Requirement Importance

·         The vendor must be a company based in the United States Must Have

·         The vendor resource(s) to be assigned to this project must be citizen(s)

Must Have
of the United States
·         The vendor System Admins must hold an IT level 1 privileged access
Must Have
clearance

·         The vendor must provide a cloud based Application Platform as a

Must Have
Service (aPaaS)/Software as a Service (SaaS) solution on a single platform 

·         The vendor must have current IT Level 4 or 5 FedRamp + Certification

Must Have
and DoD Provisional Authorization (PA).

·         The software must be 508 Compliant within DoD standards and
Must Have
regulations and provide verification documentation

·         Include live chat and messaging functions for groups and/or individuals Must Have

·         The vendor must provide CAC authentication and user name/password
Must Have
access
·         The vendor must enable all capability for mobile computing on Android
Must Have
and Apple
·         Software must provide a platform which allows for thin client browser
Must Have
based access for global user base

·         Software must provide for Role Based Access Control Must Have

·         Software must support Single Sign On technologies which allows for
Must Have
integration of SAP and non-SAP applications
·         Software must support Extended Search capabilities and support for
Must Have
external search engines/providers

·         There will be no license requirements for self-service user requests Must Have
 Fit/Gap Assessment (Vendor Response Fields)
Configuration Customization
Out-of-the-Box Gap
Required Required
ponse Fields)

Vendor Comments
Government Evaluation
 Requirement

(Ex.) Requirement A

(Ex.) Requirement B

(Ex.) Requirement C

5.3. EaPaaS Platform - General Use Case Requirements (See SOO Section 5.3 for
details)
6.3.1. Use Case 1: Extending SaaS Applications.
6.3.2. Use Case 2: Replacing and Modernizing Legacy Applications.
6.3.3. Use Case 3: Departmental Applications and Team Workflow.
6.3.4. Use Case 4: Composite Applications.
6.3.5. Use Case 5: Mobile Applications and Websites.
6.3.6. Use Case 6: Experimentation and Prototyping.
X.1  Development Platform Requirements
X.1.1        Support for custom applications. Support for the development,
deployment and operation of custom applications. aPaaS/SaaS offerings
should support “born on the cloud” or “cloud native” applications that are
able to take full advantage of the scalable, elastic and distributed
capabilities of cloud infrastructure. Capability should be achievable without
the application developer having to write special code to take advantage of
these capabilities.

X.1.2        Provision of runtime environments. Each runtime environment

supports either one or a small set of programming languages and
frameworks – for example Node.js, Ruby and PHP runtimes. Supports a
range of runtime environments, rather than just one or two. Enables
developers to choose the most appropriate technology for the task in hand.

X.1.3        Rapid deployment mechanisms. Provide developers and operators

with a “push and run” mechanism for deploying and running applications –
providing dynamic allocation of resources when the application code is
passed to the SaaS via an API. Configuration requirements are kept to a
minimum by default, although there is the capability to control the
configuration if required – for example, controlling the number of parallel
running instances of an application in order to handle the anticipated
workload or to meet resiliency goals.
X.1.4        Support for a range of middleware capabilities. Allows for the
provisioning of a broad range of application infrastructure (“middleware”)
that supports a range of capabilities. One is database management, with
both SQL and NoSQL database technologies provided. Other capabilities
include integration services, business process management, business
analytics services, rules engines, event processing services and mobile back-
end services.

X.1.5        Provision of services. Support for the application developer

consisting of more than just middleware – many capabilities are provided as
a series of separate services, typically invoked via an API of some kind.
Services are installed and run by the provider of the service, removing
responsibility from the cloud service customer. For example, in the case of a
database service, the responsibility for ensuring availability and reliability,
for having replicas and backups of the database data, for securing the data
and so on all falls on the service provider. Provider services are an essential
concept in reducing the effort and complexity in building software systems –
rather than having to install and manage some potentially complex set of
software, get the capability off-the-shelf from the provider who is expert in
installing, configuring and managing the necessary software.

X.1.6        Preconfigured capabilities. Robust set of capabilities that are

preconfigured by the provider, with a minimum of required configuration
available to developers and customer operations staff. This reduces
complexity, increases productivity and lowers the potential for unexpected
problems, with capabilities simpler to manage and easier to debug.

X.1.7        API Management capabilities. Support business applications need

to expose some capabilities via APIs (“the API economy”). In some cases,
this is required by the nature of the user interface to the application –
mobile apps usually need an API so that while operating independently of
the business application, they can access data and transactions when
required. In other cases, part of the business solution is to enable other
parties (partners, customers, suppliers) to integrate their own business
applications with those of the enterprise – this integration is done via an
API. Providing an API requires a level of control, so that only authorized
users can access the API and each user can only access those capabilities for
which they have permission. Offering an API requires some amount of API
Management.
X.1.8        Security capabilities. Provide built-in security capabilities,
therefore reducing the load on developers and operators to provide and
manage these capabilities. Capabilities include firewall, endpoint
management, secure protocol handling, access and authorization,
encryption of data in motion and at rest, integrity checking, etc. SaaS
systems can offer these capabilities with minimal or no impact on
application code, simplifying the programmer’s tasks.

X.1.9        Tools to assist developers. Supports unified and streamlined

development and operations for systems – in other words, support DevOps
by breaking down the divisions between development and operations that
have commonly existed for in-house systems. System shall assist the
application lifecycle by providing development tools including code editors,
code repositories, build tools, deployment tools, test tools and services and
security tools. It is also common to find a set of application monitoring and
analytics services, including capabilities such as logging, log analysis and
app usage analytics and dashboards.

X.1.10    Operations capabilities. Provides operators assistance through

operations capabilities both for the applications and for the SaaS system
itself, via dashboards and commonly via APIs that enable customers to plug
in their own operations toolsets. So, for example, capabilities to increase or
decrease the number of running instances of an application are common (to
deal with varying application load), in some cases handled by automated
services that vary the number of instances based on a set of rules
established by the customer operations staff.

X.1.11    Support for porting existing applications. Supports porting of

existing applications to the SaaS environment with resulting business
benefits. SaaS environment should closely match those available on existing
non-cloud middleware stacks. Ported applications should function correctly
without undergoing modifications.

X.1.12    Graphical definition of business application logic for model-driven

development: The environment allows the creation of application logic and
user interfaces on a canvas, using a highly graphical and structured
approach. This what you see is what you get (WYSIWYG) approach is
similar to prior generations of 4GL technologies and is critical to the
usability for less technical citizen developers.

X.1.13    Model integrity checking: Data and application models should

remain consistent and be automatically checked for changes. An impact
analysis should be part of the automated checking process.

X.1.14    Web API mashups for model-driven development: The

environment allows programmers to configure access to external web APIs
and to host mashups that consume those web APIs. These mashups can
connect cloud services, web APIs and on-premises resources together.
X.1.15    Graphical process orchestration for model-driven development:
The environment allows programmers to sequence and orchestrate
workflow, events and services using a graphical model. The environment
should allow the user to automate and orchestrate these workflows across
external business applications and cloud services. This capability is similar
to what some packaged workflow and business process management (BPM)
platforms offer, and it may be positioned as such by the SaaS provider.

X.1.16    Graphical data design for model-driven development: The

environment allows programmers to create data schemas graphically using
no code. It should also support the graphical modification of existing
schema (such as those created by a business data import). In addition, the
environment should enable the user to integrate with BI systems to create
data visualizations and reports using these data models.

X.1.17    Business data import for model-driven development: The

environment supports building new applications from data that is imported
from commonly used business productivity tools. For example, the platform
should enable customers to create a draft data model from a spreadsheet
table.

X.1.18    Responsive application UI for model-driven development: The

environment generates responsive web UIs that support a wide range of
device types and form factors. In effect, it supports the creation of web UIs
that are optimized for both mobile device environments and traditional
desktop web browser environments
X.1.19    Cross-platform mobile app development: The platform supports
leveraging device functions, instant testing and building deployable
packages for hybrid apps.
X.1.20    Model-driven metadata exportability: All metadata pertaining to
authored applications is exportable. It may not be of a standard nature, but
it is accessible, and if the provider of the SaaS offers an on-premises-
suitable PaaS/SaaS framework, the metadata could be imported and run
there by the customer.

X.1.21    Model version control: Version history is supported for at least the
previous five versions of any code metadata in the application. This version
history extends to the web APIs that are created and/or generated by the
platform. Version control management should include branch creation,
visual diff tools, merging assistance and recommended ways to implement
application life cycle management.
X.1.22    Internationalization: All generated interfaces and textual messages
should be inter-nationalizable (following the i18n standard).
X.1.23    Support for consuming custom-built API services: The
environment should make it easy for users to discover and consume API
services hosted on the SaaS that have been developed by other teams as
building blocks for their applications.

X.1.24    Ease of Use/Configuration Capability: The low code capability

should allow basic use cases to be satisfied with no code at all. Forms/fields,
workflows and document flow, as well as reports should all be able to be
easily configured by functional users. The ease of meeting requirements
through user friendly configuration is critical in the selection of the
capability. While it is understood that some code may be required to satisfy
a business case as complex as G-Invoicing the low code capability should
allow for the majority of requirements to be satisfied via configuration.

X.1.25    User Base (Internal and External): The low code platform needs to
be able to scale to support thousands of users who participate in multiple
business cases.
 Fit/Gap Assessment (Vendor Resp
Configuration Customization
Importance(Score) Out-of-the-Box
Required Required

Should Have (X) X

Should Have (X) X

Like to Have (X) X

(Blank)

(Blank)
(Blank)
(Blank)
(Blank)
(Blank)
(Blank)
(Blank)

(Blank)

(Blank)

(Blank)
(Blank)

(Blank)

(Blank)

(Blank)
(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)
(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)
(Blank)

(Blank)

(Blank)
ssessment (Vendor Response Fields)

Gap Vendor Comments

Vendor's descretion on how your Product/Service meets

or exceeds the stated requirement.
Vendor's descretion on how your Product/Service meets
or exceeds the stated requirement. Vendor must indicate
the type of configuration changes that must be
completed to meet the stated requirement.
Vendor must indicate Residual Gap with Configuration
X
or Customization chnages.
Government Evaluation
 Requirement

(Ex.) Requirement A

(Ex.) Requirement B

(Ex.) Requirement C

6.4.1.     Business Intelligence
The ability to provide data analysis of historical, current and predictive views of business
operations. Specific business intelligence required functions are reporting, online analytical
processing, analytics, data mining, process mining, complex event processing, business
performance management, benchmarking, text mining, predictive analytics and prescriptive
analytics.
6.4.2.     Human Resource Management
6.4.2.1.       Account for Personnel. This capability is associated with accounting for time,
absence, and labor, performing leave and absence administration, and managing personnel
casualty and Line of Duty (LoD) determination process.

6.4.2.2.       Administer Grievance Process. This capability is associated with initiating,

processing, resolving and documenting a formal complaint related to co-worker/peer or
management actions in regard to an Employee or Member (e.g., administrative grievances,
sexual harassment complaints and Labor / Union grievances). This capability may include
(but not be limited to) determining the type of grievance, and providing a resolution on the
grievance. This capability is also associated with requesting accommodation, determining
accommodation needs, and putting reasonable accommodations into place.

6.4.2.3.       Administer Legal Personnel Programs. This capability is associated with

managing resolution facilitation and the administration of adverse action (judicial and non-
judicial) for persons within Department of Defense's (DoD) legal oversight. Resolution
facilitation refers to those person-related capabilities outside of a court of law such as
mediation and arbitration that may be used in an attempt to settle a dispute between two or
more parties (government agency, citizen, corporation). Adverse actions can be based upon
misconduct, unacceptable performance or both that can lead to legal actions and non-
disciplinary actions such as medical inability to report for duty, separation, or furlough that
can lead to administrative actions.
6.4.2.4.       Manage Adverse Actions. This capability is associated with validating the
alleged offense, determining disciplinary actions, and administering adverse actions results.
Adverse Actions can be based upon misconduct and/or substandard performance that result
in legal or administrative actions against a Member by an appropriate military authority.
Adverse legal actions may include non-punitive, non-judicial, and court-martial
proceedings. Penalties may include (but not be limited to) reduction in rank, involuntary
discharge, documentation of substandard performance, promotion list removal, or a
sentence for confinement.

6.4.2.5.       Manage Assignment and Transfer. This capability is associated with assigning
or transferring Department of Defense (DoD) Members and Employees to positions. This
capability includes administering assignment actions, executing individual assignment,
processing inter-Service, intra-Service transfers, transferring Members between military
personnel classes, to and from active duty and generating the transfer order.

6.4.2.6.       Manage Benefit Programs. This capability is associated with developing,

maintaining, assessing and delivering benefit programs for Military and Civilian personnel,
Veterans and family members. Benefit programs may include (but not be limited to)
healthcare (e.g., insurance for medical, dental, vision and long term care), education
benefits (e.g., Montgomery GI Bill [MGIB], Tuition Assistance Program, Reserve
Education Assistance Program [REAP]), life insurance (e.g., Group Life Insurance,
Traumatic Injury Protection), retirement planning (e.g., Thrift Savings Plan [TSP]),
survivor benefits (e.g., Survivor Benefit Plan [SBP], Death Gratuity) and miscellaneous
benefits (e.g., Military family housing, employment assistance, death and burial benefits,
injury and Savings Deposit Plan, Flexible Spending Account Program, Home Owners
Assistance Program and relocation assistance). This capability is also associated with
managing the contracted relationship between the Department of Defense (DoD) eligible
civilian employee beneficiaries (e.g., employees, family members, and survivors under
Federal Employee Health Benefits [FEHB] or similar programs) and various third-party
health insurance programs under contract to the Federal government.

6.4.2.7.       Manage Compensation and Reimbursements. This capability is associated with

determining eligibility for reimbursement or compensation, determining reimbursement
amount, earnings and deductions, authorizing reimbursement payments, and certifying the
reimbursement expense and payroll information. Compensation and reimbursements may
include (but not be limited to) special pays, allowances, Human Resources (HR)
entitlements, travel vouchers, pay adjustments, allotments, bonds, garnishments and offsets,
as well as payroll and tax withholding reporting (e.g., leave and earnings statement,
personal statement of military compensation, W-2 statement of wages).
 6.4.2.8.       Manage Human Resources Information. This capability is associated with
managing Human Resources Information (i.e., Human Resources Profiles and Human
Resources Record). This capability includes the creation, maintenance, use, and execution
of disposition actions. This capability also includes distributing and reporting Human
Resources Information to support personnel record requests, interagency processes, mission
requirements, and sharing of personally identifiable information for identity management
purposes, visibility and availability of personnel. Human Resources Information is for
limited access to authorized personnel only.

6.4.2.9.       Manage Human Resources Interaction. This capability is associated with

managing labor relationships between the agency, its unions and bargaining units, and
reviewing, validating and approving all survey requests that require participation of DoD
personnel.

6.4.2.10.   Manage Human Resources Management Policy and Guidance. This capability is
associated with developing and coordinating the Human Resources Management (HRM)
policy and guidance and providing a decision on the proposed HRM policy and guidance.
This capability is also associated with establishing Human Resources policy and practices,
establishing agency performance management strategy, establishing agency Human
Resources development management strategy, reviewing laws, regulations, policies, and
trends, identifying parity issues, establishing compensation, implementing compensation
program, and creating compensation program communications approach and content.

6.4.2.11.   Manage Identity Credential. This capability is associated with the management
of all Department of Defense (DoD) identity credentials (Identity Cards (e.g., Common
Access Card (CAC), Personal Identity Verification (PIV) Card, ID tags, unit controlled
cards), and the management of information associated with them (e.g., Personal
Identification Numbers (PIN) numbers, applets, identity and biometric information)) for
Employees, Members, contractors, and dependents. This includes reviewing personnel
identification information as well as issuing, maintaining and revoking identity credentials
for access control applications.

6.4.3.     Financial Management
6.4.3.1.       Budgetary Resource Management. The ability to develop, review, evaluate, and
support financial forecasts, plans, programs and budgets and to integrate them with
appropriate performance indicators to achieve effective business operations and program
goals. This capability also includes the ability to control and distribute funds based on
appropriation and authorization laws.

6.4.3.2.       Cost Management. Ability to accumulate, classify, measure, analyze, interpret

and report cost and other financial information useful to internal and external decision
makers reviewing the execution of an organization’s program or project resources to ensure
they are effectively being used to meet objectives.
6.4.3.3.       Financial Reporting. Ability to provide relevant financial visibility and real-
time information dashboards for DoD decision-makers and to summarize financial
information for the purpose of producing mandatory reports in compliance with regulatory
requirements and discretionary reports in support of other requirements.
 6.4.3.4.       Funds Balance with Treasury Management. The ability to collect funds; issue
and track disbursements; and monitor cash position.
6.4.3.5.       General Ledger Management. Ability to record proprietary and budgetary
general ledger (GL) transactions in accordance with FASAB standards, GAAP and
regulatory requirements; to define the use of, and rules to, control GL accounts; and to
conduct GL analyses and reconciliations.
6.4.4.     Logistics Planning and Operations (Order Management)

6.4.4.1.       Deliver. The Deliver processes describe the activities associated with the
creation, maintenance, and fulfillment of customer orders. It includes the receipt, validation,
and creation of customer orders; scheduling order delivery; and pick, pack, and shipment.

6.4.4.2.       Make. (Includes Maintenance) The Make processes describe the activities
associated with the conversion of materials or creation of the content for services. It focuses
on conversion of materials rather than production or manufacturing because Make
represents all types of material conversions: assembly, chemical processing, maintenance,
repair, overhaul, recycling, refurbishment, remanufacturing, and other material conversion
processes.

6.4.4.3.       Plan. The Plan processes describe the planning activities associated with
operating a supply chain. This includes gathering customer requirements, collecting
information on available resources, and balancing requirements and resources to determine
planned capabilities and resource gaps. This is followed by identifying the actions required
to correct any gaps.

6.4.4.4.       Return. The Return processes describe the activities associated with the reverse
flow of goods back from the customer. The Return process includes the identification of the
need for a return, scheduling of the return, the shipment and receipt of the returned goods,
the disposition decision making, the screening of customers for disposed material, and the
demil and scrap disposition actions. (Repair, recycling, refurbishment, and remanufacturing
processes are not described using Return process elements. See Make.)

6.4.4.5.       Source. The Source processes describe the ordering (or scheduling) and receipt
of goods and services. The Source process includes issuing purchase orders, inventory
accountability, scheduling deliveries, receiving, and shipment validation and storage.

6.4.5.     IT Service and Customer Management

The tool shall be able to provide an out of the box and easily configurable solution for IT
Service Management and Customer Management capabilities. The below requirements
address the government expectation of the functionality that is desired.
6.4.5.1.       Incident Management. The tool shall have an incident management capability
that has the ability to capture and categorize incidents through self-service portal, chat,
email, phone, and incoming events. Incidents are prioritized base on agreed service level
targets and routed to the appropriate resolution group, complete with related information.
6.4.5.2.       Problem Management. The tool shall have the ability to proactively prevent
problems and resulting incidents from happening, eliminate recurring incidents, and
minimize the impact of incidents that cannot be prevented. Problem resolution and
elimination of root cause often calls for applying a change to the configuration item in the
existing IT environment.

6.4.5.3.       Change Management. The tool shall provide a solution to deliver an essential
part of a well-managed and governed IT environment; and, with effective ITIL–based
change management, can speed up the change process, reduce service outages, and
minimize the potential for adverse impact to business operations. A single system of record
to allow for measurement/metrics and flow between modules. The change modules should
allow for configurable workflows with approvals to meet the specific needs for the
enterprise.

6.4.5.4.       Release Management. The tool shall provide a Release Management module to
handle releases using the task record system. Each planned feature is generated as a task
record, populated with the pertinent information in individual fields. These tasks can be
assigned to appropriate release management team members, who will deal with the task as
appropriate until the release has been properly deployed. Release Management can be
effectively used to coordinate releases as a vehicle for planning releases. Once a release is
finalized, a Change Item can be generated to allow the implementation and deployment of a
release to be handled within the change management process. The release management
modules should allow for configurable workflows with approvals to meet the specific needs
for the enterprise.

6.4.5.5.       Asset Management. The tool shall have the ability to automate IT asset and
EUD lifecycles with workflows. To track the financial, contractual, and inventory details of
hardware and devices, as well as non- IT assets, throughout their lifecycles. Once an asset is
deployed, Asset Management records all maintenance activity to determine costs associated
throughout the lifecycle and enable regular audits.

6.4.5.6.       Knowledge Management. The tool shall give end users a modern, omni-channel
way to interact with IT and other shared services groups at any time through any device –
enable self-help, request items or services, and collaborate with others. Capture and
package knowledge from across the DLA organization and make it readily available.
6.4.5.7.       Service Level Management (SLA). The tool shall proactively manage SLAs
with the color-coded visual SLA Timeline that allows managers to see individual SLA
progress and events triggering stage changes. Prioritize tasks, check statuses, reassign
ownership, and escalate issues when needed.

6.4.5.8.       Self-Service Portal. The tool shall provide a self-service capability for users to
submit requests. The solution will automatically index, classify, and route these requests to
the appropriate service area based on configurable workflows/business logic. Enable
customers to generate and submit tickets from non-.mil and .mil addresses (non-CAC/CAC
enabled).
6.4.5.9.       Virtual Agent. The tool shall include a Virtual Agent that provides instant
resolution to repetitive IT service tasks and requests with self-service responses delivered
via an automated, conversational Chabot.
6.4.5.10.   Omni-Channel. The tool shall have the ability to integrate telephony systems and
support customers across web, phone, chat and email from any device. Enable self-help to
include customer generated ticket submission from non-.mil and .mil users (non-CAC/CAC
enabled).
6.4.5.11.   Agent Intelligence. The tool shall have Agent Intelligence that uses machine
learning to automatically categorize and route issues to increase agent efficiency to lower
time to resolution.
6.4.5.12.   Link Repeat Customer Contacts/Leads. The tool shall have the ability to index all
fields allowing them to become searchable. The tool shall have the ability to recognize
repeat customers within the ticket creation process.
6.4.5.13.   Performance Analytics. The tool shall provide users with data visualizations to
anticipate trends, metrics, prioritize resources, and drive alignment with business goals. To
receive real-time transparency into operations with configurable, role-based dashboards.
Built-in metrics and surveys measure service levels.

6.4.5.14.   Service Catalog. The tool shall have the ability to centralize a single place for
Business, IT and non- IT offerings that users can directly access in a service catalog without
requiring webpages. A one-button request, where requests are categorized, prioritized, and
assigned automatically that can be configured to streamline the investment decision process
for new products, services, repairs, and enhancements. To provide visual task board to
connect and assign specific tasks to internal DLA teams. The tool shall have the ability to
allow for custom metrics, process flows, dashboards, and reporting to see all activity, real-
time status of the request and identify demand based on departmental needs.

6.4.5.15.   Event Management. The tool shall allow DLA proactively eliminate service
outages. To generate alerts from infrastructure anomalies that may indicate service outages.
Out-of-the-box integration with monitoring tools.
6.4.5.16.   Discovery. The tool shall discover and map the relationships between IT
components that comprise specific business services, across multi-cloud environments
including on premise infrastructure and solutions hosted in leading cloud providers such as
AWS, Azure and DISA MilCloud.
6.4.5.17.   Notification Engine. The tool shall provide a configurable notification engine
that can easily be configured without customization based on user
roles/permissions/preferences. Notifications that can be triggered based on business rules
configured by the permitted user without coding or customization.
6.4.5.18.   Access Controls. The solution must enforce access controls to data and
functionality based on user group/role without requiring multiple application instances or
tenants. Access controls must be able to restrict access down to the row and column level
within the solution.
 6.4.5.19.   Configuration Management Database (CMBD). The tool shall provide an easy-
to-use, cloud-based single system of record for infrastructure and service data. The CMDB
features a single data model with easy, accurate data acquisition through agentless auto-
discovery of known and unknown CIs, existing integrations to third-party data sources, and
additional integrations using web services or other methods. Built-in data reconciliation and
normalization features ensure consistently provide accurate and useful data. Requires
reporting and visualization with a single system of record in one single data model.

6.4.5.20.   Visual Task/Workflow Assignment. Assign customer requests and tasks to other
departments with visual task boards and automated assignments, tasks and service
processes with a simple drag and drop interface.
6.4.5.21.   Customer Data Management. Provide agents a view of accounts, contacts,
entitlements, contracts, products, assets, and install base.
6.4.5.22.   Data Fields. The tool shall provide the ability to easily add and modify fields
required to meet specific DLA Requirements. These fields should be easily searchable and
reportable.
6.4.6.    IT Business Management - Capability Portfolio Management (CPM)
Single Platform IT Business Management (ITBM) solution that provides Application
Portfolio Management and Project Portfolio Management capabilities. The tool shall
provide an out-of-the-box (OOB) solution based on industry standard Business
Management data fields and relationships including business attributes, technical attributes,
and ownership data. The tool shall provide the ability to easily add/modify fields and
interface seamlessly with other DOD systems required to meet specific DLA reporting
requirements.

The tool shall include Configuration Management Database (CMDB) and Discovery
capabilities that can be utilized with proper business processes to eliminate the need to
manage CPM through several data sources. The tool shall deliver a complete picture at the
capability, portfolio, program, project, and system level through dashboards and reporting
capabilities with the ability to drill down into the specific information. The DLA PEO
requires the ability to visualize relational data across business capabilities, business
processes, and supporting technologies to rationalize systems and reduce costs.

6.4.6.1.       Capability Monitoring and Analysis. The tool shall allow automated assessment
of capabilities with dashboards to display indicators, including user satisfaction, cost,
business alignment, quality, and risk.
6.4.6.2.       Capability Mapping and Planning. The tool shall align systems and business
capabilities supported to strategic business needs. The capability map and gaps it may
expose is essential for optimizing architectures to support DLA business processes.
6.4.6.3.       Technology Portfolio Management. The tool shall relate technology lifecycles
to supporting applications to determine the impact and reduce risks.

6.4.6.4.       Financial Planning. The tool shall provide integrated online repository to
optimize budget planning and communicate budget adherence or challenges to stakeholders.
6.4.6.5.       Financial Tracking. The tool shall have the ability to clearly identify total
program cost to include color of money, itemized cost of software, hardware, hosting,
sustainment, and development activities.
6.4.6.6.       Financial Budgeting. The tool shall have the ability to contain approved budget
lines with the ability to drill down to the portfolio, application, and project level. The tool
shall be able to clearly identify amounts that are approved (certified), committed, obligated
and display remaining balances. The tool shall be able to easily display all financial data
through dashboards and reports.

6.4.6.7.       Project Portfolio Management. The tool shall create and manage a wide range
of projects, from a few small tasks to large portfolios of projects containing complex
activities with various relationships and dependencies. Organize development tasks into
projects, and projects into programs and portfolios. Then collaborate, report, and track your
project planning with more information for better business decision‑making. The tool shall
have the ability for tracking cost, schedule, and performance. The tool should have the
ability to track risk and resources.
 Fit/Gap Assessment (Vendor Resp
Configuration Customization
Importance(Score) Out-of-the-Box
Required Required

Should Have (X) X

Should Have (X) X

Like to Have (X) X

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)
(Blank)

(Blank)

(Blank)

(Blank)
(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)
(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)
(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)
(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)
(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)
(Blank)

(Blank)

(Blank)
ssessment (Vendor Response Fields)

Gap Vendor Comments

Vendor's descretion on how your Product/Service meets

or exceeds the stated requirement.
Vendor's descretion on how your Product/Service meets
or exceeds the stated requirement. Vendor must indicate
the type of configuration changes that must be
completed to meet the stated requirement.
Vendor must indicate Residual Gap with Configuration
X
or Customization chnages.
Government Evaluation
 Requirement

(Ex.) Requirement A

(Ex.) Requirement B

(Ex.) Requirement C

5.2.2. Task 2: Proof of Concept - FLIS Legacy System Migration (See SOO Section 5.2.2 for additional
detail)
·         General User Experience. Single login experience, all screens have hover overs
defining fields and actions, guided user experience, support for customizable views,
Role Based Access Control (RBAC) features and permissions management, etc.
·         Workbench/Workflow Capabilities. Ability to create/manage multiple types of
workflows and tasks, ability to insert a record into a workflow where needed (manual
intervention), ability to reverse a workflow and back out a result, etc.
·         Master Data Management Capabilities. Ability to ensure data integrity, ability to
perform mass updates to master record data, etc.
·         Collaboration Capabilities. Ability to interact with non-users of the system
(Public access to certain portions of the application), ability to send and receive
attachments from internal & external parties, ability to generate / process transactions
based on collaboration responses, etc.

·         Data Dissemination Capabilities. Ability to export data in multiple, customizable,

formats, customer driven data dissemination/on-boarding (REST web services, etc.),
ability to throttle data dissemination when system degradation is observed, etc.

·         Data Inquiry Capabilities. Ability to customize results views, ability to view
current data and historical data, ability to share complex queries with other system users,
ability to restrict data inquiry to a user / role at the individual element level, etc.
·         Reporting Capabilities. Ability to have recurring reports, ability to perform ad
hoc reports, ability to capture and report on real-time data / metrics, ability to share
custom reports with other users, etc.
·         Sustainment Capabilities. Ability to see status of system connections, ability to
monitor application performance, automated testing of system changes, ability to roll
back changes and/or recover old deleted / archived records, etc.
·         Basic Application Capabilities. Capability of importing data in different formats,
sending emails, handling custom complex business rules without having to write code,
etc.
·         Administration Capabilities. System interface support capabilities, supported
database connections, clustering support, data persistence capabilities, etc.
·         Technical Training Requirements. Resource availability (open communities or
proprietary knowledge bank), availability of training, user support / knowledge base /
ticketing system capabilities, etc.
 Fit/Gap Assessment (Vendor Resp
Configuration Customization
Importance(Score) Out-of-the-Box
Required Required

Should Have (X) X

Should Have (X) X

Like to Have (X) X

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)
(Blank)

(Blank)
ssessment (Vendor Response Fields)

Gap Vendor Comments

Vendor's descretion on how your Product/Service meets

or exceeds the stated requirement.
Vendor's descretion on how your Product/Service meets
or exceeds the stated requirement. Vendor must indicate
the type of configuration changes that must be
completed to meet the stated requirement.
Vendor must indicate Residual Gap with Configuration
X
or Customization chnages.
Government Evaluation
 Requirement

(Ex.) Requirement A

(Ex.) Requirement B

(Ex.) Requirement C

X.1.1        DLA Specific Use Case Requirement [DLA “GO” Application]

X.1.1.1  Software must provide for developing applications that support Role
Based Access Control
X.1.1.2  Software must support the development of applications with Single Sign
On technologies allowing for integration of SAP and non-SAP applications
X.1.1.3  Software must support integrated tools for creation of new portal
content resulting in enriched and interactive user experience
X.1.1.4  Software must support comprehensive Integrated Development
Environment (IDE) with code sharing
X.1.1.5  Software must support programming languages such as Java, C, C++,
Python; support for front end languages such as Java script, CSS and HTML
X.1.1.6  Software must support Extended Search capabilities and support for
external search engines/providers
X.1.1.7  Software must support the creation of modern Progressive Web
Applications (PWAs)
X.1.1.8  Software must support 3rd party platform and open source integration
points
X.1.1.9     Software must support design of choice for modern frameworks like
Ajax – which provide for client side caching, reduced server load and flicker free
user experience
X.1.1.10 Software must include inbuilt administration and site usage reporting
tools
X.1.1.11 Software must include deployment tools which allow for ease of
deployment across various environments and platforms (hosted, hybrid, cloud)
X.1.1.12 Software must include support for Connectors – LDAP, Active
Directory, application connectors
X.1.1.13 Software must include integrated load balancing / ability to be
integrated with external load balancers
X.1.1.14 Software must include enhanced logging and auditing capabilities
X.1.1.15 Software must include support for different database platforms –
including DLA’s current DB standard – Oracle 12c
X.1.1.16 Software must include integrated application templates which allow for
ease of building new content
X.1.1.17 Software must support Auto Scaling which scales services and data
based on demand
X.1.1.18 Software must provide integrated backup capability which can store
versions of applications/date and provides incremental backups

X.1.1.19 Software must provide scalable cloud storage for various data types

X.1.1.20 Software must Provide Data security via a host of services such as
encryption, firewalls
X.1.1.21 Software must support virtual machines and operating systems
X.1.1.22 Software must allow for cross platform application build across
desktop, tablet, mobile platforms
X.1.1.23 Software must support the integration of DoD CAC, Federal PIV and
User ID / password authentication mechanisms for developed applications
X.1.1.24 Software must be able to support screens/views that can be
personalized at the individual user level
X.1.1.25 Software must be able to support the display of mandated
screens/views to end users regardless of whether the user can personalize
portions of their system views
X.1.1.26 Software must be able to support real time notifications to the user
which can take them directly to the action required
X.1.1.27 Software must be able to customize themes globally, including use of
custom graphics and logos
X.1.1.28 Software must be able to create documents in PDF format and allow
user interaction to create PDF
X.1.1.29 Software must have ability to apply Digital Signatures on forms
utilizing certificates from a Common Access Card
X.1.1.30 Software must be able to consume user input to be able to be used in
the designated business process
X.1.1.31 Software must be able to display micro visualizations of near real-time
data from back-end systems with which the platform is integrating
X.1.1.32 Software must be able to dynamically adapt to mobile devices of
varying screen size, including scalable graphics such as Scalable Vector
Graphics (SVG) format
X.1.1.33 Web pages must dynamically render and use responsive design
HTML5 capabilities to adapt to all screen sizes

X.1.1.34 Software must be able to recognize touch input for enabled devices
X.1.1.35 Software must have robust test automation capabilities included with
the platform or have the capability of being tested via free open-source plug in
X.1.1.36 Software must be able to support modern data visualization open-
source libraries including D3
X.1.1.37 Software must have or be able to integrate Artificial Intelligence
capabilities including Natural Language Processing, machine learning, data
analytics, outlier analysis, user assistance and chat bots
X.1.1.38 Software must be able to integrate with Microsoft productivity and
collaboration products
X.1.1.39 Software must provide a workable cached state so that designated
capabilities are available offline and systematically synchronized at a later time
X.1.1.40 Software must be able to be developed and deployed with native
accessibility standards per Section 508, without the need for additional
customization
X.1.1.41 Software must have a robust API framework available to connect to
other systems including SAP and JDA
X.1.1.42 The Vendor shall describe their Software Development Kit (SDK) in
detail
X.1.1.43 Software must provide the capability to analyze and troubleshoot
application performance and errors
X.1.1.44 Software must provide the capability to encrypt or mask individual
fields in an application
 Fit/Gap Assessment (Vendor Resp
Configuration Customization
Importance(Score) Out-of-the-Box
Required Required

Should Have (X) X

Should Have (X) X

Like to Have (X) X

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)
(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)
(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)

(Blank)
ssessment (Vendor Response Fields)

Gap Vendor Comments

Vendor's descretion on how your Product/Service meets

or exceeds the stated requirement.
Vendor's descretion on how your Product/Service meets
or exceeds the stated requirement. Vendor must indicate
the type of configuration changes that must be
completed to meet the stated requirement.
Vendor must indicate Residual Gap with Configuration
X
or Customization chnages.
Government Evaluation