5.2.3 The Service Provider will deliver Level 1 Support Services and Level 2 Support Services for ICT and voice users.

Transcription

1 1.1 Package 1: End User Support Services A Desktop Support Services Desktop support services consist of all that is required to configure, install, operate, maintain and manage the Department s desktop environment, which includes desktop equipment including, but not limited to desktop computers, laptop/notebook computers, PDA s, mobile computing and telephony devices, monitors, keyboards, pointing devices, multimedia peripherals such as speakers and microphones, printers, scanners, audio visual projection equipment, video conference equipment, network interface cards and cables and other peripheral equipment (e.g. tape drives, modems, printers and special equipment for people with a disability) The Department s desktop environment may change from time to time due to changes in technology or uptake of specific technologies by the Department. The Service Provider is required to support any equipment which is deemed by the Department to be desktop equipment The Service Provider will deliver Level 1 Support Services and Level 2 Support Services for ICT and voice users In general, other organisations will provide Level 3 Support Services through the maintenance contracts for the Department s hardware and Software. The Service Provider will manage the contact and liaison with the Level 3 service providers These desktop support services are required in relation to the Department s 785 Registered and Active Users. Some of the Registered and Active Users will be designated as priority users, requiring enhanced support services and extended support hours. The Department will supply and maintain the list of priority users The Department requires at least one member of the service desk staff to be located within the Department s main office at 38 Sydney Avenue, Forrest, ACT from 7am to 7pm on Business Days Service Levels detailed in this RFT are to be applied for all Registered and Active Users and across all platforms in all locations Tenderers are to include in their response to this RFT details of how they propose to provide support and meet Service Levels for: a) Registered and Active Users located in Canberra; b) Registered and Active Users located outside Canberra; and c) Priority users including those located outside Canberra Tenders which include on site support capacity and capability for the Digital Switchover Taskforce in Sydney will be considered favourably by the Department The Service Provider will also be required to undertake the following activities: a) Creating, updating and deleting user accounts;

2 b) Managing access controls in compliance with relevant policies, specifications and procedures, including the monitoring of security logs; c) Developing, implementing and maintaining directories, directory structures and naming conventions; and d) Restoring deleted files as requested From time to time some of the Department s Registered and Active Users may have a demonstrated business requirement for non-standard hardware and software platforms. In order to meet this requirement the Service Provider will install and support non-soe Software and hardware, through: a) Accepting requests for non-soe installations; b) Installing Software and hardware as required; and c) Supporting Users in relation to the hardware and Software Once non-standard hardware and Software has been fully tested and installed, it will be classified as standard hardware and Software and is to be fully supported by the Service Provider. The process for this is to be agreed during transition and documented in the Procedures Manual The Service Provider will deliver appropriate services through the use of remote monitoring, control and interrogation technology. The Department will provide screen sharing technology, remote control of end-user devices, remote Software distribution technology, and other remote access Services. B Standard Operating Environments (SOEs) The Department will be upgrading its desktop hardware and Software during the 2010 calendar year. The hardware refresh will apply to all networked and stand alone PCs and to some laptops which are unable to run the new platform. The Department will purchase the required hardware as well as software licenses which may be required to enable the refresh to proceed It is anticipated that, at a minimum, the following SOEs will be required to support the new hardware: a) Desktop networked; b) Desktop stand alone; and c) Laptop x 5 (see clause ) A new SOE for each of the platforms listed in clause is to be developed, and tested by the Service Provider Tenderers must provide separate pricing for the development and testing of the SOE as well as the roll out of the desktop equipment During contract negotiations the Department will advise the preferred Tenderer(s) of the timing for the proposed hardware refresh and SOE upgrades.

3 Tenderers should use the following information for planning purposes only and to provide appropriate pricing for this work: a) The SOE is expected to be based on Windows 7, Office 2007 and other Software products on the desktop; b) Development and testing of the SOE is to occur during contract Transition In period; and c) Roll out of the new equipment and SOE will be undertaken by the Service Provider within 6 weeks of the commencement of the contract The Department may at its absolute discretion, decide not to proceed with the Service Provider to develop and roll out of the new hardware and/or SOE outlined above During the term of the Services Agreement the Service Provider will be required to develop, test, roll out, maintain and update all SOEs for all Equipment in accordance with the Department s established procedures and change control processes From time to time the Department purchases new laptops to meet new or revised business requirements. Due to the rapid changes in technology/models associated with laptops, it is often difficult to acquire the same products as previously purchased. In these instances the development of a SOE for each laptop model is to be considered as business as usual (BAU) and developed by the Service Provider as part of the fixed monthly service fee Updates to existing SOEs will be undertaken as required during the term of the Services Agreement and will be managed using the Department s change control processes to ensure that all SOEs are meeting the Department s business, technical and security requirements and are aligned with the Software manufacturers current service packs and patches SOE roll outs, updates and maintenance are considered BAU activity and are to be undertaken by the Service Provider as part of the fixed monthly service fee The Service Provider will be required to develop, test and implement two new SOEs within the term of the Services Agreement to coincide with the Department s move to updated desktop hardware and/or Software platforms. It is envisaged that these updates will occur approximately 36 months and 54 months into the term of the Services Agreement (including option periods). The Department may exercise its right to have these two SOEs developed at any time or not at all, to meet its business, technical and operational requirements The development and testing of the new SOEs detailed in clause above is considered to be outside the scope of BAU services and will therefore be subject to a separate quotation prior to development. Unless the new SOE coincides with a hardware refresh, the roll out of the new SOE detailed in clause above is to be considered as BAU activity for the Service Provider and is to be undertaken in the fixed monthly service fee.

4 C Moves, Adds and Changes (MACs) The Service Provider is required to undertake moves, adds and changes for ICT and voice hardware and Software at any of the Department s sites as requested by the Department from time to time MACs which are able to be completed remotely are classified as Soft MACs and the costs of all Soft MACs are to be included in the fixed monthly service fee MACS which require the physical attendance of a support officer are classified as Hard MACs and are to be priced separately. The Department s ICT and voice environment has been established to allow users to easily move between workstations. Therefore, the Department anticipates requesting relatively few Hard MACs. Hard MACs are to be priced separately Some hard MAC requests may be received well in advance of their requirement being fulfilled. The process for undertaking hard MACs will be developed as part of the Procedures Manual during transition Where a Hard MAC has been requested which involves moving both the Registered and Active Users computer and telephone, this will be considered to be one Hard MAC and priced accordingly, even if the moves have been requested separately by the Registered and Active User. D Service Desk The Service Provider is required to manage and operate a single integrated service desk on departmental premises at 38 Sydney Avenue, Forrest ACT The Department has purchased and installed an IT Service Management Tool (EMC Infra) which will be utilised by the Service Provider to record all issues and requests received by the service desk The service desk operators are to be proficient in the operation of this Software prior to commencement of the Services Agreement. In their responses, tenderers are to include details of suitably trained or qualified operators who they intend to utilise for the service desk Departmental staff are able to work between the hours of 7am and 7pm Monday- Friday, excluding ACT Public Holidays. The Service Provider will ensure that the service desk is appropriately staffed during these times in order to meet required service levels. Note: Where there is a Public Holiday observed in the ACT, which is not observed in NSW, then the service desk must be staffed during that period (e.g. Canberra Day Holiday) in order to meet the required service levels The service desk provides a single point of contact for departmental Users and currently responds to calls, s and faxes from departmental staff and Users for the following services: a) All issues and requests relating to ICT infrastructure, corporate Software products and applications support services;

5 b) All voice issues and requests; and c) Facilities management issues and requests The service desk currently receives approximately 1600 calls per month The service desk will be accessible through various channels including telephone, , facsimile and web based portal Some of the Department s Users are classified as priority Users. Priority Users are to receive increased levels of support including at a minimum: a) separate priority phone number for accessing the Service Desk; b) shorter problem/incident resolution times; and c) access to 24/7 support Details of the support to be provided to priority Users will be finalised during transition and documented in the Procedures Manual All support requests received by the service desk will be entered into the ICT Services Management Tool and allocated a resolution group category by the operator. These categories will be defined by the Department from time to time. Where the category entered is for a resolution group other than the Service Provider, the ICT Services Management Tool will automatically hand off that request The service desk will respond to and resolve (or co-ordinate the resolution of) support requests from Users. The service desk will log support requests, provide immediate assistance, refer support requests to relevant third parties, monitor progress and report relevant details concerning service desk performance The Department requires as many ICT and voice requests as possible to be resolved on the first call. To achieve this outcome the service desk operators will need to be customer focussed, have a good understanding of the business structure, business operations, culture and technological environment of the Department The service desk operators are responsible for undertaking or managing Level 1 Support Services and Level 2 Support Services for ICT and voice related enquiries and requests for assistance from the Department s Users particularly: a) Identifying problems and assessing their severity based on established procedures, including determining whether the problem relates to: i. Components that are under warranty; ii. Applications supported through a specialised service desk; b) Assisting Users to solve problems, including: i. either remotely or face-to-face; ii. Resetting passwords; iii. Configuring and other systems to operate as required;

6 iv. Recovering deleted files; v. Fixing configuration issues for all desktop devices listed in clause 5.2.1; c) Logging service calls (including enquiries); d) Referring problems to other service providers (in accordance with documented escalation procedures) as required. When enquiries need to be referred to another service provider: i. Ensure all relevant information about the enquiry is passed to the service providers; ii. Co-operate with other service providers to achieve a prompt resolution to the enquiry; iii. Transfer telephone calls (or forward messages) as appropriate; and iv. Maintain records of the status of third party service providers actions to address service delivery problems. e) Accepting and implementing Hard MAC and Soft MAC requests; f) Escalating problems, in accordance with documented escalation procedures; g) Closing enquiries once the relevant User has confirmed that the enquiry has been resolved satisfactorily in accordance with agreed procedures; h) Maintaining up-to-date information about each problem or enquiry in a single information system that is provided by the Department: i. The Department is to have unlimited read-only access to all the Department related information in the system, in order to investigate and review service desk performance as well as for infrastructure performance purposes; ii. Specialist service desks within the Department will be able to create, read and update service request records relevant to their own operations in the ICT Services Management Tool; iii. The Department requires access to the information in the IT Service Management Tool during the Services Agreement period and after the Services Agreement expires; iv. Separate reporting of the performance of each resolver group will be required through the IT Services Management Tool; v. The IT Service Management Tool provides access to information concerning end-user hardware and software assets. This information will need to be entered and maintained by the service desk personnel; i) Communicating with Users about the progress of their service requests, or allowing Users to access status information through the portal; and j) Providing suggestions and recommendations to the Department concerning:

7 i. Enhancement of the problem management processes; ii. Proactive problem identification and prevention; and iii. User training requirements. 1.2 Package 2: Midrange Services A General Requirements The Department s midrange infrastructure is managed and operated using a combination of virtual-machines (VM) and physical servers. Further server rationalisation will be ongoing for the duration of the Services Agreement to enable the Department to operate more efficiently and assist with cost reduction and environmental commitments The Department owns its midrange hardware and currently operates approximately 115 servers, a third of these being VM and the remainder physical servers The Department operates four separate IT environments which are: a) Production; b) Test; c) Development; and d) Disaster Recovery The Service Provider will deliver the ICT Managed Services to meet the Service Levels across all environments. However, Service Incentives and Service Credits will only apply to the production, test and Disaster recovery environments The Service Provider will support, administer, operate and manage its infrastructure services and application servers, and database administration across all environments. This includes, but is not limited to: a) Network servers and associated services; b) Network file servers and storage infrastructure and associated services; c) Network print servers, network and personal printers, and associated services; d) Application servers including database administration; e) Remote access and mobile computing infrastructure and associated services; and f) Backup and recovery services and schedule of data and applications These Services will be provided in accordance with the Department s policies and procedures and documented in the Procedures Manual. B Infrastructure Services and Application Servers

8 5.3.7 The Service Provider is responsible for all aspects of infrastructure services and application server support, administration, operation and management in order for the Department to achieve its business goals The Service Provider s responsibilities include, but are not be limited to: a) Supporting, administering, operating and managing the Department s current and future application servers and infrastructure requirements; b) Investigating, reporting and resolving abnormal program terminations on application servers; c) Performing scheduled and emergency system maintenance; d) Performing server start-ups and shutdowns; e) Supporting, administering, operating and managing data transfers between the Department and external entities; f) Resolving problems, and responding to queries; g) Creating, updating and deleting administration and service user accounts specific to application servers; h) Development, documentation, maintenance and testing of disaster recovery plans; i) Server Software to be maintained at version n-1 unless otherwise specified by the Department; j) Assist in further rationalising of the server fleet to migrate servers to a VM environment; k) Monitor and proactively manage the storage infrastructure to ensure the capacity and performance limits are not breached; and l) Monitor the output from the UPS and environmental power devices and action alerts. C Database Administration The Service Provider is responsible for: a) Installation, maintenance, tailoring, support and monitoring of database Software; b) Database backup, rollbacks, and recovery; c) Developing, documenting and implementing relevant procedures; d) Optimising performance of database systems (i.e. re-indexing, rebuilding, defragmentation, reorganisation, tuning, periodic maintenance activities); e) Managing the databases use of data storage facilities; f) Providing production, test and development environments as specified by the Department;

9 g) Detecting and correcting performance and integrity problems; h) Implementing and supporting data dictionaries in accordance with the Department s requirements; i) Assisting Users with data extraction tasks, including the development of custom queries, views and reports; j) Consulting with application developers concerning data access issues; k) Creating and supporting database routines (e.g. exits) as required; l) Assisting application developers test their applications; and m) Manage User and system access controls, including: i. creating, updating and deleting access privileges; and ii. D Data Backup and Restore monitoring security events and logs The Service Provider will manage the backup of all data concerned with the Services they provide, and the restoration of that data (as required). The Service Provider must: a) Be capable of restoring the data concerned with the Services they provide that was backed-up prior to the Handover Date; 1 and b) Keep confidential any non-departmental data that resides on the backup media that exists at the Handover Date. E Data management In order to meet the Department s business requirements, optimise system performance and ensure compliance with the Department s obligations, the Service Provider is required to develop, document and implement data management plans for the Services they are managing. 1.3 Package 3: Voice Services A Overview The Department s voice infrastructure is comprised of several services including a voice over IP solution (integrated with the network s source directory), online facsimile and voic , ADSL, and analogue services. The switchboard operation and service desk telephone functionality operates internally utilising this voice infrastructure. B Technical and administrative support 1 For example, the Service Provider will be responsible for restoring LAN data that was backed-up prior to the Handover Date.

10 5.4.2 The Service Provider will manage, operate and support the hardware, Software and resources for the voice infrastructure and associated services. This includes, but is not limited to: a) PABX/server, handsets and other associated telephony hardware; b) Cabling to connect voice infrastructure, handsets and associated devices (excluding building cabling); c) Management console, switchboard and service desk configuration, soft-phone and other associated telephony Software; d) System software to be maintained at version n-1 unless otherwise specified by the Department; e) General voice communications functionality including outbound, inbound and internal calls, call transfers, call hold, after hours message recording; f) Call groups, group hierarchies and access controls; g) Online and analogue facsimile infrastructure; h) Voic services and network integration; i) Video and audio conferencing and unified communications services; j) 1300/1800 number requests and configuration; k) Paging services and automated messages for network monitoring; l) Active Directory integration Software; m) Backup and recovery of the voice infrastructure and data; n) Fault resolution management; and o) Support of GVIN (Government Voice Integration Network) infrastructure and services The Service Provider is required to work co-operatively with external carrier and service providers for provisioning of new services, upgrades to existing services and fault resolution. C Switchboard Operations The Service Provider is responsible for switchboard operations located at Department s head office at 38 Sydney Avenue Forrest ACT. The switchboard is the first point of contact into the Department and requires a professional level of service and commitment, with strong customer focus and knowledge of the business and organisational structure The switchboard is required to operate between 8:30pm and 5:00pm Monday Friday excluding ACT public holidays (with at least one member of staff operating the

11 switchboard between these times) and is required to undertake, as a minimum, the following activities: a) Receive and respond to all incoming calls to the Department s switchboard; b) Receive and respond to all queries and requests; c) Transfer calls to departmental personnel as required; d) Establish external call on behalf on departmental personal who are unable to complete required calls unassisted; e) Identify and respond to any security issues raised to the switchboard; and f) Arrange teleconference services through external providers as requested by departmental personnel The switchboard also provides remote backup for incoming calls to the Department of Prime Minister and Cabinet (PM&C) switchboard. These services are provided on an as required basis several times per day. 1.4 Package 4: Network Services A Overview The Service Provider will manage, administer, operate, support and maintain the Department s network services infrastructure to provide reliable, secure and appropriate network services to meet the Department s business requirements The Department s network is currently certified to, and operating at, the level of Protected. The Service Provider must undertake all activities and tasks required to manage and maintain the network to this level of security certification. B Requirements The Service Provider will manage, operate and support the Department s network communication links into, throughout and between all locations. This includes, but is not limited to: a) Local area network (LANs) and Wide area network (WANs) and associated data, fibre and ICON services; b) Network operating systems and associated services; c) Cabling (but not fixed building cabling), hubs, routers, bridges, patch panels, patching and other LAN/WAN-related Equipment and resources; d) Data telecommunications links and associated termination Equipment; e) Secure data telecommunications links to the Minister s office and associated termination Equipment; f) Configuration and monitoring firewalls;

12 g) Load balancing within the network environment and adjusting network topology to optimise network performance as required; and h) Managing access controls in compliance with relevant policies, specifications and procedures. 1.5 Package 5: Cross Platform Services A Overview This package covers the Services required by the Department which are applicable across all of the ICT and voice Services platforms in the Statement of Requirements It also covers Additional Services which may be requested by the Department from time to time The Service Provider will manage, operate and support cross platform services to ensure ICT and voice Services are delivered and maintained to meet the Department s business requirements including advice concerning the availability, capacity and performance of the existing services, and suggestions regarding ongoing management and improvements Unless otherwise specified all components of cross platform services are to be included in the fixed monthly services fee. B Business management and administration The Service Provider will provide documentation in a format agreed by the Department on all processes, procedures and other service delivery and operational functions including, but not limited to: a) Developing, documenting, implementing and maintaining a Procedures Manual to detail the processes and frameworks for all Services outlined in this RFT; b) Developing, documenting, implementing and maintaining work instructions (technical and administrative); and c) Developing, documenting, implementing, maintaining and testing of ICT disaster recovery plans The Service Provider will assist the Department implement its strategic plans, and to ensure that the Services provided under the Services Agreement are aligned with the Department s business strategies The Service Provider will cooperate in the development, documentation and implementation of procedures concerning administrative and electronic interfaces between the Service Provider, the Department and other 3rd party providers. C Reporting The Service Provider will provide regular reports to the Department regarding the operation of the Department s ICT and voice infrastructure and services. The reports,

13 in a format agreed by the Department, will be accurate, clear and concise, and are to include a brief description and text as well as graphical charts and other visual measures The Service Provider is responsible for developing and meeting all reporting requirements which relate to the provision of the ICT Managed Services including, but not limited to: a) Reports relating to delivery of services, including the monthly service delivery report; b) Reporting against service level achievements; and c) Other reports required from time to time The Service Provider will prepare a monthly service delivery report and deliver it to the Department s nominated representative by the 15th calendar day of each month. The content and format of the report will be agreed between the Service Provider and the Department during transition, but as a minimum, will include: a) Summary and detailed analysis in relation to all agreed Service Levels against each package; b) Summary and detailed analysis concerning matters referred to level 3 support providers; c) Status for projects and other non-bau tasks; d) Summary of security and system logs, and health-checks of the infrastructure and Services; e) Security-related activities and incidents; and f) Backup schedule and log The Service Provider must be able to provide ad hoc reports on network, service, user, security and/or other information as requested. These will be provided within the fixed monthly service fee Further details regarding the reporting requirements will be confirmed at the time of transition. D Resource management The Service Provider will ensure that resources are managed effectively to guarantee the delivery of service as outlined in this RFT, and the provision of specialist resources as requested by the Department The Service Provider will appoint a full time on-site service delivery manager to lead the on-site team. This position is a key role as it will be the Service Provider s primary on-site representative managing the relationship with the Department as well

14 as ensuring the ICT Managed Services remain customer focused and meet or exceed required service levels The Service Provider will ensure that sufficient staff are available outside standard working hours to undertake any work required to support or maintain the Department s ICT and voice Services infrastructure and equipment, including scheduled maintenance windows and to provide after hours support for priority Users. E Change Management The Service Provider will manage the Department s Change Management process in conjunction with the Change Advisory Board (CAB). Tasks include, but are not limited to: a) Record, register and prioritise all Requests for Change (RFC s); b) Assess the benefits, cost and impact of RFC s; c) Assess the risk posed by the change to the Department s business continuity and ensure appropriate risk mitigation strategies are identified; d) Ensure all pre-requisites to implementing changes in the Department s production environment have been met; e) Assess the resource requirements of each change and assign suitably skilled personnel; and f) Schedule the implementation of all changes in collaboration with the CAB All changes are to be recorded, tracked and reported through the Department s IT Service Management Tool. F Configuration and Equipment Management The Service Provider will manage the configuration and Equipment registers to ensure the Department s infrastructure assets and their configuration are known and accounted for. This information is to be recorded and managed within the Configuration Management Database (CMDB) module within the Department s IT Service Management Tool and is to contain information on the hardware, software and systems relevant to the Services it is committed to provide Data from the equipment register is used for equipment tracking purposes as well as being uploaded into the Department s asset register from time to time. As this data forms part of the Department s overall asset management framework the information must comply with appropriate legislation, the Department s Chief Executive s Instructions and other government policies. This includes, but is not limited to: a) Collecting, entering and administering Equipment and configuration information of hardware and Software as it is implemented. As a minimum, the following information to be stored is: i. Hardware: 1. Description;

15 ii. Software: 2. make, model and serial number; 3. acquisition date; 4. configuration details; 5. warranty/maintenance period, provider and associated details; 6. service history; 7. Departmental barcode or asset identifier (if applicable); and 8. User and location; 1. Software title and version; 2. vendor; b) The Service Provider will: G Customer Satisfaction Surveys 3. licence/product key; 4. licence period and number of licences; 5. maintenance period, provider and associated details; 6. Departmental barcode or asset identifier (if applicable); and 7. User and location; i. Ensure the CMDB is up to date at all times; ii. Perform annual audits of the infrastructure configurations, compare these against the information in the CMDB and correct any exceptions; iii. Ensure compliance with licensing, warranty and maintenance arrangements and requirements; and iv. Provide reports and assistance on the configuration and assets as required The Service Provider will develop and distribute a customer satisfaction survey to ensure a high level of service and client relationship management is maintained. These surveys as a minimum will be conducted as follows: a) Monthly automated electronic survey for all users who have utilised the services provided by the Service Provider within the previous month; b) The Service Provider will provide the results of these surveys in the monthly service delivery report. The format of the surveys and the reporting requirements will be determined between the Department and the Service Provider during transition. H Training services

16 The Department engages approximately new starters per month. The Service Provider will provide one-on-one induction training to new Users as part of the coordinated induction process. The training will be provided on the new User s 1st day with the Department, except where the User declines the training or requests it to be conducted at a later date The one-on-one induction training is expected to run for a minimum of 30 minutes at each User s desktop and include, but not be limited to: a) basic desktop familiarity including printer connections; b) details of departmental directory structures; c) ICT security including password management; d) Telephone/voice services familiarity; and e) printed instructions/cheat sheets for the above Tenderers are to provide details of how they will present this training as well as the qualifications and experience of the staff who would be undertaking the role Provision of one-on-one induction training is to be undertaken as part of the fixed monthly services fee The Service Provider may be requested to provide additional training programs and documentation to the Department s Users. The training and documentation must assist Users to maximise their business efficiency and effectiveness through better use of the available ICT and voice facilities. The Service Provider may be asked to design and develop training programs and material, and present the training programs, as specified by the Department Training programs and documentation may address: a) Components and/or changes to the SOE; b) Voice system functionality; c) IT service management tool; or d) Other topics as requested The Service Provider will make maximum use of the Service Provider s own existing training materials and resources in order to minimise training program development costs to the Department The Service Provider will be able to deliver training programs efficiently, with minimal preparation time required for each program delivered Requests for additional training services will be the subject of quotation processes. The Service Provider is expected to quote for these services based in accordance with the Services Agreement. Pricing will be calculated based on the tendered Additional Resourcing pricing table in the Pricing Schedules.

17 The Department is not obliged to accept the Service Provider s quote for any Additional Services and may, at its absolute discretion engage another provider or choose to undertake the work in-house. I Business Continuity The Service Provider will ensure that there are no unplanned interruptions to existing services before, on or after the Handover Date. Processes regarding planned interruptions and contingencies are to be documented in the Procedures Manual The Service Provider will ensure it has a clear understanding of the Department s business continuity strategy and assist in managing ICT and voice services (including the disaster recovery environment) in conjunction with it. J Security The Service Provider will provide secure services to meet the Department s security requirements regarding availability, integrity and confidentiality, and comply with ISM (Information Communications Technology Security Manual), PSM (Commonwealth Protective Security Manual) and other government security policies and guidelines. Documentation will be developed by the Services Provider to specifically address the measures that the Service Provider will implement to protect assets, detect security problems and recovery from Security Incidents In order to prevent, detect and recover from computer viruses, trojans, worms and other malicious software, the Service Provider will develop, implement and maintain a virus management plan. The plan will specify: a) What virus detection and recovery systems are to be used; b) How the virus management tools are to be kept up-to-date (for all servers and Users, including remote Users); c) How responses to virus infections will be managed; d) How virus management system effectiveness will be measured, monitored and reported; e) Management of other malicious software or activities; The Service Provider will be required to: a) Monitor end-user activity for non-compliance with departmental policies b) Report instances of suspected non-compliance c) Provide technology that allows departmental security officers to review the activity of Users (without alerting the user that the monitoring is occurring) d) Provide logs of user activities to support security investigations by departmental security officers.