kce.fgov.be Web viewTechnical specification. MoSCoW. 1. System level security model. The solution...

Template Submission Tender – KCE-2017_003_GMS page 1 of 18

NOTICE no. KCE-2017_003_GMS

Template 04: Technical specifications for GMS

Contents

1 System requirements...............................................................................................................................3

2 Security model and data protection.........................................................................................................5

3 Applicants.................................................................................................................................................6

4 Reviewers.................................................................................................................................................9

5 Automatic e-mails...................................................................................................................................11

6 Facilitation of advisory boards in the review process.............................................................................12

7 Internal tracking.....................................................................................................................................13

8 Payments and budgeting........................................................................................................................14

9 System querying and reporting..............................................................................................................15

10 Dashboard..........................................................................................................................................16

11 System audit.......................................................................................................................................17

12 System accreditation..........................................................................................................................17

13 Data exchange....................................................................................................................................17

In your response, please specify for each technical specification if you comply, partially comply or do not comply, at the date of the tender reply. If the functionality requires an additional module or additional development product, even if planned, this needs to be clearly indicated (with timing).

YOUR_NAME_4_GMS_Technical_Specs

The technical classifications follow the MoScoW classification (see table below). For each specification, you can reply in the “your response” section, point by point. Your descriptions should be short and specific. If there is no response for a specification, we will assume it is not present. There are also very specific yes/no questions.

MoScoW classification

M Must Have - Currently perceived to be a requirement of the highest importance that must be met in full.

S Should have - A high priority statement that should be met

C Could have - A lower priority requirement that could be met if doing so does not compromise cost, risk or any higher rated requirements.

W Would like to know about - The lowest priority level. We could like to know whether and how this requirement is achievable

Vocabulary

Different vendors use different words to define a funding program: it has a specific budget, a specific target group, and specific opening and closing dates where potential candidates can apply, and sometimes specific review processes. Different words are possible: program, funding scheme, funding call. In this tender we will use the word following vocabulary:

We have only one funding programme, the KCE Trials Programme, which funds pragmatic clinical trials in Belgium.

We have currently two different workstreams: the “investigator-led workstream” and the “commissioning workstream”. A workstream is defined by a specific application and review process, which can be translated into a workflow. Over the years, each workstream will contain severall “call for projects”, with specific open and closed dates, which will then result in several research projects being funded. Application and review form will be defined at the level of the workstream, but may differ slightly for different calls.

In the next future, we may open new worsktreams (on international collaboration for instance).

YOUR_NAME_4_GMS_Technical_Specs 2/18

1 System requirements

# Technical specification

1 The solution is a Software as a Service (SaaS), hosted on a https server. M

Comply – partially comply – do not comply

You can provide a brief answer.

2 The solution allows us to fully customize the website branding (where applicants and reviewers connect) to our needs (logos, banners, videos, etc…). We want to be able to edit all text on the login webpage.

S



3 The solution provides a template library for website branding. W



4 The solution allows us to define a specific URL for the website (for applicants and reviewers). C



5 Describe whether the different calls open for funding can be seen before user login (option 1), or whether potential applicants need to login first to be able to see open call (option 2).


6 The interface of the solution is in English. S



7 Mention if your software can switch to interfaces in French and Dutch (and if/how this impacts your price).


8 The website is compatible with the two last versions of most commonly used browsers (Internet Explorer, Mozilla Firefox and Google Chrome).

S



9 Explain if/how the software is compatible with smartphones and tablets.


10 The software uses workflows to automate specific processes. M



11 Explain who can setup these workflows, if they are easy to copy/edit, and mention the level of expertise/training required to be able to define/update these workflows, or the number of consultancy days (approximate).



12 The solution allows us to create/update/publish online applications forms, without assistance of the vendor (as a minimum: file uploads, dropdown boxes, checkboxes, and text fields).

M



13 The solution allows us to adapt these applications forms to a specific call (grant program), without assistance of vendor.

S



14 The solution allows to set maximum and minimum character limits for each text field. S



15 The solution allows to set whether completion or a box or form is mandatory or not. S



16 The solution allows the use of branch questions (display a different set of questions depending on the answer to other questions).

S



17 The solution allows to do checks both within a form and between forms. S



18 The solution allows to customize the look of online application forms to match the look and feel of our website, including colours, fonts and navigation.

C



19 In addition, please- Specify who can create/modify/update webforms- Describe if any template are available for most used webforms - Specify if you use dynamic webforms (which automatically react when typing) or static

webforms (you need to hit a button to get an action, such as saving, calculating, validation, etc..)

Specify whether formatting (underline, bold, bullet lists, …) and special characters are available and if proof reading tools can be used e.g. track changes


20 In order to avoid lost work, the solution performs automatic savings. S



21 The integrity of the local configuration is guaranteed during an upgrade cycle or during upgrades, updates, patches, and bug fixes. Describe how the software can offer these guarantees. S




22 There is a plan in place (communication, training) for upgrade cycles (minor and major). Explain how minor and major upgrades, bug fixes, and patches are communicated, planned (including frequency), and how users will be trained

S

Comply – partially comply – do not complyYou can provide a brief answer.

2 Security model and data protection

Technical specification MoSCoW

1System level security model. The solution has an independent security model that is not associated with the client operating system M



2

The data centre (data and back-up) is located within in the EU, or in a country which respects the EU legislation on Data Protection of personal data. Describe which measures the vendor is taking to ensure compliance with European privacy laws and regulations (EU Data Protection Directive 95/46/EC and newly adopted EU Data Protection Regulation (GDPR) 2016/679). If your data centre is located in the US, or if you are a US company, your company has the ‘EU-US Privacy Shield Certificate”.

M



3

Describe the security measures of your data centre (redundancy of data, recoverability of data, business continuity, hardware, and encryption of passwords). Mention any certification


4 The access to the software is based on a user-role model: users should get specific permissions based on their specific role.

M



5 Only users from KCE staff having full administrator right can modify application forms and workflows. S



6 Describe the different roles available in the software and their access rights, and explain who can grant these roles to users. Describe if some users can get multiple roles (for instance reviewer and applicant).

We expect to see the following roles:

- Admin at KCE (full admin rights)- Staff at KCE (access but no admin right)- Applicants and co-applicants- Reviewer, member of our advisory board- Reviewer, non-member of our advisory board (for review of specific project)- Contact person in research organisation applying for funding (Clinical Trial Centre

from hospital, typically)

S




7The software has been successfully tested for vulnerabilities, including penetration testing by a licensed penetration tester at an external certified organisation. Provide most recent certificate.

S



3 Applicants

# Technical specification MosCoW1 Applicants are able to create their personal user account (based on their e-mail), and

can easily restore their password if needed, without our/vendor assistance.M


2 Describe how the system checks whether new registrants are not already registered in the system.


3 Detail any specific security measures related to user accounts.


4 The solution allows us to see all applicants’ accounts and allows us to deactivate/reactivate them if needed.

S


5 The solution allows us (and applicants) to manage efficiently all research organisations applying for funding (i.e. avoid that the same research organisation is entered several times in the system with different spelling).

We are not looking for a solution where the primary contact of the organisation has to validate which users belong to its organisation.

S



6 The solution allows users to be linked to several organisations (for instance, a hospital and a university).

C



7 When applicants access the portal, tasks associated with multiple roles (applicant and reviewer) are clearly differentiated.

S



8 Applicants can choose the call to which they respond to, and they can manage multiple applications and ongoing funded projects.

S

Comply – partially comply – do not complyYOUR_NAME_4_GMS_Technical_Specs 6/18


9 Applicants view easily their applications and funded projects at any stage in the process and project lifecycle.

S



10 Applicants are able to save their application and return to it later. S



11 Applicants are able to download and to print their application once submitted (as a PDF file).

S



12 Regarding follow-up of funded proposals, applicants are able to see and add information after granting of the project. However we would like to know whether they can delegate some follow-up tasks/reporting to another team member or member of the same institution.

S



13 Applicants are able to save basic personal information (such as their expertise, their affiliation, and their contacts details) and are be able to update this information at any moment. This information is entered only once by the applicant (even if the apply to different programs).

S



14 Applicants are able to upload all type of documents (but mainly PDF, word and excel files). Restrictions can be put on the types, number and size of documents uploaded.

S



15 All uploaded documents and images are scanned for viruses before uploading to the system.

C



16 Applicants are able to add and give access to other team members, so that several persons can work on the same application (one for the research part and one for the budget part for instance).

S



17 If some other team members are co-applicant, the solution allows a sign-off of the proposal by them.

W




18 Applicants are able to see the progress/completeness of their application dynamically updating while they are completing their application.

C



19 Applicants are able to create a preview packet of their application, which includes either copies of all uploaded documents or links to them.



C

20 Applicants are able to view or download a copy of all follow-up or reporting data (during follow-up phase of project).

C



21 The solution allows us to identify all applicants (and their team members) to a specific application, call, workstream or for the entire program and to easily export their contact details in excel, together with some additional information when necessary.

S


22 The solution allows applications to be editable again and to be submitted again, after a decision of KCE coordinator when changes are requested to the proposal.

S


23 There is a version numbering in place to keep track of all different versions made to the initial proposal.

S


24 The solution allows applicants to reuse application data they have already entered, especially in two stage procedures.—for example, a narrative entered in a Letter Of Intent doesn’t have to be re-entered in a full proposal application but can be updated or changed if the applicant wishes.

S


25 The solution allows applicants to view online the status of their proposal in the review cycle (under review, accepted, declined, etc…this needs to be configured by us) and throughout the project life cycle.

S


26 The solution provides a standard FAQ list for applicants, and we are able to customize the text around an application form to provide additional instructional text.

C


27 The solution allows applicants to submit information for the follow-up of approved projects.

Once a project is funded, applicants can use the software to provide reports or other follow-up information, depending on the specifications of the call. They can also inform

S


they have reached predefined milestones, and this information can be used to trigger payments (see section budgets and payments).


28 The solution can be used for follow-up impact of funded projects.

Once a project is funded, applicants can use the software to provide information on impact of projects (such as publications, meetings, etc…). This can continue after the project is finished. Describe possibilities of software for impact measurement.

S


4 Reviewers

# Technical specification MoSCoW

1 Reviewers are either members from our advisory groups, either external individual reviewers that we contact for review of a specific projects.

The solution allows us to import a list of reviewers directly to the system from an excel sheet, with some basic info, and create them automatically an account.

S



2 When reviewers access the portal, they are able to easily find the applications they need to review, and where they can find and submit their reviews of the proposals.

S



3 The solution allows us to send reviewers a link, which they would click on and be directly in their review(s).

C



4 Reviewers are able to save basic personal information (such as their expertise, their affiliation and their contacts details) and are able to update this information at any moment. This information is entered once by the reviewers (even if they belong to multiple advisory groups).

S



5 The software allows for a tracking and management of reviewer’s conflict of interest. S



6 The solution allows reviewers to see only some specific part of the application (title and member of the team) and confirm he/she has no conflict of interest before getting access to the full application.

S




7 The KCE admin user is able to easily identify reviewers who have expressed conflict of interest, and reassign proposal to other reviewer.

S



8 Describe features of the software to deal with conflict of interest of reviewers.


9 It is frequent that external reviewers from our advisory boards are also applicants. Detail how your software manages this to make it easy for them.


10 Reviewers are able to download easily all applications they need to review, or all applications that will be discussed at the meeting they will attend (at once) and should be able to print them easily.

S



11 Reviewers are able to choose specific parts of the applications they want to print (for instance, they may not want to print the budget form).

C



12 Reviewers are able to easily see an indicator of their work progress: which applications have they already reviewed, and which applications do they still need to do.

C



13 Explain if several reviews from the same reviewer can be submitted independently, or must all tasks be completed before submission?


14 The solution allows us to assign manually applications to reviewers. S



15 The solutions allows us to automatically assign applications to reviewers based on criteria from a predefined workflow (for instance, all applications on gynaecology are reviewed by Dr xxx).

S



16 The system allows the import of a “review matrix” from excel for a specific call. C



17 Detail how the solutions allows the assignment of applications to reviewers


18 The solution allows us to set review deadlines, and to automatically notify reviewers by e-mail when the deadline approaches and or have the possibility to automatically send

S


reminders once a deadline has passed. We need to be able to customize those e-mails.



19 The software allows an option for us to choose whether comments from reviewers can be seen (or not) by other reviewers from the same advisory group or from another group.

C



20 The solution allows an option to make applications forms anonymous to remove reviewer bias, and make review form anonymous to protect reviewers identify

C



21 The solution allows different forms of scoring schemes for different calls, which all need to be customizable by us.

S



22 The system allows numeric review scores, and report summary statistics chosen by us (average, median, standard deviation, etc).

S



23 The solution allows us to export individual review scores or summary statistics in excel. S



24 Reviewers are be able to have access to their previous reviews on the same project when they are asked to review it again.

S



5 Automatic e-mails


1 The solution allows the possibility to send automatic e-mails to all users. S



2 The solution allows to define the mailbox which will appear in the “from” for all automatic e–mails.

S



3 The solution allows the possibility to send automatic e-mails to single individual or to S


groups of individual that meet particular criteria.



4 The solutions proposes templates for standard e-mails, which we can then adapt and save.

W



5 The solutions allows the possibility to set up automatic emails based on certain events, such as completion of online application submission, request for follow-up or reports triggered by milestones.

S



6 The solutions allows to set-up and send scheduled reminder emails to applicants and grantees.

S



7 Describe which e-mails can be sent automatically via the software, and how this should be setup.


8 Describe how e-mails and their replies are kept and saved in the solution. Describe the management of replies and if replies that are sent ‘outside’ of the platform can be brought inside it.


9 The solution allows to keep track of all outgoing e-mails that are sent automatically in the study folder, and allows the identification of which messages have not been acted upon.

C



10 Describe if the system also keeps tracks of all incoming e-mails (those as a reply of outgoing e-mails), and how it handles them.


6 Facilitation of advisory boards in the review process


1 The solution allows the creation of multiple different advisory groups within a specific call, each having different member composition and different purpose within review process.

S




2 The solution allows to easily import/export members of an advisory group from one call to another.

C



3 The solution allows reviewers to belong to multiple advisory groups. S



4 The solution facilitates the organisation and management of advisory boards meetings (meeting where reviewers discuss the proposals and take decisions). It allows to keep track of the presence of members, their conflicts of interest, their score and comments on all proposals.

S



5 The solution allows to record a track of post meeting events: have all payments to experts been done, have all signed forms been collected?

C



6 The solution allows to record a track of the decisions taken on each study proposal during advisory board meetings.

S



7 Mention any other feature of the software to facilitate advisory board.


8 The solutions allows reviewers get also access to proposals they do not need to review (after checking their conflicts of interest), but which will be discussed at the reviewer’s meeting that they will attend.

S



9 The solution is able to provide statistics per reviewer (how often asked, how often sent in a review, if on time and if we want some idea of how ‘good’ the review was).

W



7 Internal tracking


1 The solution allows all information in the system for each study proposal to be linked together through its entire lifecycle in the research project (such as: submitted, in review cycle, approved, denied, in follow-up, finished).

S




2 The solution allows to see the whole history of the different tasks: the history of a specific individual, or the whole history of reviews from a specific reviewer, or the history of applications from all individual attached to a specific organisation (a specific university or hospital).

S



3 The solution allows the definition of custom categorisation codes for tracking and reporting (other words: use of meta-data, use of tags). These custom codes are usually not seen by applicants or reviewers.

S



4 The solution provides extensive search functions, as free texts and on custom categorisation codes. Describe which criteria are searchable in the whole system. application.

S



5 Detail who can define, edit and manage these meta-data. Detail how they can be updated during the process. Mention any restrictions.


6 The solution allows the software to be able to integrate some historical data of our previous calls.

S



8 Payments and budgeting


1 The currency used by the software must be EURO. M



2 The solution manages the budget for a specific call. For each study funded, the solution allows to define a payment schedule which is based on milestones. When applicants report that the milestone is reached, and the admin confirms this, the system can trigger an invitation to invoice.

KCE has already a specific “accountancy” software” so we are looking for a solution to report on the budget spend/available, and not to perform the actual payments.

S



3 The solution allows to modify easily the payment schedule (keeping track of all SYOUR_NAME_4_GMS_Technical_Specs 14/18

versions), and see at any time what has been paid/what is left to be paid.



4 The solution allows to include payments to other organisations than the primary grantee in the payment schedule.

S



5 The solution allows to view the amount scheduled to be paid out in a given year per and across calls, programmes and globally, including payments for grants awarded in previous years.

S



6 The solution allows to see what payments are due based on a schedule, and whether the grantee has met the associated prerequisite/milestone requirements.

S



7 The solution allows see what payments have been made, including amount, date paid, and wire transfer number (based on information entered in the system).

S



8 The solution allows the option to include notes/comments on payments, if necessary. W



9 The software needs to be able to track payments and funding to different research partners, not only to the awarded candidate who submitted to research proposal. The number of research partners is usually between 1 and 5 (please mention if there is a limit on the number of research partners in the system).

S



10 The solution allows to choose the level of reporting for payments schedules: by research partner, call, programme or globally.

S



9 System querying and reporting


1 The solution has an exhaustive querying and reporting function, and should allow to query and filter all fields from the database - —including data entered into the applications, review forms, dates and date ranges, and grantee progress reports —.

S


This functionality should be accessible to KCE users with minimal training.



2 Those reports can be saved, renamed and edited by KCE users. S



3 The solution allows to export the results of all reports, in Excel and/or flat file. Mention other functionalities (for instance the possibility to export to PDF, to use predefined layouts for reports, etc..)

S



4 The solution contains a list of most often used reports, and those reports can be edited by the user in function of his/her specific needs. The user has the possibility to save, copy, edit and rename reports.

S



5 It is possible to automate the reporting function, so that some reports are automatically run and sent to individual of groups at some predefined moments or when triggered by milestones.

C



6 Mention how the reporting function handles changes in meta data or in data elements.


7 Mention how the reporting function deals with archived projects/calls does. Mention how this affects data storage, and pricing.


10 Dashboard

Technical specification MoSCoW1 The solution has a dashboard where the KCE user has a global view of all current

activities (calls, proposals reviewed, budget, active reviewers, etc.). S



2 The solution allows the dashboard to be easily parametrized by each user. C



3 The solution allows the dashboard to adapt directly to the user role. C




4 Describe any functionality for the dashboard, and if/whether additional software is needed.


11 System audit


1 The solution has an automatic audit trail of the user logon, and of all user activities. M


2 There is a version control of all documents uploaded in the system. S


3 The full audit log is visible only for users with appropriate access. S


4 The full audit log is searchable on user name, user role, call, application, etc... S


12 System accreditation

Please mention any accreditation of the solution. The certificates of the accreditations should be sent as appendices of your offer.

Technical specification MoSCoW1 ISO 27001 Information Security Management C

Accredited (provide last year of accreditation) – not accredited2 ISO 9001 C

Accredited (provide last year of accreditation) – not accredited3 CDISC W

Accredited (provide last year of accreditation) – not accredited4 Mention any other relevant accreditation.


13 Data exchange



1 The solution allows to export specific data into a number of standard formats (e.g. XML, CSV, TXT, XLSX, ACCDB) S


2 The system allows to export the whole database (as structured data and/or as raw data). Description of what vendor assistance is needed for this should be detailed. S


3 The system allows to import specific data from a number of standard formats (e.g. XML, CSV, TXT, XLSX, ACCDB). Please detail. C



kce.fgov.be Web viewTechnical specification. MoSCoW. 1. System level security model. The solution...

Documents

Transcript of kce.fgov.be Web viewTechnical specification. MoSCoW. 1. System level security model. The solution...