Beruflich Dokumente
Kultur Dokumente
Appendix 9
TECHNICAL REQUIREMENTS
This appendix consists of information required for Section Four. There are 11
parts in this appendix: Mandatory System Requirements, General Technical
Requirements,
Data
Center
Requirements,
Infrastructure
&
Network
1.
1
Application program MUST not use hardcoded database user ids and passwords.
Can
comply
(Y/N)
Remarks
No
Requirement
2
2.1
2.2
2.3
Available
Not
Available
Ref.
Page 1 of 8
No
2.4
2.5
2.6
2.7
2.8
2.9
2.1
0
2.1
1
2.1
2
2.1
3
3
3.1
3.2
3.3
Requirement
Available
Not
Available
Ref.
diagram
consist
of
production,
development, UAT and Disaster Recovery.
Solution must support Domain Name
Server
(DNS)
capability
for
all
environments.
Vendor must include Disaster Recovery
implementation. Please include costing (if
any) in the Costing template.
Solution must support disaster recovery
situation. Recovery Time Objective (RTO)
for intranet is 4 hours.
Vendor must provide DR testing upon
completion of system implementation
(HQ & DR). Please include costing (if any)
in the Costing template.
Vendor must provide technical personnel
to support DR activity during warranty
period without additional cost at least 2
times a year. Please include costing (if
any) in the Costing template.
The proposal must include version control
process for the solution.
Vendor must provide an option for Bank
to procure source code for future
enhancements / upgrades. Please include
costing in the Costing template under
Other Optional Costs if source code is
available for sale.
Vendor must provide source compare
capability and produce the results of the
source compare before and after
migration activities.
Must include the following environments
in the architecture :
i.
Production
ii.
Development
iii.
UAT
iv.
Disaster Recovery
Solution must include stress test activity
before cut over. Whatever tools required
should be inclusive in the proposal.
DATA CENTER REQUIREMENTS
Solution must include daily back-up
functionalities.
Solution must have a menu driven
program to perform back-up and restore
tasks.
Solutions servers must be rack-mounted
type.
Page 2 of 8
No
Requirement
3.4
4
4.1
4.2
Available
Not
Available
Ref.
5
5.1
TOOLS
Solution must include a housekeeping
program parameterized by retention
Page 3 of 8
No
Requirement
Available
Not
Available
Ref.
period.
For Mandatory System Requirements under Part 6 to Part 11 below, vendor is
required to respond with a single check mark () in ONE of the columns.
Guide:
For Enhancement (C/NC):
Please note that items without a in any of the columns will be assumed to
be Not Available.
No
6
6.1
Requirement
Not
Available
Enhanceme
nt (C/NC)*
Ref.
Available
Not
Available
Enhanceme
nt (C/NC)*
Ref.
INTEGRATIONS
6.2
No
Requirement
7
7.1
Available
No
Requirement
7.2
7.3
7.4
7.5
8
8.1
Available
Not
Available
Enhanceme
nt (C/NC)*
Ref.
Page 5 of 8
No
8.2
8.3
8.4
Requirement
Available
Not
Available
Enhanceme
nt (C/NC)*
Ref.
on attempts.
Deactivate user ID that is not used
after n (number) days.
Solutions password policy and validation
may cater to the following:
Password hint (eg. create and store
secret question and answers).
Real-time checking for weak password
(Following can be considered as weak
passwords: abc123, admin123,
password1, password, march28 etc.)
Option to enforce the usage of special
character in password format.
Enforce change of password at first
time login.
Solution must enable the following
password management capabilities: Reset users password.
Prevent passwords from being viewed
or printed by any user.
Password encryption.
Define validity period for temporary
systems user, (from DD/MM/YYYY to
DD/MM/YYYY).
Must not allow the following to be
password or as part of the password:
Users information (e.g. IC number,
employee number, phone number,
etc), branch code, object name (e.g.
program name, library name, etc).
Password for super ID must be able to
be split into two parts. This will only
applicable during password change
activity for Super ID. Two fields are
available for password holders to key
in the first half and second half of the
password.
Solution must provide password mask
using asterisk (*) or other characters
during log in and user registration.
8.5
9
9.1
USER ID MANAGEMENT
Solution
must
allow
Security
Page 6 of 8
No
9.2
9.3
10
10.
1
10.
2
10.
3
10.
4
10.
5
11
Requirement
Available
Not
Available
Enhanceme
nt (C/NC)*
Ref.
No
Requirement
11.
1
Available
Not
Available
Enhanceme
nt (C/NC)*
Ref.
ID,
11.
2
Page 8 of 8