RFP for Procurement of Kubernetes platform and DevSecOps

Request for Proposal (RFP) for Procurement of Kubernetes

platform and DevSecOps with CI/CD pipelines with Facility
Management Services

Union Bank of India,

Department of Information Technology
1/1A, Technology Centre, Adi Shankaracharya Marg,
Opp. Powai Lake, Powai, Andheri East,
Mumbai – 400072

Page 1 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

DISCLAIMER

The information contained in this Request for Proposal (RFP) is provided to the Bidder(s)
on the terms and conditions set out in this RFP document. The RFP document contains
statements derived from information that is believed to be true and reliable at the date
obtained but does not purport to provide all of the information that may be necessary
or desirable to enable an intending contracting party to determine whether or not to
enter into a contract or arrangement with Bank in relation to the provision of services.

The RFP document is not a recommendation, offer or invitation to enter into a contract,
agreement or any other arrangement, in respect of the services. The provision of the
services is subject to observance of selection process and appropriate documentation
being agreed between the Bank and any successful Bidder as identified by the Bank, after
completion of the selection process as detailed in this document. No contractual
obligation whatsoever shall arise from the RFP process unless and until a formal contract
is signed and executed by duly authorized officers of Union Bank of India with the
successful Bidder. The purpose of this RFP is to provide the Bidder(s) with information
to assist the formulation of their proposals. This RFP does not claim to contain all the
information each Bidder may require. Each Bidder should conduct their own
investigations and analysis and should check the accuracy, reliability and completeness
of the information in this RFP and wherever necessary obtain independent advice. Union
Bank of India makes no representation or warranty and shall incur no liability under any
law, statute, rules or regulations as to the accuracy, reliability or completeness of this
RFP. Union Bank of India may in its absolute discretion, but without being under any
obligation to do so, update, amend or supplement the information in this RFP.

This document is the property of Union Bank of India and is meant for the exclusive
purpose of bidding as per the Specification, Terms, Condition and Scope indicated. It
shall not be copied, distributed or recorded on any medium, electronic or otherwise,
without written permission thereof. The use of the contents of this document, even by
the authorized personnel / agencies for any purpose other than the purpose specified
herein, is strictly prohibited and shall amount to copyright violation and thus, shall be
punishable under the Indian Law.

Page 2 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

GENERAL INSTRUCTIONS TO BIDDERS

All bidders must note that this being e-tender, bids received only through online on e-
tendering portal [Link] shall be considered as an offer. Any bid
submitted in physical form will not be entertained and shall be summarily rejected.
Procedure for submission of e-tender by bidder:

Interested bidders who wish to participate should visit website [Link]

which is the ONLY website for bidding their offer. Further, the procedure is as follows:

1. Register your company in website [Link] for obtaining a Login

ID and Password.
2. Using the login ID, password and digital signature, login in to the tender portal to
download the tender document. It is mandatory for the Bidders to have a valid Digital
Signature Certificate – Signing and Encryption (Class – II or Class – III) issued by any of
the valid Certifying Authority approved by Govt. of India as per IT Act, 2000. DSC on
Organization name is required, if bidder want to participate on behalf of his/her
Company.
3. Upload supporting documents by clicking “Mapped Documents”. Then submit the
tender. Take a print screen of “Bid successfully submitted” message for reference.
4. Primary Contact Numbers: +91-9081000427,9904406300, email id:
support@[Link]
5. Alternate Contact Details:-
a) Nandan Valera email: nandan.v@[Link] Mob: 9081000427
b) Fahad Khan email: fahad@[Link] Mob: 9904406300
c) Shaikh Nasruddin email: shaikh@[Link] Mob: 9510812960
6. System requirement for online bid submission:
a. Computer / Laptop (Notebook) with internet connection of minimum 256 kbps
speed.
b. Operating system - Windows 7/Windows 10.

Bidder must submit the offer before online closing date & time. The website will
automatically stop accepting the offer after online closing date and time.

NOTE: Submission of any bid document through offline mode will not be accepted except
Cost of RFP, Bid Security (EMD) and Pre-Contract Integrity Pact (on plain paper) signed
by authorized signatory and it should be submitted on or before last date & time of bid
submission.

Page 3 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

Abbreviations

The long form of some abbreviations commonly used in the document is given below:

Sl. No. Abbreviations Description / Full form

1. UBI Union Bank of India
2. AMC Annual Maintenance Contract
3. ATS Annual Technical Support
4. BG Bank Guarantee
5. BOM Bill of Material
6. DD Demand Draft
7. DIT Department of Information Technology
8. EMD Earnest Money Deposit
9. GST Goods and Service Tax
10. HO Head Office
11. LD Liquidated Damage
12. MAF Manufacturer Authorization Form
13. MSE Micro and Small Enterprises
14. MSME Micro Small Medium Enterprises
15. OEM Original Equipment Manufacturer
16. OS Operating System
17. RFP Request for Proposal [Inter alia the term 'Tender' is also
used]
18. RTGS Real Time Gross Settlement
19. VAPT Vulnerability Assessment and Penetration Testing

Page 4 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

Schedule of Events & Bid Details RFP Ref. No. UBI/DIT/2022-23/07

Date of issue of RFP/

02.05.2022 at 11:00 Hours
Download Start Date & Time
Date and Time of Online Pre-
09.05.2022 at 11:00 Hours
bid Meeting
Last date and time for
10.05.2022 up to 17:00 Hours
submission of query
Last Date and Time of
24.05.2022 up to 15:00 Hours
Download of Document
Last date and time for
submission of Bidding 24.05.2022 up to 16:00 Hours
Document
Date and Time of Technical
24.05.2022 at 16:15 Hours
Bid Opening
Place of opening of Bids Union Bank of India, Department of Information
(Online) Technology (Ground Floor), Technology Centre, Adi
Shankaracharya Marg, Opp. Powai Lake, Powai,
Mumbai.
Address & Contact Numbers As above; Tel:(022) 25710507/528/449
Cost of RFP (Non- Cost of RFP is waived off if bidder prefers to
Refundable) download the RFP document online. However,
bidder is required to pay Rs.2,500/- for purchasing
hardcopy from DIT.
Security Deposit/Earnest Rs.20,00,000/- (Rupees Twenty lac Only) in the
Money Deposit (EMD) form of Demand Draft in favor of Union Bank of
India, payable at Mumbai. EMD can also be paid in
the form of Bank Guarantee (BG) of any scheduled
commercial Bank other than Union Bank of India
valid from the date of submission of RFP for a
period of minimum 45 days beyond the final bid
validity period of 180 days.
Performance Bank Guarantee Performance Bank Guarantee equivalent to 3% of
the TCO valid for the period of the contract period
with a minimum claim period of 1 year from date
of issuance of purchase order.
Contact details Interested Bidders are requested to send the email
to:
kislaysinha@[Link] & under copy
to
dnpeter@[Link],
sanjiiev@[Link];
jcpradhan@[Link]
containing below mentioned information, so that in
case of any clarification same may be issued: Name
of company, contact person, Mailing address with
Pin Code, Telephone No., Mobile No., email
address etc.

Page 5 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

Note: Bids once submitted will be treated as final and no further correspondence will be
entertained regarding the same. No bid will be modified after submission of bids. No
bidder shall be allowed to withdraw the bid once submitted.

Page 6 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

Table of Contents

1. Introduction ................................................................................................................................ 9
2. Adoption of Integrity Pact (IP) ................................................................................................ 9
3. Definitions................................................................................................................................... 9
4. Objectives of the RFP ............................................................................................................. 10
5. Invitation of Tender Bids........................................................................................................ 10
6. Eligibility Criteria .................................................................................................................... 10
7. Broad Scope of Work ............................................................................................................... 12
8. Facility Management Service ................................................................................................. 17
9. Training Requirement ............................................................................................................. 19
10. Project Plan for Implementation .......................................................................................... 20
11. Infrastructure ........................................................................................................................... 20
12. Locations to be Covered......................................................................................................... 20
13. Instructions for Bid Submission ............................................................................................. 20
14. Price Composition.................................................................................................................... 35
15. Taxes and Duties...................................................................................................................... 36
16. Rejection of Bid ....................................................................................................................... 36
17. Online Prebid Meeting ............................................................................................................ 37
18. RFP Response............................................................................................................................ 38
19. Patent Rights ............................................................................................................................ 38
20. Adherence to Cyber Security Systems ................................................................................. 38
21. Liquidated Damages (LD) ....................................................................................................... 39
22. Service Level Agreement ....................................................................................................... 40
23. Payment Terms ........................................................................................................................ 44
24. Annual Technical Support ...................................................................................................... 45
25. Contract Period ........................................................................................................................ 46
26. Warranty ................................................................................................................................... 46
27. Authorized Signatory............................................................................................................... 47
28. Confidentiality ......................................................................................................................... 47
29. Intellectual Property Rights................................................................................................... 48
30. Non-Transferable Offer .......................................................................................................... 48
31. Indemnity & Limitation of Liability ...................................................................................... 48
32. Responsibility for Completeness ........................................................................................... 51
33. Force Majeure .......................................................................................................................... 51
34. Exit Clause ................................................................................................................................ 51
35. Termination of Contract ........................................................................................................ 52
36. Audit .......................................................................................................................................... 53
37. Conflict of Interest .................................................................................................................. 54
38. RFP Ownership ......................................................................................................................... 54
39. Proposal Ownership ................................................................................................................. 54
40. Tender/RFP Cancellation ....................................................................................................... 54
41. Publicity .................................................................................................................................... 54
42. Arbitration ................................................................................................................................ 55

Page 7 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

43. Dispute Resolution & Jurisdiction......................................................................................... 55

44. Minimum Wages and compliance of laws ............................................................................ 55
45. Escrow Arrangement ............................................................................................................... 55
46. General Terms.......................................................................................................................... 56
47. Modification and Withdrawals of Bid ................................................................................... 56
48. Price Validity ............................................................................................................................ 56
49. Ownership and Retention of Documents ............................................................................. 57
50. Normalization of Bids.............................................................................................................. 57
51. Submission of Bids ................................................................................................................... 58
52. Annexure A – Letter of Acceptance ...................................................................................... 59
53. Annexure B- Bidder’s Profile Format ................................................................................... 61
54. Annexure C - Eligibility Criteria ............................................................................................ 62
55. Annexure D – Compliance to RFP Terms & Conditions ...................................................... 65
56. Annexure E – Indicative Commercial Bid ............................................................................. 67
57. Annexure F – Unpriced Indicative Commercial Bid ............................................................ 71
58. Annexure G – Reference of present user / application / hardware sizing.................... 76
59. Annexure H– Bid Security Declaration ................................................................................. 77
60. Annexure I - Undertaking by Bidder ..................................................................................... 78
61. Annexure J – Confidentiality / Non-Disclosure Agreement .............................................. 79
62. Annexure K – Declaration for Compliance........................................................................... 86
63. Annexure L – Reference Site Details .................................................................................... 87
64. Annexure M – Format for Performance Bank Guarantee .................................................. 88
65. Annexure N – Pre-Contract Integrity Pact ........................................................................... 91
66. Annexure O – Bid Query Format ............................................................................................ 98
67. Annexure P – Know Your Employee (KYE) Clause .............................................................. 99
68. Annexure Q - Undertaking of Information Security ......................................................... 100
69. Annexure R - Business Rules for Reverse Auction ............................................................ 101
70. Annexure R (A) - Compliance Statement – Reverse Auction .......................................... 109
71. Annexure R (B) - Letter of Authority for Participation in Reverse Auction ................ 110
72. Annexure R (C) - Undertaking of Process Compliance Statement for RA .................... 111
73. Annexure S – Certificate of Waiver for MSE Firms ........................................................... 112
74. Annexure T - Restriction on Procurement due to National Security ............................ 113
75. Annexure U- Letter for Refund of EMD .............................................................................. 114
76. Annexure V - Bank Guarantee for EMD .............................................................................. 115
77. Annexure W – Certificate of Local Content ...................................................................... 117
78. Annexure X – Hardware Sizing and Software/Tool Deliverable ..................................... 118
79. Annexure Y - Compliance Sheet.......................................................................................... 119

Page 8 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

Union Bank of India

1. Introduction

Union Bank of India, a Public Sector Bank with its Head Office at 239, Vidhan Bhavan
Marg, Union Bank Bhavan, Nariman Point, Mumbai – 400021, and Department of
Information Technology at 1/1A, Adi Sankaracharya Marg, opp. Powai Lake, Powai,
Andheri East, Mumbai-400072. The Bank has 9400+ branches, 18 Field General Manager
Offices and 125 Regional Offices spread across the country.

2. Adoption of Integrity Pact (IP)

Venders/bidders/sellers, only those who commit themselves to Integrity Pact (IP) with
the Bank, would be considered competent to participate in the bidding process. In other
words, entering into this pact would be the preliminary qualification. IP shall cover all
phases of contract i.e. from the stage of Notice Inviting Tenders (NIT)/Request for
Proposals (RFP) till the conclusion of the contract i.e. final payment or the duration of
warrantee/guarantee. Format of IP is attached as Annexure N for strict compliance.

The following Independent External Monitors (IEMs) appointed by the Bank will review
independently and objectively, whether and to what extent parties have complied with
their obligation under the pact.

a. Dr. Meeran Chadha Borwankar, IPS (Retd.),

e-mail- mcborwankar@[Link]
b. Smt. Bharathi Sivaswami Sihag, IAS (Retd.),
e-mail- bsihag@[Link]

3. Definitions

3.1. ‘Bank’ means unless excluded by and repugnant context or the meaning thereof,
shall mean ‘Union Bank of India’, described in more detail in paragraph 1 above and
which has invited bids under this Request for Proposal and shall be deemed to include
it successors and permitted assigns.

3.2. ‘RFP’ means this Request for Proposal prepared by Union Bank of India for
Procurement of Kubernetes platform and DevSecOps with CI/CD pipelines with
Facility Management Services.

3.3. ‘Bidder’ means a vendor submitting the proposal in response to this RFP.

3.4. ‘Contract’ means the agreement signed by successful bidder and the Bank at the
conclusion of bidding process, wherever required.

3.5. ‘Proposal’ means that Technical/Financial proposal including any documents

submitted by the bidder as per the formats prescribed in the RFP.

Page 9 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

3.6. ‘Solution’ means Procurement of Kubernetes platform and DevSecOps with CI/CD
pipelines with Facility Management Services.

4. Objectives of the RFP

Union Bank of India (hereinafter called as “UBI” or “Bank”) invites proposals from
experienced and eligible entities (hereinafter referred to as “Respondent” or “Bidder”
or “Vendor”) to Setup DevSecOps pipelines with integrated tool chains to enable CI/CD
etc., deployment of Kubernetes based container orchestration Platform and to migrate
Bank’s legacy applications to micro services bases architecture.

5. Invitation of Tender Bids

This RFP is an invitation for bidder responses. No contractual obligation on behalf of

the Bank whatsoever shall arise from the RFP process unless and until a formal
contract is signed & executed by duly authorized officers of the Bank and the
successful bidder. However, until a formal contract is prepared and executed, this
offer together with Bank’s written acceptance & notification of award shall
constitute a binding contract with the successful bidder.

Bidders are expected to examine all instructions, forms, terms, specifications, and
other information in the RFP document. Failure to furnish any information required
by the RFP document or to submit a bid not substantially responsive to the RFP
document in every respect will be at the Bidder’s risk and shall result in the rejection
of its bid. The procedure and terms & conditions for submission of bid are
enumerated in this RFP.

All offers of the bidders shall be unconditional and once accepted whether with or
without modifications by the Bank shall be binding between the Bank and such Bidder.

The RFP Document can be downloaded from Bank’s Website

[Link] or from Government portal [Link] or e-
Procurement Portal [Link]. The response should be uploaded online at
the e-procurement Portal [Link].

6. Eligibility Criteria

Only those Bidders fulfilling the following criteria should respond to the RFP. The bidder
would need to provide supporting documents as part of the eligibility proof. The
technical bids of only those bidders who qualify in the eligibility criteria will be
evaluated. Document/s in support of eligibility criteria are required to be submitted
along with the Technical Bid. Offers received from the bidders who do not fulfill any of
the following eligibility criteria are liable to be rejected.

Page 10 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

6.1. The bidder must submit Integrity Pact (IP) signed by authorized signatory as
prescribed format mentioned in Annexure N on plain paper (not in letterhead) in
advance (not prior to issuance of RFP) or at the time of bid submission. Bidder shall
be liable for rejection in case of non-submission of the same. (Integrity Pact (IP)
as per Annexure N on plain paper is to be submitted).

6.2. The bidder should be a company registered in India as per Company Act 1956 /2013
or a partnership firm / a Limited Liability Partnership company under the Limited
Liability Partnership Act 2008 in India and should be in existence for last 3 years
from the date of issuance of RFP. (Certificate of incorporation/certificate for
commencement of business/other relevant documentary proof is to be submitted).

6.3. The bidder should have minimum annual turnover of Rs. 30.00 Crore in each of the
last three financial years i.e., 2018-19, 2019-20 and 2020-21 as per the audited
balance sheet available at the time of submission of tender. In case the audited
financials for the year 2020-21 is not finalized, Provisional Balance Sheet of 2020-
21 should be submitted. This must be the individual company turnover and not that
of any group of companies. (Copies of the audited balance sheet and Profit & Loss
Statement of the company showing the same is to be submitted.)

6.4. Bidder should have positive operating Profit (as EBITDA i.e., Earnings before
Interest, Tax, Depreciation & Amortization) in the last three financial years i.e.,
2018-19, 2019-20 and 2020-21. In case the audited financials for the year 2020-21
is not finalized, Provisional Balance Sheet of 2020-21 should be submitted. (Copies
of the audited balance sheet and Profit/Loss statement of the company is to be
submitted.)

6.5. Bidder should have deployed the DevSecOps and Kubernetes based Platform
solution in at least 1 BFSI/ Organization registered under Company Act 1956 /2013
in India. The bidder must submit Purchase order along with Invoices and
performance certificate/sign off sheet, these proofs must be submitted along with
Annexure L.

6.6. Bidder should be either an Original Equipment Manufacturer (OEM) or authorized

partner of OEM. In case the bidder is an Authorized partner of the OEM, Bidder
needs to provide Manufacturer Authorization Form (MAF) from OEM stating that
bidder is authorized partner of OEM and authorized to participate in this tender
and in case the bidder is not able to perform obligations as per contract during
the contract period, contracted services will be provided by OEM. OEM can quote
directly or through authorized partners. However, both i.e. OEM & their
authorized partner cannot participate in the RFP. In case, both (OEM & his
authorized partner) participate, only bid of the OEM will be considered.

6.7. The bidder should provide undertaking mentioning DIN/DPIN of Directors that any
Page 11 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

of its subsidiary or associate or holding company or companies having common

director/s or companies in the same group of promoters/management or
partnership firms/LLPs having common partners has not participated in the bid
process.

6.8 The companies or firms, bidding for the above tender, should have not been
blacklisted by any of Government Authority or Public Sector Undertaking (PSUs).
The bidder shall give an undertaking (on their letter head) that they have not been
blacklisted by any of the Govt. Authority or PSUs. In case, in the past, the name of
their Company was blacklisted by any of the Govt. Authority or PSUs, the same
must have been removed from the black list as on date of submission of the tender,
otherwise the bid will not be considered. (An undertaking to this effect must be
submitted in their letter head as per Annexure I).

Note: The Bidder must comply with all the above-mentioned criteria. Non-
compliance of any of the criteria will entail rejection of the offer summarily. The
requirements mentioned above are mandatory. The cut-off date for the above
criteria's will be the Date of submission of RFP.

Bidder should fulfill all the Eligibility criteria. Only those who fulfill all the
eligibility criteria will qualify for further evaluation. Documents required to be
submitted along with Technical bid.

Photocopies of relevant documents / certificates as mentioned above in support of

the claims made. The Bank reserves the right to verify / evaluate the claims made
by the Bidder independently and can accept or reject without any explanation to
the Bidder. Reference Site Customer Name and Contact information to be provided
to the Bank with whom discussion can be done.

7. Broad Scope of Work

Bank aim to setup standard development platform / environment to take leverage of

latest technology stack and software development tools to develop future ready and best
in class applications for end-users as per industry standard. In this regard bidder is
expected to deliver following tools and services:

7.1 Setup / configure / re-configure End-to-End DevSecOps Platform along with

Container Orchestration Layer on Bank’s on-premises private cloud, comprised of
Licensed or Open Source (only with Commercial Support) tools to ensure continuous
everything i.e., Continuous Planning, Continuous Development, Continuous
Integration, Continuous Delivery, Continuous Deployment, Continuous Testing,
Continuous Monitoring, Continuous Operation, Continuous Feedback and

Page 12 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

Continuous Security. The pipeline should broadly provide following services and
functionalities:
a. Continuous Planning tool(s) should facilitate gathering of requirement and
feedback from the stakeholders though collaboration, discussion and review to
build product roadmap to guide future development.

b. Continuous Development tool(s) should

i Provide reusable scaffolding code templates for accelerated
bootstrapping of application development processes.

ii Support multiple programming language and IDE (integrated

Development Environment) e.g., Spring Boot, .NET Framework,
.NET Core, NodeJs etc.

iii Provide provision for Unit Testing, Integrity check, version wise
bug error report

iv Facilitate Source Code Version Control.

v Provide provision for integration testing

c. Continuous Integration tool(s) should
i Include capability of Artifact Management and Dependency
Management

ii Provide provision of Static Code Analysis

d. Continuous Deployment tool(s) should

i Have capability to provision new environment to perform
automated testing by way of Infrastructure as Code (IaC).

ii Secure the runtime environment infrastructure by examining

environment configuration values such as user access control,
network firewall access, and secret data management by means
of principle of least privilege (PoLP).

iii Facilitate multiple release strategies i.e. (1) Provision to use

feature flag, to turn off new features so that they can’t be seen
by the end users until it is intended. (2) Regular release schedule.
(3) Release on milestone is met.

iv Have provision for manual approval process, which will authorize

only a certain person to trigger a release.

v Facilitate to review the difference in configuration file between

different environments (i.e., UAT, Production etc.)

Page 13 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

vi Validate and review TLS certificate and other similar constraints

which are due for renewal.

vii Provide facility for blue-green deployment strategy to allow

switch to new environment and revert to old environment (in case
of error) without downtime.

e. Continuous Testing tool(s) are in the process of being procured by Bank, the
proposed DevSecOps pipeline should be integrated with Bank’s Continuous
Testing tool(s).

f. Continuous Monitoring tool(s) should

i Collect data and provide analytics on customer behaviors,

performance and errors etc.

ii Monitor DevSecOps pipeline itself for potential bottleneck which

are impacting the productivity of development and operations
teams, then feed all this information to the Planning Tool(s).

g. Continuous Operation & Feedback tool(s) should

i Provide configuration-based feature to scale up / down instances

of the application as per the real time load.

ii Capture customer feedback, then analyze the feedback to help

shape future development of the product.

h. Continuous Security Tool(s) should be omnipresent throughout the SDLC

(Software Development Life Cycle), so that security is built into the product
rather than applied to the finished product. Bank already owns HP Fortify (SAST
i.e. Static application security testing & DAST i.e. Dynamic application security
testing). The proposed DevSecOps pipeline must be integrated with Bank’s SAST
& DAST tools and Qualis Guard(VAPT code review tool)

i. Container Orchestration Platform to automate deployment and management of

containerized applications, the platform should

i Be capable to access public image registry to explore images from

community and verified publishers, and Bidder should setup a
private image registry to allow secure access to Bank.

ii Ensure redundancy and availability of containers.

Page 14 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

iii scale up or down containers to spread application load evenly

across host infrastructure

iv move containers from one host to another if there is a shortage

of resources in a host, or if a host is not alive

v be capable of allocation of resources between containers

vi Load balancing of service discovery between containers, and

capability to integrate with external load balancer.

vii Monitor health of containers and hosts.

viii support to run .Net Core / .Net framework application containers

with / without windows nodes

ix support application containerization with / without access to

source code of the application

x Containerization should be platform agnostic i.e. Public Cloud

Ready Container, in case in future if Bank want to deploy its
applications in Public Cloud it should be supported.

7.2 Following is the indicative list of tools envisaged by Bank, which needs to be stitched
together to implement End-to-End DevSecOps pipeline. However, the bidder needs
to provide standard set of tools which can support and provide all the functionalities
of Bank’s proposed tool and add additional values to the End-to-End solution.

DevSecOps Major DevSecOps Minor Areas Bank’s Identified Tools

Areas
Continuous Planning Planning Mgmt. JIRA
Source Control GitHub
Continuous Coding Eclipse and Visual Studio*
Development Unit Test Junit, NUnit and unit testing tool for
other coding language
Artifact Management JFRog Artifactory
Build Management Maven
Continuous Integration Secure Code Analysis HP Fortify*
Static Code Analysis SonarQube
CI Jenkins
Deploy Jenkins
Continuous
Configuration Ansible
Deployment
Functional (TCOE Tools)*
Continuous Testing Non-Functional JMeter
Security Qualis Guard*
API Testing Postman

Page 15 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

Application Prometheus / Dynatrace / AppDynamics

Continuous Monitoring Infrastructure Nagios
API Tracing Service Mesh
Logs ELK
Operation & Feedback Jira Service Management / OpsGenie /
Continuous Operation StatusPage
& Feedback
Container Kubernetes based platform
Orchestration
Platform

* Licenses for these tools will be managed by Bank

Once the DevSecOps pipeline is implemented it should support following

activities:
i Development of software applications using Agile as well as Waterfall
project management methodology.

ii Deployment on traditional hardware, VM based, Container (Docker/

Kubernetes) based architecture.

iii Application architectures based on Monolith, SOA based as well as Micro

services.

iv Development using multiple technologies, but not limited to Spring Boot,

.NET Framework, .NET Core, NodeJs etc.

7.3 Bidder should provide Application discovery mechanism / tool, to scan Bank network
and provide in-depth analysis and recommendation for application modernization of
Bank’s existing legacy applications hosted in Windows / AIX / Linux OS.

7.4 Provide on-site hands-on support to Bank team for a period of 4 weeks after platform
implementation for application modernization (i.e. rewriting) of two legacy
applications, by retooling / rewriting significant chunks of its underlying code to
better run in the new environment.

7.5 Provide training to Bank team for application modernization, new development,
DevSecOps & Container Management Administration.
a Below is the list of topics for which training will be required for
Bank team.

Purpose Language / Framework

CSS Framework Bootstrap
Front-End Framework NodeJs / AngularJs / VueJs
Back-End Framework Spring Boot, .NET Core

Page 16 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

b Arrange DevSecOps & Container Management Administration

training for individual tool for effectively configure, monitor and
manage the platform

7.6 Integrate the tools and platform discussed in the above sections with Bank’s AD based
SSO as per bank’s requirement. Also integrate with Bank’s email system / SMS system
for sending relevant notifications

7.7 The platform should integrate with Bank’s cyber security platforms as given below:

a. Security Operation Centre (SOC),

b. Preventive Identity Management (PIM),
c. Security Incident Event Management (SIEM),
d. Digital Center Security (DCS),
e. Antivirus, Antimalware, Data Loss Prevention (DLP),
f. Anti-Advanced Persistent Threat (Anti-APT),
g. Endpoint Detection and Response (EDR) etc. to meet security and
compliance requirements as and when required.

7.8 Bidder may propose additional Security tools for securing End-to-End DevSecOps
pipeline itself, if required.

7.9 Bidder should close or provide acceptable workaround to mitigate any known
vulnerability in the software / tools used in the End-to-End solution.

7.10 The above tools and services need to be deployed / deliver at 3 environments i.e.
UAT, DC (Primary Production) & DR (Recovery Production).

7.11 The platform should be able to provide a common comprehensive reporting

dashboard as part of “continuous measurement” to enable the Bank to monitor the
adoption and implementation.

7.12 Existing enterprise application (Finacle, Internet Banking, Mobile Banking, API
Gateway, FI Gateway, CKYC, eKYC, DMS etc.) should be integrated with DevSecOps
pipeline for various activities under pipeline viz. version control, security practices,
build, etc. POC also shall be conducted during Technical Evaluation and the bidder
should specify pre-requisites to conduct POC.
8. Facility Management Service

Bidder should provide on-site support to the Bank for Administration, maintenance &
support of the End-to-End Solution for entire contract period. Below is general guideline
for the onsite resource

Page 17 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

i The team is required onsite at DIT Mumbai in general working hours on all Bank’s
working days. However, some of the team members may require working in shifts
also as per Bank’s need.

ii The team may be required to attend certain shifts on holidays/ off days / late
evening hours, as and when required.

iii Escalation process should be defined and in place for unresolved issues.

iv Bidder support staff should be well trained to effectively handle queries raised by
the Bank customers/ employees, etc.

v Facility Management services will start from the date of Go Live.

Resource Profile

Role: DevSecOps & Container Platform Administrator

Resources required: 2
Experience: 2+ years of experience in the relevant field
Education: Any Graduate with adequate knowledge about proposed tools and
solutions under this RFP
Must-Have Technical Skills:

 Deep understanding of Cloud computing environment

 Deep knowledge and experience of DevSecOps Tools
 Experience in support of distributed applications (i.e., having an architectural
sense for ensuring availability, reliability, etc.)
 Experience with Container platforms and Cloud Services
 Experience with monitoring tools such as Prometheus
 Understanding of Authentication and Authorization of the applications using AD
OR OAuth
 Understanding of microservice architecture and REST APIs
 Good debugging skills
Good-to-Have Technical Skills:
 Any Certification on Cloud Computing Platform
 Any Certification on DevSecOps Platform Administration
 Any Certification on Container Platform Administration
 Experience in developing application in Spring boot or .NET Core

Key Responsibilities:

The main responsibility will be to configure, re-configure, monitor and maintain

DevSecOps & Container orchestration platform based on Bank’s requirements, and

Page 18 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

managing backups and patching across the environments. Following are some of the
key activities performed by the resource:
 Install, configure and maintain all tools of DevSecOps platform in Physical or
Virtual environment, as decided by the Bank.

 Apply patches, new releases, upgraded, fixes to DevSecOps platform as well as

tools as decided by the Bank.

 Provide support on various issues like performance bottlenecks, health check-

up, resolution of any complex operational or performance or security issue,
migration from an existing Closed Source Technology/ Commercial/ Proprietary/
other OSS software to the DevSecOps tools.

 Administration, management and monitoring of the Integrated Centralized

DevSecOps Platform.

 Responsible to resolve security concerns, OSS vulnerabilities, VAPT, maintenance

of security policy in systems (SCD configuration), OSS hardening from time to
time, as decided by the Bank.

 Provide support to older versions of the OSS in case the Bank chooses not to
upgrade to latest version.

 Support and work with the respective teams to onboard them onto the
DevSecOps platform for legacy as well as new-age applications or services by
using Bank’s ticketing tool.

 Guide the Application teams to deploy their application & related infrastructure
configuration to Development, SIT, UAT, Staging, pre-Production & Production
environments, as applicable by using Bank’s ticketing tool.

 Guide and assist in on-demand request from projects for any expert
troubleshooting of DevSecOps tools.

9. Training Requirement

Bidder should arrange for 3 trainings (minimum 5 days each, on each topic listed below)
for a group of 8-10 participants, one training at the beginning of the contract period and
other two as and when required by Bank, during the contract period. The training will
be on following areas:

i Programming languages / frameworks in integrated development environment

to developers.

Page 19 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

ii DevSecOps & Container Platform administration

Rate per training will be frozen for the entire contract period during bidder selection,
and bank may avail the service as and when required during the contract period.
10. Project Plan for Implementation

Bidder should adhere to the following timelines for completion of the scope of work. The
new environment should be setup as per project scope within a period of 12 weeks in
totality from the date of Purchase Order/acceptance of Purchase order.

Sr. Activities Duration

No
Requirement Study for installation and
1. configuration of DevSecOps and Container 2 Weeks
platform.
Installation, integration and Customization of
2. 6 Weeks
DevSecOps and Container platform.
3. Go Live of 2 legacy application modernized
4 Weeks
and deployed into new platform.
Total 12 Weeks

11. Infrastructure

The proposed solution should be cloud ready application and it shall be hosted on Bank’s
on-premises cloud. However, solution should have capability to migrate to any other
platform including public cloud as per the Bank’s requirement. Bank shall provide
necessary Hardware. However, the bidder must provide hardware sizing as per Annexure
X so that CPU utilization of any server/ appliance should not go beyond 70%.

The successful bidder must design the solution with high availability & secure
infrastructure in Data Centre and Disaster Recovery site as per Industry accepted security
standards and best practices.

12. Locations to be Covered

The Solution should be installed on Primary site in Mumbai and Disaster Recovery (DR)
Site in Bengaluru. However, the Bank reserves the right to change locations/add new
locations such as Metro cities/State capital as per Bank’s requirement.

13. Instructions for Bid Submission

13.1 Cost of RFP Document

13.1.1 Cost of RFP is waived off if bidder prefers to download the RFP document online.
However, bidder is required to pay Rs.2,500/- for purchasing hardcopy from DIT.
Page 20 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

13.1.2 RFP document can also be downloaded from the Bank's website
[Link] or from Government tender portal
[Link] or from E-procurement site [Link].

13.1.3 All costs and expenses (whether in terms of time or material or money) incurred
by the Recipient/Bidder in any way associated with the development,
preparation and submission of responses, including but not limited to
attendance at meetings, discussions, demonstrations, etc. and providing any
additional information required by the Bank, will be borne entirely and
exclusively by the Bidder.

13.2 Bid Security/ EMD (Refundable)

13.2.1 The bidder should deposit bid security of Rs.20,00,000/- (Rupees Twenty
Lac Only) in the form of a demand draft favoring Union Bank of India, payable at
Mumbai or Bank Guarantee issued from Scheduled Commercial Bank other than Union
Bank of India. Bank Guarantee should be valid for minimum 6 months from the date
of submission of bids with claim period of 45 days. IFSC Code for issuance of EMD is
UBIN0556688.

13.2.2 In case of bidders registered with NSIC/Udyog Aadhaar as MSME or a Start-

up Company, they are eligible for waiver of EMD. However, SME bidders need to
provide valid NSIC/MSME Certificate clearly mentioning that they are registered with
NSIC under single point registration scheme or Udyog Aadhaar. Start-up bidders are
required to submit Certificate of Recognition issued by Department for Promotion
of Industry and Internal Trade (DPIIT), Ministry of Commerce & Industry,
Government of India. In addition, SME bidders have to submit Annexure S in physical
form (Hard copy) duly signed by Chartered Accountant before last date and time of
submission of bid.

13.2.3 Other terms & conditions relating to Bid security is as under:

13.2.4 No interest will be payable on the Bid Security amount.

13.2.5 Unsuccessful Bidders’ Bid security will be returned after completion of

tender process. Unsuccessful Bidders should submit the Letter for Refund of EMD/Bid
Security for returning of the bid security amount as per Annexure U

13.2.6 Bid Security will be forfeited in the following cases:

[Link] If a bidder withdraws its bid during the period of bid validity; or

Page 21 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

[Link] If a Bidder makes any statement or encloses any form which turns out to
be false / incorrect at any time prior to signing of Contract.

[Link] In case of shortlisted bidder does not participate in the reverse auction at
least by way of logging in.

[Link] In case of a successful Bidder, if the Bidder fails:

a) To execute Contract within the stipulated time or
b) To furnish Performance Bank Guarantee as mentioned in
Performance Bank Guarantee herein.

13.2.7 The successful Bidders Bid security will be discharged upon the Bidder
signing the Contract Agreement and against submission of performance bank
guarantee (other than Union Bank of India) with the claim period of 1 year as per the
format mentioned in Annexure M, for 3% of TCO, valid for the entire contract period.

13.2.8 Bidder who is claiming waiver of EMD should also submit an undertaking in
lieu of Bid security deposit. Bidder should submit bid security declaration as per
Annexure – H.

13.3 Performance Bank Guarantee

The successful bidder shall provide a Performance Bank Guarantee within 30 days
from the date of receipt of the order or signing of the contract whichever is earlier
in the format as provided in Annexure-M to the extent of 3% of the total contract
value for the entire period of the contract i.e. 3 years (1 years warranty period and
2 years post warranty AMC/ATS) with a claim period of 1 year and such other extended
period as the Bank may decide for due performance of the project obligations. The
guarantee should be of that of a nationalized Bank only, other than Union Bank of
India.

In the event of non-performance of obligation or failure to meet terms of this tender

the Bank shall be entitled to invoke the performance guarantee without notice or
right of demur to the successful bidder. Any amount pending for payment due to non-
achieving of milestone/s set under the agreement or any other reason solely
attributable to the successful bidder should be included in the remaining amount of
the contract value.

The Bank reserves the right to recover any dues payable by the selected bidder from
any amount outstanding to the credit of the selected bidder, including the pending
bills and/or invoking Performance Guarantee, if any, under this contract.

Page 22 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

If the Performance guarantee is not submitted within the stipulated time, the Bank
reserves the right to cancel the order / contract and the earnest money deposit taken
from the successful bidder, will be forfeited.

13.4 Language of Bid

The language of the bid response and any communication with the Bank must be in
written English only. Supporting documents provided with the RFP response can be in
another language so long as it is accompanied by an attested translation in English,
in which case, for purpose of evaluation of the bids, the English translation will
govern.

13.5 Period of Validity of Bids

Bids should remain valid for the period of at least 180 days from the last date for
submission of bid prescribed by the Bank. In case the last date of submission of bids
is extended, the Bidder shall ensure that validity of bid is reckoned from modified
date for submission. Further extension of the validity of the bid will be decided by
the bank in case of need. The price quoted in Final Commercial Offer will be valid for
at least 180 days from the date of offer.

13.6 Amendment of Bidding Documents

Prior to the last date for bid‐submission, the Bank may, for any reason, whether at
its own initiative or in response to clarification(s) sought from the prospective
Bidders, modify the RFP contents/ covenants by amendment. Clarification
/amendment, if any, will be notified on Bank’s website. No individual communication
would be made in this respect.

Union Bank of India reserves the sole right for carrying out amendments /
modifications / changes in the bidding process including any addendum to this entire
bid. Bidders shall not claim as a right, requiring Union Bank of India to do the
aforesaid.

All prospective bidders to this RFP are required to check for addendums /
amendments / notices to this RFP on the website till the last date of availability,
prior to submission of bids and all such addendums / amendments / notices shall be
binding on them.

If required, Union Bank of India at its sole discretion may extend the deadline for
submission of bids in order to allow prospective bidders reasonable time in which they
need to take the amendment into account in preparing their bids. Union Bank of India
reserves the rights to extend the deadline for the submission of bids. However, no
request from the bidder, shall be binding on Union Bank of India for the same. Union

Page 23 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

Bank of India’s decision in this regard shall be final, conclusive and binding on all the
bidders.

13.7 Authorization to Bid

The proposal/ bid being submitted would be binding on the Bidder. As such, it is
necessary that authorized personnel of the firm or organization sign the bid
documents. The designated personnel should be authorized by a senior official of the
organization having authority or Board.

13.7.1 All pages of the bid shall be initialed by the person or persons signing the
bid.

13.7.2 Bid form shall be signed in full & official seal affixed.

13.7.3 Any inter‐lineation, erasure or overwriting shall be valid only if they are
initialed by the person or persons signing the Bid.

13.7.4 All such initials shall be supported by a rubber stamp impression of the
Bidder’s firm.

13.7.5 The proposal must be accompanied with an undertaking letter duly signed
by the designated personnel providing a bid commitment. The letter should also
indicate the complete name and designation of the designated personnel.

13.8 Two-part Bid

The Bid should be submitted online at the e-Procurement site

[Link] by the Bidder. It should comprise the following
components:

13.8.1 Technical bid – Part I: “Technical Bid for Procurement of Kubernetes

platform and DevSecOps with CI/CD pipelines with Facility Management
Services”.
13.8.2 Commercial bid – Part II: “Indicative Commercial Bid for Procurement of
Kubernetes platform and DevSecOps with CI/CD pipelines with Facility Management
Services”.
13.8.3 Any bid document not conforming to any one of the above terms will be
rejected.
13.8.4 In the first stage, EMD/security deposit and Integrity Pact (IP) signed by
authorized signatory submitted by bidder will be reviewed and if these are as per
prescribed format/RFP document then only TECHNICAL BID will be evaluated.
Bidders satisfying the technical requirements as determined by the Bank and

Page 24 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

accepting the terms and conditions of this document only shall be short-listed for
commercial evaluation.
13.8.5 After evaluation of indicative commercial bids, the L1 bidder will be
selected using Reverse Auction process. Reverse Auction Rules are given in Annexure
R.
13.8.6 The indicative commercial bid will be used for finalizing the starting bid
for reverse auction. After completion of the reverse auction, selected bidder should
submit the price break-up as per the Annexure E.
13.9 Technical Bid

13.9.1 The Technical Bid – Part I should be complete in all respects and contain
all information asked for in this document. It should not contain any price
information.
13.9.2 The Technical Bid - Part I must be submitted online.
13.9.3 The following documents are to be submitted in original (Union Bank of
India, Technology Centre, 1/1A, Adi Shankaracharya Marg, Opp. Powai Lake,
Powai, Mumbai - 400072) at the Bank as well as online mode on or before last
date & time of bid submission:
[Link] Bid security of Rs.20,00,000/-(Rupees Twenty Lac only) in the
form of a demand draft issued by a Scheduled commercial bank favoring
Union Bank of India, payable at Mumbai or Bank Guarantee from
scheduled commercial Bank other than Union Bank of India and should
be valid for six months with claim period of 45 days.
[Link] In case of bidders registered with NSIC/Udyog Aadhaar as MSME or
a Start-up Company, they are eligible for waiver of EMD. However, SME
bidders need to provide valid NSIC/MSME Certificate clearly mentioning
that they are registered with NSIC under single point registration
scheme or Udyog Aadhaar. Start-up bidders are required to submit
Certificate of Recognition issued by Department for Promotion of
Industry and Internal Trade (DPIIT), Ministry of Commerce & Industry,
Government of India. In addition, SME bidders have to submit Annexure
S in physical form (Hard copy) duly signed by Chartered Accountant
before last date and time of submission of bid.
[Link] Non submission of above documents i.e. Bid Security at the time
of bid submission will be liable for rejection of bid.
[Link] Bidders are expected to examine all terms and instructions
included in the documents. Failure to provide all requested information
will be at bidder’s own risk and may result in the rejection of the bid.

Page 25 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

13.9.4 The following documents are to be submitted online at the e-

procurement site [Link]
[Link] Annexure A – Letter of Acceptance
[Link] Annexure B – Bidders Profile Format
[Link] Annexure C – Eligibility Criteria
[Link] Annexure D – Compliance to RFP Terms & Conditions
[Link] Annexure F – Un-priced Commercial Bid
[Link] Annexure H – Bid Security Declaration
[Link] Annexure I – Undertaking by Bidder
[Link] Annexure J – Confidentiality / Non-Disclosure Agreement
[Link] Annexure K – Declaration for Compliance
[Link] Annexure L- Reference Site Details
[Link] Annexure N – Pre-Contract Integrity Pact
[Link] Annexure P – Know Your Employee (KYE) Clause
[Link] Annexure Q - Undertaking of Information Security
[Link] Annexure R – Business Rules for Reverse Auction
[Link] Annexure R(A) – Compliance Statement for Reverse Auction
[Link] Annexure R(B) – Letter of Authority for Participation in Reverse
Auction
[Link] Annexure R(C) – Undertaking of Process Compliance for RA
[Link] Annexure T - Restriction on Procurement due to National Security
[Link] Annexure W – Certificate of Local Content
[Link] Annexure X – Hardware Sizing and Software/Tool Deliverable
[Link] Annexure Y - Compliance Sheet

[Link] The Bid should be signed by the authorized signatory of the

bidder. A power of attorney/Board Resolution to that effect shall be
submitted by the bidders and should be uploaded online on portal along
with technical bid.

[Link] Photocopies of relevant documents / certificates as proof in

support of various information submitted online in aforesaid annexure
and other claims made by the bidder.

[Link] The Bank would like to expressly state that any assumption,
presumptions, modifications, terms, conditions, deviation etc., which
the bidder includes in any part of the Bidder’s response to this RFP, will
not be considered either for the purpose of evaluation or at a later stage,
unless such assumptions, presumptions, modifications, terms, conditions
deviations etc., have been accepted by the Bank and communicated to
the bidder in writing. The Bidder at a later date cannot make any plea
of having specified any assumption, terms, conditions, deviation etc. in

Page 26 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

the Bidder’s response to this RFP document. No offer can be modified or

withdrawn by a Bidder after submission of Bid/s.

[Link] All the annexure should be submitted online in letter head of

bidder duly signed with seal of the company. Photocopies of relevant
documents / certificates as proof in support of various information
submitted in aforesaid annexure and other claims made by the vendor.

[Link] Signed & Sealed copy of all the pages of RFP and corrigendum if
any, to be submitted online along with the technical bid.

[Link] The bidder should ensure that all the annexure is submitted as
prescribed by the Bank. In case it is not in the prescribed format, it is
liable to be rejected.

13.9.5 The Bank reserves the right to resort to re-tendering without providing
any reason whatsoever. The Bank shall not incur any liability on account of such
rejection.
13.9.6 The Bank further reserves the right to reject any or all offers based on
its own evaluation of the offers received, or on the basis of stability, capabilities,
track records, reputation among users and other similar features of a bidder.
13.9.7 The Bank reserves the right to disqualify the bidder/(s) if bidder/(s) have
not completed any project successfully in Union Bank of India in stipulated time
i.e. supply, Installation, Implementation, migration, upgradation, support etc.

13.9.8 The Bank reserves the right to modify any terms, conditions or
specifications of RFP before date of submission of bids. Bidder must submit bid
documents as per the changes/modifications while submitting the bid.
Notification of amendments/corrigendum will be made available on the Bank’s
website ([Link]), Govt. Tender Site and e-procurement
site [Link] and will be binding on all bidders and no
separate communication will be issued. In order to allow prospective bidders
reasonable time in which to take the amendment into account in preparing their
bids, the Bank, at its discretion, may extend the deadline for a reasonable period
as decided by the Bank for the submission of bids. No post bid clarification of the
bidder shall be entertained.

13.10 Indicative Commercial Offer

The commercial offer must not contradict the Technical offer in any way and should
include the cost of all the items offered. The suggested directive for Commercial
offer is as follows:

Page 27 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

13.10.1 The Indicative Commercial Bid – Part II should be submitted online at the
e-Procurement site as per Annexure E by way of entering the values in the format
provided at the site. This must contain all prices in Indian rupees (INR).
13.10.2 The vendors should not offer any options or any conditional offers to the
Bank while giving the price information. The offer should strictly be in
conformity with the items as specified by the Bank. Any deviations may lead to
disqualification of the bid.

13.11 RFP Clarifications

Queries/ clarifications will not be entertained over the phone. All queries and
clarifications must be sought by email to sanjiiev@[Link],
kislaysinha@[Link], jcpradhan@[Link] and
dnpeter@[Link], with subject “RFP for Procurement of Kubernetes
platform and DevSecOps with CI/CD pipelines with Facility Management Services”
as per Annexure O.
The Bidder is requested to collate and submit queries together to seek clarifications
/ responses from Bank. The Bidder should ensure that all the queries and
clarifications are communicated in email on or before the date given in the
schedule of events of this RFP document. Bidders are requested to visit Bank’s
website for clarifications and other communications.
Any modification of the RFP, which may become necessary as a result of the
queries, shall be made available by the Bank exclusively through the issue of an
Addendum/Corrigendum on Bank’s website [Link],
government tender portal [Link] and at
[Link]

13.12 Other Terms and Conditions of RFP

13.12.1 Responses to this RFP should not be construed as an obligation on the

part of the Bank to award a purchase contract for any services or combination of
services. Failure of the Bank to select a bidder shall not result in any claim whatsoever
against the Bank. The Bank reserves the right to reject any or all bids in part or in
full, without assigning any reason whatsoever.
13.12.2 By submitting a proposal, the successful bidder agrees to promptly
contract with the Bank for the work awarded to the successful bidder. Failure on the
part of the awarded bidder to execute a valid contract with the Bank will relieve the
Bank of any obligation to the bidder, and a different bidder may be selected based on
the selection process.
13.12.3 The bidder shall represent and acknowledge to the Bank that it possesses
necessary experience, expertise and ability to undertake and fulfill its obligations,

Page 28 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

involved in the performance of the provisions of this RFP. If any services, functions or
responsibilities not specifically described in this RFP are an inherent, necessary or
customary part of the deliverables or services and are required for proper
performance or provision of the deliverables or services in accordance with this RFP,
they shall be deemed to be included within the scope of the deliverables or services,
as if such services, functions or responsibilities were specifically required and
described in this RFP and shall be provided by the bidder at no additional cost to the
Bank. The bidder also acknowledges that the Bank relies on this statement of fact,
therefore neither accepting responsibility for, nor relieving the bidder of
responsibility for the performance of all provisions and terms and conditions of this
RFP, the Bank expects the bidder to fulfill all the terms and conditions of this RFP.
The modifications, which are accepted by the Bank, shall form a part of the final
contract.
13.12.4 All terms and conditions, payments schedules, time frame for expected
service levels as per this tender will remain unchanged unless explicitly communicated
by the Bank in writing to the bidder. The Bank shall not be responsible for any
judgments made by the bidder with respect to any aspect of the Service. The bidder
shall at no point be entitled to excuse themselves from any claims by the Bank
whatsoever for their deviations in confirming to the terms and conditions, payments
schedules, expected service levels etc. as mentioned in this tender document.

13.13 Miscellaneous RFP Requirement

This tender document may undergo change by either additions or deletions or

modifications before the actual award of the contract by the Bank. The Bank also
reserves the right to change any terms and conditions including eligibility criteria
of the tender document and its subsequent addendums as it deems necessary at its
sole discretion.
13.13.1 No Commitment to Accept Lowest bid or Any Tender – The Bank shall be
under no obligation to accept the lowest price bid or any other offer received in
response to this Tender notice and shall be entitled to reject any or all offers
including those received late or incomplete offers without assigning any reason
whatsoever. The Bank reserves the right to make any changes in the terms and
conditions of purchase. The Bank will not be obliged to meet and have discussions
with any Bidder, and / or to listen to any representations unless there is change in
the terms and conditions of purchase. The Bank further reserves the right to reject
any or all offers based on its own evaluation of the offers received, or based on
stability, capabilities, track records, reputation among users and other similar
credentials of a bidder. When the Bank makes any such rejection, the Bank will not
be bound to give any reason and/or justification in this regard to bidder.
13.13.2 Erasures or Alterations – The offers containing erasures or alterations
will not be considered. There should be no hand-written material, corrections or
alterations in the offer. Technical details must be completely filled up. Correct
Page 29 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

technical information of the product being offered must be filled in. Filling up of
the information using terms such as “OK”, “accepted”, “noted”, “as given in
brochure manual” is not acceptable. The Bank may treat the offers not adhering to
these guidelines as unacceptable.
13.13.3 The price payable to the Bidder shall be inclusive of carrying out any
modifications changes / upgrades to the application and other software that is
required to be made in order to comply with any statutory or regulatory
requirements or any industry-wide changes arising during the subsistence of the
contract/ agreement, and the Bank shall not pay any additional cost for the same.
The Bidder needs to provide with the details about all such items considered in the
RFP.
13.14 Technical Bid Evaluation
13.14.1 During the period of evaluation, bidders may be asked to provide more details
and explanations about information provided in the proposals. Bidders should respond
to such requests seeking explanation through e-procurement portal within 3 days or
any such extended time frame indicated in the portal, if the bidder does not comply
or respond by the date, their bid will be liable to be rejected. It is the responsibility
of bidder to monitor the e-Procurement portal every now and then in order to
ascertain any exceptions are raised or clarifications are sought by bank post last date
of bid submission. No separate intimation will be made by bank to the participated
bidders for responding to the clarification sought. If any part of the technical
specification offered by the bidder is different from the specifications sought in our
RFP, the bidder has to substantiate the same in detail the reason of their quoting a
different specification than what is sought for, like higher version or non-availability
of the specifications quoted by us, invariably to process the technical offer and it
should be compatible to our application.
13.14.2 Setting of evaluation criteria for selection purposes shall be entirely at the
discretion of the Bank. The decision of the bank in this regard shall be final and no
correspondence shall be entertained in this regard.
13.14.3 The Bank may, at its discretion, waive any minor informality, nonconformity,
or irregularity in a bid which does not constitute a material deviation and financial
impact, provided such waiver does not prejudice or affect the relative ranking of any
bidder. Wherever necessary, observations on such ‘minor’ issues (as mentioned above)
Bank may be conveyed to the bidder, asking them to respond by a specified date also
mentioning therein that, if the bidder does not respond by the specified date, their
bid will be liable to be rejected.

13.15 Commercial Bid Evaluation through Reverse Auction

13.15.1 For finalization of the most competitive offer, the Bank will conduct ‘Reverse
auction’. The detailed procedure and Business rules for the Reverse auction is given
as per Annexure-R and are also available on Bank’s web site.

Page 30 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

13.15.2 The indicative commercial proposals of only those bidders who are qualified in
the technical evaluation would be opened and the lowest indicative prices may be
taken as the starting bid for conducting reverse auction under E-procurement
process. The detail of reverse auction under e-procurement process is given as per
Annexure-R. The L-1 bidder emerging from reverse auction process will submit a
detailed breakup of total cost as per the indicative commercial offer (Annexure E.

13.15.3 The technically qualified bidders will participate in the Reverse auction
process that will be conducted by an Auction company authorized by the Bank.
Specific rules for this event viz. date and time, start price, bid decrement value,
duration of event etc. shall be informed by the Auction Company to the
participating bidders before the event. The bidders should furnish indicative prices
for the project in their Indicative Commercial Bid to facilitate finalizing the start
bid for ‘Reverse auction’ under E-Procurement process.

13.15.4 The indicative commercial offer must not contradict the Technical offer in any
way and should include the indicative cost of all the items offered as per Annexure
E. This must contain all price information in Indian rupees (INR).

13.15.5 The lowest Indicative commercial offers (total cost) may be taken as the
starting bid or Bank may decide starting bid of Reverse Auction based on past
experience. Bidders should note that the indicative commercial bid is considered
for the purpose of conducting Reverse Auction process only. The L-1 bidder will be
decided only later, on finalization of prices through Reverse auction.

13.15.6 The L-1 bidder emerging at the end of the Reverse Auction process shall be
required to submit the break-up of Final price (last bid price) again in Annexure-E.
Failure or refusal to offer the services/goods at the price committed through
Reverse Auction shall result in forfeiture of EMD/ suspension from participation in
any future tenders of the Bank for 2 years, which please be noted.

13.15.7 The final decision on the bidder will be taken by Union Bank of India. Union
Bank reserves the right to reject any or all proposals. Similarly, it reserves the
right not to include any bidder in the final short-list.

13.15.8 The Bank shall follow all the guidelines/notifications for public procurement.

13.16 Rules for Re-Reverse Auction

13.16.1 Bank may consider the option of a Re-reverse Auction in following

circumstances:

Page 31 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

13.16.2 During the process of reverse auctions, if there is either no bids from
logged in bidders or only one bidder puts up bid/s, Bank may decide a re-reverse
auction by taking fresh Indicative prices from all qualified bidders in sealed cover
only, to amend the start price for Re-reverse auction.
13.16.3 In case the start price for the Reverse Auction event is decided by Bank
and there are no bids or only one bid/s by a single bidder in the Reverse Auction,
Bank may decide Re-reverse Auction while further amending the start price.

13.16.4 Reverse auction will be valid only if two or more bidders are
participating in the reverse auction event.

13.16.5 In all the above circumstances, the functional head of the department may
take a decision on re-reverse auction.

13.17 Restriction on Procurement due to National Security

Government of India order F. No. 7/86/2020/BOA-I dated 07.08.2020 on restrictions

on procurements from bidders from a country or countries, on grounds of defense
in India, or matters directly or indirectly, related thereto, including national
security is applicable for this RFP.
13.17.1 Any bidder from a country which shares a land border with India will be eligible
to bid in this tender only if the bidder is registered with the Competent
Authority.

13.17.2 "Bidder" (including the term 'tenderer', 'consultant' or 'service provider' in

certain contexts) means any person or firm or company, including any member
of a consortium or joint venture (that is an association of several persons, or
firms or companies), every artificial juridical person not falling in any of the
descriptions of bidders stated hereinbefore, including any agency branch or
office controlled by such person, participating in a procurement process.

13.17.3 “Bidder from a country which shares a land border with India" for the purpose
of this Order means: -
a. An entity incorporated, established or registered in such a country; or
b. A subsidiary of an entity incorporated, established or registered in such
country; or
c. An entity substantially controlled through entities incorporated, established
or registered in such a country; or
d. An entity whose beneficial owner is situated in such a country; or
e. An Indian (or other) agent of such an entity; or
f. A natural person who is a citizen of such a country; or
g. A consortium or joint venture where any member of the consortium or joint
venture falls under any of the above

Page 32 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

13.17.4 The beneficial owner for the purpose of (12.16.3) above will be as under:

i In case of a company or Limited Liability Partnership, the beneficial owner

is the natural person(s), who, whether acting alone or together, or through
one or more juridical person, has a controlling ownership interest or who
exercises control through other means.

Explanation
a ) "Controlling ownership interest" means ownership of or entitlement to
more than twenty-five per cent. of shares or capital or profits of the
company;
b ) "Control" shall include the right to appoint majority of the directors or
to control the management or policy decisions including by virtue of their
shareholding or management rights or shareholders agreements or voting
agreements;
ii In case of a partnership firm, the beneficial owner is the natural person(s).
who, whether acting alone or together, or through one or more juridical
person, has ownership of entitlement to more than fifteen percent of capital
or profits of the partnership;
iii In case of an unincorporated association or body of individuals, the beneficial
owner is the natural person(s), who, whether acting alone or together, or
through one or more juridical person, has ownership of or entitlement to
more than fifteen percent of the property or capital or profits of such
association or body of individuals;
iv Where no natural person is identified under (i) or (ii) or (iii) above, the
beneficial owner is the relevant natural person who holds the position of
senior managing official;
v In case of a trust, the identification of beneficial owner(s) shall include
identification of the author of the trust, the trustee, the beneficiaries with
fifteen percent or more interest in the trust and any other natural person
exercising ultimate effective control over the trust through a chain of control
or ownership.
vi An Agent is a person employed to do any act for another, or to represent
another in dealings with third person.
13.17.5 The successful bidder shall not be allowed to sub-contract works to any
contractor from a country which shares a land border with India unless such
contractor is registered with the Competent Authority.

Page 33 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

13.18 Preference to Make in India

13.18.1 Guidelines on Public Procurement (Preference to Make in India), Order

2017 (PPP-MII Order) and revised order issued vide GOI, Ministry of Commerce
and Industry, Department of Industrial Policy and Promotion letter No. P-
45021/2/2017(BE-II) dated 04.06.2020 will be applicable for this RFP and
allotment will be done in terms of said Order as under:

a. Among all qualified bids, the lowest bid will be termed as L1. If L1 is 'Class-I
local supplier', the contract for full quantity will be awarded to L1.

b. If L1 bid is not a 'Class-I local supplier', 50% of the order quantity shall be
awarded to L1. Thereafter, the lowest bidder among the 'Class-I local
supplier' will be invited to match the L1 price for the remaining 50% quantity
subject to the Class-I local supplier's quoted price falling within the margin
of purchase preference, and contract for that quantity shall be awarded to
such 'Class-l local supplier' subject to matching the L1 price. In case such
lowest eligible Class-I local supplier' fails to match the L1 price or accepts
less than the offered quantity, the next higher 'Class-I local supplier' Within
the margin of purchase preference shall be invited to match the L1 price for
remaining quantity and so on, and contract shall be awarded accordingly. In
case some quantity is still left uncovered on class-l local suppliers, then such
balance quantity may also be ordered on the L1 bidder.

c. "Class-II local supplier” will not get purchase preference in any procurement.

13.18.2 Definitions

a. “Local content” means the amount of value added in India which shall, unless
otherwise prescribed by the Nodal Ministry, be the total value of the item
procured (excluding net domestic indirect taxes) minus the value of imported
content in the item (including all customs duties) as a proportion of the total
value, in percent.

b. “Class-I local supplier” means a supplier or service provider, whose goods,

services or works offered for procurement, has local content equal to or
more than 50%, as defined under this order.

c. “Class-II local supplier” means a supplier or service provider, whose goods,

services or works offered for procurement, has local content more than 20%
but less than 50%, as defined under this Order.

Page 34 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

d. “Margin of purchase preference” means the maximum extent to which the

price quoted by a local supplier may be above the L1 for the purpose of
purchase preference. The margin of purchase preference shall be 20%.

13.18.3 Verification of local content

a. The 'Class-I local supplier'/'Class-II local supplier' at the time of tender,

bidding or solicitation shall be required to indicate percentage of local
content and provide self-certification as per Annexure W that the item
offered meets the local content requirement for 'Class-I local supplier' /
'Class-II local supplier', as the case may be. They shall also give details of the
location(s) at which the local value addition is made.

The Bank shall follow all the guidelines/notifications for public procurement.

13.19 Award of contract

On completion of evaluation of commercial bids, Bank will determine the L1 bidder

and contract will be awarded to lowest bidder after reverse auction process as per
Annexure R.
However, the Bank shall be under no obligation to accept the lowest price bid or
any other offer received in response to this Tender notice and shall be entitled to
reject any or all offers including those received late or incomplete offers without
assigning any reason whatsoever. The Bank reserves the right to make any changes
in the terms and conditions of purchase. The Bank will not be obliged to meet and
have discussions with any Bidder, and / or to listen to any representations unless
there is change in the terms and conditions of purchase.
14. Price Composition

14.1 TCO is for contract period of 3 years for Procurement of Kubernetes platform and
DevSecOps with CI/CD pipelines with Facility Management Services. The price
quoted should be inclusive of all charges as per Banks requirement mentioned in
Annexure E - Indicative Commercial Bid.
14.2 The commercial bid should be quoted in the Indicative commercial bid format
attached to this bid.
14.3 The prices should be firm and not dependent on any variable factors and
expressed in Indian Rupees.
14.4 The Total cost should be inclusive of all other charges but exclusive of GST
(CGST/SGST/IGST) which will be paid at actual at the time of invoicing.

Page 35 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

14.5 If the cost for any line item is indicated as zero/nil/blank then it will be assumed
by the Bank that the said item is provided to the Bank without any cost.
14.6 Bidder has to show the bifurcation/details of GST (CGST/SGST/IGST) in every
invoice.
14.7 Bank will not pay any labour charges for transportation, installation of software,
miscellaneous charges separately. All such costs, if any, should be absorbed in
the TCO.
14.8 The Bidder shall be liable to pay all applicable corporate taxes and income tax
that shall be levied according to the laws and regulations applicable from time to
time in India.
14.9 Wherever the laws and regulations require deduction of such taxes at the source
of payment, Purchaser shall make such deductions from the payment due to the
Bidder. The remittance of amounts so deducted and issuance of certificate for
such deductions shall be made by Purchaser as per laws and regulations in force.
Nothing in the Contract shall relieve the Bidder from his responsibility to pay any
tax that may be levied in India on income and profits made by the Bidder in
respect of this contract.
15. Taxes and Duties

The Bidder shall solely be responsible for all payments (including any statutory
payments) to its employees and shall ensure that at no time shall its employees,
personnel or agents hold themselves out as employees or agents of the Bank, nor seek
to be treated as employees of the Bank for any purpose, including claims of entitlement
to fringe benefits provided by the Bank, or for any kind of income or benefits. The
Bidder alone shall file all applicable tax returns for all of its personnel assigned
hereunder in a manner consistent with its status as an independent contractor of
services; and the Bidder will make all required payments and deposits of taxes in a
timely manner.

Payment of all taxes i.e. GST (CGST/SGST/IGST) will be made at actual, on production
of suitable evidence of payment by the Bidder.
The Bidder shall be liable to pay all applicable corporate taxes and income tax that
shall be levied according to the laws and regulations applicable from time to time in
India.

16. Rejection of Bid

The Bid is liable to be rejected if:

16.1 The document does not bear signature of authorized person in each page and duly
stamped.

Page 36 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

16.2 It is received through Fax/E-mail/dropped in tender box.

16.3 Incomplete Bids, including non-submission or non-furnishing of requisite documents

/ Conditional Bids / Bids not conforming to the terms and conditions stipulated in
this Request for proposal (RFP) are liable for rejection by the Bank.

16.4 It is evasive or contains incorrect information.

16.5 Any form of canvassing / lobbying /influence/ query regarding short listing, status
etc. will be a disqualification.

16.6 Bidder should comply with all the points mentioned in the scope of work, technical
specifications and all other clauses of RFP. Noncompliance of any point will lead to
rejection of the bid.

16.7 Unpriced Commercial Offer is not submitted along with Technical Offer.

16.8 Format of Commercial Offer differs from unpriced commercial Offer.

16.9 Non-submission of bid security/EMD/Integrity Pact (IP).

17. Online Prebid Meeting

For the purpose of clarifications of doubts of the bidders on issues related to the RFP,
Bank will hold a pre-bid meeting on the date & time as indicated in the RFP. It may be
noted that no query of any bidder shall be entertained / received after the mentioned
date. Queries raised by the prospective bidders and the Bank’s response will be
available at Bank’s web site. Only authorized representative of bidder (maximum two)
will be allowed to attend the online Pre-bid meeting. Interested bidders are required
to submit a letter from authorized signatory of the organization through the emails
mentioned in this RFP along with details including name, organization, designation,
Mobile number, etc. with subject as “RFP for Procurement of Kubernetes platform and
DevSecOps with CI/CD pipelines with Facility Management Services”. URL for joining
the online Prebid meeting will be sent separately to those submitted authorization
letter within the scheduled date and time. Bidders can have better experience if joined
through Microsoft Teams app.

Non - attendance at the Pre-bid Meeting will not be a cause for disqualification of a
bidder.

Any modification of the RFP, which may become necessary as a result of the Pre- bid
Meeting, shall be made public by the Bank exclusively through the issue of an

Page 37 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

Addendum/Corrigendum on Bank’s website [Link], government

tender portal [Link] and e-Procurement site
[Link]

18. RFP Response

All submissions will become the property of Bank. Recipients shall be deemed to
license, and grant all rights to, Bank to reproduce the whole or any portion of their
submission for the purpose of evaluation, to disclose the contents of the submission to
other Recipients who have registered a submission and to disclose and/or use the
contents of the submission as the basis for any resulting RFP process, notwithstanding
any copyright or other intellectual property right that may subsist in the submission or
Banking documents.

Bid properly documented should be submitted by uploading at

[Link] or before stipulated date & time mentioned in the RFP.

19. Patent Rights

19.1 The supplier shall indemnify the Bank against all third party claims of infringement of
patent, trademark or industrial design rights arising from use of the Goods, or any part
thereof in India.

19.2 The supplier shall, at their own expense, defend and indemnify the Bank against all
third party claims or infringement of intellectual Property Right, including Patent,
trademark, copyright, trade secret or industrial design rights arising from use of the
products or any part thereof in India or abroad.

19.3 The supplier shall expeditiously extinguish any such claims and shall have full rights
to defend it there from. If the Bank is required to pay compensation to a third party
resulting from such infringement, the supplier shall be fully responsible for, including
all expenses and court and legal fees.

19.4 The Bank will give notice to the Supplier of any such claim without delay, provide
reasonable assistance to the Supplier in disposing of the claim, and shall at no time
admit to any liability for or express any intent to settle the claim.

19.5 The Supplier shall grant to the bank a fully paid-up, irrevocable, non-exclusive license
throughout the territory of India or abroad to access, replicate and use software (and
other software items) provided by the supplier, including-all inventions, designs and
marks embodied therein in perpetuity.

20. Adherence to Cyber Security Systems

Page 38 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

Bidders are liable for not meeting the security standards or desired security aspects of
all the ICT resources as per Bank’s IT/Information Security / Cyber Security Policy. The
IT /Information Security/ Cyber Security Policy will be shared with successful bidder.
Bidders should ensure Data Security and protection of facilities/application managed
by them.

The deputed persons should aware about Bank’s IT/IS/Cyber security policy and have
to maintain the utmost secrecy & confidentiality of the bank’s data including process
performed at the Bank premises. At any time, if it comes to the notice of the bank that
data has been compromised / disclosed/ misused/misappropriated then bank would
take suitable action as deemed fit and selected vendor would be required to
compensate the bank to the fullest extent of loss incurred by the bank.

The resources onboard to Bank’s work need to provide declaration as per Annexure P -
Know Your Employee (KYE) Clause as per bank’s outsourcing policy.

Bidder has to agree and provide undertaking not to disclose any Bank information and
will maintain confidentiality of Bank information as per policy of the Bank and will sign
“Non-Disclosure Agreement” document provided by Bank.

The legal and regulatory requirements, including data protection, intellectual property
rights, copy right, all the relevant regulations for sub-contracting; including the
controls that need to be implemented shall be included in the supplier agreement.

All information resources (online/in-person) of the vendors and its partners shall be
made accessible to reserve Bank of India as and when sought. Credentials of
vendor/third party personnel accessing and managing the bank’s critical assets shall be
maintained and shall be accordance with Bank’s policy.

The Bank shall evaluate, assess, approve, review, control and monitor the risks and
materiality of vendor/outsourcing activities and bidder shall ensure to support baseline
system security configuration standards. The Bank shall also conduct effective due
diligence, oversight and management of third-party vendors/service providers &
partners.

Vendor criticality assessment shall be conducted for all partners & vendors. Appropriate
management and assurance on security risks in outsources and partner arrangements
shall be ensured.

21. Liquidated Damages (LD)

If Successful bidder fails to deliver any or all the Service(s) or perform the Services
within the time period(s) specified in the RFP/Contract / Agreement, BANK shall,

Page 39 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

without prejudice to its other rights and remedies under and in accordance with the
RFP/Contract / Agreement, levy Liquidated Damages (LD) from payments, which are
due to the Successful bidder. For calculation of LD:

21.1 LD for delay in delivery/ installation/ implementation of the solution for each
week of delay beyond the scheduled commencing date or part thereof will be a
sum equivalent to 1% of order value excluding ATS & Facility Management Service
cost. In case of undue delay beyond a period of 15 days after attaining the
maximum penalty of 10% of total TCO excluding FMS & Training cost, Bank may
consider termination of the contract or purchase order.

21.2 The overall LD during implementation will be to a maximum of 10% of the total
cost of the project excluding facility management service cost.

21.3 Part of week will be considered as full week.

21.4 Any delay by the bidder in performance of its delivery obligations shall render
the bidder liable to the imposition of liquidation damages, unless extension of
time is agreed upon without application of liquidation damages.

21.5 Bank can deduct the amount of liquidated damages from any money belonging
to the Successful bidder in its hands (which includes BANK’s right to claim such
amount against Successful bidder’s Performance Bank Guarantee) or which may
become due to the Successful bidder.

21.6 Any such recovery or liquidated damages shall not in any way relieve the
Successful bidder from any of its obligations to complete the works / service(s)
or from any other obligations and liabilities under the
Contract/Agreement/Purchase Order.

21.7 Bank reserves the right to condone the delay, if it is not attributable to the
Successful bidder.

22. Service Level Agreement

22.1 The Bank notifies the successful Bidder that its Bid has been accepted, the
Bidder shall enter into a Service Level Agreement (SLA) with the Bank, containing all
the Terms and Conditions of this RFP, including confidentiality, non-disclosure and
penalty clauses, and any other clause relevant to the services offered.

22.2 Wherever applicable as stated above while effecting any payment, deduction
towards penalty payment will be made.

Page 40 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

22.3 The Bidder shall have to enter into an agreement with Bank covering all terms
and conditions of this tender including if required, Regularity authority/RBI can
inspect system/infrastructure of successful vendor.

22.4 This solution must be available 24x7 and hence any technical problem should
be resolved in 4 hours from the time of lodge of complaint. The bidder needs to
strictly adhere to Service Level Agreements (SLA). Response Time: 30 minutes from
the time of complaint. Resolution Time: 4 hours from the time of complaint.

22.5 If Bidder fails to provide Facility Management Engineer (Resource) for minimum
mandated man days, a penalty of Rs.2,000/- per day per engineer will be levied by
Bank in addition to deducting the charges for that number of days on pro-rata basis.
Billing loss should be absorbed by the bidder and bidder should provide suitable
replacement for the period.

22.6 In case engineer intends to leave the firm, Bidder should inform the Bank 2
months in advance and depute new engineer 1 month prior to last working day of
existing engineer for proper handover of work.

22.7 Bank reserves its right to recover these amounts by any mode such as adjusting
from any payments to be made by the Bank to the company.

22.8 RBI/Regulatory authority may inspect facilities of successful bidder up to 2

years beyond the contract period.

22.9 Bidder shall allow the Bank and its regulators for periodic visit/audit or as &
when required.

22.10 The Bank would expect the bidder to commit to the service level
assurances. The Bidder shall commit to maintain uptime of 99.95 and above per
month. The SLA will be reviewed on a quarterly basis.

Level of Uptime Per Month Penalty Charges

99.95% and above No Penalty
99.00% and above but below 99.95% 1 % of Software and Implementation cost.
98.00% and above but below 99.00% 2 % of Software and Implementation cost.
97.00% and above but below 98.00% 3 % of Software and Implementation cost.
96.00% and above but below 97.00% 4 % of Software and Implementation cost.
95.00% and above but below 96.00% 5 % of Software and Implementation cost.
94.00% and above but below 95.00% 6 % of Software and Implementation cost.
93.00% and above but below 94.00% 7 % of Software and Implementation cost.
92.00% and above but below 93.00% 8 % of Software and Implementation cost.
91.00% and above but below 92.00% 9 % of Software and Implementation cost.
below 91% 10 % of Software and Implementation cost.

Page 41 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

Total No. of hrs in Qtr − No. of hrs impacted in Qtr

𝑈𝑝𝑡𝑖𝑚𝑒 (𝑈) = × 100
Total No. of hrs in Qtr

22.11 Bidder must conduct quarterly health checkup, resolve issues, version/patch
upgrade, closing audit observations and closing vulnerability assessment observations
of applications/database/operating systems deployed in the DevSecOps pipeline.

22.12 Bidder are expected to attend the calls and provide the man-day support at on
site location for critical applications. Further, Bidder is expected to respond and
resolve issue in case of any malfunctioning of any software etc. the relevant defect
should be resolved as per detail given below:

S. Respons Resolution Penalty

Severit Severity Description Amoun
N y e Time Time
t
(Rs.)
If there is complete disruption of
services resulting in non-functioning
of business/ application operations.
The operation is mission critical due
to major disruption of business Within 30
Rs.8000/-
continuity. minutes of
Critical for every
1 Characteristics of severity 1 are call 4
hour
described as under: reported/ Hours
- beyond
informed.
Severity 1) Complete data loss/Database resolution
1 crash/ OS crash/ Tools not time.
working due to any reason and
may require restoration of data
from backup (local/external) or
re-installation of OS or Tools.
Database cannot be started
2)
/opened or Unable to start
services of application server or
OS not responding.
The issue is severe in nature, but Rs.5000/-
Moderat database/ OS/Tools are available Within 1 for every
8
2 e with restricted operations and some hour of call hour
Hours
- manageable workarounds. However, reported/ beyond
Severity it cannot be functioned for a long with informed. resolution
2 available workarounds. time.
Within 4 Rs.3000/-
Normal Minor loss of service and the impact hours of 12 for every
3 of the issue could be minor in nature call hour
Hours
- which may require some workaround reported/ beyond

Page 42 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

Severity to bring the normal functioning. informed. Resolutio

3 n time.

4 UAT/DE Within 8 24 Hours Rs.2000/-

V UAT / development environment is for every
hours of
environ not available for development call hour
ment activity reported/ beyond
informed. resolution
time.

22.13 Besides conducting health checkup for production & non-production

environment to avoid business disruption. If bidder fails to complete the planned
activities of solution as per scope of work or fails to submit the desired report / root
cause analysis or unable upgrade version/patch within the defined time line, a
penalty of Rs.5,000/- per such incidence will be levied by Bank as per detail given
below:

Resolution Time From

Environment
Sr. the time of reporting the
Description (Production /Non-
No request / issue through
production)
phone call / email / web
based portal)
Submission of root cause
1 analysis & solution Production 1 day
report.
Fails submit root cause
2 analysis & solution Non-production 2 days
report.
Version upgrade / patch
3 Production 3 working days
upgrade related issues
Version upgrade / Patch
4 Non-Production 7 working days
upgrade related issues
On site Planned activities –
Health checkup, installation /
5 re- installation, configuration Production 3 working days
/reconfiguration

Page 43 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

On site Planned activities –

Health checkup, installation /
6 re- installation, configuration Non-Production 7 working days
/reconfiguration

22.14 Penalties, if any shall be calculated quarterly and recovered from the Annual
Technical / Recurring charges of that quarter.

22.15 Wherever applicable as stated above while effecting any payment, deduction
towards LD payment will be made. Hence the bidder should raise the invoice deducting
the penalty amount.

22.16 The penalty is capped at maximum 10% of TCO excluding FMS & Training cost.

23. Payment Terms

The terms of payment will be as follows:

S.N. Item description % of licenses % of

cost implementation
cost
1 Detailed requirement study and 10%
submission of supportive document (i.e.,
SRS, Architecture Design deployment
plan, Document etc.)
2 Delivery, installation and configuration 30%
of Software and Enterprise Licenses of
DevSecOps and Container Platform along
with all necessary tools in DC.
3 Delivery, installation and configuration 20%
of Software and Enterprise Licenses of
DevSecOps and Container Platform along
with all necessary tools in DR.
4 Setup of Software Governance 10%
Framework and Base line for Software
CMM level or DevSecOps Maturity
Model.
5 Go Live of 2 legacy application 10% 50%
deployed in the new environment by
means of application modernization.
6 One successful DR drill after Go Live 50%

Page 44 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

7 Submission of Performance Bank 20%

Guarantee after 4 weeks of Go Live of
2 legacy application deployed in the
new environment.

1. No advance payment will be made.

2. TDS on payments will be deducted as applicable.
3. All the payments will be made to bidder electronically in Indian Rupees only.
4. Payment shall be released on submission of necessary proof and documents like
original Invoices, Warranty Certificates, Performance Bank Guarantee, Signed Service
Level Agreement, and Delivery of Software Licenses etc. subject to acceptance by
Bank, submission of Letter issued by Bank in respect of completion of User Acceptance
Test (UAT), documents as required by Bank like manual & documentation, training
etc.
5. Payment for Facility Management Service after the initial setup / configuration of the
End-to-End will be made monthly in arrears on pro-rata basis as per the attendance.
6. ATS cost will be paid quarterly
7. Invoices shall be raised post milestone sign off for services billing.
8. Bank will pay invoices within 30 days from the date of receipt of physical invoice by
the Bank, except for those portions of any invoice that the Bank disputes in good faith
and in writing. No penalty /Interest will be paid for the delayed payment.
9. Training will be scheduled as and when requested by Bank, and the payment for each
training will be released separately on its completion.
24. Annual Technical Support

24.1 The successful bidder must undertake to provide technical support for the software
for the period of 2 years beyond warranty period of 1 year or for further period for
which the contract may be extended.

24.2 Any regulatory /statutory changes or updates or guidelines as required under the
directive of Government of India, Reserve Bank of India or any other
regulatory/statutory authority must be provided/ upgraded to the Bank free of cost
by bidder during warranty or ATS tenure.

24.3 Bidder is expected to provide warranty for a period of 1 year and comprehensive on-
site 24x7 maintenance support for End-to-End solution with 4 hours problem
resolution commitment for next 2 years beyond warranty period.

24.4 The ATS charges per annum should be minimum 18% of the cost of software/tool
components.

24.5 The ATS charges shall be released to the bidder quarterly in advance subject to
timely submission of applicable documents like invoice, performance availability

Page 45 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

reports etc.

24.6 The Bank reserves the right to terminate the ATS (if contracted) by giving Successful
Bidder, a prior and written notice of one month indicating its intention to terminate
the Contract, if the services rendered by the bidder(s) are not satisfactory. In that
case, the bidder(s) will refund the proportionate amount of ATS for the rest of the
period of the ATS, if any.

24.7 Any decision in this regard by the Bank shall be final, conclusive and binding on the
Selected bidder and shall not be questioned/ challenged by the Selected bidder.

25. Contract Period

The successful bidder shall be required to enter a contract with Bank within one month
of the award of contract or within such extended period as may be specified by Bank.
The contract period for this project is 3 years from the date of issuance of purchase
order. However, the contract period may be extended for additional 2 years at same
cost and terms & conditions.

The extended contract period will be reviewed on yearly basis subject to satisfactory
performance of the resources. If in any case it is found that the services offered are
not satisfactory, the Bank may consider termination of the contract and forfeiture of
the performance Guarantee.

26. Warranty

26.1 All support & services required for implementation, customization, smooth operation
and maintenance of Kubernetes platform and DevSecOps, as described in RFP, will
be the part of the project deliverables during the contract period (under warranty
or post warranty).

26.2 The warranty for the tools and software would be on-site and comprehensive in
nature. Warranty will start from the date of go-live and will be valid for a period of
one year. The successful bidder shall provide maintenance and support under
warranty, without any extra cost, for a minimum period of one year. Warranty for
software will start from the date of final signoff (go-live) by the Bank. Bank will not
pay any charges during warranty period.

26.3 Any corruption in the software/tools or any services shall be rectified during the full
period of the contract including warranty, if contracted, at no extra cost to the Bank.

26.4 The executions of the service(s) herein are and shall be strictly in accordance and in
compliance with all Applicable Laws, as amended from time to time, the regulatory
framework governing the same and the Good Industry Practice. It has all permissions,

Page 46 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

consents, approvals and license from all authorities, regulatory /statutory and non-
regulatory, for executing the Service(s).

26.5 The successful bidder warrants that Deliverables and the Services provided by the
successful bidder shall be as per the terms of this Agreement. The successful bidder
should guarantee that the software supplied to the Bank is licensed and legally
obtained. Software must be supplied with their original and complete printed
documentation. The successful bidder shall be fully responsible for warranty of all
the system components in respect of proper design, quality, material and
workmanship of the software, accessories etc. covered by the offer.

27. Authorized Signatory

The Selected vendor shall indicate the authorized signatories who can discuss and
correspond with the BANK, with regard to the obligations under the contract. The
Selected vendor shall submit at the time of signing the contract a certified copy of the
resolution of their board, authenticated by the company secretary, authorizing an
official or officials of the bidder to discuss, sign agreements/contracts with the BANK,
raise invoice and accept payments and also to correspond. The bidder shall provide
proof of signature identification for the above purposes as required by the BANK.

28. Confidentiality

The bidder must undertake that they shall hold in trust any Information received by
them, under the Contract/Agreement, and the strictest of confidence shall be
maintained in respect of such Information. The bidder has also to agree:

28.1 To maintain and use the Information only for the purposes of the
Contract/Agreement and only as permitted by the BANK;

28.2 To only make copies as specifically authorized by the prior written consent of the
Bank and with the same confidential or proprietary notices as may be printed or
displayed on the original;

28.3 To restrict access and disclosure of Information to such of their employees, agents,
strictly on a “need to know” basis, to maintain confidentiality of the Information
disclosed to them in accordance with this Clause and

28.4 To treat all Information as Confidential Information.

28.5 The Selected vendor shall be required to sign a Non-Disclosure Agreement with Bank
as per prescribed format provided in Annexure J within thirty days of issuing the
purchase order/letter of intent.

Page 47 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

29. Intellectual Property Rights

The Bidder claims and represents that it has obtained appropriate rights to provide/use
the Deliverables and Services upon the terms and conditions contained in this RFP.

29.1 The Bidder shall be responsible at its own cost for obtaining all necessary
authorizations and consents from third party licensors of Software used by Bidder in
performing its obligations under this Project.

29.2 If a third party’s claim endangers or disrupts the Bank’s use of the Deliverables, the
Bidder shall at no further expense, charge, fee or cost to the Bank, (i) obtain a license
so that the Bank may continue use of the Deliverables in accordance with the terms
of this RFP.

29.3 Bidder shall indemnify and keep fully and effectively indemnified the Bank from all
legal actions, claims, or damages from third parties arising out of use of software,
designs or processes used by Bidder or his subcontractors or in respect of any other
services rendered under this RFP.

30. Non-Transferable Offer

This Request for Proposal (RFP) is not transferable. Only the bidder who has submitted
the bid will be eligible for participation in the evaluation process.

31. Indemnity & Limitation of Liability

31.1 Subject to Clause 31.4 below, the bidder (the "Indemnifying Party") undertakes to
indemnify, hold harmless the Purchaser (the "Indemnified Party") from and against
all claims, liabilities, losses, expenses (including reasonable attorneys' fees), fines,
penalties, taxes or damages (Collectively “Loss”) on account of bodily injury, death
or damage to tangible personal property arising in favor of any person, corporation
or other entity (including the Indemnified Party) attributable to the Indemnifying
Party's negligence or willful default in performance or non-performance under this
Agreement.

31.2 If the Indemnified Party promptly notifies Indemnifying Party in writing of a third
party claim against Indemnified Party that any Service provided by the Indemnifying
Party infringes a copyright, trade secret or patents incorporated in India of any
third party, Indemnifying Party will defend such claim at its expense and will pay
any costs or damages, that may be finally awarded against Indemnified Party.

31.3 Indemnifying Party will not indemnify the Indemnified Party, however, if the claim
of infringement is caused by:

Page 48 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

31.3.1 Indemnified Party’s misuse or modification of the Service;

31.3.2 Indemnified Party’s failure to use corrections or enhancements made
available by the Indemnifying Party;
31.3.3 Indemnified Party’s use of the Service in combination with any product or
information not owned or developed by Indemnifying Party; However, if any
service, information, direction, specification or materials provided by
Indemnified Party or any third party contracted to it, is or likely to be held to
be infringing, Indemnifying Party shall at its expense and option either;
[Link] Procure the right for Indemnified Party to continue using it
[Link] Replace it with a non-infringing equivalent
[Link] Modify it to make it non-infringing.
[Link] The foregoing remedies constitute Indemnified Party’s sole and exclusive
remedies and Indemnifying Party’s entire liability with respect to
infringement.
31.4 The indemnities set out in this clause shall be subject to the following conditions:

31.4.1 The Indemnified Party as promptly as practicable informs the Indemnifying Party
in writing of the claim or proceedings and provides all relevant evidence,
documentary or otherwise;

31.4.2 the Indemnified Party shall, at the cost of the Indemnifying Party, give the
Indemnifying Party all reasonable assistance in the Defense of such claim
including reasonable access to all relevant information, documentation and
personnel provided that the Indemnified Party may, at its sole cost and expense,
reasonably participate, through its attorneys or otherwise, in such Defense;

31.4.3 if the Indemnifying Party does not assume full control over the Defense of a claim
as provided in this Article, the Indemnifying Party may participate in such
Defense at its sole cost and expense, and the Indemnified Party will have the
right to defend the claim in such manner as it may deem appropriate, and the
cost and expense of the Indemnified Party will be included in Losses;

31.4.4 the Indemnified Party shall not prejudice, pay or accept any proceedings or
claim, or compromise any proceedings or claim, without the written consent of
the Indemnifying Party;

31.4.5 all settlements of claims subject to indemnification under this Clause will:

a. be entered into only with the consent of the Indemnified Party, which consent
will not be unreasonably withheld and include an unconditional release to the
Indemnified Party from the claimant or plaintiff for all liability in respect of such

Page 49 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

claim; and
b. include any appropriate confidentiality agreement prohibiting disclosure of the
terms of such settlement;
31.4.6 the Indemnified Party shall account to the Indemnifying Party for all awards,
settlements, damages and costs (if any) finally awarded in favour of the
Indemnified Party which are to be paid to it in connection with any such claim
or proceedings;

31.4.7 the Indemnified Party shall take steps that the Indemnifying Party may
reasonably require to mitigate or reduce its loss as a result of such a claim or
proceedings;

31.4.8 in the event that the Indemnifying Party is obligated to indemnify an Indemnified
Party pursuant to this Article, the Indemnifying Party will, upon payment of such
indemnity in full, be subrogated to all rights and defenses of the Indemnified
Party with respect to the claims to which such indemnification relates; and

31.4.9 if a Party makes a claim under the indemnity set out under Clause 31.1 above in
respect of any particular Loss or Losses, then that Party shall not be entitled to
make any further claim in respect of that Loss or Losses (including any claim for
damages).

The liability of either Party (whether in contract, tort, negligence, strict liability in
tort, by statute or otherwise) for any claim in any manner related to this Agreement,
including the work, deliverables or Services covered by this Agreement, shall be the
payment of direct damages only which shall in no event exceed one time the total
contract value payable under this Agreement. The liability cap given under this Clause
shall not be applicable to the indemnification obligations set out in this clause and
breach of Clause 30 (Confidentiality).

In no event shall either party be liable for any consequential, incidental, indirect,
special or punitive damage, loss or expenses (including but not limited to business
interruption, lost business, lost profits, or lost savings) nor for any third-party claims
(other than those set-forth in Clause 31.1) even if it has been advised of their possible
existence.

The allocations of liability in this clause represent the agreed and bargained-for
understanding of the parties and compensation for the Services reflects such
allocations. Each Party has a duty to mitigate the damages and any amounts payable
under an indemnity that would otherwise be recoverable from the other Party pursuant
to this Agreement by taking appropriate and commercially reasonable actions to reduce
or limit the amount of such damages or amounts.

Page 50 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

32. Responsibility for Completeness

Any supplies and services, which might not have been specifically mentioned in this
tender but, are necessary for the installation, Configuration, testing, commissioning,
performance or completeness of the order, shall be provided/made available as per the
time schedule for smooth and efficient operation and maintenance of the system under
Indian conditions.

The bidder shall be responsible for any discrepancies, errors and omissions in the
technical details submitted by him/them, irrespective of whether these have been
approved, reviewed or otherwise, accepted by the Bank or not. The Bidder shall take
all corrective measures arising out of discrepancies, errors and omissions in drawing
and other information as mentioned above within the time schedule and without extra
cost to the Bank.

33. Force Majeure

Force Majeure is here in defined as any cause, which is beyond the control of the
selected vendor or the Bank as the case may be which they could not foresee or with
are as on able amount of diligence could not have foreseen and which substantially
affect the performance of the Contract, such as:

33.1 Natural phenomena, including but not limited to floods, droughts, earthquakes,
epidemics,

33.2 Acts of any Government, including but not limited to war, declared or undeclared,
priorities, quarantines, embargoes,

33.3 Terrorist attacks, public unrest in work area;

Provided either party shall within ten (10) days from the occurrence of such a cause
notify the other in writing of such causes. The Bidder or the Bank shall not be liable
for delay in performing his/her obligations resulting from any Force Majeure cause as
referred to and/or defined above.

34. Exit Clause

The Bank reserves the right to cancel the contract in the event of happening one or
more of the following conditions:

34.1 Failure of the successful bidder to accept the contract and furnish the Performance
Bank Guarantee within 30 days from receipt of purchase contract.

34.2 Delay in delivery beyond the specified period.

34.3 Delay in completing testing/customization and acceptance tests/ checks beyond the

Page 51 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

specified periods.

34.4 Serious discrepancy in functionality to be provided or the performance levels which

have an impact on the functioning of the solution.

35. Termination of Contract

If the Termination is on account of failure of the successful bidder to perform the

obligations under this RFP contract, the Bank shall have the right to invoke the
Performance Bank Guarantee(s) given by the selected vendor.

The Bank will be entitled to terminate this Contract, without any cost to the Bank
and recover expenditure incurred by Bank, on the happening of any one or more of
the following:

35.1 The Selected bidder commits a breach of any of the terms and conditions of the bid.

35.2 The Successful bidder goes into liquidation voluntarily or otherwise

35.3 An attachment is levied or continues to be levied for a period of 7 days upon effects
of the Agreement.

35.4 The progress regarding the execution of the order accepted by the Selected bidder is
found to be unsatisfactory or delay in execution of the contract, the Bank reserves the
right to get the balance contract executed by another party of its choice by giving one
month’s notice for the same. In this event, the selected vendor is bound to make good
the additional expenditure, which Bank may have to incur in executing the balance
contract. This clause is applicable, if for any reason, the contract is cancelled.

35.5 Non-satisfactory performance of the Selected bidder during implementation and

operation.

35.6 An act of omission by the Bidder, its employees, its agents, or employees of the
consortium in the performance of the services provided by this contract.

35.7 Failure to integrate/implement the Project as per the requirements of the Bank as
stated in this RFP.

35.8 Material discrepancies in the Deliverables and Services noted in the

implementation/maintenance of the Project. Bank reserves the right to procure the
same or similar product from the alternate sources at the risk, cost and responsibility
of the Selected vendor.

35.9 Bank shall serve the cure-cum-termination notice to the bidder at least 30 days prior,

Page 52 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

of its intention to terminate services. If the performance is not cured to the satisfaction
of bank within 30 days, termination will be effected.

35.10 Selected vendor is found to be indulging in frauds.

35.11 The bank suffers a reputation loss on account of any activity of successful
bidder penalty is levied by regulatory authority.

35.12 In the event of subcontract or assignment contrary to the terms of agreement.

36. Audit

The Bidder shall at all times whenever required furnish all information, records, data
stored in whatsoever form to internal, external, Bank appointed and statutory/ RBI
inspecting auditors and extend full cooperation in carrying out of such inspection. The
Bidder will also undertake to co-operate with the RBI to carry out its supervisory
functions and objectives and will furnish all records and other information as RBI may
call for to carry our inspection and/ or other functions. The Bidder is required to
facilitate the same at no additional cost and shall provide uninterrupted access to the
documents required by the auditors. Further the Bidder has to ensure rectification of
all the irregularities thus pointed out by the auditor within a given time frame.

The bidder has to ensure compliance of Information Security according to policy of the
Bank and mitigate the risk, if any, within the stipulated time without any additional
cost to Bank.

In line of above, the selected vendor shall ensure that all regulatory, Statutory, Local
Administration requirements are adhered to subsequently while undertaking
deliverable and services over the period of contract without any additional cost to Bank.

Compliance with security best practices may be monitored by periodic

computer/information security audit performed by or on behalf of the Bank. The
periodicity of these audits will be decided at the discretion of the Bank. These audit
plan to include, but are not limited to, a review of: access and authorization
procedures, physical security controls, input/output controls, DB controls, backup and
recovery procedures, network security controls and program change controls.
To the extent that the Bank deems it necessary to carry out a program of inspection
and audit to safeguard against threats and hazards to the confidentiality, integrity, and
availability of data, the Bidder shall afford the Bank’s representative access to the
Bidder’s facilities, installations, technical resources, operations, documentation,
records, databases and personnel. The Bidder must provide the Bank access to various
monitoring and performance measurement system (both manual and automated). The
Bank has the right to get the monitoring and performance measurement systems (both
manual and automated) audited without prior approval / notice to the bidder.

Page 53 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

Any license violation on the part of the outsourced vendor shall not put Bank at risk.
Bank shall reserve the right to audit the license usage of the vendor or shall ask the
vendor to take undertaking of non-violation of license.

37. Conflict of Interest

Bank requires that bidder provide professional, objective, and impartial advice and at
all times hold Bank’s interest paramount, strictly avoid conflicts with other
Assignment(s)/ Job(s) or their own corporate interests and act without any
expectations/ consideration for award of any future assignment(s) from Bank.

Bidder have an obligation to disclose any situation of actual or potential conflict in

assignment/job, activities and relationships that impacts their capacity to serve the
best interest of Bank, or that may reasonably be perceived as having this effect. If the
Bidder fails to disclose said situations and if Bank comes to know about any such
situation at any time, it may lead to the disqualification of the Bidder during bidding
process or the termination of its Contract during execution of assignment.

38. RFP Ownership

The RFP and all supporting documentation are the sole property of Union Bank of India
and should NOT be redistributed without prior written consent of Union Bank of India.
Violation of this would be a breach of trust and may, inter-alia cause the bidders to be
irrevocably disqualified. The aforementioned material must be returned to Union Bank
of India when submitting the proposal, or upon request; however, bidders can retain
one copy for reference.

39. Proposal Ownership

The proposal and all supporting documentation submitted by the bidders shall become
the property of Union Bank of India unless the Bank agrees to the bidder’s specific
requests, in writing, the proposal and documentation to be returned.

40. Tender/RFP Cancellation

The Bank reserves the right to cancel the Tender/RFP at any time without assigning any
reasons whatsoever.

41. Publicity

Any publicity by the Service Provider in which the name of the Bank is to be used, will
be done only with the explicit written permission of the Bank.

Page 54 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

42. Arbitration

All disputes and differences of any kind whatsoever arising out of or in connection with
the purchase order shall be referred to arbitration. The arbitrator may be appointed by
both the parties or in case of disagreement each party may appoint an arbitrator and
such arbitrators shall appoint an Umpire before entering on the reference. The decision
of the Umpire shall be final. Such arbitration shall be governed by the provisions of
Indian Arbitration and Conciliation Act 1996. All arbitration proceedings shall be at
Mumbai, Maharashtra State, India only.

43. Dispute Resolution & Jurisdiction

Notwithstanding anything contained herein above, in case of any dispute, claim and
legal action arising out of this RFP, the parties shall be subject to the jurisdiction of
courts at Mumbai, Maharashtra State, India only. Law of India will be applicable for
Dispute Resolution.

44. Minimum Wages and compliance of laws

The bidder hereby agrees and undertakes that during the subsistence of this agreement
and will not employ any personnel/individual below the Minimum Wages fixed by
appropriate Government on this behalf from time to time, as per the provisions of
Minimum Wages Act [Link] bidder should ensure that they comply with all local laws
and labour laws applicable to the services undertaken, Bank shall not be liable for any
injuries/damage caused to the personnel employed by the bidder for execution of work
and bidder shall ensure all protection including insurance to the personnel employed.

45. Escrow Arrangement

a. Bidder has to agree to keep source code of proposed solution with approved /
recognized escrow agency under escrow arrangements mutually acceptable to the
bank and Bidder for entire project period. Cost of the escrow arrangement to be
borne by Bank. Contract will be signed on mutually acceptable terms with bank
and escrow agent.

[Link] application software should mitigate Application Security Risks; at a minimum

those discussed in OWASP top 10 (Open Web Application Security Project).

c. The Bank has right to Audit the Application / Source Code by suitable Security
Auditor.

[Link] Bidder shall provide complete and legal documentation of all subsystems,
licensed operating systems, licensed system software, and licensed utility
software and other licensed software. The Bidder shall also provide licensed
software for all software products whether developed by it or acquired from

Page 55 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

others. The Bidder shall also indemnify the Bank against any levies / penalties on
account of any default in this regard.

[Link] case the Bidder is coming with software which is not its proprietary software,
then the Bidder must submit evidence to the satisfaction of Bank in the form of
agreement it has entered into with the software vendor which includes support
from the software vendor for the proposed software for the full period required
by the Bank.

46. General Terms

46.1 Canvassing of any kind will not only invite disqualification but also will debar the
Bidder from future participation in the tendering process.
46.2 Bidder is required to comply with the standard data security system and abide
Information Security policy of the Bank.
46.3 During the evaluation process at any stage if it is found that the bidder does not
meet the eligibility criteria or has submitted false/incorrect information the bid will
be rejected summarily by the bank.
46.4 Bidder is required to comply with all terms and conditions as mentioned in this RFP
document.
46.5 The RFP and all supporting documents are the sole property of the Bank and violation
of this will be a breach of trust and Bank would be free to initiate any action deemed
appropriate. The proposal and all supporting documentation submitted by bidders
shall become the property of the Bank.

47. Modification and Withdrawals of Bid

The bidder may modify its bid’s submission anytime by logging in to the website
[Link] and uploading the documents again till the last date and
time of bid submission.

No bid can be modified or withdrawn by the bidder subsequent to the closing date
and time for submission of bids.

No bid shall be withdrawn in the intervening period between deadline for submission
of bids and expiration of period of bid validity specified by bidder in the submitted
bid. In the event of withdrawal of the bid by bidders, the EMD will be forfeited/liable
to be suspended from participation in any future tenders of the Bank for 2 years.

No bidder shall be allowed to withdraw the bid, if bidder happens to be successful

bidder.

48. Price Validity

Page 56 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

Prices payable to the successful bidder as stated in the Contract shall be firm and not
subject to any changes at any circumstances during the contract period.

49. Ownership and Retention of Documents

All information processed, stored, or transmitted by successful Bidder application

belongs to the Bank. By having the responsibility to maintain the application, the
Bidder does not acquire implicit access rights to the information or rights to
redistribute the information. The Bidder understands that civil, criminal, or
administrative penalties may apply for failure to protect information appropriately.
Any information considered sensitive by the bank must be protected by the successful
Bidder from unauthorized disclosure, modification or access. The bank’s decision will
be final.

Types of sensitive information that will be found on Bank system’s which the Bidder
plans to support or have access to include, but are not limited to Information subject
to special statutory protection, legal actions, disciplinary actions, complaints, IT
security, pending cases, civil and criminal investigations, etc.

The successful Bidder shall not publish or disclose in any manner, without the Bank’s
prior written consent, the details of any security safeguards designed, developed, or
implemented by the Bidder or existing at any of the Bank location. The Bidder will
have to develop procedures and implementation plans to ensure that IT resources
leaving the control of the assigned user (such as being reassigned, removed for repair,
replaced, or upgraded) are cleared of all Bank data and sensitive application
software. The bidder will have to also ensure that all subcontractors who are involved
in providing such security safeguards or part of it shall not publish or disclose in any
manner, without the Bank’s prior written consent, the details of any security
safeguards designed, developed, or implemented by the Bidder or existing at any
Bank location.

50. Normalization of Bids

If required, Bank may go through a process of technical evaluation and normalization

of the bids to the extent possible and feasible to ensure that, shortlisted bidders are
more or less on the same technical ground. After the normalization process, if the
Bank feels that, any of the Bids needs to be normalized and that such normalization
has a bearing on the commercial bids; the Bank may at its discretion ask all the
technically shortlisted bidders to re-submit the technical and commercial bids once
again for scrutiny. The resubmissions can be requested by the Bank in the following
two manners:

Page 57 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

- Incremental bid submission in part of the requested clarification by the

bank or
- Revised submissions of the entire bid in the whole.

The Bank can repeat this normalization process at every stage of bid submission till
Bank is satisfied. The shortlisted bidders agree that, they have no reservation or
objection to the normalization process and all the technically shortlisted bidders
will, by responding to this RFP, agree to participate in the normalization process and
extend their co-operation to the Bank during this process. The shortlisted bidders,
by submitting the response to this RFP, agree to the process and condition of the
normalization process.

51. Submission of Bids

The bidders have to submit responses to the RFP through Online. Only original documents
viz. Bid security and Integrity Pact should be submitted in physical form. All response
documents as per requirement of RFP must be uploaded on the site
[Link] Original DD/BG for EMD and Integrity Pact (IP) must be
submitted physically in sealed cover at the following address on or before scheduled date
and time.
Union Bank of India,
Department of Information Technology,
Technology Centre, Adi Shankaracharya Marg,
Opposite Powai Lake, Powai,
Mumbai – 400072.

Bank may, at its discretion, extends this deadline for submission of bids by releasing
corrigendum to this tender document

Page 58 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

52. Annexure A – Letter of Acceptance

Date:

(Letter to the bank on the bidder’s company letterhead)

To,
The General Manager
Union Bank of India
Technology Centre, 5th floor,
Department of Information Technology,
Adi Shankaracharya Marg,
Powai, Andheri (East),
Mumbai, 400072

Dear Sir,

Subject: Our bid for RFP for Procurement of Kubernetes platform and DevSecOps with
CI/CD pipelines with Facility Management Services

With reference to the above subject, having examined and understood the instructions,
terms and conditions forming part of it, we hereby enclose our offer for the desired solution
as detailed in your above referred RFP.

We further confirm that the offer is in conformity with the terms and conditions as
mentioned in the RFP and all required information as mentioned is enclosed.

We also confirm that the offer shall remain valid for 180 days from the date of the offer.

We hereby undertake that supporting software supplied, if required will be licensed, legally
obtained and with latest version.

We understand that the Bank is not bound to accept the RFP either in part or in full and that
the Bank has right to reject the RFP in full or in part without assigning any reasons
whatsoever.

We understand that
a. You are not bound to accept the lowest or any bid received by you, and you may reject
all or any bid.

b. If our Bid for the above job is accepted, we undertake to enter into and execute at
our cost, when called upon by the purchaser to do so, a contract in the prescribed
form. Unless and until a formal contract is prepared and executed, this bid together
with your written acceptance thereof shall constitute a binding contract between us.

c. If our bid is accepted, we are to be responsible for the due performance of the
contract.
d. You may accept or entrust the entire work to one Bidder or divide the work to more
than one Bidder without assigning any reason or giving any explanation whatsoever.

Page 59 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

e. Bidder means the bidder who is decided and declared so after examination of
commercial bids.

f. We enclose Demand Draft/Bank Guarantee for Rs.20,00,000/- (Rupees Twenty lac

only) favoring Union Bank of India and payable at Mumbai, towards bid security,
details of the same is as under:

No. :
Date :
Name of Issuing Bank :
Dated at ____________this ____________day of __________2022

Or

MSME/Udyog Aadhaar Certificate No.

We hereby declare that all the information & Statements made in this RFP are true and
accept that any misinterpretation contained in it may lead to our disqualification. We agree
to all terms & conditions of the RFP,

Yours faithfully,

Date: For _________________________

Signature ____________________

Name _______________________

Authorized Signatories
(Name & Designation, seal of the firm)

Page 60 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

53. Annexure B- Bidder’s Profile Format

Serial
Parameters Response
No.
1 Name of the Firm/Company
2 Year of Incorporation in India
3 Names of the Partners/Directors
Name and Address of the
4
Principal Banker
Addresses of Firm/Company
5 a) Head Office
b) Local Office in Mumbai(if any)
Authorized Contact person
a) Name and Designation
6
b) Telephone number
c) E-mail ID.
Financial parameters
Business Results (last three Annual Turnover EBITDA
years) (Rs. in Crores) (Rs. in Crores)
2018-19

7 2019-20
2020-21
(Only company figures need to be
mentioned. Not to include
(Mention the above amount in INR only)
group/subsidiary Company
figures)
Bidder’s experience in
deployment or implementation of
8
Kubernetes platform and
DevSecOps

No. of Years in
Details of project executed Name of Customer
Use
9.

N.B. Enclose copies of Audited Balance Sheet along with enclosures

Dated this........ Day of ............... 2022

(Signature)
(In the capacity of)
Duly authorized to sign bid with seal for & on behalf of (Name & Address of the Bidder)
Page 61 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

54. Annexure C - Eligibility Criteria

S. Description Document Compliance

No. Required (Y/N)
The bidder must submit Integrity Pact (IP) Integrity Pact (IP) as per
signed by authorized signatory as prescribed Annexure N on plain
format mentioned in Annexure N on plain paper is to be submitted.
1 paper (not in letterhead) in advance (not prior
to issuance of RFP) or at the time of bid
submission. Bidder shall be liable for rejection
in case of non-submission of the same.

The bidder should be a company registered in Certificate of

India as per Company Act 1956 /2013 or a incorporation/certificate
partnership firm / a Limited Liability for commencement of
2 Partnership company under the Limited business/other relevant
Liability Partnership Act 2008 in India and documentary proof is to
should be in existence for last 3 years from the be submitted
date of issuance of RFP.
The bidder should have minimum annual Audited Financial
turnover of Rs. 30.00 Crore in each of the last statements of last three
three financial years i.e., 2018-19, 2019-20 years i.e. 2018-19, 2019-
and 2020-21 as per the audited balance sheet 20, 2020-21 is to be
available at the time of submission of tender. submitted.
3
In case the audited financials for the year
2020-21 is not finalized, Provisional Balance
Sheet of 2020-21 should be submitted. This
must be the individual company turnover and
not that of any group of companies.
Bidder should have positive operating Profit Audited Financial
(as EBITDA i.e., Earnings before Interest, Tax, statements of last three
Depreciation & Amortization) in the last three years i.e. 2018-19, 2019-
4 financial years i.e., 2018-19, 2019-20 and 20, 2020-21 is to be
2020-21. In case the audited financials for the submitted.
year 2020-21 is not finalized, Provisional
Balance Sheet of 2020-21 should be submitted

Page 62 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

Bidder should have deployed the DevSecOps Purchase order, invoice,

and Kubernetes based Platform solution in at performance
least 1 BFSI/ Organization registered under certificate/sign off
Company Act 1956 /2013 in India. The bidder should be submitted (if
must submit Purchase order along with Invoices the proofs are from the
5 and performance certificate/sign off sheet, organization registered
these proofs must be submitted along with under company act
Annexure L. 1956/2013, the bidder
has to provide the
certificate of such
Organization)
Bidder should be either an Original Equipment Authorization from OEM
Manufacturer (OEM) or authorized partner of (Manufacturer
OEM. In case the bidder is an Authorized Authorization Form)
partner of the OEM, Bidder needs to provide should be submitted.
Manufacturer Authorization Form (MAF) from
OEM stating that bidder is authorized partner
of OEM and authorized to participate in this
tender and in case the bidder is not able to
6
perform obligations as per contract during the
contract period, contracted services will be
provided by OEM. OEM can quote directly or
through authorized partners. However, both
i.e. OEM & their authorized partner cannot
participate in the RFP. In case, both (OEM & his
authorized partner) participate, only bid of the
OEM will be considered.
The bidder should provide undertaking Undertaking on
mentioning DIN/DPIN of Directors that any of Company’s letter Head to
its subsidiary or associate or holding company be submitted.
or companies having common director/s or
7
companies in the same group of
promoters/management or partnership
firms/LLPs having common partners has not
participated in the bid process.

Page 63 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

The companies or firms, bidding for the above An undertaking to this

tender, should have not been blacklisted by any effect must be submitted
of Government Authority or Public Sector in their letter head as per
Undertaking (PSUs). The bidder shall give an Annexure I
undertaking (on their letter head) that they
have not been blacklisted by any of the Govt.
8
Authority or PSUs. In case, in the past, the
name of their Company was blacklisted by any
of the Govt. Authority or PSUs, the same must
have been removed from the black list as on
date of submission of the tender, otherwise the
bid will not be considered.

Authorized Signatory:
Place: Name & Designation:
Date: Business Address & email id:

Page 64 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

55. Annexure D – Compliance to RFP Terms & Conditions

Bidder's
S. No. Clause Details Compliance
(Yes/No)
1 Introduction
2 Adoption of Integrity Pact (IP)
3 Definitions
4 Objectives of the RFP
5 Invitation of Tender Bids
6 Eligibility Criteria
7 Broad Scope of Work
8 Facility Management Service
9 Training Requirement
10 Project Plan for Implementation
11 Infrastructure
12 Locations to be Covered
13 Instructions for Bid Submission
14 Price Composition
15 Taxes and Duties
16 Rejection of Bid
17 Online Prebid Meeting
18 RFP Response
19 Patent Rights
20 Adherence to Cyber Security Systems
21 Liquidated Damages (LD)
22 Service Level Agreement
23 Payment Terms
24 Annual Technical Support
25 Contract Period
26 Warranty
27 Authorized Signatory
28 Confidentiality
29 Intellectual Property Rights
30 Non-Transferable Offer
31 Intellectual Property Rights
32 Responsibility for Completeness
33 Force Majeure
34 Exit Clause
35 Termination of Contract
36 Audit
37 Conflict of Interest
38 RFP Ownership
39 Proposal Ownership
40 Tender/RFP Cancellation

Page 65 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

Bidder's
S. No. Clause Details Compliance
(Yes/No)
41 Publicity
42 Arbitration
43 Dispute Resolution & Jurisdiction
44 Minimum Wages and compliance of laws
45 Escrow Arrangement
46 General Terms
47 Modification and Withdrawals of Bid
48 Price Validity
49 Ownership and Retention of Documents
50 Submission of Bids

Authorized Signatory:
Place: Name & Designation:
Date: Business Address & email id:

Page 66 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

56. Annexure E – Indicative Commercial Bid

Table I - Software / Tools License cost of perpetual licenses with 1 Year warranty (Please
provide individual tool wise breakup)

Sr Name of Purpose / OEM Licens Licens No. of Licenses License

No Tool descriptio Name e Type e unit required Cost
. n / (Core / cost DC DR UA [A*(B+C+D)
Open User) (A) Pro Pro T ]
Sourc d d (D)
e (B) (C)
1 DevSecOps –
CI/CD
software /
tools
2 Kubernetes
container
orchestratio
n Layer /
Platform
3 Centralized
tool to
Manage &
monitor
4 Specify, if
any other
item
Total

Table II - Software / Tools ATS cost of perpetual licenses for 2nd & 3rd Year (Please provide
individual tool wise breakup)

Sr Name of Tool Purpose / OEM License Recurring Cost Total

No. description Name / Type 2 nd 3 rd Cost
Open (Core / Year(A) year [A+B]
Source User) (B)
1 DevSecOps –
CI/CD software
/ tools
2 Kubernetes
container
orchestration
Layer /
Platform
3 Centralized
tool to Manage
& monitor
4 Specify, if any
other item

Page 67 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

Total
NOTE: Comprehensive onsite 2nd and 3rd year charges for Annual Technical Support (ATS)
should be quoted with minimum of 18% of Solution/Tools cost.

Table III - Software / Tools License cost of subscription-based licenses (Please provide
individual tool wise breakup)

S. Name of License No. of Licenses No. of Licenses No. of Licenses Total

No Tool Cost (A) required for 1st required for 2nd required for 3rd Cost
year(B) year(C) year(D) (exclu
ding
taxes)
[A*(B+
C+D)]
DC DR UAT DC DR UAT DC DR UAT
prod Prod prod Prod prod Prod
1 DevSecOp
s – CI/CD
software /
tools
2 Kubernete
s
container
orchestrat
ion Layer
/ Platform
3 Centralize
d tool to
Manage &
monitor
4 Specify, if
any other
item
Total

NOTE: for reference of present user / application / hardware sizing and year on year
expected growth (see Annexure G)

Table IV - Implementation cost (One time)

Sr Item UAT DC DR Total Cost

No Cost Prod Prod (excluding
Cost Cost taxes)
1 End to end implementation of proposed
Kubernetes platform and DeveSecOps with
CI/CD software / tools along with complete
documents (i.e., Design Document, SOP and KPI

Page 68 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

etc.)
2 Setting up of Software Governance Framework
and Base line for Software CMM level or
DevSecOps Maturity Model
3 Specify, if any other item
Total

Table V - Training cost for 8-10 participants

Sr. No Particulars Per Batch Cost

1 DevSecOps & Container Platform
Administration
2 Bootstrap Framework
3 AngularJs / NodeJs / VueJs
4 Springboot
5 .NET Core
Total

Table VI - Facility Management Cost

Sr. No Particulars No. of 1st year 2nd year 3rd year Total Cost
Resources Cost cost Cost (excluding
taxes)
1 DevSecOps & 2
Container
Platform
Administrator

Table VII – Total Cost to Ownership (TCO)

Sl. No Table Name Total Cost for 3 Years(excluding taxes)

1 Table – I
2 Table – II
3 Table – III
4 Table – IV
5 Table – V
6 Table - VI
Total Cost to Ownership

Note:
1. The software/tools should be quoted in such a way to cover all the software / tools
mentioned in the scope, with the reference of present user / application /
hardware sizing (see Annexure G)
2. All the costs mentioned above must be quoted in Indian Rupees and exclusive of
taxes.

Page 69 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

3. TCO must be quoted in Indian Rupees and in WORDS AND FIGURES exclusive of
taxes and it is valid for 3 years. In case of any discrepancy, TCO quoted in words
will be considered.
4. Payment will be made as per the payment terms mentioned in this RFP.
5. Prices quoted by the bidder are exclusive of all applicable Taxes i.e. GST
(CGST/SGST/IGST). GST will be paid on actual on production of original invoice.
6. Bidder has to show the bifurcation/details of applicable GST (CGST/SGST/IGST) in
every invoice. Any upward / downward revision in GST will be borne by Bank.
7. The prices quoted should also include charges towards freight, forwarding,
delivery, and installation, transit insurance charges till installation,
transportation, configuration/reconfiguration, integration and go-live.
8. Bank will not pay any additional charges other than those mentioned above
whatsoever the case may be.
9. Software ATS / subscription rate will be frozen for contract period and Bank may
avail the services as and when required by Bank
10. Training Rate will be frozen for contract period and Bank may avail the services as
and when required by Bank.
11. FMS Rate will be frozen for contract period and Bank increase number of Manpower
in future if required.
12. In Case of discrepancy for number of licenses, Bank may go for normalization
process.
13. Details and List of software under each type as mentioned in Table I & Table III
should also be submitted as per Annexure X– Hardware Sizing and Software/Tool
Deliverable.
14. The Rates will be frozen during the contract period of 3 years and may be extended
for further period of 2 years after contract expiry date based on the satisfactory
performance. Terms and Condition will remain same for the extended period.
15. Facility Management charges should be quoted separately for each year,
considering various influencing factors including inflation and incremental rate
should be same for each subsequent year

Authorized Signatory:

Place: Name & Designation & email ID:

Date:

Page 70 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

57. Annexure F – Unpriced Indicative Commercial Bid

Table I - Software / Tools License cost of perpetual licenses with 1 Year warranty (Please
provide individual tool wise breakup)

Sr Name of Purpose / OEM Licens Licens No. of Licenses Lice Sub

No Tool descriptio Name e Type e unit required nse mitt
. n / (Core cost DC DR UA Cost ed
Open / (A) Pro Pro T [A*( (Yes
Sourc User) d d (D) B+C /No
e (B) (C) +D)] )
1 DevSecOps –
CI/CD
software /
tools
2 Kubernetes
container
orchestratio
n Layer /
Platform
3 Centralized
tool to
Manage &
monitor
4 Specify, if
any other
item
Total

Table II - Software / Tools ATS cost of perpetual licenses for 2nd & 3rd Year (Please provide
individual tool wise breakup)

Sr Name of Tool Purpose / OEM License Recurring Total Submitted

No. description Name Type Cost Cost (Yes/No)
/ (Core / 2 nd 3 rd [A+B]
Open User) Year(A) year
Source (B)
1 DevSecOps –
CI/CD
software /
tools
2 Kubernetes
container
orchestration
Layer /
Platform
3 Centralized
tool to
Manage &

Page 71 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

monitor
4 Specify, if
any other
item
Total
NOTE: Comprehensive onsite 2nd and 3rd year charges for Annual Technical Support (ATS)
should be quoted with minimum of 18% of Solution/Tools cost.

Table III - Software / Tools License cost of subscription-based licenses (Please provide
individual tool wise breakup)

S. Name of License No. of No. of Licenses No. of Licenses Total Su

No Tool Cost (A) Licenses required for 2nd required for 3rd Cost bm
required for year(C) year(D) (excl itt
1st year(B) uding ed
taxes (Y
) es
[A*(B /N
+C+D) o)
]
DC DR U DC DR U DC DR U
prod Prod A prod Prod A prod Prod A
T T T
1 DevSecOp
s – CI/CD
software /
tools
2 Kubernete
s
container
orchestrat
ion Layer
/ Platform
3 Centralize
d tool to
Manage &
monitor
4 Specify, if
any other
item
Total

NOTE: for reference of present user / application / hardware sizing and year on year
expected growth (see Annexure G)

Page 72 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

Table IV - Implementation cost (One time)

Sr Item UAT DC DR Total Submit

No Cost Prod Prod Cost ted
Cost Cost (exclu (Yes/N
ding o)
taxes)
1 End to end implementation of proposed
Kubernetes platform and DeveSecOps with
CI/CD software / tools along with complete
documents (i.e., Design Document, SOP and KPI
etc.)
2 Setting up of Software Governance Framework
and Base line for Software CMM level or
DevSecOps Maturity Model
3 Specify, if any other item
Total

Table V - Training cost for 8-10 participants

Sr. No Particulars Per Batch Submitted

Cost (Yes/No)
1 DevSecOps & Container Platform
Administration
2 Bootstrap Framework
3 AngularJs / NodeJs / VueJs
4 Springboot
5 .NET Core
Total

Table VI - Facility Management Cost

Sr. No Particulars No. of 1st year 2nd year 3rd year Total Submi
Resource Cost cost Cost Cost tted
s (exclu (yes/N
ding o)
taxes)
1 DevSecOps 2
& Container
Platform
Administrat
or

Page 73 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

Table VII – Total Cost to Ownership (TCO)

Sl. No Table Name Total Cost for 3 Submitted (yes/No)

Years(excluding
taxes)
1 Table – I
2 Table – II
3 Table – III
4 Table – IV
5 Table – V
6 Table - VI
Total Cost to Ownership

Note:
1. The software/tools should be quoted in such a way to cover all the software / tools
mentioned in the scope, with the reference of present user / application /
hardware sizing (see Annexure G)
2. All the costs mentioned above must be quoted in Indian Rupees and exclusive of
taxes.
3. TCO must be quoted in Indian Rupees and in WORDS AND FIGURES exclusive of
taxes and it is valid for 3 years. In case of any discrepancy, TCO quoted in words
will be considered.
4. Payment will be made as per the payment terms mentioned in this RFP.
5. Prices quoted by the bidder are exclusive of all applicable Taxes i.e. GST
(CGST/SGST/IGST). GST will be paid on actual on production of original invoice.
6. Bidder has to show the bifurcation/details of applicable GST (CGST/SGST/IGST) in
every invoice. Any upward / downward revision in GST will be borne by Bank.
7. The prices quoted should also include charges towards freight, forwarding,
delivery, and installation, transit insurance charges till installation,
transportation, configuration/reconfiguration, integration and go-live.
8. Bank will not pay any additional charges other than those mentioned above
whatsoever the case may be.
9. Software ATS / subscription rate will be frozen for contract period and Bank may
avail the services as and when required by Bank
10. Training Rate will be frozen for contract period and Bank may avail the services as
and when required by Bank.
11. FMS Rate will be frozen for contract period and Bank increase number of Manpower
in future if required.
12. In Case of discrepancy for number of licenses, Bank may go for normalization
process.
13. Details and List of software under each type as mentioned in Table I & Table III
should also be submitted as per Annexure X– Hardware Sizing and Software/Tool
Deliverable.
14. The Rates will be frozen during the contract period of 3 years and may be extended
for further period of 2 years after contract expiry date based on the satisfactory

Page 74 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

performance. Terms and Condition will remain same for the extended period.
15. Facility Management charges should be quoted separately for each year,
considering various influencing factors including inflation and incremental rate
should be same for each subsequent year

Authorized Signatory:

Place: Name & Designation & email ID:

Date:

Page 75 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

58. Annexure G – Reference of present user / application / hardware sizing

Reference of present user / application / hardware sizing

Sr Item 1st Year Expected Expected
No Growth on Growth on
2nd year 3rd year
Number of Developers 30 25% 50%
Number of Operators 20 25% 50%
CPU required for hosting present 32 cores 48 cores 96 cores
application on On-Prim VM (which are (70%
marked for application modernization) Utilization)
Note:
 License required for production environment can be derived based on the 1 st year
position as mentioned above. Further, similar setup is required at DR site. At a time,
application will be active from only one site (Primary / DR Site). However, application
replication should be online.
 Licenses is also required for UAT and Development environment with minimum
resources.
 Bank may increase number of licenses as per requirement during the contract period.
Hence, rate quoted should be fixed for the contract period.
 Bidder must provide the deployment architecture along with infrastructure required
to host the proposed Kubernetes platform and DevSecOps with CI/CD tools.

Page 76 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

59. Annexure H– Bid Security Declaration

To

Union Bank of India

Department of Information Technology,
1/1A,Technology Centre,
Adi Shankaracharya Marg,
Powai, Andheri (East),
Mumbai-400072

Dear Sir,

Subject: Request for Proposal (RFP) for Procurement of Kubernetes platform and
DevSecOps with CI/CD pipelines with Facility Management Services

We ________________________ (bidder name), hereby undertake that we are liable to

be suspended from participation in any future tenders of the Bank for 2 years from the
date of submission of Bid in case of any of the following:

1. If the bid submitted by us is withdrawn/modified during the period of bid

validity.
2. If any statement or any form enclosed by us as part of this Bid turns out to be
false / incorrect at any time during the period of prior to signing of Contract.
3. In case of we becoming successful bidder and if:
a) We fail to execute Contract within the stipulated time.
b) We fail to furnish Performance Bank Guarantee within the timelines
stipulated in this RFP document.

Yours faithfully,

Date: For _________________________

Signature ____________________

Name _______________________

Authorized Signatories
(Name & Designation, seal of the firm)

Page 77 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

60. Annexure I - Undertaking by Bidder

Place:
Date:
To:
The General Manager,
Union Bank of India,
5th floor, Technology Centre,
1/1A, Adi Shankaracharya Marg, Opp. Powai Lake,
Powai, Andheri (East),
Mumbai‐400072.

Undertaking (To be submitted by all Bidders’ on their letter head)

We ________________________ (bidder name), hereby undertake that-

 As on date of submission of tender, we are not blacklisted by the Central Government

/ any of the State Governments / PSUs in India or any Financial Institution in India.

 We also undertake that, we are not involved in any legal case that may affect the
solvency / existence of our firm or in any other way that may affect capability to
provide / continue the services to bank.

Yours faithfully,

Authorized Signatories

(Name, Designation and Seal of the Company)

Date

Page 78 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

61. Annexure J – Confidentiality / Non-Disclosure Agreement

This CONFIDENTIALITY AGREEMENT (the “Agreement”) entered into on this _ day of

2022, and shall be deemed to have become in full force and effect from (the “Effective
Date”).

BY and between M/s.__________________ a company incorporated under the provisions of

the Companies Act, _________ in force in India, having its registered office at
______________________________________________ (hereinafter referred to as “--------”
or “Vendor” which expression shall, unless it be repugnant or contrary to the context or
meaning thereof, mean and include its, successors and permitted assigns) of the ONE PART

AND

Union Bank of India, a corresponding new bank constituted under section 3 of Banking
Companies (Acquisition & Transfer of Undertakings) Act 1970 having its Head office at Union
Bank Bhavan, Vidhan Bhavan Marg, Nariman Point, Mumbai – 400021 (hereinafter referred to
as “Union Bank” or “Bank” which expression shall, unless it be repugnant to the context or
meaning thereof, mean and include its successors and permitted assigns), of the OTHER
PART:

---------- and the Bank shall hereinafter jointly be referred to as “Parties” and individually
as a “Party”.

In this Agreement, “Affiliate” means any entity which from time to time Controls, is
Controlled by or is under common Control with the relevant party or entity, where “Control”
means having the ability (including, without limitation, by means of a majority of voting
rights or the right to appoint or remove a majority of the board of directors) to control the
management and policies of an entity.

WHEREAS:-
i. Vendor inter-alia is engaged in the business of providing IT related solutions & services
to various business entities in India & abroad.
ii. Union Bank has agreed to disclose, transmit, receive, and/or exchange certain
“confidential information” to cover the business transaction between parties for the
provision of services related to “_______________________________________” (“the
Purpose”) as more particularly described in Purchase Order no , issued by Union Bank
in favor of M/s. ----------------------.

NOW THIS AGREEMENT WITNESS:

1. Interpretation

In this Agreement “Confidential Information” means all information belonging to a Party

that is or has been disclosed to one Party (the “Receiving Party”) by the other Party (the
“Disclosing Party”) in connection with the business transacted/ to be transacted between

Page 79 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

the Parties. Confidential information shall also include any copy, abstract, extract,
sample, note or module thereof. The Receiving Party may use the Confidential
Information solely for and in connection with the business transacted/ to be transacted
between the Parties.

Notwithstanding the foregoing, “Confidential Information” shall not include any

information which the Receiving Party can show: (a) is now or subsequently becomes or
is in possession of the Receiving Party, legally and publicly available without breach of
this Agreement by the Receiving Party, (b) was rightfully in the possession of the
Receiving Party without any obligation of confidentiality prior to receiving it from the
Disclosing Party, (c) was rightfully obtained by the Receiving Party from a source other
than the Disclosing Party without any obligation of confidentiality, (d) was developed by
or for the Receiving Party independently and without reference to any Confidential
Information and such independent development can be shown by documentary evidence,
or (e) is disclosed pursuant to an order of a court or governmental agency as so required
by such order, provided that the Receiving Party shall, unless prohibited by law or
regulation, promptly notify the Disclosing Party of such order and afford the Disclosing
Party the opportunity to seek appropriate protective order relating to such disclosure.

2. Confidentiality:

2.1 Except to the extent as agreed herein, the Receiving Party agrees to regard, preserve
and keep as secret and confidential all Confidential Information of the Disclosing Party or its
clients or any member of their group disclosed under this Agreement. In maintaining
confidentiality here under the Receiving Party agrees and accepts that it shall not, either on
its own account or jointly with or for any other person, firm, company or any other entity,
without obtaining the written consent of the disclosing party.

I. Disclose, transmit, reproduce or make available any such Confidential Information to

any person firm, company or any other entity other than its directors, partners,
advisers, agents or employees, who need to know the same for the purpose of
evaluating, preparing, considering, negotiating, advising in relation to or in
furtherance of the purpose aforesaid; or

II. Use the Confidential Information for any purpose other than evaluating, preparing,
considering, negotiating, advising in relation to or in furtherance of the purpose for
which it is disclosed; or

III. Disclose, announce or otherwise publicize the existence of its association with the
Disclosing Party or the existence of the project with the Disclosing Party or any other
arrangement (existing or possible) between the disclosing party, its clients or itself in
connection with any project/assignment; or

IV. Use any such Confidential Information for its own benefit or the benefit of others or
do anything prejudicial to the interests of the Disclosing Party or its clients or any
member of their group or their projects.

Page 80 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

2.2 The Receiving Party also agrees and accepts that it may endeavor:

I. Use at least the same degree of care in safeguarding such Confidential Information as
it uses for its own Confidential information of like importance and such degree of care
shall be at least that which is reasonably calculated to prevent such inadvertent
disclosure;

II. Keep the Confidential Information and any copies thereof secure and in such a way so
as to prevent unauthorized access by any third party;

III. Limit access to such Confidential Information to those of its (including its Affiliates‟)
directors, partners, advisers, agents or employees who are directly involved in the
consideration/evaluation of the Confidential Information and bind each of its
directors, partners, advisers, agents or employees so involved to protect the
Confidential Information in the manner prescribed in this Agreement; and

IV. Upon discovery of any disclosure or suspected disclosure of Confidential Information,

to take reasonable effort to as per the circumstances, to inform the Disclosing Party
of such disclosure in writing and immediately return to the Disclosing Party all such
Information, in whatsoever form, including any and all copies thereof.

3. Return or destruction:

The Receiving Party may, upon completion of the purpose mentioned aforesaid or at any
time on receipt of a written demand from the disclosing party: i) immediately return all
written Confidential Information and all copies thereof provided to, or produced by, it or
its advisers, as the case may be, which is in such party’s possession or under its custody
and control; ii) to the extent practicable, but without prejudice to the obligations of
confidentiality herein, immediately destroy all analyses, compilations, notes, studies,
memoranda or other documents prepared by it or its advisers to the extent that the same
contain, reflect or derive from Confidential Information relating to the other party; iii)
so far as it is practicable to do so (but, in any event, without prejudice to the obligations
of confidentiality contained in this Agreement), immediately expunge any Confidential
Information relating to the Disclosing Party or its clients or any member of their group or
their projects from any computer, word processor or other device in its possession or
under its custody and control.

4. Permitted disclosure:

The provisions of paragraph 2 shall not restrict any disclosure required by law or by any
court of competent jurisdiction, the rules and regulations of any recognized stock
exchange or any enquiry or investigation by any governmental, official or regulatory body
which is lawfully entitled to require any such disclosure provided that, so far as it is
lawful and practical to do so prior to such disclosure, the Receiving Party shall promptly
notify the other party of such requirement with a view to providing the opportunity for
the Provider to contest such disclosure or otherwise to agree the timing and content of
such disclosure.

Page 81 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

5. Ownership of Information:

Except to the extent as agreed herein, the Confidential Information and copies thereof,
in whatsoever form shall at all times remain the property of the Disclosing Party or its
clients and its disclosure shall not confer on the Receiving Party any rights (including any
intellectual property rights) over the Confidential Information whatsoever beyond those
contained in this Agreement.

6. No Representation:

Neither the disclosure, transmission receipt or exchange of Confidential Information nor

anything else in this Agreement will constitute an offer by or on behalf of the Disclosing
Party or be construed as soliciting any business or organization changes or any assurance
of any business commitment or an inducement to incur / undertake any obligations not
specified herein and neither party will be under any obligation to accept any offer or
proposal which may be made by the other or on behalf of such other party.

7. Remedies and Relief:

The parties hereto acknowledge that remedies at law may be inadequate to protect the
Disclosing Party or its clients against any actual breach of this Agreement by the Receiving
Party, and, without prejudice to any other right and remedies otherwise available to the
Disclosing Party or its clients, the Receiving Party agrees that Disclosing Party has a right
to seek injunctive relief in its favor upon proof of actual damage and upon establishment
of the fact that such actual damage has taken place due to reasons directly attributable
upon the Receiving Party. Such injunctive relief shall be in addition to any other remedies
available hereunder, whether at law or equity. Disclosing Party shall be entitled to
recover its cost and fees, including Advocate’s fees, incurred in obtaining any such relief.
Further, in the event of litigation relating to this Agreement, the prevailing party shall
be entitled to recover its cost and expenses including Advocate’s fees.

8. No Assignment

This Agreement shall not be assigned by either party, by operation of law or otherwise,
without the prior written consent of the other party. This Agreement shall inure to the
benefit of and will be binding upon the parties‟ respective successors and permitted
assigns.

9. Severability

In the event that any of the provisions contained in this Agreement is found to be invalid,
illegal or unenforceable in any respect by a Court of competent jurisdiction, the validity,
legality, or enforceability of the remaining provisions contained in this agreement will
not be in any way affected or impaired by such a finding.

[Link] or Waiver

Page 82 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

No delay or failure of either Party in exercising any right hereunder and no partial or
single exercise thereof shall be deemed of itself to constitute a waiver or an expectation
of non-enforcement of such right or any other rights hereunder. No waiver of any
provision of this Agreement shall be valid unless the same is in writing and signed by the
party against whom such waiver is sought to be enforced. A waiver or consent given by
either party on any one occasion is effective only in that instance and will not be
construed as a bar to or waiver of any right on any other occasion.

[Link]

Notices as required by this Agreement shall be sent to the Parties at the addresses
mentioned first herein above or such other addresses as the Parties may designate from
time to time, and shall be sent by certified or registered mail with acknowledgement due
on receipt.

[Link]

This Agreement shall commence from the Effective Date of this Agreement and shall be
valid for 2 years beyond contract period of 3 years there from. Confidentiality obligations
under this Agreement shall continue to be binding and applicable without limit in point
in time except and until such information enters the public domain, without breach of
the agreement. Either Party may terminate this Agreement for breach, if the defaulting
Party fails to rectify the breach within the one month notice period issued by the non-
defaulting Party. Upon expiration or termination as contemplated herein the Receiving
Party shall immediately cease any and all disclosures or uses of Confidential Information;
and at the request of Disclosing Party, the Receiving Party shall promptly return or
destroy all written, graphic or other tangible forms of the Confidential Information and
all copies, abstracts, extracts, samples, notes or modules thereof.

[Link] Law

The provisions of this Agreement shall be governed by the laws of India and shall be
subject to the exclusive jurisdiction of courts in Mumbai.

[Link]

The Receiving Party agree to indemnify and hold harmless the Disclosures against all
costs, liability, losses and claims incurred by the Disclosing Party as a result of a breach
of this Agreement.

[Link]

Modification to any of the provisions of this Agreement shall be void unless it is writing
and duly executed by Parties.

[Link]

Page 83 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

The headings given herein above are for ease of reference only and shall not attach or
have any effect/ meaning whatsoever contrary to what is stated in the agreement.

[Link] of Contract and performance

Bank shall have the right of periodical /yearly review of the performance of the
successful bidder with regard to upgradation of processors, memory and storage space
and maintenance support under the contract which would be basis of continuation or
termination of the same. Bank shall also have the right to review, either itself or
through another agency as it may deem fit, the financial and operating performance
of the bidder in order to assess the ability of the bidder to continue to meet its
outsourcing/contractual obligations.

[Link] Rights:

The entire work product mentioned in this RFP shall be the sole and exclusive property
of the Bank. The successful bidder hereby-irrevocably grants, assigns, transfers to the
Bank all rights, title and interest of any kind, in and to the work product produced under
RFP contract. All information processed, stored, or transmitted by successful Bidder
belongs to the Bank. The Bidder does not acquire implicit access rights to the information
or rights to redistribute the information. The Bidder understands that civil, criminal, or
administrative penalties may apply for failure to protect information appropriately. Any
information considered sensitive by the bank must be protected by the successful Bidder
from unauthorized disclosure, modification or access. The bank’s decision will be final.

The successful bidder will ensure strict compliance of all labor laws, insurance, minimum
wages to the staff employed /deployed /engaged for the work assigned and the Bank
will not be liable for any such persons/personnel of successful bidder and shall not be
liable for any levies / penalties etc. that may be imposed by the authorities concerned
for their action/inaction. There shall be no employer employee relationship whatsoever
between the bank and the successful bidder /their employees and the bidder or his
employees, staff, agents will not be entitled to any employment with Bank. In the event
of any demand/fines/penalty made by any of the authorities on bank in respect of the
conduct/actions taken by the bidder/their employees/labourers, the Bank will be
entitled to recover the said amounts from the bills / amount payable or from the
performance guarantee and also take appropriate action against said persons of
bidder/bidder for their misconduct, if any.

[Link]

This Agreement has been signed in duplicate, each of which shall be deemed to be an
original. The exchange of a fully executed Agreement (in counterparts or otherwise) by
fax shall be sufficient to bind the parties to the terms and conditions of this Agreement.

Page 84 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

IN WITNESS WHEREOF THE PARTIES HERETO HAVE CAUSED THIS AGREEMENT TO BE

EXECUTED BY THEIR AUTHORIZED REPRESENTATIVES ON THIS ______ DAYOF ____ _____
2022

Signed and delivered by Signed and delivered by

M/s ________________________ Union Bank of India

Signed by: Signed by:

Name ……………….…….………. Name …………….……….……………
Title ……………………….………. Title ……………………….………….
in the presence of in the presence of
………………….…………………..…. ………………….……………………

Page 85 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

62. Annexure K – Declaration for Compliance

All Terms and Conditions

We hereby undertake and agree to abide by all the terms and conditions stipulated by the
Bank in this RFP including all addendum, corrigendum etc. (Any deviation may result in
disqualification of bids).

Signature:

Name

Date

Seal of company:

Scope of Work

We certify that the systems/services offered by us for tender confirms to the specifications
stipulated by you with the following deviations

List of deviations

1) ___________________________________________________________

2) ___________________________________________________________

3) ___________________________________________________________

4) ___________________________________________________________

Signature:

Name
Date
Seal of company:

(If left blank it will be construed that there is no deviation from the specifications given
above)

Page 86 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

63. Annexure L – Reference Site Details

The reference sites submitted must be necessarily of those Banks/Companies where the
proposed vendor/ OEM’s product has been awarded the contract prior to Issuance of this
RFP. For those references where the offered solution is accepted but implementation is
not started, the acceptance should be valid as on the last date for submission of bids at
Union Bank of India.

Please provide reference details in the format defined below:

Particulars Response
Name of the Institution
Country of Operation
Address of the Organization
Date of commencement of implementation
Date of Go-live/Commencement of project
Date of completion of Project
Scope of Work for Solution
Name of the contact person for reference
Contact details of contact person
Modules used at Branches/Offices
Project Details

(Enclose necessary documentary proof)

*Provide Information in respect of all experiences for every required experience which
fulfills the eligibility Criteria. References may be enclosed from the customer from the
above reference.

Page 87 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

64. Annexure M – Format for Performance Bank Guarantee

(Covering Delivery obligations)

NOTE:

1. This guarantee should be furnished by a Nationalized Bank / Scheduled Bank, other

than Union Bank of India, as per the following format.
2. This bank guarantee should be furnished on stamp paper value as per Stamp Act. (not
less than Rs.500/-).
3. The stamp paper should be purchased either in the Name of the Bank executing the
Guarantee or in the name of Union Bank of India.
4. This Bank Guarantee should be furnished within 30 days from the date of purchase
order or the delivery period prescribed in the purchase order whichever is earlier.
5. This Bank Guarantee should be directly sent to the Purchaser by the Issuing Bank under
Registered Post with Acknowledge Due.

To
Union Bank of India,
5th floor, Technology Centre, Union Bank of India,
Adi Shankaracharya Marg, Opp. Powai Lake,
Powai, Andheri (East),
Mumbai‐400072.

Dear Sir,

In consideration of Union Bank of India, 5th floor, Technology Centre, Adi Shankaracharya
Marg, Opp. Powai Lake, Powai, Andheri (East), Mumbai‐400072, placing an order for Request
for Proposal (RFP) for Procurement of Kubernetes platform and DevSecOps with CI/CD
pipelines with Facility Management Services
__________________ having registered office at _____________________ (hereinafter called
the vendor) as per the purchase contract entered into by the vendor vide purchase contract
no ____________ dated __________ (hereinafter called the said contract), we
________________( Name of the Guarantor Bank), a 'schedule bank', issuing this guarantee
through its branch at __________ presently located at
__________________________________________________________ (hereinafter called the
bank), do hereby irrevocably and unconditionally guarantee the due performance of the
vendor as to the ) for Request for Proposal (RFP) for Procurement of Kubernetes
platform and DevSecOps with CI/CD pipelines with Facility Management Services
as per the said contract entered into by the vendor with you.

If the said vendor fails to implement or maintain the system or any part thereof as per the
contract and on or before the schedule dates mentioned therein, we _____________ (Name
of the Guarantor Bank), do hereby unconditionally and irrevocably agree to pay the amounts
due and payable under this guarantee without any demur and merely on demand in writing
from you during the currency stating that the amount claimed is due by way of failure on the

Page 88 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

part of the vendor or loss or damage caused to or suffered / or would be caused to or suffered
by you by reason of any breach by the said vendor of any of the terms and conditions of the
said contract, in part or in full. Any such demand made on us shall be conclusive as regards
the amount due and payable under this guarantee.

We ______________(Name of the Guarantor Bank), further agree that this guarantee shall
continue to be valid will you unless you certify that the vendor has fully performed all the
terms and conditions of the said contract and accordingly discharge this guarantee, or until
______________ , whichever is earlier. Unless a claim or demand is made on us in writing
under this guarantee on or before ______________, we shall be discharged from all our
obligations under this guarantee. If you extend the schedule dates of performance under the
said contract, as per the terms of the said contract, the vendor shall get the validity period
of this guarantee extended suitably and we agree to extend the guarantee accordingly at
the request of the vendor and at our discretion, provided such request is served on the bank
on or before ______________.

Failure on part of the vendor in this respect shall be treated as a breach committed by the
vendor and accordingly the amount under this guarantee shall at once become payable on
the date of receipt of demand made by you for payment during the validity of this guarantee
or extension of the validity period.

You will have fullest liberty without affecting this guarantee to postpone for any time or
from time to time any of your rights or powers against the vendor and either to enforce or
forebear to enforce any or all of the terms and conditions of the said contract. We shall not
be released from our liability under this guarantee by the exercise of your liberty with
reference to matters aforesaid or by reason of any time being given to the vendor or any
other forbearance act or omission on your part or any indulgence by you to the vendor or by
any variation or modification of the said contract or any other act, matter or thing
whatsoever which under the law relating to sureties would but for the provisions hereof have
the effect of so releasing us from our liability hereunder.

In order to give full effect to the guarantee herein contained you shall be entitled to act as
if we are your principal debtors in respect of all your claims against the vendor hereby
guaranteed by us as aforesaid and we hereby expressly waive all our rights of surety ship and
other rights if any which are in any way inconsistent with the above or any other provision
of this guarantee.

The words the vendor, the beneficiary of this guarantees i.e. Yourself, and ourselves i.e.
__________________(Name of the Guarantor Bank), unless repugnant to the context or
otherwise shall include their assigns, successors, agents, legal representatives. This
guarantee shall not be effected by any change in the constitution of any of these parties and
will ensure for and be available to and enforceable by any absorbing or amalgamating or
reconstituted company or concern, in the event of your undergoing any such absorption,
amalgamation or reconstitution.

Page 89 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

This guarantee shall not be revocable during its currency except with your prior consent in
writing. This guarantee is non-assignable and non-transferrable.

Notwithstanding anything contained herein above:

I) Our liability under this bank guarantee shall not exceed 3% of the TCO.

II) This bank guarantee shall be valid up to _____________.

III) We are liable to pay the guaranteed amount or any part thereof under this bank
guarantee only if you serve upon us a written claim or demand (and which should be
received by us), on or before ____________ 12:00 hours (Indian standard time) where
after it ceases to be in effect in all respects whether or not the original bank
guarantee is returned to us.

This guarantee deed must be returned to us upon expiration of the period of guarantee.
Signature ……………………………………

Name …………………………………………
(In Block letters)
Designation …………………………………
(Staff Code No.)…………………………

Official address:
(Bank’s Common Seal)
Attorney as per power of Attorney No.
Date:
WITNESS:

1……………………………………………… (Signature with Name, Designation & Address)

2……………………………………………… (Signature with Name, Designation & Address)

Page 90 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

65. Annexure N – Pre-Contract Integrity Pact

INTEGRITY PACT

Whereas Union Bank of India having its registered office at Union Bank Bhavan, 239, Vidhan
Bhavan Marg, Nariman Point, Mumbai, India -400 021 acting through its ………………
Department, represented by General Manager / Dy. General Manager hereinafter referred
to as the Buyer and the first party, proposes to procure (Name or category of the
Equipment, services, etc.) hereinafter referred to as Stores and / or Services.

And
M/s_____________________________ represented by_____________ Chief Executive
Officer, (which term, unless expressly indicated by the contract, shall be deemed to
include its successors and its assignee), hereinafter referred to as the bidder/seller and
the second party, is willing to offer/has offered the Stores and / or Services.

2. Whereas the Bidder/Seller is a private company/public company/

/partnership/registered export agency, constituted in accordance with the relevant law
in the matter and the BUYER is a Public Sector Undertaking and registered under
Companies Act 1956. Buyer and Bidder/Seller shall hereinafter be individually referred to
as “Party” or collectively as the “parties”, as the context may require.

3. Preamble

Buyer has called for tenders under laid down organizational procedures intending to enter
into contract /s for supply / purchase / etc. of __________________ and the Bidder
/Seller is one amongst several bidders /Proprietary Vendor /Customer Nominated
Source/Licensor who has indicated a desire to bid/supply in such tendering process. The
Buyer values and takes primary responsibility for values full compliance with all relevant
laws of the land, rules, regulations, economic use of resources and of fairness /
transparency in its relations with its Bidder (s) and / or Seller(s).

In order to achieve these goals, the Buyer will appoint Independent External Monitor(s)
(IEM) in consultation with Central Vigilance Commission, who will monitor the tender
process and the execution of the contract for compliance with the principles mentioned
above.

4. Commitments of the Buyer

4. 1 The Buyer commits itself to take all measures necessary to prevent corruption and
fraudulent practices and to observe the following principles: -

Page 91 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

(i) No employee of the Buyer, personally or through family members, will in

connection with the tender, or the execution of a contract demand, take a
promise for or accept, for self or third person, any material or immaterial
benefit which the person is not legally entitled to.

(ii) The Buyer will during the tender process treat all Bidder(s) /Seller(s) with
equity and reason. The Buyer will in particular, before and during the tender
process, provide to all Bidder (s) /Seller(s) the same information and will not
provide to any Bidders(s) /Seller(s) confidential /additional information
through which the Bidder(s) / Seller(s) could obtain an advantage in relation to
the process or the contract execution.

(iii) The Buyer will exclude from the process all known prejudiced persons.

4.2 If the Buyer obtains information on the conduct of any of its employees which is a
criminal offence under the Indian Legislation Prevention of Corruption Act 1988 as
amended from time to time or if there be a substantive suspicion in this regard, the Buyer
will inform to its Chief Vigilance Officer and in addition can initiate disciplinary action.

5 Commitments of the Bidder(s) /Seller(s):

5.1 The Bidder(s)/ Seller(s) commit itself to take necessary measures to prevent
corruption. He commits himself to observe the following principles during his participation
in the tender process and during the contract execution.

(i) The Bidder(s) /Seller(s) will not directly or through any other persons or firm,
offer promise or give to any of the Buyer’s employees involved in the tender
process or the execution of the contract or to any third person any material or
other benefit which he / she is not legally entitled to, in order to obtain in
exchange any advantage during the tendering or qualification process or during
the execution of the contract.

(ii) The Bidder(s) /Seller(s) will not enter with other Bidders / Sellers into any
undisclosed agreement or understanding, whether formal or informal. This
applies in particular to prices, specifications, certifications, subsidiary
contracts, submission or non-submission of bids or any other actions to restrict
competitiveness or to introduce cartelization in the bidding process.

(iii) The bidder(s) /Seller(s) will not commit any offence under the Indian
legislation, Prevention of Corruption Act, 1988 as amended from time to time.
Further, the Bidder(s) /Seller(s) will not use improperly, for purposes of
competition or personal gain, or pass on to others, any information or
document provided by the Buyer as part of the business relationship, regarding
plans, technical proposals and business details, including information
constrained or transmitted electronically.

Page 92 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

(iv) The Bidder(s) /Seller(s) shall ensure compliance of the provisions of this
Integrity Pact by its sub-supplier(s) / sub-contractor(s), if any, Further, the
Bidder /Seller shall be held responsible for any violation/breach of the
provisions by its sub-supplier(s) /Sub-contractor(s).

5.2 The Bidder(s) /Seller(s) shall ensure compliance of the provisions of this Integrity Pact
by its sub-supplier(s) / sub-contractor(s), if any, Further, the Bidder /Seller shall be held
responsible for any violation /breach of the provisions by its sub-supplier(s) /sub-
contractor(s).

5.3 The Bidder(s) /Seller(s) will not instigate third persons to commit offences outlined
above or be an accessory to such offences.

5.4 Agents / Agency Commission

The Bidder /Seller confirms and declares to the Buyer that the bidder/Seller is the original
manufacturer/authorized distributor / stockiest of original manufacturer or Govt.
Sponsored /Designated Export Agencies (applicable in case of countries where domestic
laws do not permit direct export by OEMS of the stores and /or Services referred to in this
tender / Offer / contract / Purchase Order and has not engaged any individual or firm,
whether Indian or Foreign whatsoever, to intercede, facilitate or in any way to recommend
to Buyer or any of its functionaries, whether officially or unofficially, to the award of the
tender / contract / Purchase order to the Seller/Bidder; nor has any amount been paid,
promised or intended to be paid to any such individual or firm in respect of any such
intercession, facilitation or recommendation. The Seller / Bidder agrees that if it is
established at any time to the satisfaction of the Buyer that the present declaration is in
anyway incorrect or if at a later stage it is discovered by the Buyer that the Seller incorrect
or if at a later stage it is discovered by the Buyer that the Seller/Bidder has engaged any
such individual /firm, and paid or intended to pay any amount, gift, reward, fees,
commission or consideration to such person, party, firm or institution, whether before or
after the signing of this contract /Purchase order, the Seller /Bidder will be liable to
refund that amount to the Buyer. The Seller will also be debarred from participating in
any RFP / Tender for new projects / program with Buyer for a minimum period of five
years. The Buyer will also have a right to consider cancellation of the Contract / Purchase
order either wholly or in part, without any entitlement of compensation to the Seller
/Bidder who shall in such event be liable to refund agents / agency commission payments
to the buyer made by the Seller /Bidder along with interest at the rate of 2% per annum
above LIBOR (London Inter Bank Offer Rate) (for foreign vendors) and Base Rate of SBI
(State Bank of India) plus 2% (for Indian vendors). The Buyer will also have the right to
recover any such amount from any contracts / Purchase order concluded earlier or later
with Buyer.

6. Previous Transgression

Page 93 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

6.1 The Bidder /Seller declares that no previous transgressions have occurred in the last
three years from the date of signing of this Integrity Pact with any other company in any
country conforming to the anti-corruption approach or with any other Public Sector
Enterprise in India that could justify Bidder’s /Seller’s exclusion from the tender process.

6.2 If the Bidder /Seller makes incorrect statement on this subject, Bidder /Seller can be
disqualified from the tender process or the contract, if already awarded, can be
terminated for such reason without any liability whatsoever on the Buyer.

7. Company Code of Conduct

Bidders /Sellers are also advised to have a company code of conduct (clearly rejecting the
use of bribes and other unethical behavior) and a compliance program for the
implementation of the code of conduct throughout the company.

8. Sanctions for Violation

8.1 If the Bidder(s) /Seller(s), before award or during execution has committed a
transgression through a violation of Clause 5, above or in any other form such as to put his
reliability or credibility in question, the Buyer is entitled to disqualify the Bidder(s) /Seller
(s) from the tender process or act as per the procedure mentioned herein below:

(i) To disqualify the Bidder /Seller with the tender process and exclusion from
future contracts.

(ii) To debar the Bidder /Seller from entering into any bid from Buyer for a period
of two years.
(iii) To immediately cancel the contract, if already signed /awarded without any
liability on the Buyer to compensate the Bidder /Seller for damages, if any.
Subject to Clause 5, any lawful payment due to the Bidder/Seller for supplies
effected till date of termination would be made in normal course.

(iv) To encash Advance Bank Guarantees / Performance Bonds / Warranty Bonds,

etc. which may have been furnished by the Bidder /Seller to the extent of the
undelivered Stores and / or Services.

8.2 If the Buyer obtains Knowledge of conduct of Bidder /Seller or of an employee or

representative or an associate of Bidder /Seller which constitutes corruption, or if the
Buyer has substantive suspicion in this regard, the Buyer will inform to its Chief Vigilance
Officer.

9. Compensation for Damages

Page 94 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

9.1 If the Buyer has disqualified the Bidder(s) /Seller(s) from the tender process prior to
the award according to Clause 8, the Buyer is entitled to demand and recover the damages
equivalent to Earnest Money Deposit in case of open tendering.

9.2 If the Buyer has terminated the contract according to Clause 8, or if the Buyer is
entitled to terminate the contract according to Clause 8, the Buyer shall be entitled to
encash the advance bank guarantee and performance bond / warranty bond, if furnished
by the Bidder / Seller, in order to recover the payments, already made by the Buyer for
undelivered Stores and / or Services.

10. Price Fall Clause

The Bidder undertakes that it has not supplied /is not supplying same or similar
product/systems or subsystems at a price lower than that offered in the present Bid in
respect of any other Ministry /Department of the Government of India or PSUs during the
currency of the contract and if it is found at any stage that same or similar product
/Systems or Subsystems was supplied by the Bidder to any other Ministry /Department of
the Government of India or a PSU or any Public Sector Bank at a lower price during the
currency of the contract, then that very price will be applicable to the present case and
the difference in the cost would be refunded by the Bidder to the Buyer, if the contract
has already been concluded”.

11. Independent External Monitor(s)

11.1 The Buyer has appointed independent External Monitors for this Integrity Pact in
consultation with the Central Vigilance Commission.
11.2 As soon as the integrity Pact is signed, the Buyer shall provide a copy thereof, along
with a brief background of the case to the independent External Monitors.

11.3 The Bidder(s) / Seller(s) if they deem it necessary, may furnish any information as
relevant to their bid to the Independent External Monitors.

11.4 If any complaint with regard to violation of the IP is received by the buyer in a
procurement case, the buyer shall refer the complaint to the Independent External
Monitors for their comments / enquiry.

11.5 If the Independent External Monitors need to peruse the records of the buyer in
connection with the complaint sent to them by the buyer, the buyer shall make
arrangement for such perusal of records by the independent External Monitors.

11.6 The report of enquiry, if any, made by the Independent External Monitors shall be
submitted to MD & CEO, Union Bank of India, Union Bank Bhavan, Vidhan Bhavan Marg,
Nariman Point, Mumbai -21 within 2 weeks, for a final and appropriate decision in the
matter keeping in view the provision of this Integrity Pact.

Page 95 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

12. Law and Place of Jurisdiction

This Integrity Pact is subject to Indian Laws, and exclusive Jurisdiction of Courts at
Mumbai, India.

13. Other Legal Actions

The actions stipulated in this Integrity Pact are without prejudice to any other legal action
that may follow in accordance with the provision of the extant law in force relating to any
civil or criminal proceedings.

14. Integrity Pact Duration.

14.1 This Integrity Pact begins when both parties have legally signed it. It expires
for the successful Bidder / Seller 10 months after the last payment under the contract,
and for all other Bidders / Sellers within 6 months form date of placement of order /
finalization of contract.

14.2 If any claim is made/ lodged during this time, the same shall be binding and
continue to be valid despite the lapse of this Integrity Pact as specified above, unless
it is discharged / determined by MD & CEO, Union Bank of India.
14.3 Should one or several provisions of this Integrity Pact turn out to be invalid, the
reminder of this Integrity Pact remains valid. In this case, the parties will strive to
come to an agreement to their original intentions.

15 Other Provisions

15.1 Changes and supplements need to be made in writing. Side agreements have not
been made.

15.2 The Bidders (s)/ Sellers (s) signing this IP shall not initiate any Legal action or
approach any court of law during the examination of any allegations/complaint by IEM
and until the IEM delivers its report.

15.3 In view of nature of this Integrity Pact, this Integrity Pact shall not be terminated
by any party and will subsist throughout its stated period.

15.4 Nothing contained in this Integrity Pact shall be deemed to assure the bidder / Seller
of any success or otherwise in the tendering process.

16. This Integrity Pact is signed with Union Bank of India exclusively and hence shall not
be treated as precedence for signing of IP with MoD or any other Organization.

17. The Parties here by sign this Integrity Pact at________________on ________________
(Seller/Bidder) and ___________on __________ (Buyer)

Page 96 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

BUYER BIDDER * /SELLER*

Signature: Signature:
General Manager/Dy G M, Authorized Signatory (*)
Union Bank of India,
…………………………..Division

Date: Date:
Stamp: Stamp:

Witness Witness

1. ______________________ 1. ____________________

2.______________________ 2. ______________________
______________________ ______________________

(*) – Authorized signatory of the company who has also signed and submitted
the main bid.

Page 97 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

66. Annexure O – Bid Query Format

Bidders have to provide their queries on eligibility criteria, scope of work, terms &
conditions etc. in excel format as mentioned below. Bidders are requested to categorize
their queries under appropriate headings. Bidders are requested to provide a reference of
the page number, state the clarification point and the queries/suggestion/deviation that
they propose as shown below (all the queries will be entertained in this Microsoft Excel
format by e-mail):

Queries will not be accepted in any other format other than Microsoft Excel.

Sl. No. Clause Page no. Clause Query Bank

no. Response

Place:
Date:
Signature:
Name & Designation:
Business Address:

Page 98 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

67. Annexure P – Know Your Employee (KYE) Clause

Bidder has to submit Undertaking on company letter head as per format given below).

1. We ______________________ (name of the company) hereby confirm that all the

Resource (both on-site and off-site) deployed/to be deployed on Bank’s project for
______________________________________________________________________
(Name of the RFP) have undergone KYE (Know Your Employee) process and requisite
checks have been performed prior to employment of said employees as per our policy.

2. We undertake and agree to save defend and keep harmless and indemnified the Bank
against all loss, cost, damages, claim penalties expenses, legal liability because of non
compliance of KYE and of misconduct of the employee deployed by us to the Bank.

3. We further agree to submit the required supporting documents (Process of

screening, Background verification report, police verification report, character
certificate, ID card copy, Educational document, credit history, etc.) to Bank before
deploying officials in Bank premises for ________________ (Name of the RFP).”

Signature of Competent Authority with company seal ________________________________

Name of Competent Authority __________________________________
Company / Organization __________________________________
Designation within Company / Organization______________________________
Date ________________

Name of Authorized Representative __________________________________

Designation of Authorized Representative________________________________
Signature of Authorized Representative __________________________________
Verified above signature
Signature of Competent Authority__________________________________
Date ________________

Page 99 of 121
RFP for Procurement of Kubernetes platform and DevSecOps

68. Annexure Q - Undertaking of Information Security

(This letter should be on the letterhead of the bidder as well as the OEM/
Manufacturer duly signed by an authorized signatory on Information security as per
regulatory requirement)

Place:
Date:

To,
The General Manager,
Union Bank of India,
5th floor, Technology Centre,
1/1A, Adi Shankaracharya Marg, Opp. Powai Lake,
Powai, Andheri (East),
Mumbai‐400072.

Sir,

Subject: Request for Proposal (RFP) for Procurement of Kubernetes platform and
DevSecOps with CI/CD pipelines with Facility Management Services

We hereby undertake that the proposed solution / software to be supplied will be free of
malware, free of any obvious bugs and free of any covert channels in the code (of the version
of the application being delivered as well as any subsequent versions/modifications done)

Yours faithfully,

Authorized Signatory
Name:
Designation:
Vendor’s Corporate Name
Address
Email and Phone #

Page 100 of 121

RFP for Procurement of Kubernetes platform and DevSecOps

69. Annexure R - Business Rules for Reverse Auction

RFP for Bank’s “Request for Proposal (RFP) for Procurement of Kubernetes platform and
DevSecOps with CI/CD pipelines with Facility Management Services”

Reverse Auction through E-Procurement

The detailed procedure for Reverse Auction to be followed in the “Request for Proposal
(RFP) for Procurement of Kubernetes platform and DevSecOps with CI/CD pipelines with
Facility Management Services” Project is given below:

The response to the present tender will be submitted by way of submitting the Technical
offer & Indicative Commercial offers separately through online. The technical details with
the relevant information /documents/acceptance of all terms and conditions strictly as
described in this tender document will have to be submitted by the Bidders. The Indicative
commercial bids submitted by the Bidders who are short listed in the technical bid evaluation
process will be opened and those Bidders will be invited to participate in the online Reverse
Auction to be conducted by the company selected by the Bank. Bidders who are short listed
from Technical evaluation will be trained by the Reverse Auction Company for this purpose,
and they will have to abide by the E-business rules framed by the Bank in consultation with
Reverse Auction Service provider. The e-business rules are furnished hereunder in this
document.

Further, please note that the Bidder(s) who do not qualify in the technical bid processes will
not be considered for participation in Reverse Auction. For participating in reverse auction
digital signature is a pre-requisite.

BUSINESS RULES FOR REVERSE AUCTION

1. APPLICABILITY

1.1. Reverse Auctions are carried out under the framework of rules that are called Business
Rules.
1.2. All bidders participating in Reverse Auction shall understand/accept and give an
undertaking for compliance with the same to the Bank in the prescribed format
Exhibit-A.
1.3. Any bidder not willing to submit such an undertaking shall be disqualified for further
participation respecting the procurement in question.

1. ELIGIBILITY:

2.1. Bidders need to submit RFP fee & Integrity Pact at the time of bid submission by
authorized signatory on or before last date & time of submission of bid. In case bidder
fails to submit RFP fee & Integrity Pact on or before last date & time of submission of
bid, bid will be liable for rejection.

Page 101 of 121

RFP for Procurement of Kubernetes platform and DevSecOps

2.2 Only vendors who have submitted RFP fee & Integrity Pact and prescribed undertaking
to the Bank and who are technically qualified can participate in Reverse Auction
relevant to the procurement for which RFP is floated.

3. COMPLIANCE/CONFIRMATION FROM BIDDERS:

3.1. The bidders participating in Reverse Auction shall submit the following duly signed by
the same Competent Authority who signs the offer documents in response to the RFP:

3.1.1. Acceptance of Business Rules for Reverse Auction and undertaking as per format
in Exhibit-A.
3.1.2. Agreement between service provider and bidder. (This format will be given by
the service provider prior to announcement of Reverse Auction.)
3.1.3. Letter of authority authorizing the name/s of official/s to take part in Reverse
Auction as per format in Exhibit-B.
3.1.4. Undertaking of Process Compliance Statement for RA as per Exhibit C

4. TRAINING

4.1. The Bank will facilitate training for participation in Reverse Auction either on its own
or through the service provider for the Reverse Auction.

4.2. Where necessary, the Bank/service provider may also conduct a ‘mock reverse
auction’ to familiarize the bidders with Reverse Auction process.

4.3. Any bidder/bidder not participating in training and/or ‘mock reverse auction’ shall do
so at his own risk and it shall not be open for him to make any complaint/grievance
later.

5. TOTAL COST OF OWNERSHIP (TCO)

5.1. TCO refers to the aggregate amount payable by the Bank for transfer of ownership.

5.2. TCO shall encompass but not be limited to the following:

5.2.1 Cost of the equipment/product or services.

5.2.2 License fee (Corporate or user specific as defined in RFP) including Data
Base/Application licenses).

5.2.3 All existing taxes excluding GST/CGST/SGST/IGST, duties and levies.

5.2.4 Installation and commissioning charges, if any.

5.2.5 The prices should include the comprehensive onsite warranty maintenance of
the equipment covering all components, services, and visits to the concerned
offices as specified in the RFP.

5.2.6 Annual Maintenance Charges for the period as specified in the RFP.

Page 102 of 121

RFP for Procurement of Kubernetes platform and DevSecOps

5.2.7 Transportation and Forwarding charges to respective sites.

5.2.8 Training costs for the product/service/equipment if and as defined in RFP.

5.2.9 Service Level Agreement (SLA) costs as defined in RFP for applicable period.

5.2.10 Facility Management/infrastructure support costs as defined in RFP.

5.2.11 Insurance to cover the equipment for and from transit period till installation.

5.3. The TCO shall be arrived at after deducting ‘buy back’ costs involved and if/as defined
in the RFP.

5.4 TCO, however, shall not include variables of octroi and entry tax. These shall be paid
as per actuals and on production of receipts. However, no penalties respecting octroi
or entry tax shall be paid by the Bank and the vendor shall bear such expenses.

6. DATE/TIME FOR TRAINING

6.1. The Venue, Date, Time etc. for training in Reverse Auction shall be advised at the
appropriate time.

6.2. The Bank shall Endeavour to fix such Date/Time at mutual convenience to the
bidder/s, service provider and the Bank.

6.3. No request for postponement/fixing of Training Date/Time shall be entertained which

in the sole view and discretion of the Bank might result in any avoidable delay to
either the Reverse Auction or the whole process of selection of bidder.

7. DATE/TIME OF REVERSE AUCTION

7.1. The Date and Time of commencement of Reverse Auction as also Duration of ‘Reverse
Auction Time’ shall be communicated at least 3 working Days prior to such auction
Date.

7.2. Any force majeure or other condition leading to postponement of auction shall entitle
the Bank to postponement of auction even after communication, but, the Bank shall
be obliged to communicate to all participating bidders the ‘postponement’ prior to
commencement of such ‘Reverse Auction’.

8. CONDUCT OF REVERSE AUCTION

8.1. The Reverse Auction shall be conducted on a specific web portal meant for this
purpose.

8.2. The Reverse Auction may be conducted by the Bank itself or through a service provider
specifically identified/appointed/empaneled by the Bank.

9. SERVICE PROVIDER’S ROLE & RESPONSIBILITIES

Page 103 of 121

RFP for Procurement of Kubernetes platform and DevSecOps

9.1. In all Reverse Auctions conducted by the Bank through a Service Provider, the Bank
shall enter into a separate agreement clearly detailing the role and responsibilities of
the service provider hosting the web portal for the Reverse Auction.

9.2. For creating necessary obligations and rights, the service provider will also enter into
an agreement with each bidder as per a format designed by him for this purpose. The
Bank shall resolve any points/issues concerning such agreement of bidder and service
provider.

9.3. While a Service Level Agreement (SLA) by the bank with the service provider is an
arrangement for smooth and fair conduct of the Reverse Auction, the Bank shall be
directly responsible to bidders for fair and transparent conduct of Reverse Auction.

9.4. The service provider at the end of each Reverse Auction shall provide the bank with
all details of the bids and reports of reverse auction.

9.5. The service provider shall also archive the data pertaining to the Reverse Auction for
a minimum period of 3 years.

9.6. TRAINING AND AUCTION

9.6.1. Service provider / auctioneer are responsible for conduct of adequate training to all
technically qualified bidders representing the reverse auction and bidding process.

9.6.2. Each bidder / bidder shall participate in the training at his / their own cost.

9.6.3. Wherever it is considered necessary and asked by the bidders or as decided by the
auctioneer or by Bank a mock auction may also be conducted for the benefit of all
concerned.

9.6.4. Authorized representatives of the bidders named in the authorization letter given by
the bidder (Exhibit-B) shall be given unique user name, password by the service
provider / auctioneer.

9.6.5. Each bidder shall change the password and edit the information in the registration
page after receipt of initial password.

9.6.6. All the bids made from the login ID given to bidder shall ipso-facto be considered bid
made by the bidder / bidder to whom login ID and password were assigned by the
service provider / auctioneer.

9.6.7. Any bid once made through registered login ID / password by the bidder / bidder
cannot be cancelled. The bidder, in other words, is bound to sell the “Offering” as
per the RFP at the bid price of TCO.

9.6.8. Every successive bid by the bidder / bidder being decremented bidding shall replace
the earlier bid automatically and the final bid as per the time and log-in ID shall
prevail over the earlier bids.

Page 104 of 121

RFP for Procurement of Kubernetes platform and DevSecOps

9.6.9. The Bank shall conduct the reverse auction as per the Standard English reverse
auction, that is, no two bids can have identical price from two different bidders. In
other words, there shall never be a “Tie” in bids.

10. PROXY BID

10.1. A proxy bid is one where bidder can submit the lowest bid amount by him in strict
confidence to the system directly. This obviates the need for him participating in the
bidding process until the proxy bid amount is decremental reached by other bidders.

10.2. When proxy bid amount is reached, the bidder has an option to revise the proxy bid
amount or he can prefer to start participating in bidding process.

10.3. Since it is an English auction with no ties, two bidders submitting identical proxy bid
amount and succeeding in auction simultaneously does not arise.

10.4. During training, the issue of proxy bidding will be clarified in detail by the service
provider.

11. TRANSPARENCY IN BIDS

11.1. All bidders will be able to view during the auction time the current lowest price in
portal. Bidder shall be able to view not only the lowest bid but also the last bid made
by him at any point of time during the auction time.

12. MASKING OF NAMES

12.1. Names of bidders/ bidders shall be anonymously masked in the Reverse Auction
process and bidders will be given suitable dummy names.

12.2. After completion of Reverse Auction, the service provider / auctioneer shall submit a
report to the Bank with all details of bid and the original names of the bidders as also
the L1 bidder with his / their original names.

13. START PRICE

13.1. Bank shall determine the start price either on its own or through asking for information
of price band on TCO from each bidder at appropriate time during or at the conclusion
of technical evaluation. Based on the price band so informed by bidders, Bank would
determine the start price for reverse auction.

14. DECREMENTAL BID VALUE

14.1. The bidders shall be able to bid only at a specified decrement value and not at any
other fractions. The Bid decrement value shall be Rs. 7500/- or 0.25% of the Start
price of the Reverse Auction, whichever is higher.

14.2. The bid decrement value shall be rounded off to the nearest thousands of rupees.

14.3. For the sake of convenience of bidders, the web portal shall display the next possible

Page 105 of 121

RFP for Procurement of Kubernetes platform and DevSecOps

decremented value of bid. It is not, however, obligatory on the part of bidders to

bid at the next immediate lower level only. (That is, bids can be even at 2 or 3 lower
levels than the immediate lower level and should not exceed 2% of start bid price at
a time)

15. COPY OF BUSINESS RULES

15.1. The Bank shall supply copy of the Business rules to any bidders / bidders, wishing to
participate in the reverse auction. Such request shall be made in writing to the Bank
by an authorized representative of the bidder.

15.2. The Bank shall also handover a copy of the Business Rules with a covering letter duly
signed by an authorized signatory of the Bank.

15.3. For any dispute concerning the Business Rules, the hard copy of Business Rules
supplied by the Bank for the reference of reverse auction process will alone be
considered final and bidding.

16. SPLITTING OF ORDERS

16.1. If any RFP specifically authorizes splitting of orders for the sake of reducing
dependency on single source of supply or provision of service, Bank is entitled to split
the order in the order and as provided in RFP.

16.2. While splitting the order, Bank shall specify the maximum quantum for L1, L2 etc. in
RFP.

16.3. In case L2 bidder is not willing to supply at L1 price, Bank shall call L3, L4 etc. in order
to arrive at the split quantum to be awarded.

16.4. The Bank shall also be entitled to award the contract to L2, L3 or L4 etc. bidders in
the event of L1 bidder backing out to honor the commitment, or for that matter not
in a position to supply the offering as per RFP.

17. REVERSE AUCTION PROCESS

17.1. In order to reduce the time involved in the procurement process, Bank shall be
entitled to complete the entire procurement process through a single Reverse Auction.
For this purpose, Bank shall do all it can to award the contract to L1 bidder or in the
circumstances where awarding of contract may have to be done to the L2, L3 bidder
as provided for in the RFP.

17.2. The Bank shall however, be entitled to cancel the procurement of Reverse Auction, if
in its view procurement or reverse auction process cannot be conducted in a fair
manner and / or in the interest of the Bank.

17.3. The successful bidder shall be obliged to provide a Bill of Material at the last bid price
at the close of auction.

18. EXPENDITURE ON REVERSE AUCTION

Page 106 of 121

RFP for Procurement of Kubernetes platform and DevSecOps

18.1. All expenses of reverse auction shall be borne by the Bank.

18.2. Bidders, however, shall attend the training or mock auction at their own cost.

19. CHANGES IN BUSINESS RULES

19.1. Any change in Business Rules as may become emergent and based on the experience
gained shall be made only by a Committee of senior / top executives of the Bank.

19.2. Any / all changes made in Business Rules shall be uploaded in the Website
immediately.

19.3. If any reverse auction process has commenced and a change is made in Business Rules,
it shall be informed immediately to each bidder/ bidder and his concurrence to /
acceptance of the change shall be obtained in writing by the Bank.

20. DON’TS APPLICABLE TO THE BIDDER/BIDDER

20.1. No bidder shall involve himself / itself or any of his / its representatives in any price
manipulation directly or indirectly with other bidders. If any such practice comes to
the notice, Bank shall disqualify the bidder / bidders concerned from the reverse
auction process.

20.2. Bidder shall not disclose details of his bids or any other details concerning Reverse
Auction process of the Bank to any other third party without specific permission in
writing from the Bank.

20.3. Neither Bank nor service provider / auctioneer can be held responsible for
consequential damages such as no power supply, system problem, inability to use the
system, loss of electronic information, power interruptions, UPS failure, etc. (Bank
shall, however, entertain any such issues of interruptions, problems with open mind
and fair degree of transparency in the process before deciding to stop or extend the
auction.)

21. GRIEVANCES REDRESSAL

21.1. Any aggrieved bidder / bidder through Reverse Auction process can make complaint
in writing within 48 hours of the Reverse Auction to the Chief Compliance Officer of
the Bank.

21.2. The Chief Compliance Officer along with the Chief Law Officer of the bank and Chief
of Audit Dept. shall give personal hearing to the aggrieved bidder / bidder and decide
upon the complaint / grievance.

21.3. Decision of the Grievance Redressal Committee shall be binding on the Bank as well
as on all bidders participating in the Reverse Auction.

21.4 Any aggrieved vendor / bidder through Reverse Auction process can make
representation in writing within 48 hours of the Reverse Auction to the IEM

Page 107 of 121

RFP for Procurement of Kubernetes platform and DevSecOps

(Independent External Monitor) of the Bank.

22. ERRORS AND OMISSIONS

22.1. On any issue or area of material concern respecting Reverse Auction not specifically
dealt with in these Business Rules, the decision of the bank shall be final and binding
on all concerned.

Place:
Date:
Signature:
Name & Designation:
Business Address:

Page 108 of 121

RFP for Procurement of Kubernetes platform and DevSecOps

70. Annexure R (A) - Compliance Statement – Reverse Auction

(To be submitted by all the bidders participating in Reverse Auction)

Exhibit -A
To,
Union Bank of India
Department of Information Technology
Powai, Mumbai

DECLARATION
1 We ______________________ (name of the company) hereby confirm having
submitted our bid for participating in Bank’s RFP dated _________ for procurement
of ____________.

2 We also confirm having read the terms of RFP as well as the Business Rules relating
to the Reverse Auction for this RFP process.
3 We hereby undertake and agree to abide by all the terms and conditions stipulated
by Union Bank of India in the RFP document including all annexure and the Business
Rules for Reverse Auction.
4 We shall participate in the on-line auction conducted by _______________ Ltd.
(Auction Company) and submit our commercial bid. We shall also abide by the
procedures prescribed for online auction by the auction company.
5 We, hereby confirm that we will honor the Bids placed by us during the auction
process, failing which EMD shall be forfeited / we shall be liable to be suspended
from participation in any future tenders of the Bank for 2 years. We also understand
that the bank may debar us from participating in future tenders.
6 We confirm having nominated Mr. ________________, designated as
______________ of our company to participate in the Reverse Auction on behalf of
the company. We undertake that the company shall be bound by the bids made by
him I Reverse Auction.
7 We undertake to submit the confirmation of last bid price by us to the auction
company/Bank within 48 working hours of the completion of event. We also
undertake to submit the Bill of Materials for the TCO (Total Cost of Ownership) in
terms of RFP.
Signature with company seal
Name:
Company / Organization:
Designation within Company / Organization:
Address of Company / Organization:
Date:
Name of Authorized Representative: _______________________
Signature of Authorized Representative: ____________________
Verified above signature
Competent Authority Signature: ___________________________
Date: ________________

Page 109 of 121

RFP for Procurement of Kubernetes platform and DevSecOps

71. Annexure R (B) - Letter of Authority for Participation in Reverse Auction

Exhibit –B

To,
Union Bank of India
Department of Information Technology
Powai, Mumbai

1 We ______________________ (name of the company) have submitted our bid for

participating in Bank’s RFP dated _________ for procurement of ____________.

2 We also confirm having read and understood the terms of RFP as well as the Business
Rules relating to the Reverse Auction for this RFP process.

3 As per the terms of RFP and Business rules, we nominate Mr. ______________,
designated as ______________ of our company to participate in the Reverse
Auction.

4 We accordingly authorize Bank and / or the Auction Company to issue user ID and
password to the above named official of the company.

5 Both Bank and the auction company shall contact the above named official for any
and all matters relating to the Reverse Auction.

6 We, hereby confirm that we will honor the Bids placed by Mr. __________ on behalf
of the company in the auction process, failing which EMD shall be forfeited/ we are
liable to be suspended from participation in any future tenders of the Bank for 2
years. We agree and understand that the bank may debar us from participating in
future tenders for any such failure on our part.

Signature with company seal

Name –
Company/ Organization
Designation within Company / Organization
Address of Company / Organization
Date:

Name of Authorized Representative: _______________________

Signature of Authorized Representative: ____________________
Verified above signature
Signature of Competent Authority: ______________
Date: _________________

Page 110 of 121

RFP for Procurement of Kubernetes platform and DevSecOps

72. Annexure R (C) - Undertaking of Process Compliance Statement for RA

(This letter should be on the letterhead of the bidder duly signed by an authorized
signatory)

Place: Date:

To,

The General Manager, Union Bank of India, Technology Centre, 1/1A, Adi Shankaracharya
Marg, Opp. Powai Lake, Powai, Andheri (East), Mumbai‐400072.

Sir,
Subject: Agreement to the process related Terms and Conditions for the online Reverse
Auction for Request for Proposal (RFP) for Procurement of Kubernetes platform and
DevSecOps with CI/CD pipelines with Facility Management Services.

This letter is to confirm that:

1. The undersigned is authorized representative of the company. 2. We have studied the

Commercial Terms and the Business Rules governing the Reverse Auction as mentioned in the
RFP and confirm our agreement to them. 3. We confirm that Union Bank of India and Auction
Service Provider shall not be liable & responsible in any manner whatsoever for my/our
failure to access & bid on the e-auction platform due to loss of internet connectivity,
electricity failure, virus attack, problems with the PC, any other unforeseen circumstances
etc before or during the auction event. 4. We also confirm that we have a valid digital
signature certificate issued by a valid Certifying Authority. 5. We also confirm that we will
mail the price confirmation & break up of four quoted price as per Annexure E within 48 hour
of the completion of the reverse auction. 6. We, hereby confirm that we will honour the bids
placed by us during the auction process.

Signature with company seal Name – Company/ Organization

Designation within Company / Organization Address of Company / Organization Date:

Name of Authorized Representative: _______________________ Signature of Authorized

Representative: ___________________ Verified above signature Signature of Competent
Authority: ______________ Date: _________________

Page 111 of 121

RFP for Procurement of Kubernetes platform and DevSecOps

73. Annexure S – Certificate of Waiver for MSE Firms

(in Letter head of Chartered Accountant)

Date:
TO WHOMSOEVER IT MAY CONCERN

This is to certify that M/s. _________________________________, having registered office

at __________________________________has made an investment of Rs.__________/- in
_________________, as per Audited Balance Sheet as on 31.03.2021. Further we certify that
the Company is classified under Micro and Small Enterprise (MSE) as per MSME Act 2006 and
subsequent government notifications.

We have checked the books of the accounts of the company and certify that the above
information is true and correct.

Chartered Accountant Firm Name

Signature
Firm
Name Seal
Reg. No

VID No.

Page 112 of 121

RFP for Procurement of Kubernetes platform and DevSecOps

74. Annexure T - Restriction on Procurement due to National Security

(This Certificate should be submitted on the letterhead of the bidder as well as the
OEM / Manufacturer duly signed by an authorized signatory)

Date:
To,
The General Manager,
Union Bank of India,
5th floor, Technology Centre,
1/1A, Adi Shankaracharya Marg, Opp. Powai Lake,
Powai, Andheri (East),
Mumbai‐400072.

Dear Sir,

Ref.: RFP No.: ____________ Dated: _________

1. I have read the clause regarding restrictions on procurement from a bidder/OEM of a

country which shares a land border with India; / certify that this bidder is not from
such a country or, if from such a country, have been registered with the Competent
Authority. I hereby certify that this bidder/OEM fulfills all requirements in this regard
and is eligible to be considered. (Where applicable, evidence of valid registration by
the Competent Authority shall be attached.)
2. I have read the clause regarding restrictions on procurement from a bidder/OEM of a
country which shares a land border with India and on subcontracting to contractors
from such countries; I certify that this bidder/OEM is not from such a country or, if
from such a country, have been registered with the Competent Authority and will not
subcontract any work to a contractor from such countries unless such contractor is
registered with competent authority. I hereby certify that this bidder/OEM fulfills all
requirement in this regard and is eligible to be considered. (Where applicable,
evidence of valid registration by competent authority shall be attached)

Yours faithfully,

Authorized Signatory
Name:
Designation:
Vendor’s Corporate Name
Address

Page 113 of 121

RFP for Procurement of Kubernetes platform and DevSecOps

75. Annexure U- Letter for Refund of EMD

LETTER FOR REFUND OF EMD

(To be submitted by the unsuccessful bidders)

Date:
The General Manager,
Union Bank of India,
Technology Centre,
1/1A, Adi Shankaracharya Marg, Opp. Powai Lake,
Powai, Andheri (East),
Mumbai‐400072.

We ____________ (Company Name) had participated in the Request for Proposal (RFP) for
for Procurement of Kubernetes platform and DevSecOps with CI/CD pipelines with
Facility Management Services and we are an unsuccessful bidder.

Kindly refund the EMD submitted for participation. Details of EMD submitted are as follows

Drawn on
Sr. No. Bidder Name DD/BG Number Amount (Rs)
(Bank Name

Bank details to which the money needs to be credited via NEFT are as follows

1. Name of the Bank with Branch

2. Account Type
3. Account Title
4. Account Number
5. IFSC Code

Sign

Name of the signatory

Designation

Company Seal.

Page 114 of 121

RFP for Procurement of Kubernetes platform and DevSecOps

76. Annexure V - Bank Guarantee for EMD

Date:
To
Union Bank of India,
Department of Information Technology,
1/1A, Adi Shankaracharya Marg, JVLR,
Opp. Powai Lake (Andheri East),
Powai (Andheri East), Mumbai 400072.

Dear Sir,

M/s __________________ having their registered office at _____________ (hereinafter called

the ‘Bidder’) wish to respond to the Request for Proposal (RFP) for Selection of Service
Provider for Setting up Testing Centre of Excellence with Facility Management Services under
Rate Contract, self and other associated Bidders and submit the proposal for the same as
listed in the RFP document.

Whereas the ‘Bidder’ has submitted the proposal in response to RFP, we, the ____________
Bank having our head office ________________ hereby irrevocably guarantee an amount of
Rs.20,00,000.00 (Rupees Twenty lac Only) as bid security as required to be submitted by the
‘Bidder’ as a condition for participation in the said process of RFP.
The Bid security for which this guarantee is given is liable to be enforced/ invoked:

1. Withdraws its bid during bid validity period

2. Refuses to honor commercial bid. Bank reserves the right to place order onto Bidder
based on prices quoted by them.
3. Refuses to accept purchase order or having accepted the purchase order, fails to carry
out his obligations mentioned therein

We undertake to pay immediately on demand, to Union Bank of India, the said amount of
Rs.20,00,000.00 (Rupees Twenty Lac Only) without any reservation, protest, demur, or
recourse. The said guarantee is liable to be invoked/ enforced on the happening of the
contingencies as mentioned above and also in the RFP document and we shall pay the amount
on any Demand made by Union Bank of India which shall be conclusive and binding on us
irrespective of any dispute or difference raised by the Bidder.

Notwithstanding anything contained herein:

1) Our liability under this Bank guarantee shall not exceed Rs.20,00,000.00 (Rupees
Twenty lac Only).

2) This Bank guarantee will be valid up to __________________; with a claim period of

45 days thereafter and

Page 115 of 121

RFP for Procurement of Kubernetes platform and DevSecOps

3) We are liable to pay the guarantee amount or any part thereof under this Bank
guarantee only upon service of a written claim or demand by you on or before
________________.

In witness whereof the Bank, through the authorized officer has sets its hand and stamp on
this _______________ day of __________________ at _________________.

Signature ……………………………………

Name …………………………………………
(In Block letters)
Designation …………………………………
(Staff Code No.) …………………………….

Official address:
(Bank’s Common Seal)
Attorney as per power of Attorney No.
Date:
WITNESS:

1……………………………………………… (Signature with Name, Designation & Address)

2……………………………………………… (Signature with Name, Designation & Address)

Page 116 of 121

RFP for Procurement of Kubernetes platform and DevSecOps

77. Annexure W – Certificate of Local Content

(Certificate from the statutory auditor or cost auditor of the company (in case of
companies) or from a practicing cost accountant or practicing chartered accountant (in
respect of suppliers other than companies) giving the percentage of local content, on
their letter head with Registration Number with seal.)

Date:
To,
The General Manager,
Union Bank of India,
5th floor, Technology Centre,
1/1A, Adi Shankaracharya Marg, Opp. Powai Lake,
Powai, Andheri (East),
Mumbai‐400072

Dear Sir,

Ref.: RFP No.: ____________ Dated: _________

1. This is to certify that proposed ______________ <product details> is having the local
content of ___________ % as defined in the above-mentioned RFP.

2. This certificate is submitted in reference to the Public Procurement (Preference to

Make in India), Order 2017 – Revision vide Order No. P-45021/2/2017-PP (BE-II) dated
June04, 2020.

3. _______________________________________________________ (Details of Locations

where value additions are made and break up of local content percentage should be
provided)

Signature with company seal

Name:
Company / Organization:
Designation within Company / Organization:
Address of Company / Organization:
Date:
Name of Authorized Representative: _______________________
Signature of Authorized Representative: ____________________

Page 117 of 121

RFP for Procurement of Kubernetes platform and DevSecOps

78. Annexure X – Hardware Sizing and Software/Tool Deliverable

The Bidder must specify complete details of Hardware and other systems required for
successful implementation of the offered Solution, in the following format for (1)
Present requirement of deploying DevSecOps and Container Platform with minimum
number of hosted applications (2) tentative requirement for next 3 years after 50 mid-
size application hosted on the platform presently hosted on 32 cores.

Sr Name of Tool OS Processor RAM HDD Any

No. Requirement Requirement Requirement Requirement Other
1 DevSecOps –
CI/CD
software /
tools
2 Kubernetes
container
orchestration
Layer /
Platform
3 Centralized
tool to
Manage &
monitor
4 Specify, if
any other
item
Total

Please mention Make / Model (if any), type and number of processors, memory, bus
speed, hard disk & Operating System number of users, license type, version etc.

Note:
The resource including CPU utilization of any server/ appliance should not go beyond
70%. If the same crosses the threshold of 70% five times in a day or 10 times in a week,
bidder should fine tune the application to ensure the utilization within the aforesaid
threshold without any additional cost to the bank.

*Oracle Database licenses will be provided by the bank. If proposed solution requires any
other database other than Oracle, bidder must provide database and absorb the cost within
the TCO.

Page 118 of 121

RFP for Procurement of Kubernetes platform and DevSecOps

79. Annexure Y - Compliance Sheet

The bidder must submit the below mentioned compliance sheet. All the points should
be complied in proposed solution. Non-compliance of any point will lead to
disqualification of the bidder. The compliance should be provided in Y/N without any
deviations /disclaimer/ remark:

Compliance
S. N. Criteria
Yes/No(Y/N)
The platform should allow Development of software
1 applications using Agile as well as Waterfall project
management methodology.
The platform should allow application Deployment on
2
traditional hardware, virtualized architecture or others
The platform should allow development of application
3 architectures based on Monolith, SOA based as well as API
and Micro services.
The platform should allow development using multiple
4 technologies, such as but not limited to .NET, Java, Angular,
Python etc.
The platform should help automate the release and delivery
5 of applications, shortening the delivery lifecycle and
streamlining manual processes.
The platform should allow approval-based automation for
6 code deployment as per the process/ workflow defined by
the Bank.
The platform should support source code management that
7 enables coordination, sharing, version control and
collaboration across the development teams.
The platform should track and merge branches, audit
8 changes and enable concurrent work, to accelerate software
delivery.
The platform should act as central code repository for all
9
onboarded applications.
The platform should enable teams to package their
applications and dependencies and build artifacts with ease
10
to ensure DevOps acceleration with automated software
pipelines.
The platform should be able to integrate with existing
Testing CoE (T-CoE) and help application owners to
11 automate unit testing, functional testing and non-functional
testing (e.g. performance test, security test) and integrate
them into the pipeline.

Page 119 of 121

RFP for Procurement of Kubernetes platform and DevSecOps

The platform should integrate with existing tools and

support security testing including static and dynamic
assessment for Thick App, Thin App and API. The output of
12
Dynamic Application Security Testing (DAST) should go as
feedback to refine Static Application Security Testing (SAST)
rules to improve early identification of vulnerabilities.
The platform should be able to orchestrate and manage
13 development and UAT and be future ready to support and
manage VM’s and Containers on the same platform.
The platform should be able to provide a common
14 comprehensive reporting dashboard as part of “continuous
monitoring”.
The platform should maintain the version control for all
15
production artifacts onboarded to this platform.
The platform should have automated mechanism to provide
16 continuous feedback to improve the quality and maintain
sync between technical and business team.
The platform should integrate with Banks Active Directory /
17 LDAP to provide SSO capabilities & Role based access control
capabilities.
The platform should integrate with Bank’s email system /
18
SMS system to send relevant notification.
The platform should integrate with Bank’s platforms like
19 SOC, PIM, SIEM etc. to meet security and compliance
requirements as and when required.
The platform should support parallel execution of the
20
pipelines with a visual depiction of the execution status.
The platform should be able to collect the pipelines
21 execution logs and build the analytics around execution
status (Success, Failure etc.).
The platform should have the ability to raise tickets for day-
22 to-day operational issues pertaining to the applications/
modules developed using the platform.
The platform should have the ability to track the status and
23
action taken by onsite support team for the tickets raised.
24 The Platform should be scalable and highly available.
The applications passing through Continuous Integration (CI)
should build a container image for bespoke
25
applications (existing and new) before promoting it
to Continuous Deployment (CD)

Page 120 of 121

RFP for Procurement of Kubernetes platform and DevSecOps

The platform should be future ready to scale across Hybrid

and Multi-Cloud Environment and be able to have a seamless
26 migration of VM’s / Containers across Hybrid and Multi-cloud
environment with automated scale-out and scale-in
approach of workloads such as VM’s & containers
The proposed tool/tool set should be able to work on the
existing bespoke applications' validation for
27 containerization should be done at the binary/source code
level (with or without access to source code) using a tool
which should be part of the DevOps tool chain.
Single pane to deploy and visualize applications onto
28
multiple environments/clouds (making it future ready)

Windows and Linux containers should be created as per the

29
applications

Date: For _________________________

Signature ____________________

Name _______________________

Authorized Signatories
(Name & Designation, seal of the firm)

Page 121 of 121