A SERVICE PROVIDER - Construction Education

Returnable Documents:

APPOINTMENT OF A SERVICE PROVIDER FOR LICENCING, IMPLEMENTATION, SUPPORT AND MAINTENANCE OF AN INTEGRATED GOVERNANCE PERFORMANCE REGULATORY COMPLIANCE (GPRC) SYSTEM (BUSINESS MANAGEMENT PLATFORM) OF THE CETA FOR 3 YEARS 1. EXECUTIVE SUMMARY 1.1. ABOUT CETA The Construction Education and Training Authority (CETA) is a Sector Education and Training Authority (SETA) established under the Skills Development Act No. . CETA operates as a schedule 3A public entity under the Public Finance Management Act (PFMA) and is responsible for: I. Developing and implementing sector skills plans for the construction and built environment sector II. Promoting learnerships and apprenticeships III. Administering discretionary and mandatory grants IV. Quality assuring education and training within the sector V. Supporting skills development initiatives aligned with national priorities As a government entity managing substantial public funds and serving a critical sector of the South African economy, CETA requires robust governance, risk management, compliance, and performance management capabilities to fulfil its mandate effectively. 52 14th Road, Noordwyk, Midrand, 1687 +27 11 265 5901 scmtenders@ceta.co.za www.ceta.org.za of 121 Request For Proposal “Developing Skills. Serving Society” 1.2. CURRENT STATE ASSESSMENT 1.2.1. CETA currently faces several operational challenges: ▪ Fragmented systems with governance, risk, compliance, and performance data residing in disparate applications and spreadsheets ▪ Manual processes for risk assessments, compliance tracking, and performance reporting ▪ Limited real-time visibility into organisational performance against strategic objectives ▪ Inefficient reporting processes requiring significant manual consolidation ▪ Difficulty in demonstrating compliance with regulatory requirements (PFMA, Skills Development Act, Treasury Regulations) ▪ Lack of integrated dashboards for executive decision-making ▪ Challenges in tracking and managing the full lifecycle of projects and initiatives ▪ Limited audit trail capabilities for governance and compliance activities 1.3. STRATEGIC CONTEXT AND OBJECTIVES CETA is implementing a R105-million digital transformation programme to modernise its ICT infrastructure and business systems. The acquisition of a Business Management Platform is a strategic priority within this programme. 1.3.1. The platform must support CETA's strategic objectives: I. Strengthen Organisational Governance Implement integrated governance frameworks that provide the Board and Executive Management with comprehensive oversight of organisational performance, risks, and compliance. II. Enhance Risk Management Establish enterprise-wide risk management capabilities aligned with ISO 31000 and King IV principles, enabling proactive identification, assessment, and mitigation of risks. III. Ensure Regulatory Compliance 52 14th Road, Noordwyk, Midrand, 1687 +27 11 265 5901 scmtenders@ceta.co.za www.ceta.org.za of 121 Request For Proposal “Developing Skills. Serving Society” Systematically manage compliance obligations arising from the Skills Development Act, PFMA, Treasury Regulations, POPIA, and other applicable legislation. IV. Drive Performance Excellence Align operational activities with strategic objectives through balanced scorecards, KPIs, and integrated performance management. V. Support Data-Driven Decision Making Provide real-time dashboards, analytics, and reporting to enable evidence-based decision-making. VI. Improve Operational Efficiency Automate manual processes, eliminate data silos, and streamline workflows across governance, risk, and compliance functions. 1.4. PROCUREMENT OBJECTIVES Through this RFP, CETA seeks to: ▪ Acquire a comprehensive, integrated Business Management Platform that addresses governance, performance, risk, and compliance (GPRC) requirements ▪ Select a solution that is scalable, configurable, and future proof ▪ Partner with a vendor who demonstrates public sector experience and understands the SETA/government operational context ▪ Implement a platform that supports CETA's digital transformation objectives ▪ Ensure value for money over the total cost of ownership (3-year period) ▪ Obtain a solution that complies with South African data protection and privacy requirements 52 14th Road, Noordwyk, Midrand, 1687 +27 11 265 5901 scmtenders@ceta.co.za www.ceta.org.za of 121 Request For Proposal “Developing Skills. Serving Society” 1.5. EXPECTED BENEFITS The successful implementation of this Business Management Platform is expected to deliver: I. Governance Benefits ▪ Single source of truth for governance information ▪ Real-time board reporting and dashboard capabilities ▪ Improved stakeholder confidence and transparency ▪ Enhanced accountability frameworks II. Risk Management Benefits ▪ Comprehensive enterprise risk visibility ▪ Proactive risk identification and mitigation ▪ Improved risk-based decision making ▪ Integrated risk and control frameworks III. Compliance Benefits ▪ Systematic compliance obligation management ▪ Automated compliance assessments and reporting ▪ Reduced compliance costs and effort ▪ Audit-ready documentation and evidence management IV. Performance Benefits ▪ Alignment of activities with strategic objectives ▪ Real-time performance monitoring and reporting ▪ Improved resource allocation decisions ▪ Enhanced project and portfolio management V. Operational Benefits ▪ Reduced manual effort and administrative burden ▪ Elimination of data silos and duplication ▪ Improved data quality and consistency ▪ Streamlined workflows and approvals ▪ Enhanced collaboration across departments 52 14th Road, Noordwyk, Midrand, 1687 +27 11 265 5901 scmtenders@ceta.co.za www.ceta.org.za of 121 Request For Proposal “Developing Skills. Serving Society” 2. PROJECT SCOPE AND BACKGROUND 2.1. BUSINESS CONTEXT I. CETA operates in a complex regulatory environment with obligations to: ▪ The Department of Higher Education and Training (DHET) ▪ National Treasury ▪ The Auditor-General of South Africa (AGSA) ▪ The Information Regulator (POPIA compliance) ▪ Quality Council for Trades and Occupations (QCTO) ▪ Various other regulatory and oversight bodies II. The organisation manages: ▪ Annual budget exceeding R500 million ▪ Discretionary and mandatory grant schemes ▪ Multiple strategic projects and initiatives ▪ Relationships with employers, training providers, and learners across the construction sector ▪ Complex reporting requirements to various stakeholders III. This operating context demands: ▪ Robust governance frameworks aligned with King IV principles ▪ Comprehensive risk management across strategic, operational, financial, and compliance domains ▪ Systematic compliance management for multiple regulatory frameworks ▪ Integrated performance management aligned with the Skills Development Act mandate 2.2. TECHNICAL REQUIREMENTS This section specifies the technical capabilities, security standards, and infrastructure requirements for the Business Management Platform. 2.2.1. PLATFORM ARCHITECTURE I. REQ-TECH-001: Cloud Architecture The platform must be: 52 14th Road, Noordwyk, Midrand, 1687 +27 11 265 5901 scmtenders@ceta.co.za www.ceta.org.za of 121 Request For Proposal “Developing Skills. Serving Society” ▪ Cloud-native or cloud-ready architecture ▪ Deployed on recognised cloud platforms (Azure, AWS, or Google Cloud) ▪ Highly available with a 99.5% uptime SLA minimum ▪ Auto-scaling based on demand ▪ Disaster recovery capable with RPO <4 hours, RTO <8 hours II. REQ-TECH-002: Multi-Tenant Architecture The solution must provide: ▪ Secure multi-tenant architecture with data isolation ▪ Configurable tenant-specific branding ▪ Performance isolation between tenants ▪ Scalability to support organisational growth III. REQ-TECH-003: Platform Scalability The system must support: ▪ Horizontal and vertical scaling ▪ Minimum 200 named user capacity ▪ Minimum 100 concurrent active users without degradation ▪ Data volume growth to 5TB+ without performance impact IV. REQ-TECH-004: Browser Compatibility The platform must support: ▪ Modern browsers (Chrome, Firefox, Edge, Safari - latest two versions) ▪ Mobile browsers (iOS Safari, Android Chrome) ▪ Responsive design for all screen sizes ▪ No proprietary plugins required V. REQ-TECH-005: Database Architecture The solution must utilise: ▪ Enterprise-grade relational database 52 14th Road, Noordwyk, Midrand, 1687 +27 11 265 5901 scmtenders@ceta.co.za www.ceta.org.za of 121 Request For Proposal “Developing Skills. Serving Society” ▪ ACID-compliant transaction processing ▪ Database clustering for high availability ▪ Automated backup and point-in-time recovery VI. REQ-TECH-006: API Architecture The platform must provide: ▪ RESTful API with comprehensive documentation ▪ API versioning strategy ▪ Webhook support for event notifications ▪ API sandbox for development and testing 2.3. SECURITY REQUIREMENTS I. REQ-TECH-007: Authentication The system must support: ▪ Multi-factor authentication (MFA) ▪ Single sign-on (SSO) via SAML 2.0 or OAuth 2.0 ▪ Active Directory / Azure AD integration ▪ Password complexity enforcement ▪ Account lockout after failed attempts II. REQ-TECH-008: Authorisation and Access Control The platform must implement: ▪ Role-based access control (RBAC) ▪ Fine-grained permissions (create, read, update, delete, approve) ▪ Data-level access control (row-level, column-level) ▪ Segregation of duties enforcement ▪ Delegation and proxy user access III. REQ-TECH-009: Data Encryption The solution must provide: 52 14th Road, Noordwyk, Midrand, 1687 +27 11 265 5901 scmtenders@ceta.co.za www.ceta.org.za of 121 Request For Proposal “Developing Skills. Serving Society” ▪ Data encryption at rest (AES-256 or equivalent) ▪ Data encryption in transit (TLS 1.2+ or TLS 1.3) ▪ Database field-level encryption for sensitive data ▪ Key management system integration IV. REQ-TECH-010: Security Certifications The vendor must demonstrate: ▪ ISO 27001 certification (Information Security Management) ▪ SOC 2 Type II certification or equivalent ▪ Evidence of regular penetration testing (annually, minimum) ▪ OWASP Top 10 vulnerabilities addressed V. REQ-TECH-011: Audit Trails The platform must log: ▪ User login and logout events ▪ Data access events (view, create, update, delete) ▪ Configuration changes ▪ Security events (failed login, privilege escalation) ▪ Export and download events ▪ Logs must be immutable with a minimum 7-year retention VI. REQ-TECH-012: Backup and Recovery The solution must provide: ▪ Automated daily backups with encryption ▪ Offsite backup storage ▪ Backup retention minimum 30 days ▪ Point-in-time recovery capability ▪ Regular recovery testing (quarterly minimum) VII. REQ-TECH-013: Disaster Recovery 52 14th Road, Noordwyk, Midrand, 1687 +27 11 265 5901 scmtenders@ceta.co.za www.ceta.org.za of 121 Request For Proposal “Developing Skills. Serving Society” The platform must have: ▪ Documented disaster recovery plan ▪ Recovery Point Objective (RPO) of 4 hours or less ▪ Recovery Time Objective (RTO) of 8 hours or less ▪ Failover capability ▪ Annual DR testing VIII. REQ-TECH-014: Vulnerability Management The system must implement: ▪ Regular vulnerability scanning ▪ Patch management process with defined SLAs ▪ Critical vulnerability remediation within 7 days ▪ Third-party component vulnerability monitoring 2.4. DATA MANAGEMENT I. REQ-TECH-015: Data Residency The solution must ensure: ▪ All data is stored within South African borders ▪ Compliance with POPIA data sovereignty requirements ▪ No data transfer outside SA without explicit consent ▪ Transparency on data storage locations II. REQ-TECH-016: Data Quality Management The system must support: 52 14th Road, Noordwyk, Midrand, 1687 +27 11 265 5901 scmtenders@ceta.co.za www.ceta.org.za of 121 Request For Proposal “Developing Skills. Serving Society” ▪ Data validation rules at the point of entry ▪ Data quality scorecards ▪ Duplicate detection and prevention ▪ Data cleansing and standardisation III. REQ-TECH-017: Data Import and Migration The platform must support: ▪ Bulk data import via templates (Excel, CSV) ▪ Data transformation and mapping tools ▪ Data validation during import ▪ Historical data migration utilities IV. REQ-TECH-018: Data Export The system must enable: ▪ On-demand data export in multiple formats (Excel, CSV, JSON, XML) ▪ Scheduled data extracts ▪ Data portability for migration ▪ Metadata export V. REQ-TECH-019: Data Archiving The solution must provide: ▪ Automated archiving based on retention policies ▪ Archive accessibility for compliance ▪ Restore from archive capability ▪ Legal hold functionality 2.5. COLLABORATION FEATURES 2.6. PERFORMANCE AND USABILITY I. REQ-TECH-020: Response Time 52 14th Road, Noordwyk, Midrand, 1687 +27 11 265 5901 scmtenders@ceta.co.za www.ceta.org.za of 121 Request For Proposal “Developing Skills. Serving Society” The platform must deliver: ▪ Page load time <3 seconds for standard pages ▪ Dashboard refresh <5 seconds ▪ Search results <2 seconds ▪ Report generation <10 seconds for standard reports II. REQ-TECH-021: System Availability The solution must guarantee: ▪ 99.5% uptime SLA (excluding planned maintenance) ▪ Planned maintenance communicated 7 days in advance ▪ Maximum 4 hours planned downtime per month ▪ The system status page is accessible III. REQ-TECH-022: User Interface The platform must provide: ▪ Intuitive, user-friendly interface ▪ Consistent navigation and layout ▪ Contextual help and tooltips ▪ Accessibility compliance (WCAG 2.1 Level AA) IV. REQ-TECH-023: Mobile Access The system must offer: ▪ Fully responsive design for mobile devices ▪ Touch-optimised interface 52 14th Road, Noordwyk, Midrand, 1687 +27 11 265 5901 scmtenders@ceta.co.za www.ceta.org.za of 121 Request For Proposal “Developing Skills. Serving Society” ▪ Offline capability for mobile data capture ▪ Push notifications V. REQ-TECH-024: Search Functionality The solution must provide: ▪ Global search across all entities ▪ Advanced search with filters ▪ Full-text search capability ▪ Search result relevance ranking 2.7. CONFIGURABILITY I. REQ-TECH-025: No-Code/Low-Code Configuration The platform must provide: ▪ Visual configuration interface for non-technical users ▪ Drag-and-drop form builder ▪ Visual workflow designer ▪ Custom field creation without coding ▪ Dashboard widget configuration without coding II. REQ-TECH-026: Workflow Engine The solution must include: ▪ Configurable workflow automation ▪ Approval routing and escalation ▪ Conditional logic and branching ▪ Email notifications and reminders ▪ Workflow versioning and audit trail III. REQ-TECH-027: Customisable Templates The system must support: ▪ Custom report templates 52 14th Road, Noordwyk, Midrand, 1687 +27 11 265 5901 scmtenders@ceta.co.za www.ceta.org.za of 121 Request For Proposal “Developing Skills. Serving Society” ▪ Custom dashboard templates ▪ Custom form templates ▪ Branded templates with CETA logo and colours IV. REQ-TECH-028: Branding and Theming The platform should support: ▪ Corporate logo integration ▪ Custom colour schemes ▪ Branded login page ▪ Report header/footer customisation 2.8. COLLABORATION FEATURES I. REQ-TECH-029: Commenting and Notes The system should enable: ▪ Inline commenting on records ▪ Threaded discussions ▪ @mention functionality for notifications ▪ Comment history and audit trail II. REQ-TECH-030: Forms and Surveys The platform should provide: ▪ Dynamic form builder ▪ Multiple field types ▪ Conditional logic and branching ▪ Survey creation and distribution ▪ Response analysis and visualisation III. REQ-TECH-031: Alerts and Notifications The solution must support: 52 14th Road, Noordwyk, Midrand, 1687 +27 11 265 5901 scmtenders@ceta.co.za www.ceta.org.za of 121 Request For Proposal “Developing Skills. Serving Society” ▪ Configurable automated alerts ▪ Email, SMS, and in-app notifications ▪ Threshold-based alerts for KPIs/KRIs ▪ Deadline and reminder notifications 2.9. VENDOR AND SUPPORT REQUIREMENTS I. REQ-TECH-032: Vendor Experience The vendor must demonstrate: ▪ Minimum 5 years in business ▪ Minimum 10 successful implementations ▪ Public sector or government experience ▪ South African client references II. REQ-TECH-033: Implementation Methodology The vendor must provide: ▪ Proven implementation methodology ▪ Project management framework ▪ Risk and issue management approach ▪ Change management and training plan III. REQ-TECH-034: Training and Documentation The solution must include: ▪ Administrator training ▪ End-user training (train-the-trainer) ▪ User guides and quick reference materials ▪ Technical documentation IV. REQ-TECH-035: Support Services The vendor must provide: ▪ Business hours support (8 am - 5 pm, Mon - Fri) ▪ Emergency out-of-hours support for critical issues 52 14th Road, Noordwyk, Midrand, 1687 +27 11 265 5901 scmtenders@ceta.co.za www.ceta.org.za of 121 Request For Proposal “Developing Skills. Serving Society” ▪ Multiple support channels (phone, email, portal) ▪ Defined SLAs for response and resolution times V. REQ-TECH-036: Product Roadmap The vendor should share: ▪ Product roadmap (minimum 2-year vision) ▪ Planned feature releases ▪ Commitment to platform longevity ▪ Customer input into the roadmap 2.10. CURRENT CHALLENGES CETA has identified the following challenges that the Business Management Platform must address: VI. Data and Information Management ▪ Governance, risk, compliance, and performance data exist in fragmented systems (Excel spreadsheets, SharePoint, standalone databases) ▪ Manual consolidation of data for reporting purposes ▪ Data inconsistencies and version control issues ▪ Limited data analytics and trend analysis capabilities ▪ Difficulty in accessing historical information for audit purposes VII. Process Inefficiencies ▪ Manual workflows for risk assessments and compliance tracking ▪ Time-consuming report generation (board packs, compliance reports, performance dashboards) ▪ Delayed identification of emerging risks and issues ▪ Inefficient approval processes for policies and procedures ▪ Limited workflow automation capabilities 52 14th Road, Noordwyk, Midrand, 1687 +27 11 265 5901 scmtenders@ceta.co.za www.ceta.org.za of 121 Request For Proposal “Developing Skills. Serving Society” VIII. Visibility and Reporting ▪ Lack of real-time dashboards for executive decision-making ▪ Inconsistent reporting formats across different functions ▪ Limited drill-down capabilities for detailed analysis ▪ Difficulty in demonstrating strategic alignment ▪ Manual effort required to produce board and committee reports IX. Compliance and Audit ▪ Challenges in maintaining comprehensive audit trails ▪ Manual tracking of compliance obligations and deadlines ▪ Difficulty in demonstrating compliance to auditors and regulators ▪ Limited evidence management capabilities ▪ Time-consuming responses to audit queries X. Risk Management ▪ Decentralised risk registers across departments ▪ Inconsistent risk assessment methodologies ▪ Limited visibility of the enterprise-wide risk profile ▪ Reactive rather than proactive risk management ▪ Difficulty in monitoring risk mitigation actions XI. Strategic Alignment ▪ Unclear linkages between strategic objectives, projects, and operational activities ▪ Limited visibility of project portfolio performance ▪ Difficulty in prioritising initiatives based on strategic importance ▪ Inconsistent performance measurement across the organisation 2.11. DESIRED FUTURE STATE: Upon successful implementation of the Business Management Platform, CETA envisions: 52 14th Road, Noordwyk, Midrand, 1687 +27 11 265 5901 scmtenders@ceta.co.za www.ceta.org.za of 121 Request For Proposal “Developing Skills. Serving Society” I. Integrated Platform ▪ Single, unified platform for all GPRC activities ▪ Elimination of data silos and fragmented systems ▪ Seamless integration with existing enterprise systems (ERP, HRIS, document management) ▪ Role-based access with appropriate permissions and workflows II. Automated Processes ▪ Automated workflows for risk assessments, compliance tracking, and policy management ▪ Scheduled, automated report generation and distribution ▪ Automated alerts and notifications for key events, deadlines, and threshold breaches ▪ Workflow-driven approvals and attestations III. Real-Time Visibility ▪ Executive dashboards providing a real-time view of organisational health ▪ Drill-down capabilities from high-level metrics to detailed data ▪ Mobile-accessible dashboards for on-the-go decision making ▪ Customizable views for different user roles and responsibilities IV. Comprehensive Reporting ▪ Board-ready reports generated directly from the platform ▪ Regulatory compliance reports aligned with specific requirements ▪ Ad-hoc reporting capabilities for management queries ▪ Trend analysis and predictive analytics V. Proactive Risk Management ▪ Enterprise-wide view of risk profile with heat maps and visualisations ▪ Early warning indicators for emerging risks ▪ Integrated view of risks, controls, and mitigation actions ▪ Risk-based decision support VI. Strategic Performance Management 52 14th Road, Noordwyk, Midrand, 1687 +27 11 265 5901 scmtenders@ceta.co.za www.ceta.org.za of 121 Request For Proposal “Developing Skills. Serving Society” ▪ Clear line of sight from strategy to execution ▪ Balanced scorecards with cascading objectives and KPIs ▪ Project and portfolio management aligned with strategic priorities ▪ Performance analytics and insights 2.12. IMPLEMENTATION SCOPE The scope of this procurement includes: I. Platform Provision ▪ Licensing for Business Management Platform supporting a minimum of 130 named users (with scalability to 300+ users) ▪ All modules required for integrated GPRC management ▪ Mobile-responsive access capabilities ▪ Integration middleware/APIs for enterprise system connectivity II. Implementation Services ▪ Solution design and configuration aligned with CETA requirements ▪ Data migration from existing systems and spreadsheets ▪ Integration with identified enterprise systems ▪ Testing (UAT, integration testing, performance testing) ▪ Training for super users, administrators, and end users ▪ Change management support ▪ Documentation (user guides, administrative guides, technical documentation) III. Post-Implementation Support ▪ Warranty period support (minimum 3 years) ▪ Ongoing maintenance and support services (years 3) ▪ Platform upgrades and enhancements 52 14th Road, Noordwyk, Midrand, 1687 +27 11 265 5901 scmtenders@ceta.co.za www.ceta.org.za of 121 Request For Proposal “Developing Skills. Serving Society” ▪ User support (helpdesk services) ▪ Performance monitoring and optimisation IV. Knowledge Transfer ▪ Administrator training for the CETA ICT team ▪ Super user training for functional business owners ▪ Documentation of configurations and customisations ▪ Handover of all technical and functional documentation 2.13. OUT OF SCOPE ITEMS The following items are explicitly excluded from this RFP scope: ▪ Hardware infrastructure procurement (CETA will provide or arrange separately) ▪ General network infrastructure upgrades ▪ Telecommunications services ▪ Enterprise Resource Planning (ERP) system replacement ▪ Human Resources Information System (HRIS) replacement ▪ Learning Management System (LMS) functionality ▪ Customer Relationship Management (CRM) is specific to stakeholder management ▪ Document Management System (DMS) – though integration with the existing DMS is in scope ▪ Organisational change management programme beyond platform adoption **Note** While these items are out of scope for this RFP, the proposed platform must have the ability to integrate with CETA's existing or future systems in these categories. 2.14. PROJECT CONSTRAINTS Bidders must be aware of the following constraints: I. Timeline ▪ The platform must be operational within 9 months of contract signature ▪ A phased implementation approach is acceptable, but the minimum viable product must be delivered within 6 months II. Budget 52 14th Road, Noordwyk, Midrand, 1687 +27 11 265 5901 scmtenders@ceta.co.za www.ceta.org.za of 121 Request For Proposal “Developing Skills. Serving Society” ▪ Total budget envelope (3-year TCO) is within CETA's approved digital transformation programme budget. ▪ Pricing must be transparent with a clear breakdown of license, implementation, and support costs. III. Operational ▪ Implementation must occur with minimal disruption to CETA's operations ▪ Critical reporting periods (financial year-end, strategic planning cycles) must be accommodated ▪ Existing systems must remain operational during the transition IV. Compliance ▪ Solution must comply with all applicable South African legislation (POPIA, PFMA, etc.) ▪ Data residency requirements must be met (data sovereignty in South Africa) ▪ Security and privacy standards must align with government requirements V. Resources ▪ CETA will assign a project manager and functional subject matter experts ▪ External resources (change management, business process optimisation) may be provided by CETA separately ▪ THE CETA ICT team will participate in technical aspects, but the primary implementation responsibility rests with the selected vendor 3. FUNCTIONAL REQUIREMENTS This section defines the functional capabilities required from the Business Management Platform. Requirements are categorised as: ▪ **MUST HAVE (M)**: Mandatory requirements - solution must provide this capability ▪ **SHOULD HAVE (S)**: Highly desirable requirements - absence may impact evaluation score ▪ **NICE TO HAVE (N)**: Optional requirements - presence will enhance evaluation score 3.1. GOVERNANCE MODULE REQUIREMENTS 52 14th Road, Noordwyk, Midrand, 1687 +27 11 265 5901 scmtenders@ceta.co.za www.ceta.org.za of 121 Request For Proposal “Developing Skills. Serving Society” I. Policy and Procedure Management

Requirement Description Priority ID Centralized repository for organizational policies, procedures, and GOV-001 M standards with version control Workflow-driven policy approval process (draft, review, approve, publish) GOV-002 M with configurable routing Policy acknowledgment and attestation workflows with tracking and GOV-003 M reporting GOV-004 Automated policy review reminders based on configurable schedules M Policy impact assessment capability linking policies to affected processes, GOV-005 S systems, and stakeholders GOV-006 Policy exception management with approval workflows S Policy effectiveness monitoring with linkage to compliance obligations and GOV-007 S risk controls GOV-008 Search and retrieval functionality with metadata tagging M GOV-009 Comparison capability to view differences between policy versions S Integration with document management systems for policy document GOV-010 M storage II. Board and Committee Management Requirements ID Requirement Description Priority GOV-011 Meeting calendar and scheduling functionality M GOV-012 Agenda creation and management with document attachments M GOV-013 Board pack generation and automated distribution M GOV-014 Action item tracking with assignment, deadlines, and status monitoring M GOV-015 Minutes recording and approval workflow M GOV-016 Resolution tracking and implementation monitoring M GOV-017 Attendance tracking and quorum management S 52 14th Road, Noordwyk, Midrand, 1687 +27 11 265 5901 scmtenders@ceta.co.za www.ceta.org.za of 121 Request For Proposal “Developing Skills. Serving Society” Requirements ID Requirement Description Priority GOV-018 Conflicts of interest declaration and management M GOV-019 Board evaluation and assessment functionality N GOV-020 Secure portal for board member access to papers and information M III. Data Governance Requirements ID Requirement Description Priority Data classification framework implementation (confidential, restricted, GOV-021 M public) GOV-022 Data ownership and stewardship assignment M GOV-023 Data quality rules definition and monitoring S GOV-024 Data lineage and metadata management S GOV-025 Integration with data privacy management for POPIA compliance M GOV-026 Master data management capabilities for reference data S IV. Organisational Structure Management Requirements ID Requirement Description Priority Configurable organizational hierarchy (divisions, departments, units, GOV-027 M teams) Ability to model multiple organizational views (functional, geographical, GOV-028 S project-based) GOV-029 Delegation of authority framework with limits and approval matrices M GOV-030 Integration with HRIS for organizational structure synchronization S Stakeholder Management Requirements ID Requirement Description Priority GOV-031 Stakeholder register with classification and contact information M GOV-032 Stakeholder engagement planning and tracking S GOV-033 Communication log and interaction history S GOV-034 Stakeholder satisfaction measurement and reporting N ESG (Environmental, Social, Governance) Management GOV-035: S 52 14th Road, Noordwyk, Midrand, 1687 +27 11 265 5901 scmtenders@ceta.co.za www.ceta.org.za of 121 Request For Proposal “Developing Skills. Serving Society” Requirements ID Requirement Description Priority The system must support ESG management, including: ESG framework alignment with global standards (GRI, SASB, King IV) Environmental metrics (carbon footprint, energy, waste, water) Social metrics (employment equity, skills development, community) Governance metrics (board composition, ethics, transparency) ESG dashboards, target setting, and reporting Idea and Innovation Management The platform should support idea management including: Idea submission portal GOV-036 N Idea evaluation and scoring workflow Implementation tracking for approved ideas Innovation metrics and reporting 3.2. PERFORMANCE MANAGEMENT REQUIREMENTS 3.2.1. Strategic Planning and Execution REQ-PM-001: Strategy Formulation The system must support comprehensive strategic planning capabilities, including: 52 14th Road, Noordwyk, Midrand, 1687 +27 11 265 5901 scmtenders@ceta.co.za www.ceta.org.za of 121 Request For Proposal “Developing Skills. Serving Society” Vision and mission statement management Strategic theme definition and categorisation Multi-year strategic planning cycles Integration with MTSF (Medium Term Strategic Framework) alignment DPME (Department of Planning, Monitoring and Evaluation) framework compliance II. REQ-PM-002: Strategy Mapping The solution must provide visual strategy mapping tools that: Create cause-and-effect linkages between strategic objectives Support multiple perspectives (Financial, Customer, Internal Process, Learning & Growth) Enable cascade from the entity level to division, department, and individual levels. Provide swim-lane visualisation for cross-functional strategies Support custom perspective definitions beyond the standard balanced scorecard III. REQ-PM-003: Objective Definition and Management The platform must enable users to: Define strategic objectives with clear descriptions Assign objective owners and contributors Set target completion dates and milestones Link objectives to organisational structure Track objective status and completion percentage Archive and version control historical objectives IV. REQ-PM-004: Objective Weighting and Prioritisation The system must allow: Assignment of relative weights to objectives (totalling 100%) Dynamic re-weighting during planning cycles Priority ranking (High, Medium, Low) with colour coding Impact vs Effort matrix visualisation Resource allocation based on priority 3.2.2. Key Performance Indicators (KPI) Management 52 14th Road, Noordwyk, Midrand, 1687 +27 11 265 5901 scmtenders@ceta.co.za www.ceta.org.za of 121 Request For Proposal “Developing Skills. Serving Society” REQ-PM-005: KPI Library and Repository The solution must provide: Centralised KPI library with reusable definitions KPI categorisation by type (lagging, leading, qualitative, quantitative) Standard KPI templates aligned to sector best practices KPI versioning and change history Search and filter capabilities across all KPIs II. REQ-PM-006: KPI Definition and Configuration For each KPI, the system must capture: KPI name, description, and rationale Measurement unit and data type Calculation formula (automated where possible) Data source and collection method Collection frequency (daily, weekly, monthly, quarterly, annually) Responsible data owner Target values and thresholds (actual, target, upper/lower limits) Benchmarking references III. REQ-PM-007: KPI Target Setting The platform must support: Annual and multi-year target setting Stretch targets vs baseline targets Target adjustment workflows with approval Historical target comparison Industry benchmark integration SMART target validation prompts IV. REQ-PM-008: KPI Data Capture 52 14th Road, Noordwyk, Midrand, 1687 +27 11 265 5901 scmtenders@ceta.co.za www.ceta.org.za of 121 Request For Proposal “Developing Skills. Serving Society” The system must enable: Manual data entry with validation rules Automated data import from source systems Bulk data upload via templates (Excel, CSV) Mobile data capture capability Evidence attachment (documents, images, links) Data quality checks and error flagging REQ-PM-009: KPI Scoring and RAG Status The solution must: Automatically calculate performance scores based on actual vs target Apply configurable traffic light (RAG) rules Support multiple scoring methodologies (linear, non-linear, milestone-based) Display historical RAG trend analysis Enable manual override with justification for exceptional circumstances Send alerts when KPIs fall below thresholds VI. REQ-PM-010: KPI Dashboards and Visualisation The platform must provide: Executive summary dashboards with drill-down capability Divisional and departmental performance views Gauge, speedometer, and trend line visualisations Heat maps showing performance across multiple dimensions Peer comparison charts Export capabilities (PDF, PowerPoint, Excel) 3.2.3. Performance Reporting 52 14th Road, Noordwyk, Midrand, 1687 +27 11 265 5901 scmtenders@ceta.co.za www.ceta.org.za of 121