OFFICIAL

OFFICIAL

Requirements Document

myGov update: delivering a better experience for Australians

OFFICIAL

Requirements

About our requirementsWe are seeking an experienced seller(s) who has the capability to design and deliver a digital platform, with supporting documentation. This digital platform will offer government services across portfolios and jurisdictions and eventually will integrate these around the events that people experience in their life, such as experiencing a national disaster.

This document sets out the specific systems integrator services sought under this request. The seller is required to propose a suitable package of systems integrator services, with separate options for base software product(s) and hosting platform(s). The DTA reserves the right to accept the software product(s) and platform(s) offered but may require the systems integrator to use different software or platforms at any stage of the project.

It is expected that, in addition to the current myGov offering, an existing, parallel platform will be in production prior to the commencement of this work, delivering foundational pieces of functionality (for example, authenticated and unauthenticated content, notification systems). This functionality is expected to be maintained and built upon in subsequent stages.

The successful seller will be required to work closely with the DTA and other government agencies involved in this work but will still be ultimately responsible for delivering the project in accordance with the work order. The DTA will bring together a multi-disciplinary team, including the seller, the seller’s delivery partners, and other government and private sector specialists, to deliver this work. The seller may be required to co-locate with the DTA’s project team on-site. The DTA will specify its collaboration requirements in the work order issued as a result of this request.

Addenda may be issued throughout the RFQ open period as requirements are refined.

2

OFFICIAL

OFFICIAL

About the Project

The Minister for Government Services, the Hon Stuart Robert MP, released the Government’s vision of the future for government services on 29 November 2019. A transcript of the announcement is available at:

https://www.mhs.gov.au/transcripts/2019-11-29-aiia-address

The vision for the future of Government services is communicated in a video which is available here:

https://www.dta.gov.au/news/committed-reforming-service-delivery

Life events and life event journeysAustralians expect Government services to be simple, seamless, and secure. They want services organised around their lives and needs. During important life event journeys – such has having a baby or looking for work – Australians need to interact with many services across all levels of Government to achieve an outcome. A life event journey describes the set of activities people must engage in to reach their desired outcome or have their needs met from the user’s perspective. There are common systemic issues/pain points people face when dealing with Government during these journeys.

Delivering services based on the journey that a customer goes through during key events in their lives, rather than based on siloed Government structures, creates a seamless, easy, intuitive customer experience. The GovX team in the DTA uses a life event journey-based approach to understand people’s experience interacting with multiple services delivered by several Government agencies. They consider how services might be re-designed to better meet a customer’s needs.

The graphic below shows the high-level life events that have been identified by the DTA by life stage. In addition to the life events captured below are the life events experienced in the preparation for, during and following a natural disaster which cut across all three age cohorts.

Digital IdentityLife Events

Digital IdentityLife Events

AdulthoodYouth

Get a birth certificateRegister forimmunisationEnter child care

Enrol in a schoolOpen a bankaccount

Get a prepaidmobile Apply for a credit card

Travel overseas

Get married

Get a job

Learn to drive

Turn 18

Enrol to vote

Enter higher educationStart anapprenticeship

Childhood

Have a baby

Experience financialhardship

Become anAustralian citizenBuy a house

Apply for theAge Pension

Experience disability

Apply for arental property

Enter aged care

Figure 1 Key life event journeys throughout a person’s life

3

OFFICIAL

OFFICIAL

The myGov update platform provides an opportunity to address these issues/pain points by reorganising, personalising and integrating services around life event journeys. For example, the myGov update platform could reduce the number of times customers provide the same information to different agencies and will provide a single source of truth across connected services, making it easy for users to find the information they need, when they need it — such as understanding their entitlements and obligations. The program is not seeking to resolve all pain points across an entire end-to-end life event journey, it will focus on resolving the major pain points that customers currently experience.

Key DeliverablesThe key deliverable of this project is an online platform to deliver simple, smart and personalised government services to customers.

The overall solution must support the government’s Digital Transformation Strategy and Services Australia vision. The solution must meet user needs and resolve pain points identified in prior DTA and Services Australia research.

The platform will be used by government to deliver a whole of government approach to dramatically uplift the customer digital experience of government services.

Sellers should ensure that their response to this RFQ addresses how it will achieve the Government’s vision outlined above.

Target OutcomesDelivery of this solution is expected to achieve the following primary outcomes:

meet the needs of customers during key life events,

increase customer’s confidence and trust in government services,

meet the needs of staff to deliver services and help resolve systemic user pain points, and

demonstrate alignment to the Services Australia vision and strategy.

The DTA expects that these outcomes will be achieved through delivery of a modern, experience-led and data-driven place for Australians to discover and access personalised services when and where they need them that delivers the secondary outcomes of:

Reduced footprint and call volumes from increased digital access and decreased customer complaints.

Reduced manual processing through automation and increased customer self-service.

Ability for help desk agents to better support customers.

Reduced errors and re-work from automation, standard tools and processes and better service integration.

Improved user authentication and information reconciliation across agencies.

4

OFFICIAL

OFFICIAL

Key Dates

ACTIVITY DATE

Closing time and date 15 April 2020

All briefs on the Digital Marketplace close at 6pm (Canberra time).

Anticipated start date 1 July 2020

Date the provision of services is required to be completed on or before

The DTA is using the Agile method for delivery of the service. DTA will work with seller to determine such timeframes.

Contract term 2 years initial contract term

Note: DTA may create separate work orders, under this initial contract, for shorter stages with defined scopes of work.

Contract extension option 2 x up to 12 months

How to responda. You must comply with all requirements set out in this request, the Master Agreement and

terms of use of the Digital Marketplace.

b. Responses must be lodged on the Digital Marketplace before the opportunity closes.

c. The Digital Marketplace may not accept late responses and sellers may be unable to submit a response once the opportunity has closed.

d. The Digital Marketplace will accept responses in .DOC .XLS .PPT or .PDF format.

e. If there are technical issues within the Digital Marketplace platform which prevents the seller(s) from submitting a response before the closing date of this RFQ, seller(s) should email its response to mygovupdate@dta.gov.au. DTA may not accept responses submitted to this address, unless the seller(s) has made significant attempts to first submit its response through the Digital Marketplace platform.

f. Any clarification questions should be submitted through the Digital Marketplace platform. The available window to ask questions will close 3 days before the close date of the RFQ at 6pm AEDT.

Validity PeriodYour response remains valid for a period of up to 12 months from the opportunity closing datetime.

5

OFFICIAL

OFFICIAL

Conditions of Participation and Mandatory Requirements No conditions of participation or mandatory requirements.

Technical Capability The seller must have the technical capability and expertise to design and deliver a secure, contemporary, digital experience for users of government services capable of meeting current and future needs of the community.

The technical solution will be subject to IRAP assessments against PROTECTED-level controls from the ISM.

Service Requirements

The DTA has already commenced the design and delivery of foundational layers for the myGov update platform.

The seller’s proposal should demonstrate how it will support the accelerated delivery of the myGov update platform capable of integrating with the technology and services currently delivered by a range of agencies and third party providers (for example, employment services, disability services, licenses), including those delivered by state governments.

The seller’s implementation approach should consider the significant government modernisation strategies and programs such as whole of government platforms (for example, my.gov.au, notify.gov.au, designsystem.gov.au), National API Standards (available via api.gov.au) and AI driven assistants and calculators. The seller will be required to deliver a cohesive approach to system integration between their proposed system solution and existing platforms, services and endpoints.

The seller will be part of a team performing ongoing user research and service design activities. These will ensure the system continuously delivers services and functionality that demonstrate how user needs are being met in a prioritised fashion. The seller should outline its approach to these activities in its proposal.

The successful seller will be required to meet regularly with the DTA and government agencies and participate in day to day agile delivery activities (for example, sprint planning, daily stand-ups). It is desirable for the Seller to work from the DTA office, allowing them to be quickly available to participate in face to face and other means of communications with the DTA, other government agencies and external stakeholders. If required this can be done via video call.

The seller’s proposal must reflect all requirements in this RFQ.

Scale

It is expected that the myGov update platform will operate in parallel with existing myGov services during a transition period.

The current myGov service supports over 17 million user accounts. The existing myGov service averages 500K logins daily, with daily peaks at 2.7M logins. Approximately 130M mail items are sent using the existing myGov Inbox service annually.

6

OFFICIAL

OFFICIAL

High-volume spikes for existing unauthenticated content published elsewhere by government (for example, COVID-19 information on SmartTraveller.gov.au) have experienced ~1.3M page views between 1 January and 11 March 2020.

Risks

The seller should outline the risks associated with its proposal, including any mitigations, interdependencies and inputs required from the DTA that may affect service delivery. The seller should also outline any assumptions used to calculate pricing, and to arrive at the design of the proposal.

Design

The platform will allow customers to access personalised government services, see how they can progress receiving them, and view information on what obligations they have in the process.

The intent is to continually enhance the product and productionise features, to support the end state future myGov update platform. 

Design principlesThe seller’s proposal should demonstrate how they intend to apply the design principles:

Progress: customers will be guided to, and through, relevant content and tasks simply and transparently

Proactive: we will show customers we know them by presenting personalised and helpful information

Accessible: we will offer multiple ways to find content so interacting with government is easy and efficient for everyone

7

OFFICIAL

OFFICIAL

Functional Requirements

The seller should demonstrate how it will deliver the functionalities below, listed underneath the five major benefits to customers they are designed to achieve:

1. Convenient

Dashboard with single view of services

Inbox, notifications and tasks

Channel of choice

Service finder

Service provider bookings

Geotagging and check ins

2. Personalisation and Proactivity

Predictive notifications

3. Transparent

Progress trackers

Facial recognition

4. Tell Us Once

Pre-population of forms

Data sharing

5. Accessible and Secure

Conversational user interface

Authorisations on behalf of users

Plain language content

Multi-lingual support/ translations

Several foundational functions are expected to be operational prior to the commencement of this work:

Content Management: Content can be authored, approved and published to the platform in multiple languages

Notifications: Receive and view unauthenticated via alerts sent using SMS or email

The seller’s proposal should demonstrate how it will deliver the following additional functionality:

Login/Authentication: authentication with myGov credentials or Digital Identity

Customer Profile: Use a customer profile, sourced from existing services, to personalise the experience and pre-fill forms

Notifications: Receive and view secure notifications, authenticated and unauthenticated, synced in the myGov inbox with alerts sent using SMS or email

Track In-Progress Claims: Display customer application and claim status, retrieved from linked services

Display content: Present and arrange personalised content in both authenticated and unauthenticated modes

Display Ongoing Services: Display key information on the service and payments the customer receives

Lightweight Integration: Generate data requests to back end government IT systems to retrieve and save customer data, claims and services/payment information.

Search: Search across information and services

Trending Services: Publish content from relevant services and personalise based on customer profile

Application Forms: Allow customers to complete and submit applications and claims using conversational interfaces and question and answer form systems

View Payment History: Present a summary of payment sourced from data services

Consent: Provide customers with detailed controls to manage consent when sharing their data across government organisations and programs, accurately recording users’ provision of consent

8

OFFICIAL

OFFICIAL

Background: functional component overview

myGov update platform components: ICT Component ModelThis section provides a high-level view of a potential ICT Component Model. The Services Australia Strategic taskforce has identified that all components within the Services Australia portfolio can be leveraged to support the new experience with moderate levels of configuration and re-purposing.

The myGov update platform requires a relatively complex ICT Component Model to support delivery. The model below illustrates the services and service components which could be delivered through a digital platform to enable an improved customer experience.

9

OFFICIAL

OFFICIAL

ApplicationsThe Applications component provides user interfaces and digital utilities that a user will interact with as part of their journey experience. These are the physical touch points for a user.

Applications Components

Description of ComponentsComponent Description

Digital Services These are the major applications that a customer will see and use.

Frontends These are the different methods of delivering digital services. This includes “channels” and different ways of interacting within a channel.

Content ManagementThe content management component will provide a set of processes and technologies to support the collection, management and publishing of digital content.

Content Management Components Description of Components

Component Description

Authoring Services

Authoring is the capability of creating digital content using standard workflows and templates

Publish/Deploy/Diffuse

Knowledge Management is the way in which content is structured and the associated toolkits.

Content Metadata Management

Content Metadata Management is the methods of management of content data metadata

Digital Asset Management

Digital Asset Management is the process of organising,

10

OFFICIAL

OFFICIAL

storing and retrieving digital content

Experience DeliveryExperience Delivery is the process of delivering the customer experience to the customer. It includes the personalisation of the customer experience and delivering different experiences to different customers based on their needs.

Experience Delivery Components

Description of ComponentsComponent Description

Personalisation and Context Awareness

Personalisation is the process of creating an individualised customer experience based on the user’s personal and behavioural data. Context Awareness is the process of enhancing a user’s experience based on their circumstances and/or objectives.

Experience Orchestration

Experience Orchestration is the process of bringing data and flows together to deliver the customer experience.

Experience Management

Experience Management is the process of organising and delivering experiences to the Customer.

11

OFFICIAL

OFFICIAL

OFFICIAL

SearchThe search component provides the ability for users to locate digital content and services related to their life event journey (using natural language).

Search ComponentsDescription of ComponentsComponent Description

Search Services

Search Services are the methods of searching through digital content and the optimisation of the search processes.

Indexing Indexing collects and stores data to enable fast and accurate searching

12

OFFICIAL

OFFICIAL

Experience AnalyticsThe Experience Analytics component involves the collection of data and performing analysis and reporting with the goal to improve and optimise a Customer’s digital experience. It also provides staff members with valuable insight into customer needs.

Experience Analytics ComponentsDescription of ComponentsComponent Description

Analytics Types

A range of different analytics types will be supported

Data Collection

Data will be collected to perform analysis and reporting on.

Reporting Reporting capabilities will be provided in order to provide information in an easy to read format that can be used to refine customer experiences.

Analysis Usage

Analysis Usage are the processes that use analytics and reporting in order to improve a customer experience.

13

OFFICIAL

OFFICIAL

Common PlatformsThe Common Platforms component are reusable common components that will be utilised by the myGov update platform.

Common Platforms ComponentsDescription of ComponentsComponent Description

Digital Identity (GovPass)

Digital Identity is the method by which customer users will be identified and authenticated

Service Connect

Service Connect is a Whole of Government Digital Platform that enables customers to connect with accredited providers who they can purchase products and services from; and make use of Government funds/entitlements for payments.

14

OFFICIALOFFICIAL

OFFICIAL

Common ServicesThe Common Services component provides supporting services used by user experiences delivered by the myGov update platform .

Common Services ComponentsDescription of Components

Component Description

Cognitive Services Cognitive Services are Artificial Intelligence systems that assist humans in their decision-making processes.

Language Services Language Services provide tools to assist users with limited ability to communicate in English.

15

OFFICIALOFFICIAL

OFFICIAL

SecurityThe Security component provides the protection of the myGov update platform from malicious exploitation.

Security ComponentsDescription of ComponentsComponent Description

Cyber Cybersecurity is the protection of internet-connected systems, networks and applications from cyber-attacks.

16

OFFICIAL

OFFICIAL

IntegrationThe integration component provides the connections between systems and applications that are either part of the myGov update platform or are integrated with to provide services (such as host systems etc.)

Integration ComponentsDescription of Components

Component Description

Integration Services Integration Services provide control over data flow to/from computer systems

FraudThe Fraud component provides supporting services used by user experiences delivered by the myGov update platform.

Fraud ComponentsDescription of Components

Component Description

Fraud Management Fraud Management provides the tools required to detect, investigate and prevent fraud. For the myGov update, these components do not include the staff user interface.

17

OFFICIAL

OFFICIAL

Customer Services HubThe Customer Services Hub component provides supporting services used by user experiences delivered by the myGov update platform.

Description of Components

Component Description

Customer Management Customer Management provides a single view of customer for the Government.

CI/CD PipelinesThe CI/CD Pipelines component provides supporting services used by user experiences delivered by the myGov update platform.

Description of componentsComponent Description

CI/CD Pipelines CI/CD Pipelines are automated software delivery processes used in the development, testing and deployment of software.

Change Management / Release Management

Change Management is the set of processes defined to control the lifecycle of IT changes.Release Management is the process of managing and controlling the release of software through different lifecycle stages and environments.

Cloud Management Cloud Management is the software and tools use to operate and monitor and

DTA | 18

OFFICIAL

OFFICIAL

manage applications, data and services in the cloud.

Service Operations Service Operations are the processes and procedures that manages software services at agreed levels to users.

DTA | 19

OFFICIAL

OFFICIAL

Maintenance and Support

The seller’s proposal should include appropriate maintenance and support arrangements to cover:

Configuration of hosting environments and related infrastructure

Patching and upgrades of SaaS / COTS and middleware products that may form part of the solution

Maintenance of custom code required to maintain security, availability and integration requirements

Technical changes required to maintain status as a myGov member service

Technical changes required to maintain status as a Digital Identity relying party

Training

Staff from DTA and Services Australia are expected to perform ongoing BAU tasks (for example, deriving insights from analytics, constructing and managing campaigns, content design, service design) and technical operational tasks (for example, SecOps, DevOps) using the proposed solution.

Frontline support staff from Services Australia will need to be trained to support end users transitioning to new or enhanced myGov-related functionality.

Sellers should include facilitated training workshops and / or material to support these BAU tasks as part of their proposal.

DeliverablesThe Seller in its response should recommend any other deliverables it believes would add value to this project. The DTA reserves the right to include/ exclude such deliverables in the work order. Additional deliverables included in the Seller’s proposal should be scoped and priced separately.

Documentation

The seller’s proposal should include how they plan to deliver:

Documentation: Transition In Plan - detailed plans for supporting the transition in of a new solution and/or new approaches to an existing solution.

Documentation: Transition Out Plan - detailed plans for supporting the transition out and handover to a new solution provider for subsequent phases.

Customer Service Plan – document how support enquiries from DTA or Services Australia will be triaged, managed and resolved

DTA | 20

OFFICIAL

OFFICIAL

Member Services onboarding plan and processes – document how members services are onboarded to the platform. This plan will change over time as more of the functions and features of the current myGov platform are built into the myGov update version.

Documentation: System Architecture documentation

Documentation: System Security documentation (for example, System Security Plan, Security Risk Management Plan, Incident Response Plan, Standard Operating Procedures)

Documentation: Stakeholder engagement / management plan

Documentation: Risk management plan and register

Documentation: Privacy Impact Assessment

Documentation: Change Management Plan

Documentation: Administration user guides and material from training activities

System

The seller’s proposal should include how they plan to deliver:

Service Levels: 99.99% or above availability for production environments. Additional service levels may be negotiated for the work order including in connection with security and customer experience

Operational environments: high-availability production environments and other environments required to support best-practice deployments (this may include development, test, staging, pre-prod and disaster recovery environments)

User Access Controls: demonstrated application of fine-grained controls for several administrative user roles (for example, developer, administrator, content author, approver, etc.)

Configuration as Code: any managed code required to configure applications, environments or infrastructure and support migration of a solution between environments or providers.

Custom Application Code: any bespoke code required to bridge proposed SaaS / COTS products and target integration endpoints from Services Australia, target agencies and existing whole-of-government platforms. Code is expected to meet relevant quality and documentation standards.

Design System Code: any extensions to the Australian Government Design System required to deliver front-end functionality

Reporting

The seller’s proposal should include how they plan to deliver:

Reporting: log files supporting security monitoring activities.

Reporting: analytics services required to deliver quantitative measures of users’ experiences with the solution

DTA | 21

OFFICIAL

OFFICIAL

Delivery and AcceptanceThe Buyer may accept or reject any recommended deliverables in accordance with the work order.

Milestone payments are not proposed for the initial work package.

The initial package is expected to be used to define scope of future releases, work sequencing, high-level epics and subsequent work packages required. DTA reserves the right to include requirements for a team of skilled personnel only for the first stage of the work order with additional work packages to be applicable for subsequent stages. These details will be negotiated with the preferred Seller.

StandardsSellers should note that the following standards should apply to the proposal:

Digital Service Standard (https://www.dta.gov.au/standard)

Web Content Accessibility Guidelines 2.0 AA (https://www.w3.org/TR/WCAG20/)

National API Design Standards (https://api.gov.au/standards/)

Australian Government Design System (https://www.designsystem.gov.au)

Relevant LegislationSellers should note that the following legislation should be considered as part of the proposal:

Privacy Act 1988 (Privacy Act) (https://www.legislation.gov.au/Series/C2004A03712 )

Freedom of Information Act 1982 (FOI Act) (https://www.legislation.gov.au/Series/C2004A02562 )

Australian Information Commissioner Act 2010 (AIC Act) (https://www.legislation.gov.au/Series/C2010A00052)

Disability Discrimination Act 1992 (DDA Act) (https://www.legislation.gov.au/Details/C2018C00125)

Archives Act 1983 (https://www.legislation.gov.au/Details/C2019C00179)

Security RequirementsThe solution is expected to apply and maintain all necessary controls required to deliver a PROTECTED-level system, as specified by the Australian Government’s Information Security Manual (https://www.cyber.gov.au/ism), reviewed monthly.

Personnel (including those from third party providers) designing and developing the solution are expected to meet relevant security clearance requirements included in the work order. The Seller’s personnel delivering the project will be required to hold and maintain baseline security clearances throughout the duration of the work. Some aspects of the project may require the Seller’s personnel to hold and maintain a Negative Vetting Level 1 (Secret) clearance.

DTA | 22

OFFICIAL

OFFICIAL

The solution is expected to comply with the Protective Security Policy Framework (https://www.protectivesecurity.gov.au/).

Capacity

Experience

The Seller’s proposal should demonstrate the extent of its relevant experience delivering similar projects with comparable scope and target user bases, with highly desirable experience being:

Significant systems integration experience within the Australian Government service delivery context and deep knowledge of cloud-based and other emerging technologies.

Experience integrating with myGov and other APIs operated by Services Australia.

Experience working with a broad network of technical delivery partners with specialised technical and/or product knowledge.

Strong track record of user-centred co-design and implementation of digital customer experience initiatives with multiple parties and layers of government.

Practical application of government policy and legislation in the delivery of digital services.

Key Personnel Expertise

Key personnel are expected to demonstrate experience in the design and delivery of user-centric, secure, highly-

available, authenticated digital solutions with complex integration requirements.

Quality Systems

The Seller’s proposed approach to quality management should demonstrate how they will meet quality standards

including:

Relevant controls from the Australian Cyber Security Centre’s Information Security Manual (ISM)

Product Health Checks: Health checks assess how well the product is performing against its vision and objectives.

Delivery: The approach is to iteratively build product features which contribute to the delivery of the myGov ecosystem. Delivery quality is linked to a range of existing controls such as governance, planning, benefits, user experience, risks, issues and reporting.

Risks and Issue Management: The Risk and Issues Management Plan explaining the approach and framework under which risk and issue management is undertaken across the product. The risk and issue registers are to be updated to monitor, review and report risks and issues and their associated treatments on an on-going basis.

DTA | 23

OFFICIAL

OFFICIAL

This ensures transparency and efficient reporting of risks and issues to the relevant stakeholders and governance bodies.

Information Management: All information created, sent and received as part of working for the Australian Government is a record. The seller is required to adhere to all stringent government and DTA specific information, security and privacy requirements. The records management system will act as the central repository of information for effective management of the product, a source of knowledge and demonstrate adherence to government information management policies.

Privacy management plan and Privacy Impact Assessments: Privacy requirements are to be designed into every part of the solution.

System Security documentation and Reviews: Security is to be designed into every part of the myGov product. The Product will be managed in multi-phases each with independent Security Impact Assessment process and reviews.

Digital Service Standard: The Digital Service Standard is a set of best-practice principles for designing and delivering government services. The Product will be delivered in line with the Digital Service Standard’s 13 criteria.

Change Management Processes and Protocols: During the development of the solution the seller will formally document and track approved scope changes, including change control management, processes and protocols.

Work, Health and SafetyWHS requirements in accordance with the Digital Marketplace Comprehensive Terms.

Additional TermsSee the attached ‘Additional Terms’ document enclosed with this RFQ.

DTA | 24