Cloud Marketplace Discussion Paper

We have a mandate to improve digital and ICT capability across Commonwealth Government. This includes improving the access to, and usage of digital sourcing. We've decided to approach the market to create a new Cloud Marketplace panel sourcing arrangement to better suit industry developments and respond to changing needs.

[toc]

Introduction

Current Cloud Services Panel

The Commonwealth of Australia as represented by the Digital Transformation Agency (DTA) has a mandate to improve digital and ICT capability across Commonwealth Government. This includes improving the access to, and usage of digital sourcing.

As part of this mandate, the DTA sets up and manages coordinated and cooperative digital sourcing arrangements to provide Buyers with better access to ICT products and services. These sourcing arrangements give more equitable access to small and medium enterprises (SMEs), use whole-of-government buying power, and achieve value-for-money for the taxpayer when government buys ICT. These arrangements also simplify the buying process for industry and government while improving transparency.

Our Cloud Services Panel (CSP) is a cooperative procurement arrangement for Cloud Services and Cloud Consulting Services. We based the CSP on the 2011 US-based National Institute of Standards and Technology (NIST) definition of what a Cloud Service should be in the context of the traditional as-a-service offering across Infrastructure, Platform and Software. These are generally referred to as IaaS, PaaS and SaaS.

The CSP currently hosts over 500 Cloud Services from more than 240 Sellers as at September 2019. This includes some overseas Sellers. Over 70% of Sellers are SMEs. The CSP has facilitated over $130M in government cloud contracts since starting in 2015.

To help Buyers take advantage of the benefits of cloud computing, we updated the CSP with two approaches to market in 2016 and 2018. The term of the current CSP will expire in March 2020, with only one 12-month extension available.

Drivers for change

When we reviewed the business case to extend or renew the CSP arrangement, we analysed the factors shaping government adoption of cloud services. This identified some key developments and industry trends indicating a broader change to the current CSP arrangement:

  • The emergence of newer services offering cloud-based access to ICT applications, processes, functions and network connectivity is challenging the traditional NIST-based view of cloud services. This is described as ‘Anything-as-a-Service’ (XaaS).
  • More Australian SMEs are entering the cloud market to offer derived and value-added Cloud Services by leveraging other major providers for back-end compute requirements.
  • Digital sourcing arrangements are shifting to a ‘marketplace’ concept, from the traditional panel arrangements. A marketplace offers Sellers and Buyers more flexibility and choice through simpler and frequent Seller onboarding, easier quoting and contracting process and better service catalogues supported by automated sourcing platform and processes.
  • Leading vendors are updating their licensing models and reseller channels to promote cloud-based delivery and to maintain and expand their respective market-shares. This provides more opportunities to get better value-for-money when buying Cloud Services.
  • Security accreditation, location and transparency of deployment models are key considerations when agencies buy Cloud Offerings. Easy access and confirmation of security measures will remain a requirement of Buyers.
  • Buyer demands are also changing. The influence of industry developments and technological advances are pushing Buyers to look for more evolved Cloud Services. Buyers are also showing an increased readiness to adopt Cloud-centric Managed Services when outsourcing their ICT requirements.

New Cloud Marketplace

We have decided to approach the market to create a new Cloud Marketplace (CMP) panel sourcing arrangement to better suit these industry developments and respond to changing Buyer needs.

The aim of the proposed CMP will be to achieve value-for-money outcomes for government agencies when buying Cloud Offerings by:

  • establishing a sourcing arrangement flexible enough to accommodate industry developments and technology advances in cloud computing
  • giving Buyers access to a broader range of Cloud Offerings
  • simplifying the buying process
  • promoting increased participation from Australian SMEs
  • providing a modern, flexible, competitive and accessible Cloud Offerings marketplace to Buyers
  • shortening Buyer timelines and reducing costs when buying Cloud Offerings.

We are proposing to create the CMP based on the scope and approach described within this request-for-information (RFI) Discussion Paper. We invite all interested parties to review the Paper and provide written feedback, subject to the terms of this RFI. We will use the feedback to develop the approach-to-market (ATM) for the next CMP and operations.

Responding to this RFI Discussion Paper

Response Requirement

This RFI Discussion Paper describes the key aspects of the procurement process to establish the CMP. Through this Paper, we want to validate and refine both areas before we formally approach the market.

We invite submissions from anyone interested to provide their input and feedback on each section described here. You may consider the following sample questions as a starting point to frame your response:

  • Does the proposed scope of the CMP adequately address the Cloud Offerings available and emerging in the market?
  • Would the classification and reliance on ISO 17788 create a clearly-catalogued and easily-accessible CMP for Buyers of Cloud Offerings?
  • Are the proposed 2-phase procurement process and related steps clear and logical?
  • Will the proposed use of the Digital Tendering Platform create an easier way to submit tenders?
  • Which proposed contracting approaches is best considering the positives and negatives of each?
  • Are there better methods for periodically onboarding new Sellers and Cloud Offerings?
  • Are there any barriers to Buyers easily accessing and using the CMP for their cloud procurement needs?

Response Format

To comment on any part of this Paper, please identify the topic or section and the paragraph, with your comment. Where you see a problem, we would appreciate receiving details of suggested solutions or workarounds.

Please use the following template format when providing your feedback.

Section / Paragraph Reference Identified Issue, Item to Note, etc. Comment, proposed solution or alternative wording

 

 

 

 

 

 

 

 

Terms of this RFI

Relevant Laws

The laws of the Australian Capital Territory apply to this RFI and to the RFI process. Respondents should not make false or misleading statements in their submissions and should be aware that giving false or misleading information to us may be a serious offence under section 137.1 of the schedule to the Criminal Code Act 1995 (Cth).

Respondents should note that the Freedom of Information Act 1982 (Cth) gives members of the public rights to access official documents of the Commonwealth and its agencies, which may include submissions to this RFI. The Freedom of Information Act 1982 (Cth) extends, as far as possible, the right of the Australian community to access information (generally documents) in the possession of the Commonwealth, limited only by considerations of the protection of essential public interest and of the private and business affairs of persons in respect of whom information is collected and held by departments and public authorities.

Rights and Liabilities of DTA

We are gathering information and feedback to help us develop and refine our requirements for the CMP. When you review and respond to this RFI Discussion Paper, please note:

  1. This is not a procurement process and your response is voluntary.
  2. You do not need to respond to participate in any future procurements we may undertake.
  3. If you choose to respond, your response must be in the format specified in section 3 (Responding to this RFI Discussion Paper).
  4. We will not competitively evaluate any response or use this process or any responses to shortlist you for any future procurements.
  5. You agree all responses you provide become our property, except your intellectual property rights. You agree we may use, adapt, and disclose any information you provide for Commonwealth purposes. This includes planning, preparing, and conducting any future procurement process for the CMP.
  6. We may also disclose any information you provide to third parties helping us, so you should avoid providing any confidential information.
  7. You should be aware we may change our requirements for the CMP at any time, including as a result of this process. This means the information and documents about the CMP here may be different from those included in any future procurements.
  8. This RFI is not legally binding. We have no legal liability in relation to your participation.
  9. We may ask for information about the scope of the CMP, including feedback on any draft Statement of Requirement, in future RFIs or discussion papers.
  10. Participation in any stage of the RFI process, or about any matter concerning the RFI, is at your sole risk and expense.

RFI Closing Time

Please send responses to this RFI Discussion Paper to the Contact Officer, by email at CloudProcurement@dta.gov.au by 2pm 13th November 2019.

You must submit responses to this paper in line with the process and format specified in section 3 (Responding to this RFI Discussion Paper).

Proposed Scope

We propose the CMP include Cloud Offerings across 3 key areas of the cloud computing ecosystem:

  • Cloud Services
  • Cloud Consulting Services
  • Cloud-centric Managed Services

The following sections describe these.

Cloud Services

Cloud Services includes one or more of the core ICT components provided ‘as-a-Service’. For example:

  • infrastructure
  • platform
  • software
  • applications
  • function
  • connectivity

Sellers provide these on a fee-for-service basis with a matching service metric, such as $x/unit/month based on consumption, with relevant minimum/maximum conditions.

We propose to define and assess Cloud Services against the key characteristics outlined in ISO 17788 on cloud computing (Information technology — Cloud computing — Overview and vocabulary). ISO 17788 describes a taxonomy for the classification of Cloud Services.

We are considering using this taxonomy as the basis for classifying and presenting Cloud Services on the CMP. We also propose to operate the CMP in accordance with a classification scheme based on ISO 17788, along with other attributes as required.

Sellers on the CMP will be responsible for defining and classifying their Cloud Services according to this scheme. We will be responsible for reviewing and approving the classification. This process will classify and describe each Cloud Service on the CMP using these attributes:

  1. Capability Type classifies the basic functionality of the service, based on the resources used to deliver it. Refer to section 6.4 of ISO 17788.
  2. Service Category groups Cloud Services using a common set of qualities. Refer to section 6.4 and Appendix A of ISO 17788.
  3. Service Domain identifies the ICT subject matter domain of the Cloud Service. This allows Buyers to find a Cloud Service based on their ICT requirements. We propose the following descriptors to allow easy navigation and access:
    • AI and Machine learning
    • Identity and Access management
    • Analytics, Forecasting and Reporting
    • Internet of Things - solutions
    • Application Integration and Middleware
    • Mobile Computing
    • Audio/Visual Media services
    • Network connectivity and content delivery
    • Corporate applications
    • Office automation and productivity
    • Customer support and engagement
    • Security and Threat management
    • Database
    • Service monitoring and management
    • Data migration and transfer
    • Storage, Back-up and Disaster Recovery
    • Desktop Virtualisation
    • Virtual Reality
    • Developer Tools
    • Virtualised Compute capacity
    • Governance, Risk and Compliance
    • Web Apps and Hosting
  4. Deployment Model identifies how the Cloud Service is hosted and delivered for consumption, such as Public, Private, Community or Hybrid deployments (refer section 6.5 of ISO 17788).
  5. We also design the CMP to enable other attributes to describe the features of each Cloud Service, including but not limited to:
    • The location of the hosting of the service’s underlying infrastructure and facilities to assess data sovereignty and geo-political risks.
    • The security level of the service and/or hosting facilities to make sure the service will meet the security classification of the business need.
    • The scalability of the service to indicate how the Cloud Service scales to meet changing service demand.
    • Any applicable Standards and Accreditations to allow assessment against any compliance requirements.

Cloud consulting services

Cloud consulting services (CCS) covers all cloud-related professional services offered to help Buyers with their cloud strategy development, planning, commissioning and decommissioning. Sellers offer these services as short-term, cloud subject matter expertise.

We expect Sellers will provide CCS with an hourly/daily rate matching the seniority or experience of personnel proposed for that service. We’re proposing classifying CCS under the following areas:

  • Business Analysis services
  • Integration services
  • Cloud Analytics and Optimisation
  • Migration services
  • Design and Planning services
  • Security services
  • Development services
  • Strategy and Architecture services

We propose Sellers support each CCS with a rate-card for consultants, across 5 levels:

Role Title Description
Principal Consultant
  • has a strong business impact and is often part of the company's leadership team
  • can shape a business requirement and lead in a specific domain
  • develops high-level business relations and high-impact projects
  • can lead very large teams and has experience in transformational projects
Managing Consultant
  • has a strong business focus and in-depth understanding of technology needs of business
  • has experience managing and directing small-to-medium-sized teams and engaging with senior leadership teams to deliver business outcomes
Senior Consultant
  • has developed a specialisation within a specific domain of expertise
  • can work independently and in teams
  • is often responsible for the completion of a part of a project or activities for which they lead a small team
  • more client-oriented and explores sales activities
Consultant
  • has a specific domain of expertise
  • may perform both routine and non-routine tasks
  • can work independently or in a team to deliver business outcomes
Associate Consultant
  • is a consultant at the beginning of their career who typically works to support Consultants and Senior Consultants
  • may perform complex and non-routine work but generally under supervision

Sellers on the CMP are responsible for describing their respective CCS according to the above categories and skill levels and ensuring transparency of consultant skills and experience claimed. We are responsible for reviewing and approving the classification and consultant categories proposed.

Cloud-centric Managed Services

Cloud-centric Managed Services (CMS) centre on providing a Cloud Service but also additional and ongoing service management capabilities. These additional capabilities may include:

  • usage monitoring
  • configuration
  • maintenance
  • user support for a Cloud Service.

We expect Sellers to provide CMS using custom pricing structures and service-levels matching the scope, risk and scale of the underlying Cloud Service and the included service management capabilities. We expect CMS Sellers to use their subject-matter expertise of a Cloud Service to support and/or replace the Buyer’s internal technical support functions and platforms.

We propose describing and cataloguing CMS on the CMP using the following framework. This aligns to the ISO/IEC 2000 based ICT Service Management processes:

Service Design

CMS capabilities will include provision of:

  • service catalogue management
  • service level management
  • capacity management
  • information security and access management
  • supplier and third-party management
  • availability management
  • IT service continuity management
Service Transition CMS capabilities will include provision of:
  • transition and transformation project management
  • change management
  • knowledge management
Service Operations

CMS capabilities will include provision of:

  • service desk
  • incident management
  • problem management
  • service request management
  • event management
  • release and deployment management
  • asset management
  • configuration management
Service Improvement

CMS capabilities will include provision of:

  • reporting
  • compliance and quality management
  • continuous improvements

Sellers will need to define their CMS in accordance with the above framework and make sure they can describe and measure services against it. We will need Sellers to provide enough transparency to make sure Buyers can easily assess the CMS for its fitness, value-for-money and contractual compliance.

Proposed Approach to establish the CMP

Approach Overview

We propose a 2-phase procurement approach to establish and operate the new CMP. The proposed approach is consistent with the Commonwealth Procurement Rules (CPRs) and aligns with the requirements of the Public Governance, Performance and Accountability Act 2013 (Cth).

A diagram demonstrating how the two parts of the proposed CMP approach work together. On the left, an arrow with 'Part 1 - Selection of capable sellers (establish CMP via RFT)' points to a cog with 'Part 2 - Addition of Cloud offerings (via CMP ongoing operations)'

Part 1 – Selection of Capable Sellers

Part 1 will involve us approaching the market through an open RFT process to select capable Sellers of one or more Cloud Offerings, based on their:

  • commercial stability and viability to remain in the market
  • capacity to deliver at scale and meeting quality and relevant government requirements
  • capability and credentials, including skilled and experienced personnel
  • compliance with terms and conditions

We expect Part 1 to establish a panel sourcing arrangement of qualified Sellers assessed as capable of providing Cloud Offerings to government. Sellers will need to engage with the CMP to onboard their Cloud Offerings through the Part 2 processes.

We expect to complete Part 1 through an open ATM process in early 2020, with the new CMP operational by July 2020.

Part 2 – Addition of Cloud Offerings from Sellers

Part 2 involves us reviewing and approving Cloud Offerings from Sellers we selected in Part 1. We propose to complete Part 2 of adding Cloud Offerings from selected Sellers as part of the ongoing operations of the CMP. For example, Sellers may ask us to add their Cloud Offerings to the CMP service catalogue, based on their readiness and ability to meet market demands.

We will conduct ‘just in time’ assessments of Seller requests to review the technical merits of each Cloud Offering and decide if it represents value-for-money for Buyers. Sellers will follow an online submission process through our ICT Procurement Portal.

We are proposing to limit the number of Cloud Offerings per Seller, to ensure the CMP remains easy-to-navigate and cost-efficient to operate. We are inviting feedback on an optimal limit that can be applied in this context.

Use of Digital Tendering Platform

We have developed a Digital Tendering Platform (DTP) enabling online submission of tenders and proposals with validation and error-checking where possible. We propose using a Beta release of the DTP for Part 1 of the proposed approach. We will host the DTP on secure government infrastructure and allow responses from anywhere.

The DTP improves quality and accessibility of responses, while complying with the requirements of the CPR. The Beta release will include the required functionality and workflow steps to comply with government tendering requirements.

Key points to note in relation to the proposed use of the DTP are:

  1. We will post the ATM on AusTender. Potential respondents will need to download the tender (or proposal) documentation from AusTender, which will include details on how to start, develop and submit an online response via the DTP.
  2. The online submission method using the DTP will be the ONLY way to submit a response for the CMP ATM.
  3. Respondents can submit tenders (or proposals) through the online forms and submit attachments where required.
  4. Responses must be lodged through the DTP before the tender Closing Time. The DTP will not allow submissions or additional information on or after the published Closing Time.
  5. The DTP will allow completion of a response over a period leading up to the Closing Time.
  6. The DTP will provide a unique Reference ID. Respondents will need to use this each time they access their response. The Reference ID and a security access code will protect access to the response.
  7. The DTP does not support multiple users accessing the response at the same time. Respondents will need to ensure only one person accesses the response at a time. There is a risk data may be lost if multiple users try to update it at the same time.
  8. The DTP allows Respondents to attach supporting files. The maximum size for the entire response, including attachments, is 20MB.
  9. There may be short, scheduled outages to the DTP as part of regular system maintenance outside of business hours. These outages may affect unsaved Tenders.

No transition of current Sellers

As we are establishing a new CMP in line with the CPRs through an open ATM with material changes to the scope and approach (as outlined in this Paper), we cannot transition Sellers from the current arrangement to the new CMP. Sellers on the current CSP should note that it will cease operations at the end of its term. Prospective Sellers must respond to the new CMP ATM to be considered for the new CMP.

Proposed Contracting Framework

We are considering a change to the contracting framework underpinning the new CMP, subject to feedback and legal advice.

Current state – Head Agreement with Schedule

The contracting framework currently in place for the CSP is regarded as the traditional contracting approach. Under this approach, Sellers selected to join the CSP need to negotiate and execute a common long-form Head Agreement at the time of joining the arrangement. The Head Agreement is executed as a Deed between a selected Seller and us representing the Commonwealth.

The Head Agreement includes the general terms and conditions required for the provision of a broad range of Cloud Offerings to government, along with a Schedule template intended for contracting a specific Cloud Offering. Subject to a successful ‘quote and response’ process via the CSP, the Buyer and the Seller must execute the Schedule under the Head Agreement for each cloud transaction. At the time of executing the Schedule, the parties can include minor variations to the Head Agreement terms as applicable, subject to our approval.

There are some problems with this approach:

  • The effort to negotiate and execute a Head Agreement is upfront and there is no specific opportunity for Sellers to justify costs. This is likely to make the cost too high for some SMEs.
  • Sellers try to introduce contract variations at the ‘quote and response’ stage to match the risk of the specific transaction. This additional negotiation may cause delays.

Proposed option – Short-form Agreement with Seller rating

We are proposing a different contracting framework for the new CMP to improve the current approach, and to make the initial onboarding of Sellers more efficient and effective.

  1. The Sellers selected to the CMP through Part 1 of the procurement approach will need to accept and execute a Short-form Agreement, to confirm their standing-offer to provide Cloud Offerings.
  2. We will write the Short-form Agreement in plain-English, with sentence structures that are easy to understand for people who do not have legal training.
  3. The Short-form Agreement terms and conditions will include only essential and non-negotiable Commonwealth contractual requirements, which will override any standard Seller terms and conditions. We will execute the Short-form Agreement as an Agreement (i.e. not as a Deed).
  4. During the ATM and response stages, each Seller will need to confirm their position on more detailed and commonly-required terms and conditions we decide are relevant for the provision of Cloud Offerings to government. We will achieve this by capturing the Seller’s position against a term-sheet within their response to the ATM.
  5. Each Seller’s level of compliance to the term-sheet of terms and conditions will be made visible to Buyers within the CMP against a rating scheme to highlight their level of compliance.
  6. During the ‘quote and response’ process via the CMP, the Buyers can review and assess the Seller’s contractual compliance against the term-sheet. The Buyers can then create the Schedule (or Order) for the services quoted by the Seller with additional terms and conditions from the term-sheet, as applicable.

Operational Considerations for Noting

We must operate the CMP in accordance with the CPRs and other government sourcing arrangements we operate. In this context, all potential Sellers and Buyers on the CMP should note the following key features about the operation of the CMP.

Cooperative Procurement Arrangement

We will operate the CMP as a ‘Cooperative Procurement’ arrangement, as defined under the CPRs (ref. 4.13 – 4.15). The proposed ATM will also identify this as a ‘Cooperative Procurement’ up-front to make sure Buyers can choose to use the CMP. The use of the CMP is optional for Buyers.

Use of ICT Procurement Portal

We will continue hosting the CMP on our ICT Procurement Portal (the Portal) – and provide access to registered Buyers and Sellers with secure logins. The Portal will be familiar to a number of government Buyers and Sellers, as it already hosts a number of digital sourcing arrangements we operate.

Cost Recovery

Sourcing arrangements we operate must recover operating costs. The current CSP includes a Supplier Administration Fee (SAF) which charges Sellers on the CSP a nominal SAF for each service listed. We recover costs for similar sourcing arrangements through a Centralised Administration Fee (CAF). We charge this to Buyers based on the value of the opportunity.

We are reviewing our sourcing cost-recovery models and will complete this review by end of 2019. We will base the cost-recovery method for the CMP on the recommendations of this review and consider feedback we receive as part of this process.

Refreshes to Add New Sellers

We intend to open the CMP to market periodically so new Sellers can join on a regular basis. This will provide Buyers access to new technology and changing services – and increase competition to deliver more value-for-money.

Download a copy

A downloadable copy of this document is available from AusTender