1 / 15

The RFP Process

The RFP Process. 2011 PROCU Conference Leonard Gzesh. THE RFP Process. A Request For Proposal (RFP) is generally issued at an early stage in the procurement process where an invitation is presented to vendors to submit a proposal on a specific product and/or service

tekla
Télécharger la présentation

The RFP Process

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The RFP Process 2011 PROCU Conference Leonard Gzesh

  2. THE RFP Process • A Request For Proposal (RFP) is generally issued at an early stage in the procurement process where an invitation is presented to vendors to submit a proposal on a specific product and/or service • The RFP process brings structure to the procurement decision and is meant to allow the benefits, risks and costs to be clearly identified upfront

  3. THE RFP Process • The RFP is only one component of the overall due diligence process when reviewing potential vendors • Before starting vendor due diligence and the RFP, review NCUA Letter to Credit Unions No. 07-CU-13 (dated December 2007), and its enclosure, NCUA Supervisory Letter No. 07-01 (dated October 2007) both with the subject line of “Evaluating Third Party Relationships”

  4. THE RFP Process • “Yeah, yeah, okay Lennie; where’s the meat & potatoes?” “What goes in the RFP?”

  5. THE RFP Process Section 1 – STRATEGIC DIRECTION • OVERVIEW – Brief paragraph on your credit union or CUSO (herein, CU shall mean either credit union or CUSO) including name, quick history, where located, serving who, how many members and/or households, number of locations, asset size, type of charter, etc. • PURPOSE OF RFP – Who/what the CU currently uses (if applicable); explain how the current process or product provides benefits (if applicable) and why the CU seeks a new or a different solution. List the high-level strategic requirements the CU is seeking in a bulleted manner unless you wish to number them in a prioritization from most important to least important

  6. THE RFP Process • Section 2 – Administrative Requirements • Introduction – Name and contact information on the contact person at the CU regarding the RFP • Schedule – All dates to include: release of RFP, RFP response Proposal due date, selection of finalists, vendor presentations (at vendor and/or CU), selection of vendor, contract finalization • Primary Contractor Responsibility – Mandatory that if vendor outsources and/or procures products/services from other vendors, the primary RFP vendor will provide all other required information/documents, etc. from “sub-contractor vendors” and act as an aggregator for the entire solution

  7. THE RFP Process • Proprietary Material – Mutual Confidentiality Agreement(s) between CU and vendor on all proprietary information and “trade secrets” to also be binding on “sub-contractor vendors” of primary vendor; proprietary information should be marked as such in the RFP and the vendor’s subsequent Proposal • Rejection of Proposal – CU reserves the right to reject the Proposal at any time without reason or cause and without any penalties - monetary or otherwise • Incorporation of RFP and Information in Contract – The RFP, its appendices and amendments, and all promises, warranties, commitments and representations made in the Proposal shall be binding and become part of the contractual obligation

  8. THE RFP Process • Proposal Format – Vendor will be required to complete all tables, questions, and user requirements requested in the RFP • RFP Evaluation Requirements • Functionality: As demonstrated by vendor’s response to CU’s requirements in RFP • Technical Architecture: Vendor’s systems and compatibility with CU’s systems • Vendor Strength: Vendor’s management’s approach, expertise and capability as described in Proposal • Risk: Vendor’s ability to mitigate technological, conversion, operational and other applicable risks • Financial Specifications: Vendor’s financial strength, stability, flexibility, and ability to withstand economic downturns

  9. THE RFP Process • Section 3 – Vendor Information & CU Requests • General Information (for vendor to complete) - Company name, address, general contact information, website address, specific contact’s name & title & his/her contact info • Vendor company overview, major products/services, other companies/entities the vendor owns or is owned by, etc. • Vendor’s mission, vision and overall strategy • Length of time in business? Time offering this particular product/service? • Vendor’s Annual Reports or financials, audited if possible • Publicly traded? What is ticker symbol, what exchange traded on and when did company go public? • What is future direction of vendor’s products/services and how will that benefit CU? • Total customers? Customers acquired in last one-, two- and three-year periods?

  10. THE RFP Process • Customers (preferably CUs) vendor has that are similar in size, scope, and business model of CU providing RFP? • Any awards, media articles, independent benchmarking or independent assessments of vendor’s products/services? • Vendor’s number of employees? Org Chart? • Does vendor sponsor conferences, seminars, workshops, etc., to enhance best practices when using/selling its products/services? • Is vendor SAS-70 Type II or equivalent certified? (Please provide copy of certification.) • Applicable warranties or guarantees from vendor? (Product related and/or service related to include Service Level Agreements and potential vendor penalties if vendor’s Service Level Agreements are not met? Any gross and/or net revenue guarantees to CU?) • Describe training process in detail: who, where, when, how often, how/when do you train new employees hired by CU, etc.? Can training be customized for CU?

  11. THE RFP Process • What is revenue payment schedule to CU? • What tracking reports provided to CU? Can they be customized for CU? Can they also be individualized down to a branch(es), other location(s), department(s), division(s) or individual employee(s) level at CU? Note: This is very useful for sales tracking, promotions, recognition awards, contests, etc. at the CU. • What is/are the distribution channels for this product/service the vendor can and will support--face-to-face, website, Skype, audio/video kiosk, telephone, mobile applications, etc.? Does vendor support e-statement, 24/7 info such as market values of investments, electronic signature of all (or some) documents to purchase product/service, i.e., what can be done anywhere & anytime and what can’t? • Is the product/service scalable? • Can the product/service be personalized by the CU or the CU’s members?

  12. THE RFP Process Section 4 – Product/Service Information • Here is where CU lists everything the product/service must do/meet the needs of, etc. and vendor responds on each and every requirement (this is where a table works well). List functional, administrative, reporting and technical requirements as applicable. • How does product/service meets needs of CU? • What are the hardware/software requirements? • Pricing: Per transaction, or monthly fee, or one-time software purchase, or other, or a combination of these? • Implementation timeline at CU?

  13. THE RFP Process • Section 5 – Security Considerations • Vendor must describe in detail how the products/services and vendor maintains compliance with all state, federal, applicable regulatory entities, and organizations having jurisdiction over the vendor, the vendor’s industry, the products/services, etc. Has the vendor or the vendor’s subcontractors ever been fined, sanctioned, or otherwise admonished for any violations? • Does vendor have a written Information Security Program/Policy (include copy with the Response)? • Does vendor have a written risk management program and if yes, is it updated at least annually?

  14. THE RFP Process • Is all data encrypted both in databases and in transit? Describe methods that Non-Public Personal Information (NPI) is protected. Has a breech ever occurred (provide details). • Does vendor have written Business Continuity Plan and/or Disaster recovery Plan? Is it tested at least annually and can we see copy of most recent results? • Describe compliance (methods, processes, oversight, testing, audits, etc.) with the provisions, laws and regulatory requirements of GLB, FinCEN, BSA, AML, OFAC, etc.

  15. THE RFP Process Some Final Thoughts……. • The NCUA and states’ DFIs are mandating and auditing credit unions for vendor due diligence “up front” as well as their ongoing review of existing vendors and business partners (suggested annually) • The NCUA wants to have the regulatory jurisdiction to audit CUSOs, too • There is no such thing as “set it and forget it” with vendors you are currently using. You must demonstrate ongoing oversight and replacement if warranted • The RFP, as part of your robust due diligence effort, will help you identify the business partners your credit union or CUSO will be best served by today and tomorrow……. “Measure twice and cut once!”

More Related