Name MOVERS ITSM-IGA Implementation Request # OA-2507-30379-015 gency, State Office of Administration, MO Location Jefferson City, MO Contract Duration 09 / 01 / 2025 - 04 / 30 / 2026 (plus Warranty : 05 / 01 / 2026 - 07 / 30 / 2026) Release Date 07 / 17 / 2025 SOW Transition from Cherwell to ServiceNow ITSM, full implementation of ITSM and IGA solutions, including Incident, Request, Change, Problem, Knowledge Management, and JML workflows. Includes build, test, deployment, OCM, and training. See "Scope, Requirements, Deliverables and Invoicing" section for full details
- Identify the attachment from Section 1.2 that contain requirements that the SOW Vendor must perform to successfully complete project deliverables :
ITSM User Stories
IGA Workflows
Testing timeline must not be compressed once the work plan has been approved.ll services must be provided in the United States. Offshore services shall not be used to perform the services outlined herein.Vendor resource(s) may be exchanged under the SOW without modifications of the SOW upon agreement of the SOW Vendor and the State. The State reserves the right to review resumes and accept / reject proposed resource(s).Security & Confidentiality - All materials (including code, tools, documentation and data) provided pursuant to the SOW shall be deemed confidential. Vendor resource(s) must comply with agency and ITSD security policies, agency and ITSD required trainings, and / or required security specifications that describe : (i) required security capabilities, (ii) required design and development processes, (iii) required test and evaluation procedures, and (iv) required documentation.The SOW Vendor resource(s) must report to the ITSD Project or Resource Manager or designee, who will provide resource(s) with sufficient knowledge to perform the work.Vendor resource(s) are expected to conduct themselves in a professional manner and dress in a professional manner.The SOW Vendor must provide resumes for all the SOW Vendor's resource(s) being assigned to the project for the review and acceptance by the State. The SOW Vendor's resource(s) assigned to the project are subject to the approval or rejection by the State. If there would be a need to replace the resource(s) by the SOW Vendor, any subsequent proposed resource(s) may be interviewed by the State prior to acceptance.Submittal Requirement Submit SOW document with vendor sections, vendor signature, payment milestone table, price calculation table, plus a separate PDF response including : overview, resource bios, Exhibits A-D, resumes, tasks, WBS / project plan. ≤ 50 pages, 11 pt+, no embedded links / medi Evaluation Criteri ward to lowest and best response. Evaluation includes compliance with specs, price, vendor responsibility, past experience, and criteria stated in the SOW References Resumes required? Yes - for all proposed resource(s) Rate card required No - pricing based on firm-fixed deliverables with payment milestones and 10% holdback ny specific requirement
U.S.-based only; no offshore workResume review and approval by StateUse of ADO or JIRA for issue trackingConfidentiality and compliance with ITSD policy / training Hardcopy / Email / portal submission Email Link Via EmailAttachment :
Scope, Requirements, Deliverables and InvoicingGeneral Requirements
Identify the attachment from Section 1.2 that contain requirements that the SOW Vendor must perform to successfully complete project deliverables :
ITSM User Stories
IGA WorkflowsTesting timeline must not be compressed once the work plan has been approved.All services must be provided in the United States. Offshore services shall not be used to perform the services outlined herein.Vendor resource(s) may be exchanged under the SOW without modifications of the SOW upon agreement of the SOW Vendor and the State. The State reserves the right to review resumes and accept / reject proposed resource(s).Security & Confidentiality - All materials (including code, tools, documentation and data) provided pursuant to the SOW shall be deemed confidential. Vendor resource(s) must comply with agency and ITSD security policies, agency and ITSD required trainings, and / or required security specifications that describe : (i) required security capabilities, (ii) required design and development processes, (iii) required test and evaluation procedures, and (iv) required documentation.The SOW Vendor resource(s) must report to the ITSD Project or Resource Manager or designee, who will provide resource(s) with sufficient knowledge to perform the work.Vendor resource(s) are expected to conduct themselves in a professional manner and dress in a professional manner.The SOW Vendor must provide resumes for all the SOW Vendor's resource(s) being assigned to the project for the review and acceptance by the State. The SOW Vendor's resource(s) assigned to the project are subject to the approval or rejection by the State. If there would be a need to replace the resource(s) by the SOW Vendor, any subsequent proposed resource(s) may be interviewed by the State prior to acceptance.The Vendor's resource(s) schedule and location for on-site or off-site work must be agreed upon by the SOW Vendor's Project Manager, ITSD Project / Resource Manager and the Customer Product Owner.No out-of-state travel is required on the part of the State or the SOW Vendor resource(s) for completion of this project.The proposed candidates will be dedicated to the State at least 40 hours every week, with appropriate, non- billable, time-off as approved by the State.Should ITSD determine the proposed candidate is not meeting the requirements set forth by the State, the State shall have the option to change candidates and term, with qualified resumes being submitted within 5 days and a resource switch to occur within 45 days unless an exception is granted by the State.Vendor Minimum Experience RequirementsThe SOW Vendor must meet or exceed the following minimum experience requirements at the time of the SOW response submission and for the duration of the S OW :
Experience with successful large scale project engagements at a state government or equivalent organizational level that utilize best security practices.
Proven experience with ServiceNow platform, ServiceNow ITSM, ITIL 4 framework and CSDM version 4.0 frameworkProven experience with ServiceNow Workflows, PowerShell, and IGA FrameworkVendor Resource(s) Experience RequirementsThe SOW Vendor shall include the following team members / resource(s) to administer and perform the contract requirements :
The ITSM SOW Contractor shall include the following team members / resource(s) to administer and perform the contract requirements :
Leadership Team must meet the following experience qualifications :4+ years' experience leading and managing ServiceNow projects
2+ years' experience with ITIL framework2+ years' experience with ITSM2+ years' experience with ServiceNow CSDM version 4.0 or higher framework.Certified ServiceNow CMA or CTA is preferredWorking Team must meet the following experience qualifications :5+ years 'experience configuring and customizing ServiceNow ITSM to include CMDB, Incident Management, Problem Management, Major Incident Management, Change Management, and Request Management
5+ years' experience with implementing the ITIL 4 framework5+ years' experience with implementing the CSDM framework2+ years' experience ServiceNow with the IGA solutionProficiency in JavaScript, HTML, CSS, and API integrations to build and customize workflows and user interfacesbility to troubleshoot issues during implementationServiceNow Certifications in CSA, CAD, CIS preferred2+ years' experience in the following areas :Strong communication skills
Experience with ITIL 4 frameworkExperience in M365Experience in Microsoft Active DirectoryExperience in PowerShellExperience in Role Based AccessThe IGA SOW Contractor shall include the following team members / resource(s) to administer and perform the contract requirements :Leadership Team must meet the following experience qualifications :4+ years of experience leading and managing projects, ensuring timelines and requirement are met
2+ years' experience with IAM / IGA2+ years' experience with M3652+ years of experience in Microsoft Active DirectoryWorking Team must meet the following experience qualifications :4+ years of experience configuring & building IAM / IGA solutions at enterprise scale
2+ years in PowerShellExperience with architecting and configuring Role Based AccessExperience with integrating IGA solutions with ServiceNow, Active Directory and M365e. 2+ years' experience in the following areas :
Strong communication skillsExperience with ITIL 4 frameworkExperience in M365Experience in Microsoft Active DirectoryExperience in PowerShellExperience in Role Based AccessPerformance RequirementsSERVICENOW ITSM
Analyze / Design :
Review ServiceNow Process Design Documents, Architecture Diagrams and business requirements
Validate key use cases and finalize designReview and recommend updates to documented requirementsBuild :Configure ServiceNow ITSM and required integrations utilizing the current Employee Center Portal (Prototype and validate design) :
Incident ManagementProblem ManagementRequest ManagementMajor Incident Management
Change Management (publish up to 10 Standard Changes)Ensure non-con agencies cannot view any agency dataKnowledge ManagementService Requests (build up to 12 Catalog Items : 4 low, 4 med, 4 high complexity items (to include on-boarding items))Service Level ManagementConfiguration Management (CMDB); CSDM data required for incident formIf required, Expansion and refinement of the foundation DataIntegrations (up to 5 unidirectional and up to 5 bidirectional)Validate / Configure ServiceNow ITOM DiscoveryDevelop automated test scripts (ATF) for ITSM submissions and fulfillmentConduct Unit TestingReview and approve ServiceNow configurationsReal-time data exchange with MOVERSTest :Facilitate State's User Acceptance Testing
Run ATF scriptsEngage end users and integrated application teams for user acceptance testing of consolidated provisioning / deprovisioning functionalityResolve defects and issues identified in UATDeploy :Deploy platform configuration from Dev to Test to Prod environment
Provide Architectural and Technical design documentsDeliver as designed training for the ServiceNow Administrators for the SoMIdentity Governance and Administration (IGA)Build :
Configure and build integrations with ServiceNow
Configure and build integrations with on-prem Microsoft Active DirectoryConfigure and build integrations with M365If required, configure and build integrations with mainframe and AS400 systemsConfigure and build ServiceNow workflows creating a minimum of 200 workflows in collaboration with a State resourceBuild birthright provisioning based upon role-based accessBuild process to update role-based accessBuild automation for joiners, movers, and leavers (JML)Build reporting and logging capabilitiesTest :Vendor to develop test scripts for provisioning and deprovisioning access request submissions
Vendor tests the execution of provisioning, access request workflows, and Service Desk integrationsVendor to mitigate State generated test accounts issues, as found by the State, during user acceptance testing of consolidated provisioning / deprovisioning functionalityDeploy :Deploy application provisioning functionality from Dev to Test to Prod environment
Operational Change ManagementThe State will provide an OCM counterpart to ensure materials are co-created
Coordinate and conduct Change Management team kickoffIdentify the key stakeholders impacted by the project and understand their preferred methods of communication and impacts that may influence trainingDevelop Change Management strategy and planEngage with key stakeholders to evaluate impacts, and training needs as inputs to the change management strategyReview and approvals of materials will occur in a timely manner, in accordance with the plan, by the appropriate State team memberState will identify key stakeholders to engage with OCM activities where neededEstablish the change champion network with the State to help raise awareness of the program details and influence change to increase understanding, knowledge, and adoption within throughout the organizationCommunicationPartner with the State's change and communications team to understand the organizational makeup, as well as identify who will approve and execute communications
Develop a communication plan that details a proposed schedule of communications required to support the ServiceNow transformation and the change management strategy; the plan includes communication channels, groups, timing, contributors, RACI, etc. This is a living document that will be regularly updated throughout the life of the programState will execute and distribute communications as necessaryTrainingCreate and provide the State the training plan that defines the structure for providing the training at the right time and right way to impacted teams
Vendor shall tailor training content to our organizations specific ITSM and IGA implementation and processesVendor shall provide detailed user guides and training materials in electronic format for each ITSM and IGA process coveredProvide train-the-trainers to appropriate client team members, so they can conduct trainings to their team membersClient will identify resources for train-the-trainer activitiesTraining enforcement and attendance will be carried out by the StateDeliverablesLIST OF DELIVERABLES
(Requirements and Criteria that must be met) DELIVERABLE APPROVAL ACCEPTANCE
(Describe approval acceptance conditions that must be met) ServiceNow ITSM Implementation Deliverables Must review and update the following documentation :
Process design documentsArchitecture diagramsBusiness RequirementsDocument methodology for review with product and platform owners.Project Deliverable Acceptance Form approved by the ITSD designee. Must provide / develop the following configurations and integrations :
Configure ServiceNow ITSM and required integrationsValidate and configure ITOM DiscoveryDevelop automated test scripts (ATF)Review and approve ServiceNow configurationsConfigure real-time data exchange with MOVERSProject Deliverable Acceptance Form approved by the ITSD designee. Must conduct testing and provide a documented Test Plan to include :
Running ATF scriptsConducting unit testingFacilitate State's user acceptance testing (UAT)Resolve defects and issues identified in UATProject Deliverable Acceptance Form approved by the ITSD designee.
User acceptance testing must be 100% successfulMust provide a documented Training Plan and conduct training :
Tailor training content to the State's specific ITSM implementationProvide detailed user guides in electronic formatProvide train-the-trainer sessionsProject Deliverable Acceptance Form approved by the ITSD designee.
Must provide deployment of solution to Production
Deploy platform configurations from Dev to Test to Prod environmentsProject Deliverable Acceptance Form approved by the ITSD designee.
IGA Implementation Deliverables Must provide / develop the following configurations and integrations :
ServiceNowOn-prem Microsoft Active DirectoryM365AS400 systems as requiredServiceNow workflowsBirthright provisioningProcess to update role-based accessAutomation for JMLDevelop test scripts for provisioning / deprovisioningReporting and logging capabilitiesProject Deliverable Acceptance Form approved by the ITSD designee.
Error rate of 2% or lessMust conduct testing and provide a documented Test Plan to include :
Conducting unit testingFacilitate State's user acceptance testing (UAT)Resolve defects and issues identified in UATProject Deliverable Acceptance Form approved by the ITSD designee.
User acceptance testing must be 100% successfulMust provide a documented Training Plan and conduct training :
Tailor training content to the State's specific IGA implementationProvide detailed user guides in electronic formatProvide train-the-trainer sessionsProject Deliverable Acceptance Form approved by the ITSD designee.
Must provide deployment of solution to Production
Deploy platform configurations from Dev to Test to Prod environmentsProject Deliverable Acceptance Form approved by the ITSD designee.
Change Management and Communication Must develop a Change Management :
Must develop a change management strategy, document a change management plan and conduct change management kickoffProject Deliverable Acceptance Form approved by the ITSD designee.
Must develop a Communications Plan to include :
Schedule of communicationsCommunication channelsRACIKept updated throughout life of projectProject Deliverable Acceptance Form approved by the ITSD designee.
Reporting RequirementsThe SOW Vendor must provide weekly status reporting on the services being provided to the State of Missouri using the ITSD Status Report template. The SOW Vendor shall provide overall project percent complete, items for management attention, action items, project decisions made, risks, out of scope work identified, and track change request items. Current percent complete must be reported for all deliverables and payment milestones.
The ITSD Project Deliverable Acceptance Form (PDAF) must be used for deliverable acceptance. Items may require a deliverable review meeting wherein the SOW Vendor walks through the deliverable with the ITSD and agency staff, followed by revisions as required, and finally, with a request for approval and associated payment per the SOW.Technical Environment RequirementsDepending upon the agency preference, either State owned Microsoft ADO or JIRA shall be used to record, track and resolve issues, bugs and defects.
The SOW Vendor must have all necessary licenses to provide IT services in conjunction with the award of this SOW. SOW Vendor shall purchase / supply and maintain the required licenses (per developer) for all development tools for the duration of the project, unless specifically indicated by the SOW.State's ObligationsThe State, ITSD, will establish an Active Directory or Alt account for each contractor and VDI-RDP (or other) to access resources as necessary.
The State, ITSD, will provide a laptop or other computer devices as necessary.The State, ITSD, will provide a physical location for contractor as necessary.The State will make every effort to have the appropriate State staff available to the Vendor personnel on a timely basis.The State will make every effort to make necessary project and system documentation available on a timely basis.The State will perform timely review and approval of deliverables.State DatState Data Location : All data associated with the solution / service shall only be hosted and stored within the United States.
Ownership : The State's electronic data or information submitted by the state or its authorized users with authorized access to the solution / service shall be considered "State Data" for ownership purposes of the contract, as the State serves as either the owner or curator of the data submitted in the solution / service. "State Data" shall include : (a) the State's data collected, used, processed, stored, or generated as the result of the Services; (b) personally identifiable information ( "PII") collected, used, processed, stored, or generated as the result of the services, including, without limitation, any information that identifies an individual, such as an individual's social security number or other government-issued identification number, date of birth, address, telephone number, biometric data, mother's maiden name, email address, credit card information, or an individual's name in combination with any other of the elements listed herein; and (c) protected health information ( "PHI") as that term is defined under the Privacy Rule, 45 Code of Federal Regulations (CFR) §160.103. State data is and shall remain the sole and exclusive property of the State and all right, title, and interest in the same is reserved by the State.
"State Data" stored in the software and services being provided as a result of the contract shall also be known and treated by the SOW Vendor as confidential information in accordance with the contract, applicable SOW Vendor's documentation, and applicable law.SOW Vendor Use of State Data : The SOW Vendor shall : (a) keep and maintain state data in strict confidence, using such degree of care as is appropriate and consistent with its obligations as further described in the contract and applicable law to avoid unauthorized access, use, disclosure, or loss; (b) use and disclose state data solely and exclusively for the purpose of providing the services, such use and disclosure being in accordance with the contract, any applicable Statement of Work, and applicable law; (c) not use, sell, rent, transfer, distribute, or otherwise disclose or make available state data for SOW Vendor's own purposes or for the benefit of anyone other than the State without the State's prior written consent; and, (d) not provide state data to any third party without the express written permission of the state. "...for the purpose of providing the services" as referenced above includes the right of the SOW Vendor to use state data to prevent or address service or technical problems, and verify service improvements, in accordance with the contract and the solution's documentation, or in accordance with the State's instructions.Incremental Extraction of State Data : The SOW Vendor shall provide the State with the ability to conduct an incremental extraction of the State's data (e.g. new and changed data) from the solution on a nightly basis to update the data available in the State Data Warehouse. The incremental extraction of state data must be available without additional charges, conditions, or contingencies regarding the state's right to extract the data beyond the terms outlined in the SOW Vendor's cloud services agreement, and in the format mutually agreed to by the parties. The incremental data extractions will allow the State to maintain an updated copy of the State's data for the duration of the contract.End of Contract Extraction of State Data : At the end of the contract, the State shall have the right to extract its data from the solution for an additional sixty (60) calendar days from the date of contract expiration. The end of contract extraction of state data must be at no additional cost, conditions, or contingencies regarding the state's right to extract the data notwithstanding the terms outlined in the SOW Vendor's services agreement, and in the format that was mutually agreed to by the parties. If a term greater than 60 calendar days is required by the State to complete the state data extraction, the SOW Vendor agrees to work with the State to define the additional term and fees for the additional time.Extraction of State Data Process Validation : The SOW Vendor must allow the State to perform routine validation of the extraction of the State's data. The routine validation occurs to ensure the State's data will accurately transfer as prescribed to the State's designated extraction location and accommodates the volume of data transferred. The SOW Vendor shall assist the State by providing documentation and tools to allow the state to accurately process the extractions of the State's data for the State's continued use.Backup and Recovery of State Data : Unless otherwise described in the contract, as a part of the services, the SOW Vendor shall maintain a backup of state data and perform an orderly and timely recovery of such data in the event that the production services may be interrupted in accordance with the disaster recovery and business continuity plans.Return of State-owned Data : The SOW Vendor shall return state-owned data to the State of Missouri in a format mutually agreed to by the State and SOW Vendor and with a key or crosswalk to the information, where applicable, at no additional cost to the State. The State shall have the right to test the data extract provided by the SOW Vendor at a frequency determined by the State.Invoicing and Payment RequirementsStatement of Work Invoicing : The SOW Vendor shall follow the outlined PDAF process listed in attachments for deliverable acceptance, then upon deliverable approval, will submit their invoice to the ITSD Project or Resource Manager and Administrative Assistant.
All travel-related expenses must be included within the firm, fixed deliverable price.Payment HoldbackFirm, fixed priced per deliverable to fulfill the SOW project, which shall include a 10% holdback per deliverable for any project for which the total firm, fixed price for all deliverables is $75,000 or greater.
Unless otherwise authorized by the Division of Purchasing, projects with a total firm, fixed price of $75,000 or greater for all deliverables shall have ten percent (10%) holdback of each deliverable held back by the agency, which shall be paid to the SOW Vendor upon final acceptance by the state agency of the entire SOW project completion and receipt by the state agency of an accurate invoice for the final deliverable. The SOW Vendor shall understand and agree that the payment holdback provisions described herein shall not be construed as a penalty.The SOW Vendor shall understand and agree forfeiture of Payment Holdback shall result when :The SOW Vendor fails to fulfill the mandatory requirements of the SOW resulting in a deliverable being considered non-compliant with the SOW requirements and the SOW Vendor fails to correct and resolve the issue within ten (10) business days or other timeframe as agreed to in writing by the State; or
The SOW Vendor fails to provide the state agency with an accurate invoice for all successfully completed and accepted deliverables for the SOW project within forty-five (45) days after State acceptance of the deliverables.The SOW Vendor shall understand and agree return of Payment Holdback shall result :If the SOW project is canceled by the State due to reasons not attributable to the fault of the SOW Vendor prior to completion of the project, all payment holdback amounts retained by the State for completed and accepted SOW deliverables for that particular SOW project shall be paid to the SOW Vendor; or
If the SOW project is completed and accepted by the State and the SOW Vendor has invoiced for the project in accordance with the provisions and requirements of the contract.END OF SCOPE, REQUIREMENTS, DELIVERABLES AND INVOICING SECTION
