Introduction

Technology Reference Architecture

Checklist Version 5.0
November 2020

Purpose :
This checklist is designed to accept input regarding the proposed solution. The vendor is expected to answer all question in this
checklist, as deemed appropriate to their solution. All responses provided will be evaluated to understand the technology
architecture of the proposed solution. The checklist must be submitted in the Microsoft Excel xlsx format as provided.
Submissions that fail this requirement will be considered NON-RESPONSIVE.

Page 1 of 20
 Instructions

Instructions
1) Checklist responses must be provided to the City in the Microsoft Excel xlsx format
as provided. Submissions that do NOT meet this requirement will be considered
NON-RESPONSIVE.
2) A COMMENT IS REQURED AS A RESPONSE TO EACH QUESTION
Please complete each question of each Tab. A comment is required for each
question as to why the Responder provided a "Yes", "No" or "N/A". Please provide a
full and complete response in each comment space.

3) Please be sure to include all solution reference and configuration diagrams and
drawings when requested.
4) All evaluation will be based on the completeness of the answers in addition to the
alignment with the City of Dallas' Reference Architecture
5) For reference purposes, the City of Dallas Reference Architecture is based primarily
(but not solely) on the following base documents:

a) Cloud Security Alliance (CSA)

b) National Institute of Standards and Technology (NIST)
c) Information Technology Infrastructure Library (ITIL)
d) Data Management Association (DAMA)
e) The Open Group Architecture Framework (TOGAF)
f) Federal Information Processing Standards (FIPS)
g) NIST Computer Security Resource Center (CSRC)

Notes:

1) In responding to answers, please do not provide references only as the answers

(eg, "See user manual" is not acceptable).
Please go into detail in explaining your answers and it is then permissible to provide
references.

2) If the solution doesn’t call for a feature or capability, but the solution is capable
please expand on the capability of the solution as it aligns to the reference
architecture. Do not describe that feature or capability if it is not included in solution
as priced.

Page 2 of 20
DATA SERVICES: Data Services provide the frameworks and methods for transforming data into useful information. The
principles of a data centric archticture have been adopted by the City and are enabled by data services.

DIGITAL SERVICES: Digital Services provide services that are used horizontally across the enterprise to enable software or
business applications.

ENTERPRISE TECHNOLOGY INFRASTRUCTURE SERVICES: Enterprise Technology Infrastructure Services are used to support
applications across the organizations, and are typically focused on Network Services, On-Premise/Co-Location
Infrstructure and Cloud Infrastructure.

ENTERPRISE INFORMATION SECURITY SERVICES: Enterprise information security services provide frameworks and
methods to all technology and data services provided by or to the City comply with all applicable standards, guidelines and
best practices.

IT SERVICE MANAGEMENT: IT Service Management encompases the activities necessary to plan, design, deliver, operate
and control the technology services offered and supported by the City of Dallas.

TECHNOLOGY OPTIMIZATION & TRANSFORMATION: Enterprise Technology Optimization focuses on leveraging digital
technology and practices to improve existing processes and/or delivery model. Enterprise Technology Transformation
focuses on exploring emerging technologies and practices to create a renewed, forward looking and sustainable service
model.
Question # Category Question Vendor Response
Solution Architecture
Solution Architecture Can the vendor provide the future state end-to-end architecture diagram of the proposed solution showing all the application, microservices, messaging, IAM, presentation,
1 mobile apps, IoT and database components? If yes, please provide it in the response as an attachment to this checklist. If no, please explain?
Solution Architecture Is the proposed solution an on-premise solution, a SaaS solution, a PaaS solution, a hosted solution or a Hybrid (On-prem/Cloud) implementation? If yes, please elaborate
2 briefly the solution architecture for the proposed solution and please check which deployment model(s) is being proposed?
On-Premise
SaaS, PaaS or Hosted
Hybrid (On-prem/cloud)
3 Solution Architecture Does the proposed solution support an n-tier distributed architecture? If yes, please elaborate briefly. If not, what are the limitations.
Solution Architecture Is the proposed solution designed for ease of maintenance and readily accommodate future functional enhancements? If yes, please elaborate briefly and include a
discussion of the use of modern digital technologies such as microservices, agile methodology, DevOps Continuous Development/Integration, Single Page Application with 2
way data binding, 12-Factor App methodology, support for multitudes of digital channels etc. If no, how will the proposed solution satisfy changes with speed.
4
5 Solution Architecture Does the proposed solution support a thin client strategy (ie. browser based)? If yes, please elaborate briefly? If not, what are the limitations?
Solution Architecture Does the City own the data created, managed and used within the proposed solution? Please elaborate who owns the data collected in the proposed solution and how
6 would the data be protected and used in accordance with the City's data security and privacy policies?
7 Solution Architecture Is the data captured in the proposed solution physically stored in the United States?
Solution Architecture Is the cloud or data center hosting the proposed solution physically located in the U.S.? If not, please elaborate briefly how the proposed solution make sure that any data
8 processed would not be stored outside the U.S. in any form or fashion.
Solution Architecture Is the cloud or data center hosting the proposed solution for government tenants only? If not, please elaborate briefly how security, integrity, confidentiality and regulatory
9 requirements pertaining to the government sector are achieved in the proposed hosting arrangement.
Solution Architecture Is the availability SLA of the proposed solution 99.95% or higher? If yes, please elaborate briefly what is the committed availability SLA, how it's monitored continuously and
what's the City's recourse if not met. If not, why not?
10
Solution Architecture Is the performance SLA of each click in the proposed solution 5 secs response time on average 80% of the time? If yes, please elaborate briefly how the performance SLA is
11 monitored continuously and what's the City's recourse if not met. If not, why not?
Data Services
Data Services If the proposed solution stores data outside of the City’s data centers (i.e. IaaS, PaaS or SaaS apps), does the vendor provide a way to repatriate the data in its entirety to a
12 location designated by the City when needed? If supported, please elaborate briefly. If not supported, why not?
Data Services Does the proposed solution have a bulk data import capability to upload/migrate selected data in bulk into the proposed solution? If supported, please elaborate briefly. If
13 not supported, why not?
Data Services Does the proposed solution have the capability to, periodically or on demand, exchange data or export data (in microservices or batch files or direct database connections)
14 with/to other City apps? If supported, please elaborate briefly. If not supported, why not?
Data Services Does the proposed solution require migration of existing City data to function initially? If yes, please elaborate briefly what kind of existing City data is needed. If no, please
15 explain?
Data Services Does the proposed solution need to be integrated with other City apps to function properly? If yes, please elaborate briefly what kind of data is being exchanged between
16 the proposed solution and other City apps? If no, please explain?
Data Services Does the proposed solution offer Reporting Services functions (canned and ad-hoc reports etc.) for both structured and unstructured data? If supported, please elaborate
17 briefly. If not supported, why not?
Data Services Does the proposed solution offer Data Visualization functions (canned and ad-hoc dashboards and scorecards in a variety of ways graphically etc.) for both structured and
18 unstructured data? If supported, please elaborate briefly.
Data Services If PII or sPII data is being captured in the proposed soluion, is the proposed solution handling this data ISO 27001/270028 compliant or the equivalent? If yes, please
19 elaborate briefly how compliance is achieved. If no, why not?
20 Data Services If PHI data is being captured in the proposed soluion, is the proposed solution HIPAA compliant? If yes, please elaborate briefly how compliance is achieved. If no, why not?
21 Data Services If CJIS data is being captured in the proposed soluion, is the proposed solution CJIS compliant? If yes, please elaborate briefly how compliance is achieved. If no, why not?
22 Data Services If payment data is being captured in the proposed soluion, is the proposed solution PCI compliant? If yes, please elaborate briefly how compliance is achieved. If no, why
not?
Question # Category Question Vendor Response
Data Services Does the proposed solution offer Data Analytics functions (generate business intelligence and insights for predictions & prescriptions etc.) for both structured and
unstructured data? If supported, please elaborate briefly.
23
Data Services Does the proposed solution offer Data Security Management functions (how data access permissions are managed, monitored and audited)? If supported, please elaborate
24 briefly . If not supported, why not?
Data Services Does the proposed solution offer Data Architecture Management functions? If supported, please elaborate briefly how the data model is developed/maintained, how it is
25 aligned with the City's other business data models and how the meta-data architecture is defined/maintained.
Data Services Does the proposed solution offer Data Development functions (data modeling/analysis, how conceptual, logical and physical data models constructed etc.)? If supported,
26 please elaborate briefly.
Data Services Does the proposed solution offer Data Quality Management functions (how data quality is profiled, analyzed, monitored and cleansed continuously)? If supported, please
27 elaborate briefly.
Digital Services
Digital Services Does the proposed solution support a mobile strategy (ie. mobile apps)? If yes, please elaborate briefly the mobile strategy including which mobile platforms? If not, what
28 are the limitations?
Digital Services If the proposed solution supports a mobile strategy, are the mobile apps dowloadable from the respective mobile platform's app store branded as a City of Dallas app? If yes,
29 please elaborate briefly? If not, what are the limitations?
Digital Services If the proposed solution supports a mobile strategy, can the mobile apps be secured by the City's Active Directory if the apps are internal facing apps? If yes, please elaborate
30 briefly including the SSO protocols supported? If not, what are the limitations?
Digital Services If the proposed solution supports a mobile strategy, can the mobile apps be secured by the City's Citizens Registry if the apps are public facing apps? If yes, please elaborate
31 briefly including the SSO protocols supported? If not, what are the limitations?
Digital Services Does the proposed solution need to interface/integrate with other City apps to function properly? If yes, what are these other City apps and in what form would they be
32 integrated with the proposed solution (ie. APIs or file based integration)?
Digital Services Does the proposed solution have the capability to be easily integrated with other City apps in the future? If yes, please elaborate briefly how this can be achieved (ie. APIs or
33 file based integration)? If not, what are the limitations.
Digital Services If the proposed solution supports a mobile strategy (ie. use of mobile apps), are the mobile apps designed not to cache data locally in the apps or have measures in place to
34 encrypt any City data stored locally in the mobile device? If yes, please elaborate briefly how this is handled. If not, why not?
Digital Services Does the proposed solution support an enterprise DevOps Continuous Development/Integration architecture? If yes, please elaborate briefly the development framework
35 and the development/DevOps tools used. If no, how will the proposed solution satisfy changes with speed?
Digital Services Can the UI of the proposed solution be branded in accordance with the City's branding strategy, including the URL, to provide a uniform look-and-feel? If yes, please
elaborate briefly how this can be done and updated periodically? If not, why not?
36
37 Digital Services Is the User Interface (UI) of the proposed solution accessibility compliant? If yes, please elaborate briefly how this is validated periodically? If not, why not?
38 Digital Services If the proposed solution supports a mobile strategy, do the mobile apps support the 7" to 10+" form factors? If yes, please elaborate briefly? If not, what are the limitations?
Digital Services If the proposed solution supports a mobile strategy, do the mobile apps support push notifications, automatic version checks and app updates? If yes, please elaborate
39 briefly? If not, what are the limitations?
Emerging Technology
Emerging Technology Does this proposed solution utilize or integrate with an emerging technology? If yes, please concisely describe how the proposed solution may support the City in its efforts
to become a Smart City? If no, any future plans to support emerging technology or become a smart application?
40
41 Emerging Technology Does the solution utilize IoT technologies? If yes, please provide details. If no, please provide a roadmap and timeline when it will be incorporated if applicable.
42 Emerging Technology Does the solution have the capability to integrate with IoT technologies? If not, is there a roadmap to support this integration? If yes, please provide details.
Emerging Technology Does the proposed solution utilize or integrate with Artificial Intelligence, Machine Learning or similar technology? If not, is there a roadmap for this capability? If yes, please
43 provide details.
Emerging Technology Does the proposed solution utilize or integrate with Unmanned Aerial Vehicle or other drone technology? If so please describe the architecture and security around video
streaming and storage.
44
45 Emerging Technology Does the proposed solution utilize 5G technology? If no, is there a roadmap to leverage this technology?
Question # Category Question Vendor Response
46 Emerging Technology Does the solution include virtual agent or chat bot technology?
47 Emerging Technology Does the solution leverage Natural Language Understanding or similar technology?
48 Emerging Technology Does the solution offer contactless payment options?
Security Services
Security Services If the proposed solution has a public facing component, can the proposed solution be integrated with the City's Citizen Registry to authenticate the Citizen users? If yes,
49 please elaborate briefly? If not, why not?
Security Services Can the proposed solution be integrated with the City's Active Directory to authenticate the City's employee users, including for mobile applications? If yes, please elaborate
50 briefly? If not, why not?
Security Services Does the proposed solution implement and use Identity, Authentication and Access Management methods? If "Yes", please elaborate. When elaborating, please minimally
consider method of implementation; multi-factor authentication; single-sign on; reliance on third party identy management and access tools; group assignment; supervisor
rights management; unsuccessful login-in attempts; isolation of internal and external users; etc.
51
Security Services Does the proposed solution support role-based activities? If "Yes", please elaborate as to the roles available in the solution and how it supports the operational principles of
52 Segregation of Duties and Least Privilege.
Security Services Does the proposed solution support Attribute Based Access Control (ABAC) for Data Service applications? If "Yes", please identify which standard(s) or framework(s) are used
and elaborate how its implementation benefits the City.
53
Security Services Is the proposed solution capable of enforcing and supporting strong passwords as defined by company policy, including the use of specific number of special characters,
54 digits, mixed case letters, frequency of change, and minimum password lengths? If "Yes", please elaborate.
Security Services Does the proposed solution implement a periodic continued business use policy by periodically re-validating if an employee has a continued business need to access a specific
55 system? If yes, please elaborate. If no, why not?
Security Services Does the proposed solution use encryption methods for the protection of data? If "Yes", please elaborate. The City is interested in methods to protect data at rest, data in
56 flight and data during processing. If "No", why encryption is not used?
57 Security Services Does the proposed solution require any local caching of unencrypted data? If "Yes", please elaborate. If "No", why not?
Security Services Is the proposed solution scanned periodically for vulnerabilities such as cross site forgery, SQL injection vulnerabilities etc. and fixed accordingly? If yes, please elaborate
58 briefly how this is done and validated periodically? If not, why not?
Security Services Is the proposed solution capable of maintaining a full audit trail for all changes to any system data, or screen, activities etc., and the trail should include the information like
59 the user who made the change, the date/time of the change, the original value, the modified value, and the IP address of where the change was initiated? If "Yes", please
elaborate.
Security Services Is the proposed solution capable to allow designated super users to log in to the system and mimic another user for the purpose of seeing how the system looks to that user?
60 If "Yes", please elaborate.
61 Security Services Is the proposed solution able to prevent the effects of a denial of service attack? If "Yes", please elaborate. Please ensure you describe the basics of your strategy.
62 Security Services Does the proposed solution provide intrusion detection and prevention services? If "Yes", please elaborate.
63 Security Services Does the proposed solution implement and/or use Media Sanitizing technology and/or procedures? If "Yes", please elaborate.
64 Security Services Is the proposed solution hosted in a multitenanted environment? If "Yes", please elaborate on the architecture implemented and the security protocols used.
Security Services Does the proposed solution provide operational transparency? If "Yes", please elaborate. The discussion should minimally address transparency in the following processes:
- Monitoring and operational management
- Performance management
- Change management
- Capacity and license planning, and usage management
- Problem management
- Service-level management
- Service-level data integration

65
Security Services Does the proposed solution employ security standards? If "Yes", please state which security standards are implemented and how they add value and benefit to the solution
66 and the City.Note, if selected vendor may be required to provide their Security Standards policy documentation.
67 Business Continuity Does the proposed solution back up data periodically for system restore/recovery purpose if corrupted for any reasons? If yes, please elaborate briefly. If not, why not?
Question # Category Question Vendor Response
Disaster Recovery Is there a disaster recovery or business continuity plan for the proposed solution? If yes, please elaborate briefly the plan, what are the RTO and RPO parameters and the
maximum acceptable outage time (MAOT) and how is the plan verified periodically? If not, why not?
68
Disaster Recovery Does the proposed solution replicate data to a different geographical location periodically for disaster recovery scenarios? If yes, please elaborate briefly. If not, why not?
69
70 Privacy Will the application transmit or house sensitive data, including but not limited to: HIPAA; PII; PCI; SPI?
71 Privacy Will the solution be sharing sensitive data with third parties?
72 Facility Physical Safeguards Is the proposed solution hosted in a facility with adequate and effective "Facility Access Controls" and contingency plans for facility Access.
Mobility & Integrity Does the proposed solution utilize mobility management and protection mechanisms to safeguard the confidentiality, Integrity and Availability of data elements processed by
73 Safeguards such solutions
Infrastructure Services
Infrastructure Services Does the proposed solution Hosted Only/Cloud implementation provide resources scalable with exclusive dedicated link to the City for the following? If yes/no, please
74 explain in detail.
Compute
Network
Storage
Infrastructure Services Does the proposed solution have the ability to utilize Server Virtualization Technology for the infrastructure for the following? If yes/no, please explain in detail (state if it is
75 included in the proposed solution and how). If no, please provide a roadmap and timeline when it will be incorporated if applicable.
Operating System (OS)
Trusted Platform Module (TPM)
76 Infrastructure Services Does the proposed solution support Network Segmentation based on the following? If yes/no, please explain in detail.
Virtual Switches and Physcal NIC -Based Segmentation
VLANS-Based Segmentation
Overlay-Based Segmentation
77 Infrastructure Services Does the proposed solution deploy various logical network services as follows? If yes/no, please explain in detail.
Firewall
DHCP
NAT
Load Balancing
DNS
Infrastructure Services Does the proposed solution have the ability to provide for Application Virtualization (Client Application Streaming and/or Server Application Streaming)? If yes/no, please
78 explain in more detail.
Virtual Desktop Infrastructure (VDI)
Session Based Virtualization
79 Infrastructure Services Does the proposed solution have the ability to provide Network High Availability (HA) in the following modes? If yes/no, please explain in detail.
Active/Active
Active/Standby
Load balancing
Geographic redundancy
Security IDS/IPS/WAF
80 Infrastructure Services Does the proposed solution have the ability to provide support for Storage Virtualization? If yes or no, please explain in detail.
File - Based (NAS)
Block -Based (SAN)
Object-Based (CAS)
Question # Category Question Vendor Response
Infrastructure Services Does the proposed solution (cloud, hybrid & on-prem) provide support for the following: If yes/no, please explain in more detail (State if it is included as part of the proposed
81 solution and how)
Portability?
Interoperability?
Infrastructure Services For the proposed solution, does each configuration (cloud, hybrid & on-prem), have at stated and defined requirement(s) for the storage and peak/average data flow usage
82 per design/use case (per minimum and maximum number of estimated concurrent users)? If yes/no, please explain in more detail
Infrastructure Services For each proposed design/configuration, has the minimum required standards for all technical hardware and software/firmware (routers, switches, servers, load balances,
83 firewalls, etc) been provided in an appropriate format? If yes, please explain in detail those requirements.
Infrastructure Services For each proposed configuration (cloud, hybrid & on-premise), are managed infrastructure services provided as part of the solution or as an option? If so, what are the
84 managed infrastructure services that are provided
Infrastructure Services For each proposed configurations (Cloud, Hybrid & on-premise), does the solution infrastructure support or interface with SDN Networks? If yes/no, please explain in more
85 detail and how it is incorporated. If no, please provide a roadmap and timeline when it will be incorporated if applicable.
Infrastructure Services For each proposed configuration (Cloud, Hybrid & on-premise) does the solution infrastructure provide a transition or migration path for the infrastructure to interface with a
86 data lake or data warehouse solution? If yes, please explain in more detail and how it is implemented
Infrastructure Services For each proposed configuration (Cloud, Hybrid & on-premise), does the solution support replication (both virtual and geographically diverse)? If yes, please explain in more
87 detail and how. If no, please provide a roadmap and timeline when it will be incorporated if applicable.
Infrastructure Services For each proposed configuration (cloud, hybrid & on-premise), does the solution support multi-tenancy and the ability to administer a chargeback model? If yes, please
88 explain in more detail and how. If no, please provide a roadmap and timeline when it will be incorporated if applicable.
Infrastructure Services For each proposed configuration (Cloud, Hybrid & On-premise), will the solution infrastructure design integrate with 3rd party WAN providers from an infrastructure and
89 security perspective? If yes, please explain in more detail and how.
90 Infrastructure Services Does the solution support easy addition of additional parallel servers? If so, what is the load balancing mechanism?
91 Infrastructure Services Does the solution have additional requirements for local data storage support? If yes, State the additional requirements.
IT Service Management
IT Service Management The City of Dallas has adopted ITIL v3 2011 Edition for its IT Service Management framework. Does the proposed solution support ITIL processes and objectives? If "Yes",
92 please elaborate the domains and processes supported by the solution.
93 IT Service Management Does the proposed solution provide metrics and other information to support Service Level Agreement management? If "Yes", please elaborate. If "No", why no?
 Instructions: For each standard and guideline listed, please indicate whether your proposed offering is Fully Com
Not Applicable. If you choose Not Applicable, please briefly state why you believe

# Category Question
Enterprise Security & Privacy Standards
1 Standards & Guidelines - FedRAMP SP 500-292: NIST Cloud Computing
NIST Standards Reference Architecture
2 Standards & Guidelines - FedRAMP SP 800-34 Revision 1: Contingency Planning
NIST Standards Guide for Federal Information Systems
3 Standards & Guidelines - FedRAMP SP 800-37 Revision 1: Guide for Applying the
NIST Standards Risk Management Framework to Federal
Information Systems: Security Life Cycle
Approach
5 Standards & Guidelines - FedRAMP SP 800-39: Managing Information Security
NIST Standards Risk: Organization, Mission, and Information
System View
6 Standards & Guidelines - FedRAMP SP 800-53 Revision 4: Security and Privacy
NIST Standards Controls for Federal Information Systems
and Organizations
7 Standards & Guidelines - FedRAMP SP 800-53a Revision 4: Guide for Assessing
NIST Standards the Security Controls in Federal Information
Systems and Organizations, Building Effective
Security Assessment Plans

8 Standards & Guidelines - FedRAMP SP 800-60 Revision 1, Volume 1: Guide for

NIST Standards Mapping Types of Information and
Information Systems to Security Categories
9 Standards & Guidelines - FedRAMP SP 800-60 Revision 1, Volume 2: Appendices
NIST Standards to Guide for Mapping Types of Information
and Information Systems to Security
Categories

10 Standards & Guidelines - Enterprise SP 800-61 Revision 2: Computer Security

Security & Privacy Standards Incident Handling Guide
11 Standards & Guidelines - FedRAMP SP 800-86: Guide to Integrating Forensic
NIST Standards Techniques into Incident Response
12 Standards & Guidelines - FedRAMP SP 800-92: Guide to Computer Security Log
NIST Standards Management
13 Standards & Guidelines - FedRAMP SP 800-94: Guide to Intrusion Detection and
NIST Standards Prevention Systems (IDPS)
14 Standards & Guidelines - FedRAMP SP 800-115: Technical Guide to Information
NIST Standards Security Testing and Assessment
15 Standards & Guidelines - FedRAMP SP 800-122: Guide to Protecting the
NIST Standards Confidentiality of Personally Identifiable
Information (PII)
16 Standards & Guidelines - FedRAMP SP 800-128: Guide for Security-Focused
NIST Standards Configuration Management of Information
Systems
 17 Standards & Guidelines - FedRAMP FIPS 140-2: Federal Information Processing
NIST Standards Standard (FIPS) 140-2: Security
Requirements for Cryptographic Modules
18 Standards & Guidelines - FedRAMP FIPS 199: Standards for Security
NIST Standards Categorization of Federal Information and
Information Systems
19 Standards & Guidelines - FedRAMP FIPS 200: Minimum Security Requirements
NIST Standards for Federal Information and Information
Systems
20 Standards & Guidelines - FedRAMP FIPS 201: Personal Identity Verification (PIV)
NIST Standards of Federal Information and Information
Systems
21 Standards & Guidelines - FedRAMP OMB A-130: Office of Management and
NIST Standards Budget (OMB) A-130
22 Standards & Guidelines - CoD SP 800-30, Revision 1: Risk Management
Extensions to FedRAMP Guide for Information Technology Systems
23 Standards & Guidelines - CoD SP 800-31: Intrusion Detection Systems
Extensions to FedRAMP
24 Standards & Guidelines - CoD SP 800-35: Guide to Information Technology
Extensions to FedRAMP Security Services
25 Standards & Guidelines - CoD SP 800-50: Building an Information
Extensions to FedRAMP Technology Security Awareness and Training
Program
26 Standards & Guidelines - CoD SP 800-55, Revision 1: Performance
Extensions to FedRAMP Measurement Guide for Information Security
27 Standards & Guidelines - CoD SP 800-64: Security Considerations in the
Extensions to FedRAMP Information System Development Life Cycle
28 Standards & Guidelines - CoD SP 800-82: Guide to Industrial Control
Extensions to FedRAMP Systems (ICS) Security
29 Standards & Guidelines - CoD SP 800-83: Guide to Malware Incident
Extensions to FedRAMP Prevention and Handling for Desktops and
Laptops
30 Standards & Guidelines - CoD NISTIR 8062 (DRAFT): Privacy Risk
Extensions to FedRAMP Management for Federal Information
Systems
31 Standards & Guidelines - PCI Payment Card Industry (PCI) Data Security
Standard (DSS)
Enterprise Data Management Framework
32 Standards & Guidelines - Data Data Management Association’s Guide to
Management Data Management Body of Knowledge (DM
BOK)
Enterprise Standards for Information Systems and Infrastructure
33 Standards & Guidelines - Cellular 3GPP (3rd Generation Partnership Project) –
Communications LTE: Long Term Evolution – Wireless Mobility
34 Standards & Guidelines - Cellular 3GPP (3rd Generation Partnership Project) –
Communications LTE Adv: Long Term Evolution Advanced –
Wireless Mobility
35 Standards & Guidelines - Cellular NGMNA (Next Generation Mobile Networks
Communications Alliance) – 5G: 5th Generation Wireless
Mobile Network – Wireless Mobility
36 Standards & Guidelines - IEEE IEEE 802.3 Series – Ethernet Standards
Communications Standards
37 Standards & Guidelines - IEEE IEEE 802.11 Series – Wireless networking
Communications Standards standards – Wireless Data; including IEEE
802.11s – Wireless Mesh
38 Standards & Guidelines - IEEE IEEE 802.15 Series – Bluetooth – Personal
Communications Standards Area Networks
39 Standards & Guidelines - ITU-T G.694.1: "Spectral grids for WDM
International Telecommunication applications: DWDM frequency grid"
Union (ITU) Standards
40 Standards & Guidelines - ITU-T G.694.2: "WDM applications: CWDM
International Telecommunication wavelength grid"
Union (ITU) Standards
41 Standards & Guidelines - ITU-T G.651: “Characteristics of 50/125 μm
International Telecommunication Multimode Graded-index Optical Fiber”
Union (ITU) Standards
42 Standards & Guidelines - ITU-T G.652: "Transmission media and
International Telecommunication optical systems characteristics – Optical fiber
Union (ITU) Standards cables”
43 Standards & Guidelines - ITU-T G.653: “Characteristics of Single-mode
International Telecommunication Dispersion Shifted Optical Fiber and Cable”
Union (ITU) Standards
44 Standards & Guidelines - ITU-T G.654: “Characteristics of Cut-off
International Telecommunication Shifted Single-mode Optical Fiber and Cable”
Union (ITU) Standards
45 Standards & Guidelines - ITU-T G.655: “Characteristics of Non-zero
International Telecommunication Dispersion Shifted Single-mode Optical Fiber
Union (ITU) Standards and Cable”
46 Standards & Guidelines - ITU-T G.656: “Characteristics of Non-zero
International Telecommunication Dispersion Shifted Fiber for Wideband
Union (ITU) Standards Transport”
47 Standards & Guidelines - ITU-T G.657: “Characteristics of a Bending
International Telecommunication Loss Insensitive Single-mode Fiber for Access
Union (ITU) Standards Networks”
48 Standards & Guidelines - Internet RFC 2328 Open Shortest Path First (OSPF
Engineering Task Force (IETF) and Version 2 – applies to IPv4)
ISO Routing Protocols
49 Standards & Guidelines - Internet RFC 5340 Open Shortest Path First (OSPF
Engineering Task Force (IETF) and Version 3 – applies to IPv6)
ISO Routing Protocols
50 Standards & Guidelines - Internet RFC 2453 RIP Version 2 (RIPv2)
Engineering Task Force (IETF) and
ISO Routing Protocols
 51 Standards & Guidelines - Internet RFC 7868 Cisco's Enhanced Interior Gateway
Engineering Task Force (IETF) and Routing Protocol (EIGRP)
ISO Routing Protocols
52 Standards & Guidelines - Internet ISO/IEC 10589:2002 Intermediate System to
Engineering Task Force (IETF) and Intermediate System (IS-IS)
ISO Routing Protocols
53 Standards & Guidelines - IETF RFC 1883 – The Internet Protocol version 6
Request for Comments (RFC) Specification
54 Standards & Guidelines - IETF RFC 791 – Internet Protocol version 4
Request for Comments (RFC) Specification
Business Applications
55 Standards & Guidelines - Business Open Group Guide Using TOGAF to Define
Apps and Govern Service-Oriented Architectures,
1-931624-95-X, G113, The Open Group, May
2011

56 Standards & Guidelines - Business Technical Standard SOA Governance

Apps Framework, 1-931624-82-8, C093, The Open
Group, August 2009
57 Standards & Guidelines - Business Open Group Standard SOA Reference
Apps Architecture, 1-937218-01-0, C119, The
Open Group, November 2011
58 Standards & Guidelines - Business Reference Architecture for Service Oriented
Apps Architecture Version 1.0 Public Review Draft
1, sao-ra-pr-01, OASIS, 23 April 2008
59 Standards & Guidelines - Business Cloud Computing Service Metrics
Apps Description, Special Publication 500-307,
National Institute of Standards and
Technology (NIST), 2015.

60 Standards & Guidelines - IOT Open Mobile Alliance Device Management

1.2.1
61 Standards & Guidelines - IOT IPSO Application Framework
62 Standards & Guidelines - IOT IEEE P2413
63 Standards & Guidelines - IOT OMA LightweightM2M v1.0
64 Standards & Guidelines - IOT OTHER - Please indicate if you have adopted
an IoT relevant standard/guidelines not
listed here.
65 Standards & Guidelines - NIST NIST 800-145 - The NIST Definition of Cloud
Computing; National Institute of Standards
and Technology, Sept 2011
66 Standards & Guidelines - NIST NIST 800-146 - Cloud Computing Synopsis
and Recommendations; National Institute of
Standards and Technology, May 2012
67 Standards & Guidelines - NIST NIST Cloud Computing Reference
Architecture (version 1); National Institute of
Standards and Technology, March 2011
 68 Standards & Guidelines - NIST Special Publication 800-48 Rev. 1: Guide to
Security Legacy IEEE 802.11 Wireless
Networks, National Institute of Standards
and Technology, July 2008, Gaithersburg,
MD.
69 Standards & Guidelines - NIST NISTIR 8062 (DRAFT): Privacy Risk
Management for Federal Information
Systems, National Institute of Standards and
Technology, May 2015, Gaithersburg, MD.

Enterprise Geographic Information Systems (GIS)

70 Standards & Guidelines - CoD GIS City of Dallas' Minimum GIS Standards
Standards
71 Standards & Guidelines - Federal Federal Geographic Data Committees (FGDC)
Geospatial Standards
Web
72 Standards & Guidelines - Web Section 508
Accessibility
73 Standards & Guidelines - Web Web Content Accessibility Guidelines
Accessibility (WCAG) 2
74 Standards & Guidelines - User City of Dallas User Experience Guidelines
Experience
Process and Project Management
75 Standards & Guidelines - Process ITIL v3
76 Standards & Guidelines - Process City of Dallas IT Service Management
Standards
77 Standards & Guidelines - Process Project Management Institute Project
Management Body of Knowledge (PMBOK)
 ur proposed offering is Fully Compliant, Partially Complaint, Not Compliant, or
se briefly state why you believe it does not apply.

Answer
Describe why Answer is provided
(Please select an option )