and unfair trade practice in competing for, or in
executing the contract.
9.16 Confidentiality
Information relating to the examination, clarification and comparison of the proposals shall not
bedisclosed to any bidders or any other persons not officially concerned with such process
until theselection process is over. The undue use by any bidder of confidential information
related to the process may result in rejection of its proposal. Except with the prior written
consent of the otherparty, no party, shall, at any time communicate to any person or entity
any confidential information acquired in the course of the Contract.
No party shall, without the other party’s prior written consent, disclose contract,
specifications, plan, pattern, samples or other documents to any person other than an entity
employed by the affected party for the performance of the contract.
Page 53 of 66
9.17 Termination
Under this Contract, DITEC may by written notice terminate the contract agreement entered
with the firm/company in the following ways:
Termination by Default for failing to perform obligations under the Contract or if the quality is
not up to the specification or in the event of non-adherence to time schedule.
In all the three cases termination shall be executed by giving written notice to the
firm/company. Upon termination of the contract, payment shall be made to the firm/company
for:
i. Services satisfactorily performed and reimbursable expenditures prior to the effective
dateof termination
ii. Any expenditure actually and reasonably incurred prior to the effective date of termination
No consequential damages shall be payable to the firm/company in the event of such
termination.
Notwithstanding anything contained in the RFP, the firm/company shall not be liable for
liquidated damages or termination for default, if and to the extent that, it’s delay in
performanceor other failures to perform its obligations under the agreement is the result of
an event of ForceMajeure.
For purposes of this clause “Force Majeure” means an event beyond the control of the
consultingfirm/company and not involving the consulting firm/company’s fault or negligence
and which was not foreseeable. Such events may include wars or revolutions, fires, floods,
epidemics, quarantine restrictions and freight embargos. The decision of the DIT, ASSAM
regarding Force Majeure shall be final and binding on the firm/company.
If a Force Majeure situation arises, the firm/company shall promptly notify to the DITEC in
writing, of such conditions and the cause thereof. Unless otherwise directed by the DITEC in
writing, the firm/company shall continue to perform its obligations under the agreement as far
asreasonably practical, and shall seek all reasonable alternative means for performance not
prevented by the Force Majeure event.
If any dispute arises between parties, then there would be two ways for resolution of the
disputeunder the Contract.
Page 54 of 66
9.20 Amicable Settlement
Performance of the Contract is governed by the terms the conditions of the Contract, however
at times dispute may arise about any interpretation of any term or condition of Contract
including the scope of work, the clauses of payments etc. In such a situation either party of
the contract may send a written notice of dispute to the other party. The party receiving the
notice of disputewill consider the notice and respond to it in writing within7 days after receipt.
If that party fails to respond within 7 days, or the dispute cannot be amicably settled within 15
days following theresponse of that party, then next Clause shall become applicable.
9.22 Notice
Any notice, request or consent required or permitted to be given or made pursuant to this
contract shall be in writing. Any such notice request or consent shall be deemed to have been
given or made when delivered in person to an authorized representative of the party to whom
the communication is addressed, or when sent to such party at the address mentioned in the
project specific Contract Agreement.
9.23 Limitation of Liability
The aggregate liability of the SP under this agreement, or otherwise in connection with the
services to be performed hereunder, shall be limited to two times of the contract value. The
preceding limitation shall also apply to liability arising as a result of the SP's fraud or willful
misconduct in performance of the services hereunder.
9.24 Deliverables
The selected bidder’s firm/company should have to submit deliverables in hard/ soft copy
(including editable soft copy); as desired by the DITEC.
9.26 Others
• The Bidder will need to coordinate and approach various agencies working under BSWAN,
ASDC and likes during course of providing the solution.
• The successful bidder is responsible to maintain documentation on the progress of the
work and will have to update the same on regular basis. Bidder will have to submit the
progress reports regularly, as per the guideline issued by GoA.
• GoA shall provide office space to the operational SP in its own premise during project
period (Phase 2). All other expenses related to transportation, consumables, stationary,
Page 55 of 66
telephone, food, snacks, etc. in case required, has to be completely borne by the Bidder as
part of Contract Agreement.
• Time is the essence of the Project and hence the bidder shall at all times maintain sufficient
manpower, resources, and facilities, to provide the Services in a workman like manner on
a timely basis. If required and to meet SLAs, the bidder shall pool additional resources to
ensurethat work is completed within defined time frame with no additional cost to DITEC.
10 Exit Management
10.1 Purpose
a) This clause sets out the provisions which will apply upon completion of the contract
period or upon termination of the agreement for any reasons. The Parties shall ensure
that their respective associated entities, in case of DITEC any third party appointed by
the DITEC and in case of the SP, carry out their respective obligations set out in this
Exit Management Clause. Exit Management criteria will be a part of Master Service
Agreement with detailed information about exit criteria and exit management plan.
b) The exit management period starts, in case of expiry of contract, or on the date when
the contract comes to an end or in case of termination of contract, or on the date when
the notice of termination is sent to the SP. The exit management period ends on the
date agreed upon by the DITEC.
c) The SPs shall pay all transfer costs and stamp duty applicable on transfer of project
assets except in case the Project is being terminated due to default of DITEC, GoA,
where DITEC, GoA shall be responsible for transfer costs and stamp duty, if any. For
clarification of doubt, transfer costs in this Clause relate to taxes and duties applicable
due to transfer of the Aadhar Authentication Framework project, if any. At the
beginning of the exit management period, the SPs shall ensure that:
1. All Project Assets including the hardware, software, documentation and any
other infrastructure shall have been renewed and cured of all defects and
deficiencies as necessary so that the Aadhar Based Authentication Framework
is compliant with the Specifications and Standards set forth in the RFP,
Agreement and any other amendments made during the contract period;
2. SP delivers relevant records and reports pertaining to the Aadhar Based
Authentication Framework project and its reports, concepts notes and
feasibility report including all manuals pertaining thereto and complete as on
the Divestment Date;
3. The SP shall comply with all other requirements as may be prescribed under
Applicable Laws to complete the divestment and assignment of all the rights,
title
and interest of the Aadhar Based Authentication Framework Project free from
all encumbrances absolutely and free of any charge or tax to DITEC or its
nominee
Page 56 of 66
10.2 Cooperation and Provision of Information
a) During the Exit Management Period:
I. The SP will allow DITEC or any third party appointed by DITEC, access to information
reasonably required to define the then current mode of operation associated with
the provision of the services to enable DITEC any third party appointed by DITEC to
assess the existing services being delivered;
II. Promptly on reasonable request by DITEC any third party appointed by DITEC, the
SP shall provide access to and copies of all information held or controlled by them
which they have prepared or maintained in accordance with the “Contract”, the
Project Plan, SLA and Scope of Work, relating to any material aspect of the services.
DITEC or any third party appointed shall be entitled to copy all such information.
Such information shall include details pertaining to the services rendered and other
performance data. The SP shall permit DITEC or any third party appointed to have
reasonable access to its employees/ facility as reasonably required by DITEC or any
third party appointed to understand the methods of delivery of the services
employed by the SP and to assist appropriate knowledge transfer.
Page 57 of 66
12 TECHNICAL PROPOSAL FORMS
The Director
Directorate of Information Technology, Electronics and Communications (DITEC)
Behind CM Block, Assam Secretariat
Guwahati: 781006
Dear Sir,
Sub: Selection of Agency for Supply, Commissioning, Testing, Integration and Operation and
Maintenance of Aadhaar Data Vault for AUA/KUA Project of Directorate of Information
Technology, Electronics and Communication, DITEC, Government of Assam.
We have examined the Tender and we offer to Design, Supply, Installation, Configuration,
Customization, Operations and Maintenance of Aadhaar based Authentication & e-KYC Software
comprising of AUA/KUA Platform with all requisite hardware and software as per the terms and
conditions and technical specifications spelt out, and in accordance with the schedule of prices indicated
in the commercial bid and made part of this offer/bid.
We confirm that the prices quoted by us in the "Financial Bid" are firm and shall not be subject
to any variation for the entire period of the contract
We agree to abide by providing warrantee for two years from the date of contract for Aadhaar based
Authentication & e-KYC Software comprising of AUA/KUA Platform with all requisite hardware solution.
Until a formal contract is prepared and executed, this offer, together with DITEC’s written acceptance
thereof and DITEC’s notification of award shall constitute a final, conclusive and binding contract
between us.
We also certify that the information/data/particulars furnished in our bid are factually correct. We also
accept that in the event of any information/data/particulars proving to be incorrect, DITEC will have the
right to disqualify us from the bid.
We understand that DITEC may reject any or all of the offers without assigning any reason whatsoever.
Any decision of DITEC in this regard shall be final, conclusive and binding on us.
The above arrangement is binding on our successors and assigns. We agree not to assign these provisions
Page 58 of 66
/ presents without prior written approval of DITEC.
Yours faithfully,
Company Name:
Seal:
Date:
Business Address:
Page 59 of 66
12.2 Form – 2: Declaration of Acceptance of Terms and Conditions in RFP
To,
The Director
Directorate of Information Technology, Electronics and Communications (DITEC)
Behind CM Block, Assam Secretariat
Guwahati: 781006
Sub: Selection of Agency for Supply, Commissioning, Testing, Integration and Operation and
Maintenance of Aadhaar Data Vault for AUA/KUA Project of Directorate of Information
Technology, Electronics and Communication, DITEC, Government of Assam.
Ref. No.:
Dear Sir,
I have carefully gone through the Terms & Conditions contained in the RFP document [No.
……………………………….] Regarding “Selection of Agency for Supply, Commissioning, Testing,
Integration and Operation and Maintenance of Aadhaar Data Vault for AUA/KUA Project of
Directorate of Information Technology, Electronics and Communication, DITEC, Government of
Assam” and hereby declared that all the terms and conditions in this RFP are accepted and
will be adhered.
Yours faithfully,
Company Name:
Seal:
Date:
Business Address
Page 60 of 66
12.3 Form – 3: General Information about bidders
Details filled in this form must be accompanied by sufficient documentary evidence, in order to verify the
correctness of the information.
SR.
DETAILS OF THE COMPANY RESPONSE
NO
A Name of Company
B Company Head Office and registered office address
C Telephone and Fax numbers
D Date of incorporation. Please enclose Company Registration
Certificate.
E Ownership structure (e.g. Proprietorship, Partnership, Pvt. / Pub
Ltd Company)
F Company Sales Tax Number, GST registration number, & Service
Tax number. Please
enclose supporting document.
G Company PAN & TIN number. Please enclose supporting
document.
H Please enclose financial accounts (Profit and Loss account and
Balance sheet for last three
financial years).
I Quality Certification Please enclose copies of Quality Certificates
(ISO 9000/9001 certification)
J List of Support Centers with addresses and phone numbers
K Total strength of the
Company.
Bifurcation:
• Installation Team
• Maintenance Team
• Support Team
• Any Other Teams
Page 61 of 66
12.4 Form – 4: Bidder’s Relevant Experience Certificate
Please provide information as per the criteria set so as to facilitate fair evaluation:
Start Date (Month/Year): Completion Date Approx. Value of Services (in Rupees):
(Month/Year):
Name of senior staff (Project Director / Coordinator, Team Leader) involved and functions performed:
Page 62 of 66
12.5 Form – 5: Particulars of key professionals
Present Employment
Length of Number of
Educational (Name of the
Sr.No Name Professional Eligible
Qualification Employer &
Experience Assignments
Employed Since)
Page 63 of 66
12.6 Form – 6: CV’s of key professionals
1 Proposed Position:
2 Name of Firm:
3 Name of Staff:
4 DOB:
5 Nationality:
6 Educational Qualification:
Work Experience:
7
8 Other Training:
10 Language
I, the undersigned, certify that to the best of my knowledge and belief, this CV correctly describes my
qualifications, and my experience. I understand that any willful mis statement described herein may lead
to my disqualification or dismissal, if engaged.
Yours Sincerely
Name:
Designation:
Seal:
Date:
Place
12.7 Form – 7: Power of Attorney for signing authorities
Know all men by these presents, we, (Name of Firm and address of the office) do
hereby constitute, nominate, appoint and registered. Authorize
Mr./MS………………………………………………….. Son/daughter/wife and presently residing
at……………….. …………………………………………………………..Who is presently employed with/
retained by us and holding the position of ........................................as our true and lawful
attorney (hereinafter referred to as the “Authorized Representative”) to do in our name and
on our behalf, all such acts, deeds and things as are necessary or required in connection with
or incidental to submission of our Proposal for and selection to work as Request for Proposal
(RFP) “Selection of Agency for Supply, Commissioning, Testing, Integration and Operation and
Maintenance of Aadhaar Data Vault for AUA/KUA Project of Directorate of Information
Technology, Electronics and Communication, DITEC, Government of Assam”, including but not
limited to signing and submission of all applications, proposals and other documents and
writings, participating in pre-bid and other conferences and providing information/ responses
to the DITEC, representing us in all matters before DITEC, signing and execution of all
contracts and undertakings consequent to acceptance of our proposal and generally dealing
with the DIT in all matters in connection with or relating to or arising out of our Proposal for
the said Project and/or upon award thereof to us till the entering into of the Agreement with
the DITEC.
AND, we do hereby agree to ratify and confirm all acts, deeds and things lawfully done or
caused to be done by our said Authorized Representative pursuant to and in exercise of the
powers conferred by this Power of Attorney and that all acts, deeds and things done by our
said Authorized Representative in exercise of the powers hereby conferred shall and shall
always be deemed to have been done by us.
IN WITNESS WHEREOF WE, THE ABOVE-NAMED PRINCIPAL HAVE EXECUTED THIS POWER OF
ATTORNEY ON THIS............ DAY OF ......................................... , Year For.............................
This is to certify that << COMPANY NAME >> is not blacklisted by the Government of Assam or
any of its agencies for any reasons whatsoever and not blacklisted by Central / any other
State/UT Government or its agencies for indulging in corrupt or fraudulent practices or for
indulging in unfair trade practices and not backed out from executing the work after award of
the work as on date ……………………
Name of Signatory:
Bidder Name:
Date
Place