cross functional services tower for transnet v1 cross... · transnet cross functional services...
TRANSCRIPT
ATTACHMENT V1
CROSS FUNCTIONAL SERVICES TOWER
For
Transnet
TRANSNET
Cross Functional Services Tower
____________________________________________________________________________________________
TRANSNET CONFIDENTIAL INFORMATION Page i
Table of Contents
1.0 Cross-Functional Services Overview and Objectives ................... 1
1.1 Services Overview ....................................................................................................... 1
1.2 Service Objectives ....................................................................................................... 1
2.0 Cross-Functional Services Requirements ..................................... 2
2.1 Service Descriptions and Roles and Responsibilities ................................................... 2
2.2 IT Processes and Activities .......................................................................................... 3
2.3 Service Operations and Support Activities ................................................................. 15
2.4 Exclusions ................................................................................................................. 39
3.0 Service Management ..................................................................... 39
3.1 Objectives .................................................................................................................. 39
3.2 Definitions .................................................................................................................. 39
3.3 Service-Level Requirements (SLRs) .......................................................................... 39
3.4 Reports ...................................................................................................................... 39
4.0 Referenced Appendix, Service and MSA Attachments ............... 40
4.1 Appendix – Financial Responsibilities Matrix ............................................................. 40
List of Tables
Table 1. IT Processes and Activities ..................................................................................... 3
Table 2. Service Delivery Activities ..................................................................................... 15
Table 3. Cross Functional Services Reports ....................................................................... 39
TRANSNET
Cross Functional Services Tower
____________________________________________________________________________________________
TRANSNET CONFIDENTIAL INFORMATION Page 1
This is Attachment V1 (Cross-Functional Services Tower) to Attachment V Transnet Service Towers Index to the Master Services Agreement between Transnet Limited (“Transnet”) and the Service Provider. Unless otherwise expressly defined herein, the capitalised terms used herein shall have the meaning assigned to them in Attachment V Appendix 1 Service Tower Definitions.docx or in the Master Services Agreement Attachment A.
1.0 Cross-Functional Services Overview and Objectives
1.1 Services Overview
This Attachment V1 (Cross-Functional Services Tower) sets forth the roles and responsibilities of the Parties for the set of common services that apply to the provision, delivery and management of all Services (“Cross-Functional Services”) in support of the Transnet Information Technology (IT) infrastructure. Provider will provide Cross-Functional Services across all Service Towers. As depicted in Figure 1 below, Services, activities, and roles and responsibilities described in this Service Tower are within the scope of each of the Service Towers (Attachment V2 to V5) and shall be included within the Fees for each Service Tower specified in Attachment V Transnet Service Towers Index to the Agreement. Figure 1 depicts the relationship between the Cross-Functional Services schedule and all schedules within the scope of the Agreement. Figure 1. Service Tower: Service Towers with Cross-Functional View
1.2 Service Objectives
The following are the key high-level Service objectives Transnet expects to achieve through this Cross-Functional Services schedule:
Ensure that critical IT life cycle and service management functions are included in all IT Service Tower schedules
Receive IT Services that consider an end-to-end enterprise view across all IT Service Towers
Relationship Management
Service Tower
Cross Functional
Service TowerArch &
PlanningEngineer AM CM PM RM . . . . . . Information Security
Data Centre & Hosting
Service TowerH & SD Service
TowerEUC
Service Tower
Mainframe
Platform
Midrange Platform
Project Services
Tower
Help
Desk
Service
Desk
Middleware
Database
PCs
Platform
Storage
Peripherals
B&R
Office Programme
Management
Project
Management
Benefits
Realisation
Collaboration
Service Tower
Unified Communications &
Collaboration
File/Print
Secu
rity
Secu
rity
Secu
rity
Secu
rity
Mobile
Platform
Storage B&R
Disaster Recovery
Storage B&R
Disaster Recovery
TRANSNET
Cross Functional Services Tower
____________________________________________________________________________________________
TRANSNET CONFIDENTIAL INFORMATION Page 2
2.0 Cross-Functional Services Requirements
The Provider is responsible for providing Cross-Functional Services defined in this schedule for Service schedules defined in the following documents:
Attachment V1 - Cross-Functional Service Tower
Attachment V2 - Help and Service Desk Service Tower
Attachment V3 - End User Computing Service Tower
Attachment V4 - Collaboration Service Tower
Attachment V5 - Data Centre and Hosting Service Tower
Attachment V6 - Project Services Tower
Attachment V7 - Relationship Management Service Tower
2.1 Service Descriptions and Roles and Responsibilities
Cross Functional Services include the following services, activities, roles and responsibilities.
TRANSNET
Cross Functional Services Tower
TRANSNET CONFIDENTIAL INFORMATION Page 3
Table 1. IT Processes and Activities
Service Category and Description
Service Entities
Responsibility
Service Provider Transnet
2.2 IT Processes and Activities
Architecture Planning and Analysis
Architecture Planning and Analysis Services are activities associated with the capturing and assessment of requirements that drive the definition of architectural, functional, performance, IT Service Continuity, and security requirements that also comply with regulatory and Transnet policies. Identifies opportunities to improve the efficiency and effectiveness of the Service Towers. Architecture Planning and Analysis Services can also help support competitive business advantage and mitigate risks by reducing defects and improving the quality of IT Services
Requirements Definition
Participate in defining services, standards, timeframes and reporting requirements for Planning and Analysis activities
Participate in appropriate requirements-gathering activities (e.g., focus groups, interviews)
Document requirements required to deliver services in agreed-to formats (e.g., system specifications, data models, upgrade requirements, conversion requirements, design schematics)
Co-develop and agree on architectural standards for in scope services
Define Services, standards, timeframes and reporting requirements for planning, project management, and analysis activities
Conduct interviews, group workshops and surveys to determine user functional, performance, availability, maintainability, IT continuity and other requirements
Define Transnet’s requirements at the enterprise level for all Towers (e.g., business and technology strategy, technology architecture, functional, availability, capacity, performance, backup and IT Service Continuity )
Provide written information in sufficient detail pertaining to the requirements definition to enable development of appropriate requirements documentation (e.g., business requirements documentation)
Review and approve Services, standards and project management practices for Planning and Analysis activities
Make available to Service Provider such information as Service Provider may reasonably request. This includes information about the Service Recipient’s escalation process, IT strategy, and architecture artefacts including application roadmaps and blueprints and, to the extent determined by Service Recipient to be relevant and appropriate, business strategy.
Information Life Cycle Management
Recommend data backup and retention procedures for all Towers that meet Transnet-specified requirements
Define Transnet’s data backup and retention policies and requirements for all Towers
Approve recommended data backup and retention procedures for all Towers
Technical Architecture
Participate, provide technical assistance and subject matter expertise in technical and business planning sessions to establish standards, architecture and project initiatives
Conduct technical and business planning sessions to establish standards, architecture and project initiatives
Evaluate all new and upgraded Tower components or Services for compliance with the Transnet’s security and IT architecture policies, regulations and procedures
TRANSNET
Cross Functional Services Tower
TRANSNET CONFIDENTIAL INFORMATION Page 4
Service Category and Description
Service Entities
Responsibility
Service Provider Transnet
Infrastructure Engineering must be supportive of Service Level Requirements (Standard Architectures to be mutually agreed)
Cooperative delivery of proof of concept testing for service tower components.
Approve service tower component architecture standards and new firmware
Infrastructure Engineering must be supportive of Service Level Requirements (Standard Architectures to be mutually agreed)
Cooperative delivery of proof of concept testing for service tower components.
Technology planning and Innovation
Conduct technical reviews and provide recommendations for improvements that increase efficiency, effectiveness and reduce costs
Perform ad hoc investigations as requested by Transnet and submit recommendations for Transnet’s consideration.
Conduct ongoing, regular planning and recommendations for technology refresh and upgrades
Showcase new technology enhancements to Transnet hence allowing Transnet the option to upgrade to any new productised technology.
Review and approve any technical improvement recommendations
Systems Management Tools
Identify System management tools to monitor the IT Systems infrastructure and Transnet software environment
Provide service towers reporting requirements
Research Continuously monitor technical trends through independent research; document and report on products and services with potential use for Transnet as they align with Transnet’s business and technology strategy
Perform feasibility studies for the implementation of new and existing technologies that best meet Transnet business needs and meet cost, performance and quality objectives
TRANSNET
Cross Functional Services Tower
TRANSNET CONFIDENTIAL INFORMATION Page 5
Service Category and Description
Service Entities
Responsibility
Service Provider Transnet
Security Planning and Analysis
Security Planning and Analysis Services are the activities associated with research of new technical trends, products and services, such as hardware components, System Software, and Networks that offer opportunities to improve the efficiency and effectiveness of the Security Services. Security Planning and Analysis Services can also help support competitive business advantage and mitigate risks by reducing defects and improving the quality of security
Requirements, Policies and Procedures
Participate in technical and business planning sessions to establish security standards, architecture and project initiatives
Recommend best practice IT security policies (e.g. access controls, identity management, virus, malware, spam etc. protection security audits etc.)
Provide a security assessment group dedicated to Transnet’s enterprise that will conduct continual assessments of Transnet’s security effectiveness and be the direct liaison with Transnet's Security Services function for security requirements
Conduct technical and business planning sessions to establish security standards, architecture and project initiatives per the planning and analysis policies and procedures
Define Transnet requirements at the enterprise level for all Security Services (e.g., business, technology strategy, functional, availability, capacity, performance, backup and IT Continuity Service)
Develop and maintain application security policies, planning, guidelines, and architecture
Develop and maintain equipment, software, databases and application security configuration standards e.g. server, and end user device hardening etc.
Establish access profiles and policies for adding, changing, enabling / disabling and deleting log-on access for Transnet employees, agents and subcontractors
Tools Provide and support best available and fit for purpose security analysis tools and monitoring products into Transnet’s system and infrastructure
Provide security reporting requirements
Planning Provide security plans and IT infrastructure based on security requirements, standards, procedures, policies, Transnet, government, and local requirements and risks
Conduct technical reviews and provide recommendations for improvements to the infrastructure that increase efficiency and effectiveness of security and reduce costs in accordance with planning and analysis policies and procedures
Review and approve security plans
Research Actively participate in industry standard security forums and users groups to remain up to date with current security trends, threats, common exploits and security policies and procedures
Perform feasibility studies for the implementation of new and existing security technologies that best meet Transnet business needs and meet cost, performance and quality objectives
TRANSNET
Cross Functional Services Tower
TRANSNET CONFIDENTIAL INFORMATION Page 6
Service Category and Description
Service Entities
Responsibility
Service Provider Transnet
Infrastructure Design/Engineering Planning
Develop infrastructure design, engineering and security testing and integration procedures that meet requirements and adhere to defined policies
Policies and Procedures
Define Tower component Implementation and Migration policies and procedures
Develop Integration and Testing policies and procedures
Participate in and review Infrastructure policies and procedures, as appropriate
Review and approve Tower component policies and procedures
Detailed Infrastructure Design Planning
Develop, document and maintain technical design plans and environment configuration based on Transnet's design specifications, standards and requirements including IT architecture, functional, performance, availability, maintainability, security and IT Continuity and Disaster Recovery requirements
Conduct site surveys for design efforts as required
Define test to production migration requirements
Coordinate and review all Implementation and Migration plans and schedules with Transnet and all appropriate Help Desks in advance in accordance with change management policies in the Procedures Manual
Provide the necessary written information in sufficient detail to enable accurate and effective infrastructure planning
Review and approve design plans through coordination with the appropriate Transnet technology standards group and design architects
Perform infrastructure, configuration, technical and service planning and analysis based on Transnet’s requirements (e.g., availability, capacity, performance, backup, IT Service Continuity, DR)
Participate in defining and approving test-to-production migration requirements
Integration Testing
Manage Integration and Testing environment(s)
Perform proof of concept and prototyping to mitigate risks
Assess and communicate the overall impact and potential risk to Tower components prior to implementing changes
Test new releases of supported hardware and software to ensure conformance with the Service Levels
Stage new and upgraded equipment, software or services to smoothly transition into existing environment
Conduct integration and security testing for all new and upgraded equipment, software or services to include unit, systems, integration and regression testing
Perform modifications and performance‑enhancement adjustments to system software and utilities as needed
Maintain software release matrices across development, QA, and production environments
TRANSNET
Cross Functional Services Tower
TRANSNET CONFIDENTIAL INFORMATION Page 7
Service Category and Description
Service Entities
Responsibility
Service Provider Transnet
Infrastructure Transition and Migration
Develop the implementation, transition, migration plans and schedules in accordance with Change Management policies and process
Assist in data migration
Configure in scope infrastructure elements to meet Transnet security configuration standards e.g. server hardening
Review and approve the Implementation, transition and migration plans and schedules.
Perform data migration, including data conversion for in-scope applications, by electronic or manual methods as a result of implementation or migration (e.g., databases, system management repositories, address tables, Management Information Bases (MIBs))
Infrastructure Improvement and Innovation
Conduct ongoing, regular planning and recommendations for technology refresh and upgrades
Conduct technical reviews and provide documented recommendations for improvements to the infrastructure that increase efficiency and effectiveness and reduce costs to Transnet
Provide infrastructure installation and upgrade recommendations
Work with appropriate IT service delivery personnel to install new or enhanced Service Tower infrastructure components (e.g., hardware, software, middleware, utilities, peripherals, configurations)
Perform Configuration Management and Change Management activities related to Implementation
Participate in regular planning for technology refresh and upgrades
Approve plans for technology refresh and upgrades
Production Acceptance Criteria
Define Acceptance test criteria
Provide documented requirements and acceptance test criteria per approved requirements standards
Conduct and document End-User acceptance tests (UAT) plans and results
Participate in defining Acceptance test criteria
Review and approve all Acceptance test criteria
Ensure requirements meet security policies
Approve UAT plans and results
Project Management Services
Transnet may from time to time request that the Service Provider perform a discrete set of activities from and in
Project Management Approach
Utilise project management methodologies, knowledge, skills, tools, and techniques consistent with leading internationally recognised and accepted project management practices such as those contained in the Guide to the Project Management Body of Knowledge (PMBOK) or Prince2 or Project Lifecycle Process (PLP)
Maintaining applicable levels of industry knowledge to provide support of and recommendations for Projects
Define enterprise-level project management policies, procedures and requirements (e.g., project feasibility analysis, cost-benefit analysis, scheduling, costing, resource planning, communication planning, procurement, risk management and quality management
Perform project management review and oversight, and provide liaison function to Transnet and End-Users
TRANSNET
Cross Functional Services Tower
TRANSNET CONFIDENTIAL INFORMATION Page 8
Service Category and Description
Service Entities
Responsibility
Service Provider Transnet
addition to the ongoing obligations in the Services (a “Project”).
In performing Projects and providing Project Management Services Service Provider shall apply best practices including with respect to its planning, execution and management of Projects.
Define Project Plan
Provide project definition and plan, identify major critical milestones, overall budgets and project deliverables
Provide, maintain and update detailed project planning, identify critical path dependencies.
Approve project plan
Manage Execution of the Project Plan
Manage, follow up and track execution of project plan.
Perform project management review and oversight, and provide liaison function to Transnet and End-Users
Monitor Project Progress
Report on project progress, budget, risk, issues Review and escalate any issues risks etc. for action to higher governance authorities as required
Acquisition and Management
The acquisition and management process includes the purchase of all service equipment, including new equipment, upgrades to existing equipment, or purchases resulting from a service or repair request. Also maintains buying catalogue, execution of purchase orders, provides quotations, deals with goods handling.
Policies and Process
Develop, document and maintain in the Standards and Procedures Manual Acquisition and Management procedures that meet requirements and adhere to defined policies
Define Acquisition and Management requirements and policies
Establish audit procedures to ensure compliance with leading practices and best pricing
Review and approve acquisition Acceptance process and procedures
Quotations Provide quotation for service requests that are not included in the base service cost
Review and approval/rejection of quotations
Vendors Contract Management
Develop and issue acquisition requests for Service Provider owned service tower components as required
Evaluate proposals against clearly defined objective criteria
Negotiate contracts for Service Provider-purchased/leased service Tower components
Develop and maintain list of provider preferred suppliers/vendors
Develop and issue acquisition requests for Transnet owned service tower components as required
Evaluate proposals against clearly defined objective criteria
Negotiate contracts for Transnet-purchased/leased service schedule (Tower) components
Develop and maintain list of Transnet preferred suppliers/vendors
Procurement Manage the ordering, procurement, contract management, and delivery processes in compliance with Service Provider procurement and acceptance
Manage the ordering, procurement, contract management, and delivery processes in compliance with Transnet
TRANSNET
Cross Functional Services Tower
TRANSNET CONFIDENTIAL INFORMATION Page 9
Service Category and Description
Service Entities
Responsibility
Service Provider Transnet
processes for Service Provider purchased/ leased tower related components
Manage and track Service Provider purchase orders and service orders
Ensure that all new components and software provisioned are included in the asset management system
Register Extended warranties with vendors as per the vendors process
procurement and acceptance processes for Transnet purchased/leased tower related components
Manage and track Transnet purchase orders and service orders
Standards Compliance
Ensure that new equipment/ hardware complies with established Transnet IT standards and architectures
Maintain buying catalogue based on architecture standards
Review and approve selection of hardware platform types to be installed in Transnet facilities and software to be installed on Transnet hardware
Goods Handling and Warehousing
Provide equipment warehousing and logistics
Packaging and transportation of equipment
Establish and maintain appropriate equipment sparing requirements and spares inventory levels to meet SLR obligations
Provide secure facilities for Transnet on-site storage if required
Auditing Perform periodic audits of procurement procedures Assist in periodic audits of procurement procedures
Training and Knowledge Transfer
Services consist of the following: Provision of training for the improvement of skills through education and instruction for Service Provider personnel and managed employees.
Policies and Procedures
Develop and document training and knowledge database requirements and policies
Develop and document procedures that meet training requirements and adhere to defined policies
Develop and implement knowledge transfer procedures to ensure that more than one individual understands key components of the business and technical environment
Participate in development of and review and approve training requirements
Approve training procedures
Develop Knowledge Transfer Programme
Develop program to instruct Transnet personnel on the provision of the services (e.g., “rules of engagement”, requesting services)
Develop and document training requirements that support the ongoing provision of the services, including refresher courses as needed and instruction on new functionality
Approve Service Provider developed training program
Approve knowledge transfer implementation procedures
TRANSNET
Cross Functional Services Tower
TRANSNET CONFIDENTIAL INFORMATION Page 10
Service Category and Description
Service Entities
Responsibility
Service Provider Transnet
Service Provider will participate in any initial and on-going training delivered by Transnet, as required by Transnet, which would provide a learning opportunity Transnet’s business and technical environment. Provision of training for Transnet’s retained technical staff (including the retained personnel) for the express purpose of exploitation of the
functions and features of Transnet’s computing environment. Delivery methods may include classroom style, computer-based, individual, or other appropriate means of instruction. Provision of Transnet-selected classroom-style and computer-based training (case-by-cases basis) for standard Commercial-off-the-Shelf (COTS) applications, including new employee training, upgrade classes and specific skills.
Service Provider Training
Participate in Transnet delivered instruction on the business and technical environment
Take training classes as needed to remain current with systems, software, features and functions for which Service Provider Help Desk support is provided in order to improve service performance (e.g., First Call Resolution)
Provide instruction material pertaining to Transnet business and IT strategy that is relevant to the service provider
Develop and Maintain Training Material
Develop, implement and maintain a Transnet accessible knowledge database/portal
Provide training materials for Transnet technical staff for Level 1 supported applications
Provide training to IT personnel and users on request when substantive technological changes as defined by Transnet (e.g. new systems or functionality) are introduced into the Transnet environment to facilitate full exploitation of all relevant functional features
Provide ongoing training materials for Help Desk personnel on Transnet business and technical environments
Provide Transnet selected classroom-style and computer-based training (case-by-cases basis) for standard Commercial-off-the-Shelf (COTS) applications (quotable by the service provider)
TRANSNET
Cross Functional Services Tower
TRANSNET CONFIDENTIAL INFORMATION Page 11
Service Category and Description
Service Entities
Responsibility
Service Provider Transnet
Documentation
Documentation Services are the activities associated with developing, revising, archiving, maintaining, managing, reproducing, and distributing Tower information (e.g., project planning materials, System design specifications, Procedures Manuals, operations guides) in hard copy and electronic form.
Define Document Requirements
Identify and recommend documentation requirements
Specify the content, purpose, format and production schedule of all documents
Participate in identifying service documentation requirements
Approve recommended documentation requirements, formats and production schedules
Document Provision
Provide timely creation, updating, maintenance and provision of all appropriate project plans, project time and cost estimates, technical specifications, management documentation and management reporting in a form/format that is acceptable to Transnet for service tower projects and major service activities
Provide Transnet with a copy of or access to any Service Provider (or Third Party-supplied) documentation (including updates thereto) for any new, enhanced or modified in scope service tower infrastructure installed by the Service Provider
Manage all documentation in accordance with Configuration Management standards and guidelines
Review and approve documentation as needed
Document Transfer
Provide full documentation of the entire infrastructure upon the end of the contract period.
Verify completeness of documentation provided
Technology Refresh and Replenishment
Technology Refreshment and Replenishment (TR&R) Services are the activities associated with modernizing the services infrastructure on a continual basis. Technology Refreshment and Replenishment (TR&R)
Policies and Procedures
Participate and recommend TR&R life cycle management policies, procedures and plans appropriate for support of Transnet's business requirements
Develop, document and maintain in the Standards and Procedures Manual TR&R procedures and develop TR&R plans that meet requirements, adhere to defined policies and Change and Release Management processes
Define TR&R life cycle management policies, procedures and plans
Review and approve TR&R policies, procedures and plans
TR&R Implementation
Perform the necessary tasks required to fulfil the TR&R plans (defined by Equipment Refresh Policy)
Manage replenishment and decommissioning/disposal in accordance with Transnet approved policies and procedures if the equipment is determined to be in need of replacement
Periodically review the approved TR&R implementation plans to ensure they properly support Transnet's business requirements
TRANSNET
Cross Functional Services Tower
TRANSNET CONFIDENTIAL INFORMATION Page 12
Service Category and Description
Service Entities
Responsibility
Service Provider Transnet
Services is a continual process for review of system components to ensure that the infrastructure stays current with evolving industry-standard technology platforms. This refers to upgrading existing equipment to new levels of technology and establishing a time frame for formal refresh of existing equipment based on agreed life cycles.
Reporting Provide management reports on the progress of the TR&R plans
Review reports during service management meetings
Asset Management
Asset Management Services are the activities associated with ongoing management and tracking of new and upgraded Network components (e.g., hardware, Software, circuits) in the Asset Management system. Minimum Asset Details to include: Manufacturer Model Serial number Asset identification number Asset location Ownership information Asset cost information Maintenance information and history including the age of the Asset
Requirements, Policies and Procedures
Develop, document and maintain in the Standards and Procedures Manual Asset Management procedures that meet requirements and adhere to defined policies
Define Asset Management requirements and policies Review and approve Asset Management procedures
Storage Facilities
Manage stores function Provide facilities within reason
Asset Management System
Deploy and manage an Asset Management system that meets Transnet's requirements and adheres to defined policies
Review and approve system design and reporting capabilities
Asset Record Definition
Develop Asset type list and minimum information requirements that would be included in the Asset Management system
Review Asset type list and maintain Asset types in the Asset Management system
Asset Life Cycle Management
Input, maintain, update, track and report all in-scope assets throughout the asset life cycle (e.g., acquisition to retirement)
Maintain the accuracy related to all Change activities (e.g., Install/Move/Add/Change activities, Break/Fix activities, company reorganization and Change
Provide the Service Provider with accurate asset information for Transnet purchased assets that will be managed by the Service Provider
TRANSNET
Cross Functional Services Tower
TRANSNET CONFIDENTIAL INFORMATION Page 13
Service Category and Description
Service Entities
Responsibility
Service Provider Transnet
Warranty information Other billing information (e.g., lease information, Transnet-specific information) Transaction edit history (e.g., locations, billing and user)
Management) of the data of in-scope assets in the Asset Management System according to SLRs
Advise Transnet in a timely manner of expiration of equipment leases
IT Asset Cascading and Disposal
Store equipment removed from active service until redeployed
Dispose of equipment no longer required in compliance with Transnet ’s property disposal and/or investment recovery policies and procedures
Document changes to inventory use and configuration
Assist Service Provider with the disposal of equipment
Asset Audit and Deficiency Remediation
Perform ongoing Asset audit, in accordance with Asset Management SLRs, to validate that data in the database is accurate and current and Transnet has information that Transnet requires for internal chargeback systems
Provide reports of Asset Management audit results Provide and, upon Transnet approval, implement Asset Management remediation plan for Asset Management deficiencies
Any Transnet requested manual service inventory task to be treated as a quotable project
Periodically review and approve audit reports and remediation plans of Asset inventory management information
Reporting Provide Transnet inquiry and reporting access into the asset Management System for all in scope assets
Provide electronic feed file of asset data for various internal Transnet systems (e.g., financial system, Transnet internal billing system)
Provide list of users requiring Asset Register access.
TRANSNET
Cross Functional Services Tower
TRANSNET CONFIDENTIAL INFORMATION Page 14
Service Category and Description
Service Entities
Responsibility
Service Provider Transnet
Financial/ Chargeback Management and Invoicing
Financial/Chargeback Management and Invoicing Services are the activities associated with providing data that allows Transnet to charge back its internal business units for actual usage of IT Resources and to receive accurate invoices that meet Transnet's requirements.
Requirements, Policies and Procedures
Develop, document and maintain in the Standards and Procedures Manual Financial/Chargeback Management and Invoicing procedures that meet requirements and adhere to defined policies
Define Financial/Chargeback Management and Invoicing requirements and policies
Review and approve Financial/Chargeback Management and Invoicing procedures
Invoicing and Reporting
Provide invoices per Transnet requirements
Provide chargeback reports
Review and approve invoices
Review and approve chargeback reports
Providing Service Provider such information as it may reasonably request in order for it to perform charge-back.
End-User Satisfaction Management
Consistent with the Master Services Agreement, Transnet and the Service Provider shall establish a mutually agreed-upon End-User Satisfaction survey that may be facilitated by a Third Party and designed with Transnet and Provider input.
End-User Satisfaction Surveys
Define the End-User Satisfaction Survey process, questionnaires, methods and deliverables
Conduct end-user satisfaction survey
Participate in defining the End-User Satisfaction Survey process, questionnaires, methods and deliverables
Reporting The Service Provider (or designated Third Party) shall provide semi-annual reporting of the results of Transnet business End-User Satisfaction Surveys, integrating the results of ongoing End-User Satisfaction surveys for each IT Service Tower.
Review results of End-User Satisfaction Surveys as part of the Performance Management Process
Dissatisfaction Resolution Planning
Participate in identify any areas of End-User dissatisfaction.
Develop an action plan to Resolve End-User dissatisfaction.
Identify any areas of End-User dissatisfaction
Participate input into developing a project plan to resolve End-User dissatisfaction
Approve the action plan
TRANSNET
Cross Functional Services Tower
TRANSNET CONFIDENTIAL INFORMATION Page 15
Table 2. Service Delivery Activities
Service Category and Description
Service Entities
Responsibility
Service Provider Transnet
2.3 Service Operations and Support Activities
Operations and Administration Services are the activities associated with providing a stable IT System infrastructure and to effectively and efficiently perform procedures to ensure the Services meet the Service Level Performance Targets and requirements
Requirements and Management Tools
Establish and document comprehensive operational processes, procedures and supporting management tools for the effective and efficient operations of the service tower infrastructure
Requirements, Policies and Procedures
Provide operations requirements and policies, including schedules for the operation of Tower components
Define and develop operational documentation requirements (run books, contact lists, operations scripts, etc.)
Participate in developing operations procedures that meet requirements and adhere to defined policies
Approve operations policies and procedures, documentation and reporting
Implement System Management Tools
Install and configure system management tools in such a fashion that incidents, issues and events are proactively identified, reported and resolved according to prescribed Service Levels
Allow Transnet read only real-time access to the event console tools
Participate in developing requirements and operation procedures for the system management tools.
Monitor Transnet managed services
Reporting Develop and provide operational reports (daily, weekly, monthly) that provide status of operational activities, production issues, and key operational metrics
Review operational reports
Service Maintenance and Repair
Maintenance and repair services are the activities associated with the maintenance and repair of service tower elements (e.g. hardware, software, etc.) to include "Break/Fix" (hardware, software), software revision
Requirements, Policies and Procedures
Develop, document and maintain in the Standards and Procedures Manual
Maintenance procedures that meet requirements and adhere to defined policies
Ensure appropriate Maintenance coverage for all service sites and infrastructure components
Define Maintenance requirements and policies
Define dispatch requirements and point-of-service locations that are Transnet locations
Office Space and Facilities
Provide Service Recipient with office requirements Provide suitable office space for Service Provider On-site personnel within reason
Maintenance Planning
Develop Maintenance schedules Review and approve Maintenance procedures and schedules
Service Component Maintenance and Repair
Provide maintenance and Break/Fix (hardware & software) support in Transnet’s defined locations, including dispatching repair technicians to the point-of-service location if necessary
Conduct Maintenance and parts management and monitoring during warranty and off-warranty periods
On equipment owned by Transnet the maintenance contract and SLA should be aligned e.g. 24x7 maintenance for 24x7 service requirement
TRANSNET
Cross Functional Services Tower
TRANSNET CONFIDENTIAL INFORMATION Page 16
Service Category and Description
Service Entities
Responsibility
Service Provider Transnet
maintenance and diagnostic services.
Perform diagnostics and maintenance on tower service components including hardware, software, peripherals and special-purpose devices as appropriate
Replace defective parts including preventive maintenance, according to the manufacturer’s published mean-time-between failure rates
Equipment Failure Tracking and Corrective Actions
Monitor, track, and analyze equipment failures to identify any emerging or developing trends that will have negative impact on operational performance and develop recommendations on corrective action plans
Implement corrective action plans for those corrective actions that do not require prior review and approval from Transnet
Provide Transnet with management reports with recommended corrective actions plans for those corrective actions that require Transnet approval prior to undertaking such corrective action
Implement approved corrective action plans
Monitor and report on the success of the corrective actions
Review management reports and approve recommendations for corrective actions, where appropriate
Software Revision Maintenance
Perform maintenance and software revision software distribution of manufacturer field change orders, patches, service packs, firmware and software maintenance releases, etc.
None
Reporting Provide monthly reporting of Service Tower maintenance statistics
Review during monthly Service Tower Account and Service Delivery Meetings
Incident Management
The activities associated with restoring normal service operation as quickly as possible and to minimize the adverse impact on Transnet business operations, thus ensuring that the best possible levels of service
Requirements, Policies, Process and Procedures
Develop, document and maintain in the Standards and Procedures Manual Incident Management procedures that meet requirements and adhere to defined policies
Establish Incident workflow, escalation, communication and reporting processes that help to achieve the SLR requirements
Participate in defining Incident Management requirements and policies
Review and approve Incident Management procedures
Review and approve Incident classification, prioritization and workflow, communication, escalation and reporting processes
Single Point of Contact
Provide a single point of contact telephone number for all Service related queries, service requests, logging and clearing of all IT Data Services related incidents.
None
Incident Management
Scenario 1
Use Service Provider owned Incident Management system Provide Incident Management reporting requirements Scenario 1
TRANSNET
Cross Functional Services Tower
TRANSNET CONFIDENTIAL INFORMATION Page 17
Service Category and Description
Service Entities
Responsibility
Service Provider Transnet
quality and availability are maintained.
and Tracking System
that tracks incidents
Service Provider shall provide for simultaneous record creation and updates in Transnet’s Incident tracking system for the Incidents tracked and managed by Service Provider, mirroring instantaneously in real time in the Transnet Incident tracking system the record creations and updates in Service Provider’s Incident tracking system.
Scenario 2
Implement and utilise the Transnet owned Incident Management System
Implement the necessary infrastructure to effectively support the Incident Management and Tracking system.
Assist with the integration of the Service Providers Incident Management System into Transnet’s system
Scenario 2
Architect and select system that allow for the effective incident management of the service tower infrastructure components.
Operational Incident Management
Implement measures for proactive monitoring and self-healing capabilities to limit service outages
Perform event management monitoring of the Services to detect abnormal conditions or alarms, log abnormal conditions, analyse the condition and take corrective action
Manage entire Incident life cycle including detection, diagnosis, status reporting, repair and recovery
Coordinate and take ownership of incident resolution by managing an efficient workflow of incidents including the involvement of Third Party providers (e.g., vendors).
Assign problems to L2 & L3 technical maintenance and repair staff as required
Periodically review the state of open Incidents and the progress being made in addressing these incidents.
Regular feedback by phone, e-mail or SMS to Transnet regarding the restoration progress
Interface with Help Desk(s) and Transnet for Incident Management activities
Manage and coordinate subcontractors and third parties in order to meet resolve problems
Participate in Incident review sessions and provide listing and status of Incidents categorized by business impact
Transnet to report all service related incidents to the Service Provider Help and Service Desk
Completion and Closure of Incidents
An Incident will not be resolved until all updates have been made to the CMDB to reflect the final resolution of the Incident, any Changes, the date and time of resolution, the final classification and priority of the Incident, the Services/End Users/functions that were affected, the CIs
Authorise Close of Transnet-initiated Incidents and supply the Service Provider with a reference number
TRANSNET
Cross Functional Services Tower
TRANSNET CONFIDENTIAL INFORMATION Page 18
Service Category and Description
Service Entities
Responsibility
Service Provider Transnet
identified as the cause of the Incident, and any workarounds.
When an Incident has been resolved, Service Provider will record the Incident as resolved and communicate this fact to Transnet.
Service Provider shall participate in Incident post mortem and improvement activities to prevent the re-occurrence of the Incident and to improve the Incident Management process.
Improvement Planning
Identify possible enhancement opportunities for improved operational performance and potential cost savings
Implement approved projects to implement enhancement opportunities
Review and approve projects to implement enhancement opportunities
Incident Management Outputs
The outputs of Incident Management Services include:
Incident Management Procedures;
Up-to-date electronic records in the Incident tracking system (updated with information about each Incident relating to status, solutions, and workarounds);
Requests for Change (RFCs) implemented to resolve Incidents; and
Management information relating to Incident Management Services as requested by Transnet from time to time (e.g., status, updates, efficiency and effectiveness, other management or performance metrics).
Review of Incident Management outputs
Reporting Provide status report detailing the Incident Management logs. This shall include, but not be limited to, a daily report by Operating Division and geographical area on Incidents that have not yet been Resolved and are beyond the resolution target time.
Review during monthly Service Tower Account and Service Delivery Meetings
Problem Management Services
Problem Management is the process responsible for managing the lifecycle of all
Requirements, Policies and Procedures
Develop, document and maintain in the Standards and Procedures Manual Problem Management and Root Cause Analysis processes and procedures that meet requirements and adhere to defined policies
Service Provider shall incorporate Transnet’s comments on such procedures and include such revised procedures in the Standards and Procedures Manual promptly.
Define Problem Management requirements and policies
Review and approve Problem Management process and procedures
Review and approve RCA procedures
Problem Management
Scenario 1
Use Service Provider owned Problem Management system Provide Problem Management reporting requirements Scenario 1
TRANSNET
Cross Functional Services Tower
TRANSNET CONFIDENTIAL INFORMATION Page 19
Service Category and Description
Service Entities
Responsibility
Service Provider Transnet
problems. The primary objectives of Problem Management are to prevent problems and resulting incidents from happening, to eliminate recurring incidents and to minimize the impact of incidents that cannot be prevented. Problem Management includes the activities required to diagnose the root cause of incidents and to determine the resolution to those problems. It is also responsible for ensuring that the resolution is implemented through the appropriate control procedures, especially Change Management and Release Management. Problem Management will also maintain information about problems and the appropriate workarounds and resolutions, so that Transnet is able to reduce the number and impact of incidents over time. In this respect, Problem Management has a strong interface with Knowledge Management, and tools such as the Known Error Database will be used for both.
and Tracking System
that tracks problems
Service Provider shall provide for simultaneous record creation and updates in Transnet’s Problem tracking system for the Problems tracked and managed by Service Provider, mirroring instantaneously in real time in the Transnet Problem tracking system the record creations and updates in Service Provider’s Problem tracking system.
Scenario 2
Implement and utilise the Transnet defined Problem Management System
Implement the necessary infrastructure to effectively support the Problem Management and Tracking system.
Assist with the integration of the Service Providers Problem Management System into Transnet’s system
Scenario 2
Architect and select system that allow for the effective problem management of the service tower infrastructure components.
Problem Identification, Classification and Recording
Be responsible for identifying, classifying (per defined priority levels)and promptly logging problem records relating to issues within the Service Environment that the Service Provider becomes aware of in the course of the performance of the services
Associate Incidents caused by one or more Problem(s) with such Problem(s), including Incidents that recur or are expected to recur, as well as any single significant Incident.
These priority levels shall be updated to reflect any changes during the resolution of the Problem. For example, new Incidents may increase the Impact and Urgency, and accordingly Priority, of a Problem.
Define Incident and Problem priority levels
Problem Investigation and Resolution
Use Commercially Reasonable Efforts to proactively prevent Problems, including by means of performing trend analysis and identifying potential Incidents before they occur
Identify and investigate weaknesses of infrastructure components.
Correctly identify, investigate and diagnose each Problem to achieve resolution.
If a temporary fix requires modification of infrastructure, Service Provider shall implement it in accordance with the Change Management Procedures.
Flag all Incidents that require Root Cause Analysis per the agreed to procedures
Conduct a formal root cause analysis to identify the origin
Assist in finding root cause of problems which may fall outside of Service Provider area of responsibility but has an impact upon services.
Approve corrective actions or solutions to address recurring problems or failure
Review Known Error Records that have reached the end of their monitoring period, and reassess the Problem and the implemented solution.
TRANSNET
Cross Functional Services Tower
TRANSNET CONFIDENTIAL INFORMATION Page 20
Service Category and Description
Service Entities
Responsibility
Service Provider Transnet
of each Problem that: (i) gave rise to a Service Level Failure; (ii) result from a Major Incident; or (iii) repeat Incident.
Document the root cause and the corrective actions required to prevent a recurrence of the Problem which will be recorded as a Known Error, including an estimate of the costs (if any), timelines and benefits of the proposed solution.
Conduct proactive trend analysis to identify recurring Problems and predict future Problems and points of failure, where practical, from occurring or developing
After a solution has been successfully implemented create/update the knowledge records for Problems and where necessary provide any training required to Transnet's Service Desk to support this knowledge.
Participate in cross-functional Problem determination activities, including facilitating Problem Management review and Problem Management investigation meetings as reasonably required by Transnet.
Adhere to the mutually agreed Problem escalation path for each Problem priority level.
Take ‘ownership’ for all Problems assigned to Service Provider by Transnet, including using Commercially Reasonable Efforts to manage Third Party Suppliers where necessary in order to determine the root cause of or resolve the Problem.
Monitor and manage Known Errors until they are successfully resolved (‘Error Control’). Service Provider shall perform Error Control in accordance with the Change Management Procedures and evaluate the changes in a Post-Implementation Review (PIR).
Problem Closure and Post-Implementation Review (PIR)
When they are resolved, record Problems and Known Errors as resolved.
Once implemented, all Changes to resolve Problems and Known Errors shall be reviewed in a Post-Implementation Review (PIR).
For Problems designated as major, in Transnet’s reasonable judgment, a separate Major Problem Review
Transnet will not close the Problem until (i) the PIR has been completed, (ii) any other steps mandated in the Standards and Procedures Manual have been completed, and (iii) the Parties agree (acting reasonably) that the Change(s) was (were) implemented in such a fashion so as to Resolve the Problem or Known Error.
TRANSNET
Cross Functional Services Tower
TRANSNET CONFIDENTIAL INFORMATION Page 21
Service Category and Description
Service Entities
Responsibility
Service Provider Transnet
shall promptly be undertaken jointly by Service Provider and Transnet to identify:
what was done well;
what was done badly;
how it can be done better the next time; and
further steps the Service Provider should take to prevent a recurrence.
Reporting Provide Transnet with a daily report detailing problems raised, a clear description of the problem, the associated impact, the number of incidents related to the problem, open/closed status of problem and actions taken by the Service Provider to resolve the problem.
Service Provider’s obligations shall include:
Alerting Transnet of any Problems in accordance with the Service Levels; and
At Transnet’s request, providing a preliminary report of the Problem on an expedited basis to Transnet.
Review status report as part of the daily operational meetings
Root Cause Analysis
Root Cause Analysis Services are the activities associated with diagnosing and analyzing the root cause of a Problem and/or trends, and recommending and taking corrective measures to prevent the reoccurrence of such Problems and/or trends.
Requirements, Policies and Procedures
Develop policies and procedures for Root Cause Analysis (e.g., events that trigger an RCA)
Define RCA requirements and policies
Review and approve RCA procedures
Problem Tracking and Analysis
Conduct proactive trend analysis to identify recurring Problems and predict future Problems and points of failure, where practical, from occurring or developing
Track and report on recurring Problems and trends or failures and identify associated consequences of problems
Flag all Incidents that require Root Cause Analysis per the agreed to procedures
Recommend corrective actions or solutions to address recurring Problems or failures
Approve corrective actions or solutions to address recurring problems or failures
Reporting Provide status report detailing the root cause of and procedure for correcting recurring Problems and Severity Levels 1 and 2 Incidents until closure as determined by Transnet
Review during monthly Service Tower Account and Service Delivery Meetings
TRANSNET
Cross Functional Services Tower
TRANSNET CONFIDENTIAL INFORMATION Page 22
Service Category and Description
Service Entities
Responsibility
Service Provider Transnet
Performance Management
Performance Management Services are the activities associated with tuning Service Tower components
for optimal performance.
Requirements, Policies Procedures
Develop, document and maintain in the Standards and Procedures Manual Performance Management procedures that meet requirements and adhere to defined policies
Define Performance Management requirements and policies
Review and approve Performance Management process and procedures
Infrastructure and Tools
Define, develop and implement tools that allow for the effective performance monitoring of the service tower infrastructure components
Define performance management reporting requirements
Performance Monitoring and Tuning
Perform service tower infrastructure component tuning by proactively evaluating, identifying and recommending configurations or changes to configurations to maintain optimum performance to meet performance SLRs in accordance with Change Management procedures
None
Performance Improvement Planning
Develop and deliver improvement plans as required to meet SLRs
Implement improvement plans and coordinate with Third Parties as required
Provide technical advice and support to the application maintenance and development staff as required
Review and approve improvement plans
Reporting Provide monthly reporting of Service Tower component performance, utilization and efficiency
Review during monthly Service Tower Account and Service Delivery Meetings
Capacity Management
Capacity Management Services are the activities associated with ensuring that the capacity of the service tower infrastructure components matches the evolving demands of Transnet business in the most cost-effective and timely manner. The process encompasses the following:
Requirements, Policies and Procedures
Establish a comprehensive Capacity Management planning process
Recommend a service component capacity thresholds required to consistently meet service level obligations
Develop, document and maintain in the Standards and Procedures Manual Capacity Management procedures that meet requirements and adhere to defined policies
Review and approve Capacity Management planning process and procedures
Review and approve service component capacity planning thresholds
Infrastructure and Tools
Define, develop and implement tools that allow for the effective capacity monitoring/trending of the service tower systems software and IT infrastructure components
Define capacity management reporting requirements
Monitoring and Management
Assess capacity impacts when adding, removing or modifying applications
Recommend changes to capacity to improve service performance
Assess impact/risk and cost of capacity changes
Continually monitor infrastructure component resource usage
Identify future business requirements that will alter capacity requirements and inform the Service Provider
Participate in all capacity planning activities
Approve capacity-related change recommendations, as appropriate
Validate infrastructure asset utilisation and capital efficiency
TRANSNET
Cross Functional Services Tower
TRANSNET CONFIDENTIAL INFORMATION Page 23
Service Category and Description
Service Entities
Responsibility
Service Provider Transnet
Monitoring of performance and throughput of IT Services and supporting IT components
Understanding current demands and forecasting for future requirements
Developing capacity plans which will meet demand and SLRs
Conducting risk assessment of capacity recommendations
Identifying financial impacts of capacity plans
Undertaking tuning activities
Assess incidents/problems relate to throughput performance to enable proactive identification of capacity and performance issues
Capture trending information and forecast future Transnet capacity requirements based on Transnet-defined thresholds
Maintain capacity levels to optimize use of existing infrastructure resources and minimize Transnet costs to deliver Services at agreed-to SLRs taking into account daily, weekly and seasonal variations in capacity demands
Reporting Provide asset utilisation and capacity/trending reporting Validate asset utilization & capital efficiency based upon reporting during Account and Service Delivery meetings
Configuration Management
The purpose of Configuration Management is to:
Identify, control, record, report, audit and verify configuration items, including versions, baselines, constituent components, their attributes, and relationships
Account for, manage and protect the integrity of configuration items through the service lifecycle by ensuring that only
Requirements, Policies and Procedures
Develop, document and maintain in the Standards and Procedures Manual Configuration Management procedures that meet requirements and adhere to defined policies.
Incorporate Transnet’s comments on such procedures and include such revised procedures in the Standards and Procedures Manual promptly.
Define Configuration Management requirements and policies
Review and approve Configuration Management procedures
Periodically Audit Configuration Management process for completeness
Approve Configuration Management CI records and Systems interface/data transfer requirements
Configuration Management Database (CMDB)
Prepare a work plan (the ‘CMDB Plan’) to implement the CMDB regardless of chosen scenario.
Scenario 1
Use Service Providers own CMDB
Responsible for designing, populating, maintaining and updating an aggregate, single, consolidated Configuration Management database for Transnet, including all configuration items (‘CIs’) that are to be provided or otherwise managed by Service Provider (the ‘CMDB’). The CMDB shall be hosted by Service Provider and Service Provider shall provide all database administration, maintenance and support for the CMDB. Service Provider
Review and approve Configuration Management database and reporting capabilities
Scenario 1
Review and approve Configuration Management data elements and Systems interface/data transfer requirements.
Scenario 2
Architect and select tools that allow for the effective management of service component configurations
Provide the CMDB system and sufficient licensing for use by the Service Provider
TRANSNET
Cross Functional Services Tower
TRANSNET CONFIDENTIAL INFORMATION Page 24
Service Category and Description
Service Entities
Responsibility
Service Provider Transnet
authorised components are used and only authorized changes are made
Ensure the integrity of the configurations required to control the services and IT infrastructure by establishing and maintaining an accurate and complete Configuration Management Database (CMDB).
Note:
Transnet requires that Service Provider establish within the Transition Period real time, electronic connectivity between the systems that Transnet and the SPOC use for configuration management.
shall design, populate, maintain, and update the CMDB so that it:
(a) is an effective configuration management tool addressing topics typically addressed in such configuration management systems including type, ownership status, age, functionality, configuration and the like;
(b) is consistent with ITIL; (c) is an electronic, enterprise-wide integrated tool that
is capable of: (i) providing output in common non-proprietary format (e.g., CSV, XML); (ii) facilitating data import into tools specified by Transnet; and (iii) reconciliation with the Transnet CMDB.
(d) conforms to Transnet’s Technology Standards as such Technology Standards may be updated from time to time;
(e) permits Transnet to query the database in real-time, create ad hoc reports, and provide data output to Transnet in user configurable formats; and
(f) highlights changes to CIs and tracks deviations from any pre-defined standards or baselines for such items.
Scenario 2
Use Transnet’s CMDB the Service Provider shall use the schemas and standards defined in the Transnet CMDB.
CI Relationships
The CMDB shall include information regarding the relationships between CI’s
Relationships must be maintained between each CI and the following records:
Change records (i.e., Change records currently or formerly open for the CI);
Problem records (i.e., Problem records currently or formerly open for the CI);
Incident records (i.e., Incident records currently or formerly related to the CI)
Provide standard relationship names
Naming Conventions and Labeling
Give each CI a unique and systematic name to ensure it can be distinguished from other CI’s. In this regard, employ the naming conventions employed by Transnet.
Provide the IT component naming convention standards and guidelines
TRANSNET
Cross Functional Services Tower
TRANSNET CONFIDENTIAL INFORMATION Page 25
Service Category and Description
Service Entities
Responsibility
Service Provider Transnet
Status Accounting
Assign a status code to each stage in the lifecycle of a CI (e.g., Requisition, Under Configuration, In Service, In Inventory, Out of Service, Transferred, Obsolete, etc.) that is consistent with the code employed by Transnet.
Record in the CMDB the date of each status change of each CI.
Maintain the status history of each CI in the CMDB
Naming conventions for status codes
Configuration Control
Keep the CMDB up-to-date. Whenever an activity changes the recorded characteristics of the CI, or the relationships between CI’s, promptly record the change in the CMDB
Changes to status or characteristics of CI’s can only be made through the Change Management Procedure.
A Change shall not be deemed to have been completed until the CMDB has been updated.
Use Configuration Management to control all CIs that are within the scope of this Agreement and shall ensure that each such item is recorded timely in the CMDB.
Update the CMDB upon the occurrence of any of the following actions: (a) a CI is added; (b) a CI changes its status; (c) a CI changes ownership; (d) a CI changes in relationship to another CI; (e) a CI is removed; (f) a CI gets other relationships with a service,
documentation or other CI’s; (g) a CI’s license is renewed or modified; (h) a CI’s details are updated after an audit; or (i) prior to using any new or replacement CI to perform
the Services.
Review change requests through the Change Management Procedure
Verification and Audits of the CMDB
Periodically conduct audits, using automated tools, where possible, to verify the accuracy of the details in the CMDB.
Conduct such audits as per the Configuration Management SLR’s and in the following situations:
(i) after the creation and population of the new CMDB; (ii) before and after Major Changes; (iii) after a Disaster.
Provide Configuration Management audit requirements
Periodically review and approve audit reports and remediation plans of IT Asset inventory management information
Transnet reserves the right to conduct such audits itself or through a Third Party designee.
TRANSNET
Cross Functional Services Tower
TRANSNET CONFIDENTIAL INFORMATION Page 26
Service Category and Description
Service Entities
Responsibility
Service Provider Transnet
Any discrepancies found between the CMDB and the actual information about any CI must be logged as Incidents and must be investigated and dealt with retrospectively through the Incident Management Procedure (and, if necessary, the Problem Management Procedure and Change Management Procedure), including to determine if Change Management Procedures were bypassed
Reporting Provide Transnet Configuration Management reports as
required and defined by Transnet Review configuration management reports
Change Management
The activities associated with ensuring that standardised methods and procedures are used for efficient and prompt handling of all Changes, in order to minimise the impact of Change upon Service Quality and consequently to improve the day-to-day operations of Transnet. Change Management covers all aspects of managing the introduction and implementation of all Changes affecting the services and in any of the management processes, tools and methodologies designed and utilised to support the service components. The Change Management process includes the following process steps:
Requirements, Policies and Procedures
Participate in the development of the Change Management Standards and procedures
Comply with the Transnet Change Management Standards and procedures as reasonably amended by Transnet and notified in writing to the Service Provider from time to time
All Transnet in scope infrastructure changes will be submitted to Transnet's Change Management System
Define Change Management requirements and policies
Define and implement the Transnet Change Management Standards including the post change accountability process.
Establish change classifications, such as impact, priority and risk, and change authorisation processes
Infrastructure and Tools
Provide Change Management System for Service Provider internal change management
Provide the Change Management System. To be used for Change Management of changes that would impact in the Transnet environment.
Change Planning
Document and classify proposed changes to the services, which shall include cost and risk impact and back-out plans of those changes and establish change management plans for major changes
Participate in Transnet Change Advisory Board meetings (as and when such meetings are called on reasonable notice) to include the review of planned Changes and results of Changes made.
Participate in the Technical Advisory Board as reasonably required by Transnet
In Transnet’s complete discretion authorise and approve scheduled changes or alter the schedule change requests as defined in the Change Management Standard
Convene a Change Advisory Board comprising of Transnet and Supplier representatives, which will review the business impact / benefit of each change (dependent on complexity) and approve or reject as appropriate
Convene a Technical Advisory Board comprising of Transnet and Service Provider representatives.
Implement Approved Changes
Notify Transnet affected clients of change timing and impact
Determine change logistics and implement change and adhere to detailed change management plans
Schedule, manage and execute change according to change classification, including carrying out all actions required to support the change.
Conduct user acceptance tests, as required
Perform quality control audits and approve change control results
Advise the Service Provider of any fixes or back-out requirements for changes as and when needed.
TRANSNET
Cross Functional Services Tower
TRANSNET CONFIDENTIAL INFORMATION Page 27
Service Category and Description
Service Entities
Responsibility
Service Provider Transnet
Request process
Recording/tracking process
Prioritisation process
Responsibility assignment process
Impact/Risk assessment process
Review/approval process
Implementation process
Verification (test) process
Release process
Closure process
Modify Configuration database, Asset management items and Service catalogue (if applicable) to reflect any implemented Changes
Subsequent to first time changes promptly (and in any event within 5 days) update the knowledge database to identify both successful and unsuccessful changes
Verify that Change met objectives and expected outcomes and resolve negative impacts from the change
Fix or back-out (at Transnet’s request) the change if the impact of the change does not meet the expected outcome
Monitor changes and report results of changes and impacts
Secure and maintain master copies of all new in-scope software versions in a secured Software library and update CMDB.
Quality Assessment
Conduct UATs as required
Follow the post change accountability process as documented in the Transnet Change Management Standards in the event that a Change causes a Priority 1 Incident.
Immediately investigate and report to Transnet any operational change that is undertaken in contravention of the Change Management Standards.
Implement processes, training, disciplinary and other necessary corrective actions to ensure that failures to adhere to the Change Management Standards are not repeated.
Perform Quality control audits and approve change control results
Release Management
Release Management Services are activities associated with providing a holistic view of a Change to a Service to ensure that all aspects of a release, both technical and non-technical,
Requirements, Policies and Procedures
Participate in the development of the Release Management Standards
Adhere to Release Management Acceptance Criteria based on the broader requirements of the Transnet Release Policy.
As part of the Release Management process, Service Provider will have access to, and raise requests for change on, Transnet's Change Management System (see Change Management Section).
Define release policies and standards for the testing and live environments
Define and implement the Transnet Release Management Standards including the post release accountability process.
Adhere to Release Management processes.
Release Planning
Release software and hardware into the testing environments for testing and live environment for live use according to the release criteria specified by Transnet. This
Maintain a consolidated Release Plan with a rolling 12 month view for the overall Transnet environment and provide Service Provider with a minimum 8 weeks
TRANSNET
Cross Functional Services Tower
TRANSNET CONFIDENTIAL INFORMATION Page 28
Service Category and Description
Service Entities
Responsibility
Service Provider Transnet
are considered together and to plan and oversee the successful rollout of software, hardware and design and implement efficient procedures for distribution and installation of Changes. The activities also ensure that only correct, authorised and tested versions are installed and that changes are traceable and secure.
is subject to all design, build and configuration documentation being supplied to Transnet's Release Manager for approval prior to such release. This condition applies to all Project and operational releases.
Full testing shall include the handover of User Acceptance Testing results including providing code, scripts, release notes, deployment and installation guides, a test environment and test completion reports
In respect of the release process, will provide Transnet's Release Manager with the Release Management Plans.
Ensure that all Changes follow the Release Management process. Service Provider will provide, for all Service Provider owned components, the necessary back-out plans, change criteria and Acceptance Criteria for changes.
Release Manager will participate in Transnet's Change Advisory Board where allocation of release slots for testing are discussed and agreed (including emergency sessions for emergency changes).
Change Manager will attend the weekly Change Advisory Board where final decision on change into live environment is sanctioned.
visibility of requirements
Ensure that the Release Management process successfully delivers and deploys packages through the approved certification testing, UAT and pilot processes. This service will be accountable for the delivery and deployment of selected application packages for all in scope components (e.g. server, laptops, desktops etc.).
Approve changes to Releases.
Authorise each Release formally
Communication to end users to ensure adherence to the Release Policy.
Release Implementation
Implementation of toolsets to cater for mobile equipment such as tablets and smartphones.
Configure the toolset to endeavour to obtain maximum volume of data is released during the available time period.
Make software available to users via a profile-based software control and distribution system and control this within the Release Management System
Deploy software updates on all in-scope service devices following written authorisation from Transnet Release Manager
Update anti virus/spyware/malware signature files when released
Apply bug fixes obtained from software vendors for problems experienced
Provide Patch & Service Pack Management
Provide application software release updates
Maintain accurate records of levels of microcode, firmware
At its sole discretion make a decision to backout a Release.
In the event of a failed testing or live distribution, Transnet's Release Manager will advise of the next available appropriate release slot.
TRANSNET
Cross Functional Services Tower
TRANSNET CONFIDENTIAL INFORMATION Page 29
Service Category and Description
Service Entities
Responsibility
Service Provider Transnet
and software of all service tower components deployed.
Emergency Release Implementation
Perform the following functions for Emergency Releases at Transnet's request:
Raise an Operational Change Record in accordance with the Change Management Service.
Deploy the Release following written authorisation from Transnet Release Manager.
Back out the Release if, in Transnet's opinion, the Change has not been successful.
Distribute emergency and standard patches according to current Transnet standards.
Test patches according to approved testing standards prior to their release unless otherwise directed by Transnet.
Conduct software deployment reviews
Where appropriate authorise each Release formally in writing to the Service Provider
Reporting On a monthly basis notify Transnet of devices, which are not current with the latest releases and table a recommended deployment schedule of steps to be taken to update it.
Review report at monthly Account and Service Delivery meetings
TRANSNET
Cross Functional Services Tower
TRANSNET CONFIDENTIAL INFORMATION Page 30
Service Category and Description
Service Entities
Responsibility
Service Provider Transnet
Software Asset Management
The activities associated with the acquisition and ongoing tracking and management of the financial, physical, licensing and contractual aspects of software assets throughout their life cycle.
Requirements, Policies and Procedures
Develop, document and maintain in the Standards and Procedures Manual Software Asset Management best practices, processes and procedures that meet requirements and adhere to defined policies.
The following SAM processes need defining: o Inventory management and reporting o Entitlement management o Consumption management o Reconciliation and reporting o Investigation and reporting o Remediation and reporting o Renewals management o Audit management
Define Software Asset Management requirements and policies
Review and approve Software Asset Management processes and procedures
Contracts and licensing information
Manage the contract information
Perform initial load of licensing information and perform initial inventory to license entitlement reconciliation
Prove the Service Provider with all necessary contract information for in scope software assets that need to be managed.
SAM Tools Select, configure and implement SAM applications and database(s)
Design and develop interfaces for sharing SAM data with Transnet systems
Provide functional guidelines and asset record detail requirements for software asset management and licensing tools
Provide information and integration requirements for SAM data.
Software Life Cycle Management
Develop and maintain inventory of all software licenses
Maintain relationship between discovered inventory data and license entitlement records
Manage entitlement and consumption, reconcile, investigate and remediate misalignments
Perform Demand Management
Perform Renewals Management
Obtain approval from Transnet for any license change or replacement
Assign licenses in SAM databases to comply with contract terms and license conditions
Assign licenses to Operating Divisions to support accurate chargeback and financial accountability for budgets and costs.
Assign licenses to enable license recycling and cost optimisation to meet budget reduction and cost-saving initiative
Review any changes recommended by the Service Provider
TRANSNET
Cross Functional Services Tower
TRANSNET CONFIDENTIAL INFORMATION Page 31
Service Category and Description
Service Entities
Responsibility
Service Provider Transnet
Reassign unused existing licenses
Manage and maintain (e.g., monitor, track status, verify, audit, perform contract compliance, renew, reassign) software licenses and media through software license life cycle
Continuous Improvement
Perform continuous process improvement to improve the maturity and effectiveness of Software Asset Management
Review and approve improvement plans
Software License Negotiations
For Service Provider software, be responsible for negotiations.
Assist and provide software contract negotiations expertise
Lead and be accountable for any contract negotiations for Transnet licensed software
Software Contracts
For Service Provider contracts, be responsible for maintenance or upgrade costs and vendor relationship.
Coordinate Software license and maintenance agreement reviews, allowing for sufficient time prior to expiration for negotiation.
For Transnet-retained contracts, be responsible for maintenance or upgrade costs and vendor relationship
Responsible for all commercial aspects of license compliance for all Transnet owned licenses
Periodically review Software license and maintenance agreements
Licence Compliance
Manage and perform audits and reconcile the number of licenses to the number of installs
Provide recommendations to purchase additional license capacity, recommending alternatives, or curtailing usage where necessary and appropriate, to restore, or continue to maintain, license compliance
Identify and report license compliance issues to Transnet
Hold periodic reviews and ensure review is conducted 90 days prior to expiration of all Software and hardware license and maintenance agreements
Provide Service Provider with software license entitlements
Procure software licenses based on requests from the Service Provider to meet compliance obligations
Periodically review software license and maintenance agreements, allowing for sufficient time prior to expiration for negotiations
Identify and report license compliance issues to End-Users
Review license compliance issues with End-Users
Participate in periodic software reviews
Reporting Report any exceptions to vendor terms and conditions
Report on software usage and licensing compliance
Provide reports and recommendations to use in making Software acquisition and discontinuance decisions
Review and make decisions on reported usage and Service Provider recommendations
TRANSNET
Cross Functional Services Tower
TRANSNET CONFIDENTIAL INFORMATION Page 32
Service Category and Description
Service Entities
Responsibility
Service Provider Transnet
Service Level Monitoring
Service Level Monitoring and Reporting Services are the activities associated with monitoring and reporting of Service delivery with respect to the Service Levels, which shall be performed consistent with this Service Tower. In addition, the Service Provider shall report systems management information (e.g., performance metrics, and systems accounting information) to the designated Transnet representatives in a format agreed to by Transnet.
Requirements, Policies and Procedures
Develop, document and maintain in the Standards and Procedures Manual Service Level Monitoring and Reporting procedures that meet requirements and adhere to defined policies
Define Service Level Monitoring and Reporting requirements and policies
Define and document Service Level requirements and agreements
Review and approve Service Level Monitoring and Reporting procedures
Service Improvements
Develop and deliver SLR improvement plans where appropriate
Implement SLR improvement plans
Report on SLR performance and improvement results
Review and approve SLR improvement plans
Review and approve SLR metrics and performance reports
Monitoring and Reporting
Measure, analyze and provide management reports on performance relative to SLRs
Coordinate SLR monitoring and reporting with designated Transnet representative and Third Parties
Provide Transnet portal access to performance and SLR reporting and monitoring system
Review during monthly Service Tower Account and Service Delivery Meetings
TRANSNET
Cross Functional Services Tower
TRANSNET CONFIDENTIAL INFORMATION Page 33
Service Category and Description
Service Entities
Responsibility
Service Provider Transnet
IT Service Continuity and Disaster Recovery
The activities associated with providing prioritised IT Service Continuity and DR Services for Transnet applications, and their associated infrastructure (e.g., CPU, servers, network, data and output devices, End-User devices). Provider must demonstrate that it will consistently meet or exceed Transnet’s Service Continuity and Disaster Recovery Services requirements. The DR service is dedicated to Transnet. There are no risks such as with traditional shared DR services, which are based on a first come first serve basis Manage and maintain the entire end-to-end ITSCM process for Transnet. The program includes daily initiatives, actions and work effort, to facilitate Transnet in ensuring that the service capability of the disaster recovery services residing in
Requirements, Policies and Procedures
Perform in-depth reviews of Transnet’s existing business continuity management policies, strategies, processes and procedures
Recommend best practices for IT Service Continuity and Disaster Recovery Services strategies, policies and procedures
Document IT Service Continuity and Disaster Recovery Services procedures that adhere to Transnet's requirements and policies
Establish processes to ensure DR plans are kept up to date and reflect Changes in Transnet environment
As needed, assist Transnet in other IT continuity and emergency management activities
Conduct ongoing alignment of the ITSCM plans with Transnet’s business continuity plans in accordance with the ITSCM policy and processes
Ongoing scrutiny and optimisation of the recovery process ensuring all SLAs are met ensuring alignment with service level management
Communicating and maintaining awareness of ITSCM objectives
Define Transnet’s Business Impact Analysis (BIA) for IT Service Continuity and Disaster Recovery Services strategy, and Transnet emergency management requirements and policies
Determine and define Transnet application criticality, availability, and recovery requirements pertaining to Transnet Critical Infrastructure
Define data (file system, database, flat files, etc.) replication, backup and retention requirements
Review and approve IT Service Continuity and Disaster Recovery Services procedures
Communicating and maintaining awareness of ITSCM objectives
DR Planning Provide advice and guidance to all areas of the business and IT on all continuity related issues
Provide business continuity subject matter expertise to assist in developing the DR plan to meet Transnet Business Continuity and Disaster Recovery requirements.
Plan shall include plans for data, backups, storage management and contingency operations that provide for recovering Transnet’s systems within established recovery requirement time frames after a disaster affects Transnet’s use of the services,
Plans for recovery of Service Provider-owned and provided systems and services that are critical for supporting Transnet business operations.
Plan to switch to standard mode of operation after a disaster event
Develop a hosting services plan to switch to standard
mode of operation after a disaster event.
Review and ensure that all risks and activities underpin and align with all business continuity management, risks and activities and are capable of meeting the agreed and documented targets.
Participate in defining the DR
TRANSNET
Cross Functional Services Tower
TRANSNET CONFIDENTIAL INFORMATION Page 34
Service Category and Description
Service Entities
Responsibility
Service Provider Transnet
the disaster recovery data centre can be restored to a target level of serviceability in the event of a major capability outage or disaster.
Undertake quality reviews of all plans, associated procedures and ensure changes are incorporated into the testing
Assess potential service continuity issues
Undertake risk assessments for all new services (single points of failure and/or component failure impact assessments) against defined business objectives to optimise risks mitigation
Assess all changes weekly for their potential impact on the plans, including attendance at CAB meetings and conducting an assessment on any new services in accordance with the overall requirements of Transnet. Ensure plans are under very strict change and configuration management control
Maintain a recovery configuration 24x7x365
Submit the updated DR Plan to Transnet
Maintain Business Alignment
Conduct monthly DR Forum meetings with agreed Transnet business representatives to give an overview of all topics in the DR services agreement for risks containment and produce minutes for tracking purposes
Transnet business to participate in the DR Forum
DR Site Services
Maintain the DR Data centre services (environmental, physical security… etc). to include
An executive boardroom with LAN points & telephony. The boardroom serves as a crisis command centre.
The recovery location includes a back office environment with 10 seats (chair, LAN point, desk, telephone & desktop/PC).
Synchronous & Asynchronous data replication (SRM, Data Domain & TruCopy), off-site backups, exchange & AD are active and requires daily monitoring & reporting.
Provide ongoing UNIX, Wintel, Mainframe, Connectivity… etc administration & availability management -firmware, patches, etc. Ensure environment is current through retrofitting any changes in production environment to the DR environment.
Ongoing assessment and capacity management of hardware resources during upgrades ensuring disaster recovery resources are acceptable to Transnet
Provide Service Provider with information pertaining to and DR site requirements or changes in requirements
Periodically review the capability and capacity of the DR Site and infrastructure.
TRANSNET
Cross Functional Services Tower
TRANSNET CONFIDENTIAL INFORMATION Page 35
Service Category and Description
Service Entities
Responsibility
Service Provider Transnet
DR Testing Conduct pre-test process to establish agreement on the scope and objective of the test
Perform scheduled IT Service Continuity, DR, and emergency management tests per Transnet-approved policies and procedures
Track and report IT Service Continuity and DR test results to Transnet
Develop action plan to address any issues arising from IT Service Continuity and DR testing results
Implement approved action plan and provide ongoing status until completion to Transnet’s satisfaction
Instigate and oversee all corrective actions are remediated emanating from all post-test analysis and recommendations
Execute plan to switch to standard mode of operation after a DR test
Test system operations to ensure full functionality
Secure, remove, and relocate all sensitive materials at the DR site
Schedule required test with the Service provider. Limited to 2 tests per annum roughly at 6 monthly intervals
Attend the pre-test and post –test meetings
Coordinate involvement of Operating Divisions for IT Services Continuity and DR testing
Participate in IT Service Continuity and DR tests
Review & approve IT Service Continuity and DR testing results
Review and act on recommendations in the test report(s) action plan
DR Event Notify Transnet in the event of a disaster situation, per DR policies and procedures
Initiate the DR plan in the event of a Service Provider DR situation and notify Transnet per DR policies and procedures
Provide all actions required to guarantee that Transnet system operations will be re-established within a predetermined service level time period
Coordinate with Transnet during a Service Provider DR situation per DR policies and procedures
Notify SP in the event of a disaster situation, per DR policies and procedures
Approve the switch to DR mode
Initiate the DR plan in the event of a Transnet DR situation per the DR policies and procedures
Return to Standard Mode of Operation
Roll back to move from a disaster recovery mode of operation to a
Continuously monitor the site or facility's fitness for reoccupation
Verify that the site is free from aftereffects of the disaster and that there are no further threats
Ensure that all needed infrastructure services, such as power, water, telecommunications, security, environmental controls, office equipment, and supplies, are operational
Execute plan to switch to standard mode of operation after a disaster event
Test system operations to ensure full functionality
Activate project plan to switch to standard mode of operation after a disaster event.
Confirm return to standard mode of operation after a after a disaster event.
TRANSNET
Cross Functional Services Tower
TRANSNET CONFIDENTIAL INFORMATION Page 36
Service Category and Description
Service Entities
Responsibility
Service Provider Transnet
standard mode of operation
Arrange for operations staff to return to the original facility
Terminate DR Site operations
Secure, remove, and relocate all sensitive materials at the DR site.
Security Services
Security Services are the activities associated with physical and logical security of all Service components (hardware and Software) and data, virus protection, access protection and other Security Services in compliance with Transnet security requirements and all applicable regulatory requirements.
Security Incident Logging and Resolution
Log and report security violations to Transnet per Transnet policies and standards
Implement immediate measures to react to an identified security Incident and take actions to isolate and minimize the negative impact to the Transnet infrastructure in accordance with Transnet security procedures
Escalate and resolve security violations originating both externally and internally of the hosted Network(s) (e.g., denial of service attacks, spoofing, Web exploits) in accordance with Transnet security procedures
Resolve violations of security and security policy which are determined to be internal to the Service Provider
Resolve violations of security and security policy which are determined to be internal to Transnet
System Audit Logs
Real-time provision of all system audit logs to Transnet/nominated 3rd party
Provide Service Provider with system log requirements and integration into Transnet Security Intelligence Centre
Certificate Management
Provide solution and processes for the management of certificates.
Issuing
Renewal; and
Revocations
Request certificates for in scope services as required
Vulnerability Testing
Conduct security vulnerability scans & penetration testing as necessary to maintain current security posture using third party providers as necessary to demonstrate objectivity and validate results
Provide detailed reporting on Vulnerability Test & Penetration test results
Review testing results and escalate and define actions (sign-off of remediation plan) as required
Virus/Malware Control
Advise on good working practices to help prevent infection by viruses
When a virus is detected or suspected, carry out or advise on virus containment, checking and disinfection procedures
Promptly install upgrades to the virus protection program, on all appropriate servers. Notify Transnet of the new versions and provide recommendations for their use (if applicable)
Supply and approve virus protection software and virus protection programme
TRANSNET
Cross Functional Services Tower
TRANSNET CONFIDENTIAL INFORMATION Page 37
Service Category and Description
Service Entities
Responsibility
Service Provider Transnet
Security Patches
Review all security patches ,“bug fix,” service pack relevant to the Transnet IT environment and classify the need and speed in which the security patches should be installed as defined by security policies, standards, and best practices
Install security patches, “bug fix,” service pack in accordance with Transnet security requirements, standards, procedures and policies
Approve production rollout of patch, “bug fix”, service pack installation and upgrades to the current installed version
Security Audits Provide technical expertise for security audits
Perform security audits every six months including a report of active user IDs, to be submitted to the Security Portfolio Manager and summarised in the monthly report
Maintain all documentation required for security audits and internal control and control testing
Maintain a central repository of log files in accordance with Transnet policies and Service Levels including application specific and System specific log files
Allow third party security audits as authorised by Transnet Security Services Function
Conduct risk assessment to identify control or security gaps
Perform periodic security audits
Directory Administration
Manage and administer the Enterprise Directory o Directory design best practices adhered to, signed off
by Microsoft o Manage the directory schema o Manage and operate the directory servers, replication
and overall health and stability of the directory o Administer the directory contents
Monitoring system event logs
Integrate the Enterprise Directory with external entities and systems as requested
Administer directory objects under Transnet business entity control for those divisions that have elected to do so
Access Monitoring
Monitoring contractor review dates (contractor access is usually granted for a 3 or 6 month term)
Monitoring overdue passwords (and following up to request password changes)
Monitoring privileged account use for server operating system, database and firewall (internal and external)
Monitoring log-in failures and other activity
Monitoring files share access and application access (usually ad hoc and at the owner’s request)
Monitor account usage
Provide timely information pertaining to contractor or any guest access requirements
TRANSNET
Cross Functional Services Tower
TRANSNET CONFIDENTIAL INFORMATION Page 38
Service Category and Description
Service Entities
Responsibility
Service Provider Transnet
Intrusion Detection/ Prevention
Provide Intrusion Detection / Prevention Services and reporting
Allow for independent Intrusion Detection / Prevention Services
When an attack is detected or suspected, carry out or advise on immediate actions necessary for mitigating and remedying any problems and restoring full secure functionality with minimum Transnet impact
Develop recommendations for improved security methods as determined by IDS / IPS findings
Implement approved recommendations
Review and approve recommendations for improved security methods
Security Awareness Programme
Contribute, as requested, to Transnet in managing Transnet's “Security Awareness Programme” for Transnet
Implement a “Security Awareness Programme” that addresses the support and delivery within Transnet’s organisation
Reporting Generate reports as requested by Transnet Request reports as needed
TRANSNET
Cross Functional Services Tower
____________________________________________________________________________________________
TRANSNET CONFIDENTIAL INFORMATION Page 39
2.4 Exclusions
The following items are specifically excluded from this statement of work:
a. None
3.0 Service Management
3.1 Objectives
A key objective of the Agreement is to attain Service levels with Service Credits where business is impacted through failure to meet Service performance requirements. SLRs are detailed in the following sections and those associated with Service Credits are identified in Attachment J —Service Credit Methodology of the Master Services Agreement.
The Service Provider shall provide written reports to Transnet regarding the Service Provider’s compliance with the SLRs specified in this Service Tower.
3.2 Definitions
Attachment V Appendix 1 - Service Tower Definitions.docx of the Master Services Agreement provides a list of definitions and terms that apply to this Service Tower and the following SLRs.
3.3 Service-Level Requirements (SLRs)
The following minimum Service levels are required at the end of the Transition Period. The Service Provider must consistently meet or exceed the following SLRs.
The Service Credit methodology and the identification of Service Levels associated with Service Credits are detailed in Attachment J—Service Credit Methodology of the Master Service Agreement.
3.4 Reports
Provider shall provide reports to Transnet regarding the Service Provider’s compliance with the SLRs. Reports are required per the following table:
Table 3. Cross Functional Services Reports
Report Description SLA Metrics Addressed Timing
Availability of Professional Services Personnel Professional Services Quarterly
TRANSNET
Cross Functional Services Tower
TRANSNET CONFIDENTIAL INFORMATION Page 40
4.0 Referenced Appendix, Service and MSA Attachments
4.1 Appendix – Financial Responsibilities Matrix
Service Component
Asset Ownershi
p
Refresh Refresh Cycle
Upgrades / Enhancements
Party Responsible for Growth
Disaster Recovery (Services)
Infrastructure Provision for
Disaster Recovery
Maintenance & Support
CMDB
Scenario 1
Service Provider
Service Provider
5 years Service Provider Service Provider
Service Provider
Service Provider
Service Provider
CMDB
Scenario 2
Service Recipient
Service Provider
5 years Service Provider Service Recipient
Service Provider
Service Provider
Service Provider
Service Reporting Infrastructure
Service Provider
Service Provider
5 years Service Provider Service Provider
Service Provider
Service Provider
Service Provider
Service Catalogue Infrastructure
Service Provider
Service Provider
5 years Service Provider Service Provider
Service Provider
Service Provider
Service Provider
Asset Management See CMDB
Service Provider
Service Provider
5 years Service Provider Service Provider
Service Provider
Service Provider
Service Provider
Reporting Portal Infrastructure
Service Provider
Service Provider
5 years Service Provider Service Provider
Service Provider
Service Provider
Service Provider
Security Operations Centre Infrastructure
Service Provider
Service Provider
5 years Service Provider Service Provider
Service Provider
Service Provider
Service Provider
Vulnerability Management Infrastructure
Service Provider
Service Provider
5 years Service Provider Service Provider
Service Provider
Service Provider
Service Provider
TRANSNET
Cross Functional Services Tower
____________________________________________________________________________________________
TRANSNET CONFIDENTIAL INFORMATION Page 41
Software1
Service Component License Fees 3rd Party Charges (Maintenance & Support)
Service
Recipient Service Provider
Service Recipient
Service Provider
Cross Functional Services
Public Key Encryption Infrastructure Software
Yes Yes
Patch Management and Software Distribution
Yes Yes
Help & Service Desk Scenario 1
Yes Yes
Help & Service Desk Scenario 2
Yes Yes
CMDB Scenario 1 Yes Yes
CMDB Scenario 2 Yes Yes
Antivirus licenses for Service Recipient owned servers where Service Provider is not responsible for server support
Yes Yes
Management Portal Software Yes Yes
All Service Recipient-owned application software
Yes Yes
Note: This Financial Responsibility Matrix will be completed with the preferred respondent during the Due Diligence phase of the evaluation and selection process.
1 Software included under the Service Provider columns represents the products to be implemented/continued with during the Transition Period and can be replaced by a functionally equivalent product during the term at the Service Providers election.