RFP026-52 PC Imaging & Deployment

Q (TechProc Questions): **TECHNICAL SCOPE** **1.** The RFP references PDQ Deploy as a potential imaging solution. Will the City provide an existing PDQ Deploy license, or is the vendor expected to include licensing costs in the proposal? **2.** Will the City provide a NinjaOne license for this engagement, or is the vendor responsible for procuring NinjaOne licensing as part of the project cost? **3.** What Windows operating system version(s) are required for the standard and specialized images (e.g., Windows 10 22H2, Windows 11 24H2)? **4.** How many distinct images are anticipated (e.g., standard user, admin, kiosk, department-specific)? Are the specialized image requirements already defined, or will the vendor be expected to conduct a discovery/needs assessment phase? **5.** Are the 400 PCs new/unboxed devices, existing systems being reimaged, or a combination of both? **6.** Is a current Active Directory domain and Group Policy infrastructure already in place? Will the vendor be configuring new Group Policy Objects (GPOs) from scratch, or modifying and extending existing policies? **7.** What is the geographic distribution of the 400 PC deployments? Are all devices located within a single City facility, or spread across multiple buildings or remote sites? **8.** Will the City provide a staging area or lab environment for pre-imaging and testing prior to field deployment? **9.** Are there any specific third-party applications, security agents, or department-specific software packages that must be incorporated into the images? **10.** Does the City require data migration from existing end-user devices as part of this engagement, or is this a net-new deployment with no user data transfer? --- **ONSITE SUPPORT** **11.** Is the three-month onsite support requirement fixed, or is it subject to extension based on project progress? If extended, will the hourly rate in the original proposal govern the extension period? **12.** What are the expected onsite working hours? Is the 40 hours/week requirement based on standard City business hours (e.g., Monday–Friday, 8:00 AM–5:00 PM), or is flexibility required for after-hours or weekend work? **13.** Will the City provide workspace, network access, and equipment for the onsite technician, or must the vendor furnish their own tools and resources? --- **PRICING & COST** **14.** Should the cost proposal include a per-device unit price for imaging and deployment in addition to a project-total lump sum, or is a lump sum only sufficient? **15.** Are travel and lodging expenses reimbursable? If so, does the City follow Connecticut state per diem rates, or does the City have its own reimbursement policy? **16.** For the "Additional Services" referenced in Section 1 of the Scope, should the vendor include a separate hourly blended rate or a schedule of rates by role for potential out-of-scope work? --- **SUBMISSION & EVALUATION** **17.** The RFP requires proposals in two sealed parts: Part A (Qualifications) and Part B (Fees/Proposal). Should these be submitted as two separate electronic files within the eProcurement Portal, or as a single document with clearly delineated sections? **18.** Is there a minimum number of references required, and should references specifically be from municipal or government deployments, or are enterprise/commercial engagements of comparable scale acceptable? **19.** Will vendors be shortlisted for oral presentations or interviews prior to award, or will the selection be based solely on written proposal submissions? --- **CONTRACT & INSURANCE** **20.** The Sample Agreement (Attachment A) references a three-year initial term with up to two one-year extensions. Is the anticipated contract structure for this engagement a fixed-term project-based agreement, or an ongoing managed services/time-and-materials arrangement? **21.** The COI requirement (Attachment B) lists an Umbrella/Excess Liability requirement. Must the Umbrella policy be in place prior to submission, or only prior to contract execution? **22.** Is Professional Liability (Errors & Omissions) coverage with a $2,000,000 per claim / $2,000,000 aggregate limit required in addition to the coverages listed in Attachment B, consistent with Section 9(d) of the Sample Agreement?

A: **TECHNICAL SCOPE** **1.** The RFP references PDQ Deploy as a potential imaging solution. Will the City provide an existing PDQ Deploy license, or is the vendor expected to include licensing costs in the proposal? The City may have existing tooling; however, vendors should propose solutions that include all necessary licensing. Vendors should clearly identify whether licensing is included, pass-through (itemized at cost), or optional. The City is open to alternative tools if they provide improved efficiency or outcomes. **2.** Will the City provide a NinjaOne license for this engagement, or is the vendor responsible for procuring NinjaOne licensing as part of the project cost? Vendors should assume responsibility for providing any licensing as part of their proposal as optional. **3.** What Windows operating system version(s) are required for the standard and specialized images (e.g., Windows 10 22H2, Windows 11 24H2)? The City currently utilizes supported versions of Microsoft Windows. Specific versions and upgrade requirements will be confirmed during project kickoff. Vendors should be prepared to support current enterprise versions (e.g., Windows 10 and Windows 11) and recommend standardization where appropriate. End user devices will have OEM licensing to be used in this process. **4.** How many distinct images are anticipated (e.g., standard user, admin, kiosk, department-specific)? Are the specialized image requirements already defined, or will the vendor be expected to conduct a discovery/needs assessment phase? The City anticipates multiple standard and specialized images (e.g., general users, administrative users, department-specific roles). Final requirements will be confirmed during a discovery phase. Vendors should include a discovery and design component in their proposal. **5.** Are the 400 PCs new/unboxed devices, existing systems being reimaged, or a combination of both? New PCs. **6.** Is a current Active Directory domain and Group Policy infrastructure already in place? Will the vendor be configuring new Group Policy Objects (GPOs) from scratch, or modifying and extending existing policies? The City maintains an existing Active Directory environment with Group Policy Objects (GPOs). Vendors may be required to modify, extend, or optimize existing configurations. **7.** What is the geographic distribution of the 400 PC deployments? Are all devices located within a single City facility, or spread across multiple buildings or remote sites? Several buildings are the majority of devices. **8.** Will the City provide a staging area or lab environment for pre-imaging and testing prior to field deployment? The City expects to provide a staging area or coordinate with the selected vendor to establish one. Vendors should outline any requirements for staging, testing, and pre-deployment validation. **9.** Are there any specific third-party applications, security agents, or department-specific software packages that must be incorporated into the images? Yes, standard municipal software, security agents, and department-specific applications will be required. A detailed list will be provided during onboarding. **10.** Does the City require data migration from existing end-user devices as part of this engagement, or is this a net-new deployment with no user data transfer? Data is stored on network drives. --- **ONSITE SUPPORT** **11.** Is the three-month onsite support requirement fixed, or is it subject to extension based on project progress? If extended, will the hourly rate in the original proposal govern the extension period? The initial term is expected to be approximately three months. Extensions may be required based on project needs. Vendors should provide hourly or rate-based pricing for potential extensions. **12.** What are the expected onsite working hours? Is the 40 hours/week requirement based on standard City business hours (e.g., Monday–Friday, 8:00 AM–5:00 PM), or is flexibility required for after-hours or weekend work? Standard working hours are expected to align with City business hours (typically Monday–Friday). Vendors should also indicate availability for after-hours or weekend work if required as optional. **13.** Will the City provide workspace, network access, and equipment for the onsite technician, or must the vendor furnish their own tools and resources? The City will provide reasonable workspace and network access. Vendors are expected to supply their own tools and specialized equipment as needed. --- **PRICING & COST** **14.** Should the cost proposal include a per-device unit price for imaging and deployment in addition to a project-total lump sum, or is a lump sum only sufficient? Vendors should provide both a total project cost and a per-device cost breakdown to allow for flexibility and scalability. **15.** Are travel and lodging expenses reimbursable? If so, does the City follow Connecticut state per diem rates, or does the City have its own reimbursement policy? Travel and lodging costs should be clearly identified. Vendors should specify whether such costs are included or billed separately. Applicable reimbursement policies will be defined during contracting. **16.** For the "Additional Services" referenced in Section 1 of the Scope, should the vendor include a separate hourly blended rate or a schedule of rates by role for potential out-of-scope work? Hourly blended rate, include services that can be included in these hours. --- **SUBMISSION & EVALUATION** **17.** The RFP requires proposals in two sealed parts: Part A (Qualifications) and Part B (Fees/Proposal). Should these be submitted as two separate electronic files within the eProcurement Portal, or as a single document with clearly delineated sections? Vendors should submit Part A (Qualifications) and Part B (Pricing) as separate clearly labeled electronic files within the eProcurement portal. **18.** Is there a minimum number of references required, and should references specifically be from municipal or government deployments, or are enterprise/commercial engagements of comparable scale acceptable? Vendors should provide relevant references. Municipal or public-sector experience is preferred; however, comparable enterprise deployments will be considered. **19.** Will vendors be shortlisted for oral presentations or interviews prior to award, or will the selection be based solely on written proposal submissions? The City reserves the right to invite shortlisted vendors for presentations or interviews prior to final selection. --- **CONTRACT & INSURANCE** **20.** The Sample Agreement (Attachment A) references a three-year initial term with up to two one-year extensions. Is the anticipated contract structure for this engagement a fixed-term project-based agreement, or an ongoing managed services/time-and-materials arrangement? No, This engagement is expected to be primarily project-based. **21.** The COI requirement (Attachment B) lists an Umbrella/Excess Liability requirement. Must the Umbrella policy be in place prior to submission, or only prior to contract execution? Prior to Contract Execution **22.** Is Professional Liability (Errors & Omissions) coverage with a $2,000,000 per claim / $2,000,000 aggregate limit required in addition to the coverages listed in Attachment B, consistent with Section 9(d) of the Sample Agreement? Yes

Q (Security Baseline and Configuration Standards): Does the City have an established endpoint security baseline (e.g., CIS benchmarks, NIST-aligned configurations), or should the selected vendor propose and implement standardized security configurations as part of the imaging process?

A: The City maintains internal security standards; however, detailed configurations will not be publicly disclosed for security reasons. Vendors should propose industry best practice security baselines aligned with recognized frameworks such as NIST (National Institute of Standards and Technology) and CIS (Center for Internet Security) as part of the imaging process. Final configurations will be reviewed and approved during implementation.

Q (Endpoint Security Tooling Integration): Beyond NinjaOne, are there existing endpoint security tools (e.g., EDR, antivirus, vulnerability management agents) that must be incorporated into the device images?

A: Specific security tooling currently in use will not be disclosed publicly. The selected vendor should be prepared to integrate standard endpoint security solutions, including EDR (Endpoint Detection and Response), antivirus, and vulnerability management agents. Additional details will be provided under a Non-Disclosure Agreement (NDA) during implementation.

Q (Asset Management and Lifecycle Tracking): Will the deployed devices be integrated into an existing asset management or CMDB system, or should the vendor include recommendations for asset tracking and lifecycle management as part of the solution?

A: The City maintains asset tracking capabilities; however, vendors are encouraged to provide recommendations for integration and/or enhancements aligned with industry best practices.

Q (Post-Deployment Monitoring Expectations): Should the implementation of NinjaOne be limited to deployment and configuration, or does the City expect recommendations for ongoing monitoring, alerting, and operational management?

A: The primary scope is deployment and configuration; however, vendors are encouraged to include recommendations for ongoing monitoring, alerting, and operational management to support long-term sustainability.

Q (User Readiness and Change Management): Will the City require end-user communication, onboarding support, or training as part of the deployment process?

A: Yes, vendors should include end-user communication. The primary purpose of the project is imaging and deployment.

Q (Acceptance Criteria and Project Completion Definition): What criteria will the City use to determine successful completion of imaging and deployment (e.g., user acceptance, system validation, performance benchmarks)?

A: Successful completion will be based on system functionality, successful deployment of required applications and configurations, validation testing, and user acceptance. Vendors should propose measurable acceptance criteria as part of their implementation plan.

Q (Deployment Phasing and Prioritization): Will deployments be phased by department, priority group, or location, and are there critical departments that require prioritized rollout?

A: Yes, deployment is expected to be phased. Vendors should propose a phased rollout approach that prioritizes critical departments and minimizes operational disruption.

Q (No subject): ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ TECHNICAL SCOPE (CONTINUED) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ TITLE: PC Hardware Makes and Models (OEM Families) QUESTION: What PC makes and models are included in the 400-device scope (e.g., Dell OptiPlex, HP EliteDesk, Lenovo ThinkCentre)? Is the fleet a single OEM family or a mix of manufacturers? Each OEM requires a separate driver pack injected into the WIM image, so understanding the hardware mix is necessary to accurately scope image build effort and guarantee deployment compatibility. --- TITLE: Imaging Deployment Architecture – Network Boot vs. Physical Media QUESTION: Will PC imaging be performed via network boot (PXE/WDS) from a central deployment server, or from physical media such as USB drives or standalone imaging stations? Is there an existing Microsoft Deployment Toolkit (MDT), WDS, or SCCM/MECM environment currently in place that the vendor would leverage or build upon? This determines the fundamental technical architecture for the engagement. --- TITLE: Azure Active Directory / Microsoft Intune / Windows Autopilot Scope QUESTION: Will deployed devices be joined exclusively to the City's on-premise Active Directory domain, or will they also be enrolled in Azure Active Directory (Microsoft Entra ID) and managed via Microsoft Intune MDM? Is Windows Autopilot in scope for any portion of the deployment? On-premise AD domain join and Azure AD / Intune enrollment are distinct technical workflows with different tooling and licensing requirements, and this distinction significantly affects the proposed solution design. --- TITLE: Windows Licensing Type and Activation Method QUESTION: What Windows licensing model does the City use — OEM (device-tied product keys), Volume Licensing with KMS/MAK activation, or Microsoft 365 Business/Enterprise with cloud-based activation? Who provides Windows and Office/Microsoft 365 license keys for inclusion in the images? The activation method must be confirmed before imaging begins, as it determines whether devices can be legally reimaged and how activation will be handled during mass deployment. --- TITLE: Background Check Requirements for Onsite Technician QUESTION: Will the awarded vendor's onsite technician be required to pass a background check or security vetting prior to accessing City facilities and systems? If so, what level of check is required (e.g., criminal history, fingerprinting, driving record), who conducts the check, and who bears the cost? Understanding this requirement in advance is necessary for Mavlra to plan onboarding timelines and include any associated costs in the proposal. --- TITLE: Device Disposition and Certified Data Destruction QUESTION: For devices being replaced or reimaged: who is responsible for data wiping and hardware disposal of the outgoing equipment? Does the City require certified data destruction in accordance with NIST SP 800-88 or a comparable standard? Is the vendor expected to provide a certificate of destruction? If data wiping and disposal are within scope, Mavlra needs to account for this effort and any associated liability in the proposal. --- TITLE: End-User Appointment Scheduling – City Coordination or Vendor-Managed QUESTION: For the deployment of 400 devices to individual end users: who will manage the scheduling of PC swap appointments? Will City department coordinators be responsible for scheduling and notifying end users, or is the vendor expected to coordinate directly with employees across departments? This affects the project management overhead and staffing plan included in our proposal. --- TITLE: City IT Staff Commitment and Point of Contact QUESTION: What level of City IT staff support will be available to the vendor during this engagement? Will a dedicated City IT point of contact or project manager be assigned to this project, or is the vendor expected to operate largely independently? Understanding the City-side resource commitment is necessary to accurately assess onboarding, escalation, and decision-making timelines. --- TITLE: BIOS/UEFI Firmware Configuration Requirements QUESTION: Does the City require standardized BIOS/UEFI firmware configuration as part of the imaging process, such as enabling Secure Boot, confirming TPM 2.0 activation, setting boot order, or disabling legacy boot? If Windows 11 is the target OS, TPM 2.0 and Secure Boot are mandatory prerequisites that must be verified or configured before imaging can proceed. Will this firmware-level step be included in the vendor's scope, or handled separately by City IT? --- TITLE: Connecticut Prevailing Wage Applicability QUESTION: Does this engagement fall under Connecticut's prevailing wage requirements under CGS §31-53 or related statutes for service workers on public contracts? If so, which wage determination applies to IT deployment technicians? This is a legal compliance question that affects Mavlra's cost basis and hourly rate structure for the onsite support component of the proposal. --- TITLE: Incumbent Vendor and Knowledge Transfer QUESTION: Is there a current incumbent vendor providing IT services, device management, or endpoint support to the City of Meriden? If so, is the incumbent eligible to rebid on this engagement, and will there be a formal knowledge-transfer requirement from the incumbent to the awarded vendor? Understanding the incumbent situation helps Mavlra assess the onboarding ramp-up and transition risk. --- ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ PRICING & COST (CONTINUED) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ TITLE: Milestone-Based Invoicing vs. Single Payment at Completion QUESTION: The Sample Agreement states that payment will be made "not less than thirty (30) days following completion of services." Does this language require a single invoice at full project completion, or will the City accept milestone-based or monthly invoicing as work progresses (e.g., per deployment phase or per batch of devices completed)? For a three-month engagement requiring consistent onsite staffing, understanding the invoicing schedule is essential to Mavlra's financial planning. --- TITLE: Approved Project Budget or Not-to-Exceed Amount QUESTION: Is there an approved budget or not-to-exceed (NTE) amount for this engagement that vendors should be aware of when structuring the cost proposal? Even a general range would help ensure proposals are calibrated appropriately and avoid non-responsive submissions. --- ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ CONTRACT & LEGAL ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ TITLE: Project Status Reporting Requirements and City Project Manager QUESTION: What project management and status reporting does the City expect from the vendor during the engagement? For example: weekly written status reports, a formal project plan with milestone tracking, or a change request / issue log? Who is the designated City project manager or primary point of contact for day-to-day project decisions? This information is needed to accurately describe the project governance approach in the proposal's Work Plan section. --- TITLE: Performance or Payment Bond Requirement QUESTION: Will the awarded vendor be required to provide a performance bond or payment bond as a condition of contract execution? If so, what is the required bond amount, and by what deadline must the bond be secured? Bond premiums and lead times affect proposal cost and contract timeline planning. ---

A: ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ TECHNICAL SCOPE (CONTINUED) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ TITLE: PC Hardware Makes and Models (OEM Families) QUESTION: What PC makes and models are included in the 400-device scope (e.g., Dell OptiPlex, HP EliteDesk, Lenovo ThinkCentre)? Is the fleet a single OEM family or a mix of manufacturers? Each OEM requires a separate driver pack injected into the WIM image, so understanding the hardware mix is necessary to accurately scope image build effort and guarantee deployment compatibility. 1 model primarily, possibly 2. --- TITLE: Imaging Deployment Architecture – Network Boot vs. Physical Media QUESTION: Will PC imaging be performed via network boot (PXE/WDS) from a central deployment server, or from physical media such as USB drives or standalone imaging stations? Is there an existing Microsoft Deployment Toolkit (MDT), WDS, or SCCM/MECM environment currently in place that the vendor would leverage or build upon? This determines the fundamental technical architecture for the engagement. Vendors should propose a recommended deployment architecture based on best practices, supporting both network-based and offline imaging methods as appropriate. Solutions should be scalable and adaptable to existing or new tooling. --- TITLE: Azure Active Directory / Microsoft Intune / Windows Autopilot Scope QUESTION: Will deployed devices be joined exclusively to the City's on-premise Active Directory domain, or will they also be enrolled in Azure Active Directory (Microsoft Entra ID) and managed via Microsoft Intune MDM? Is Windows Autopilot in scope for any portion of the deployment? On-premise AD domain join and Azure AD / Intune enrollment are distinct technical workflows with different tooling and licensing requirements, and this distinction significantly affects the proposed solution design. Active Directory. No Intune. --- TITLE: Windows Licensing Type and Activation Method QUESTION: What Windows licensing model does the City use — OEM (device-tied product keys), Volume Licensing with KMS/MAK activation, or Microsoft 365 Business/Enterprise with cloud-based activation? Who provides Windows and Office/Microsoft 365 license keys for inclusion in the images? The activation method must be confirmed before imaging begins, as it determines whether devices can be legally reimaged and how activation will be handled during mass deployment. OEM. City provided O365 --- TITLE: Background Check Requirements for Onsite Technician QUESTION: Will the awarded vendor's onsite technician be required to pass a background check or security vetting prior to accessing City facilities and systems? If so, what level of check is required (e.g., criminal history, fingerprinting, driving record), who conducts the check, and who bears the cost? Understanding this requirement in advance is necessary for Mavlra to plan onboarding timelines and include any associated costs in the proposal. Background check will be discussed once short listed but it will be required as it generally is in any employment hiring. --- TITLE: Device Disposition and Certified Data Destruction QUESTION: For devices being replaced or reimaged: who is responsible for data wiping and hardware disposal of the outgoing equipment? Does the City require certified data destruction in accordance with NIST SP 800-88 or a comparable standard? Is the vendor expected to provide a certificate of destruction? If data wiping and disposal are within scope, Mavlra needs to account for this effort and any associated liability in the proposal. City will handle. --- TITLE: End-User Appointment Scheduling – City Coordination or Vendor-Managed QUESTION: For the deployment of 400 devices to individual end users: who will manage the scheduling of PC swap appointments? Will City department coordinators be responsible for scheduling and notifying end users, or is the vendor expected to coordinate directly with employees across departments? This affects the project management overhead and staffing plan included in our proposal. Deployment scheduling will be coordinated with the City. Vendors should propose an efficient scheduling and communication approach, which may include coordination with department representatives and/or direct scheduling support. --- TITLE: City IT Staff Commitment and Point of Contact QUESTION: What level of City IT staff support will be available to the vendor during this engagement? Will a dedicated City IT point of contact or project manager be assigned to this project, or is the vendor expected to operate largely independently? Understanding the City-side resource commitment is necessary to accurately assess onboarding, escalation, and decision-making timelines. The City will provide a primary point of contact for the project. Vendors should assume a collaborative engagement model and propose a delivery approach that minimizes reliance on City resources. --- TITLE: BIOS/UEFI Firmware Configuration Requirements QUESTION: Does the City require standardized BIOS/UEFI firmware configuration as part of the imaging process, such as enabling Secure Boot, confirming TPM 2.0 activation, setting boot order, or disabling legacy boot? If Windows 11 is the target OS, TPM 2.0 and Secure Boot are mandatory prerequisites that must be verified or configured before imaging can proceed. Will this firmware-level step be included in the vendor's scope, or handled separately by City IT? Yes, vendors should include standard BIOS/UEFI configuration as part of best practices, including settings such as Secure Boot and TPM 2.0 where applicable. Specific configuration standards will be reviewed during implementation. --- TITLE: Connecticut Prevailing Wage Applicability QUESTION: Does this engagement fall under Connecticut's prevailing wage requirements under CGS §31-53 or related statutes for service workers on public contracts? If so, which wage determination applies to IT deployment technicians? This is a legal compliance question that affects Mavlra's cost basis and hourly rate structure for the onsite support component of the proposal. We believe it does not. --- TITLE: Incumbent Vendor and Knowledge Transfer QUESTION: Is there a current incumbent vendor providing IT services, device management, or endpoint support to the City of Meriden? If so, is the incumbent eligible to rebid on this engagement, and will there be a formal knowledge-transfer requirement from the incumbent to the awarded vendor? Understanding the incumbent situation helps Mavlra assess the onboarding ramp-up and transition risk. transition and knowledge transfer expectations will be addressed during implementation. --- ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ PRICING & COST (CONTINUED) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ TITLE: Milestone-Based Invoicing vs. Single Payment at Completion QUESTION: The Sample Agreement states that payment will be made "not less than thirty (30) days following completion of services." Does this language require a single invoice at full project completion, or will the City accept milestone-based or monthly invoicing as work progresses (e.g., per deployment phase or per batch of devices completed)? For a three-month engagement requiring consistent onsite staffing, understanding the invoicing schedule is essential to Mavlra's financial planning. Vendors may propose milestone-based or phased invoicing structures. Final invoicing terms will be negotiated and defined in the contract. --- TITLE: Approved Project Budget or Not-to-Exceed Amount QUESTION: Is there an approved budget or not-to-exceed (NTE) amount for this engagement that vendors should be aware of when structuring the cost proposal? Even a general range would help ensure proposals are calibrated appropriately and avoid non-responsive submissions. Budget information will not be disclosed. Vendors should provide competitive, market-based pricing aligned with the scope of work. --- ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ CONTRACT & LEGAL ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ TITLE: Project Status Reporting Requirements and City Project Manager QUESTION: What project management and status reporting does the City expect from the vendor during the engagement? For example: weekly written status reports, a formal project plan with milestone tracking, or a change request / issue log? Who is the designated City project manager or primary point of contact for day-to-day project decisions? This information is needed to accurately describe the project governance approach in the proposal's Work Plan section. The City expects regular project status reporting and a structured project management approach. Vendors should propose a reporting cadence, such as weekly updates and milestone tracking. A City point of contact will be assigned upon project initiation. --- TITLE: Performance or Payment Bond Requirement QUESTION: Will the awarded vendor be required to provide a performance bond or payment bond as a condition of contract execution? If so, what is the required bond amount, and by what deadline must the bond be secured? Bond premiums and lead times affect proposal cost and contract timeline planning. Performance bond will be required and is based upon pricing.

Q (Environment Scoping): please exclude

A: Excluded -Not Relevant

Q (No subject): **Q1. BITLOCKER ENCRYPTION SCOPE** Must BitLocker full-disk encryption be enabled and recovery keys escrowed to Active Directory as part of the imaging process? Does this apply to all 400 devices or only specific device types? --- **Q2. INTELLECTUAL PROPERTY — IMAGE AND SCRIPT OWNERSHIP** Who owns the custom WIM images, PowerShell scripts, and task sequences created during this engagement — the City or the vendor? Will all build artifacts be transferred to City IT at project close? --- **Q3. ADDITIONAL COVERAGES — CITY RISK MANAGER** Section 14 references "other coverage required by the City's Risk Manager" beyond GL, Auto, and Workers' Compensation. What specific additional coverages does the Risk Manager require for this engagement? --- **Q4. BACKGROUND CHECK — ESCORTED ACCESS DURING PROCESSING** May the onsite technician begin work under City escort while the background check is being processed, or must the check be fully cleared before any facility or system access is permitted? --- **Q5. LOCAL ADMIN ACCOUNTS AND LAPS** Must local administrator accounts be disabled in standard user images? Is the City using Local Admin Password Solution (LAPS or Cloud LAPS), and if so, must it be configured as part of the imaging process? --- **Q6. VPN CLIENT — PRE-INSTALLATION IN IMAGES** Must a VPN client be pre-installed and pre-configured in the standard images? If so, which VPN solution does the City use, and will configuration profiles be provided to the vendor? --- **Q7. OUTLOOK PROFILES AND BROWSER SETTINGS — IN SCOPE OR OUT** The Q&A confirmed data is on network drives with no local file migration. Are Outlook profiles, browser bookmarks, and locally saved application settings also excluded from scope, or are these expected to be migrated or reconfigured as part of the deployment? --- **Q8. CITY IT TICKETING SYSTEM — VENDOR ACCESS** Does the City use an IT service management platform (e.g., ServiceNow, Freshdesk)? If so, will the onsite technician be required to log daily work and completed deployments in that system, and will a vendor account be provided? --- **Q9. FACILITY ACCESS — BADGE AND PARKING** Will the onsite technician be issued a City access badge for unescorted entry to all deployment buildings? Is dedicated parking available at each site, or must the technician arrange their own? --- **Q10. GPO CHANGE MANAGEMENT — APPROVAL PROCESS** Does the City require Group Policy Object changes to go through a formal change management or change advisory board (CAB) approval before implementation? If so, what is the typical approval lead time? --- **Q11. NETWORK ACCESS CONTROL — PXE BOOT TRAFFIC** Does the City's network use Network Access Control (NAC) or 802.1X authentication that could block PXE boot traffic during imaging? If so, will the network team configure exceptions prior to deployment start? --- **Q12. MICROSOFT 365 TENANT — DEVICE ACTIVATION SCOPE** Must the 400 devices be activated and enrolled in the City's Microsoft 365 tenant as part of the deployment process, or does City IT handle M365 activation separately after device delivery? ---

A: Vendor provide optional recommendations. All deliverables created under this engagement shall be the property of the City. Sample Insurance requirements avail as an attachment Purchasing background requirements TBD post award Yes, Local administrator accounts must be restricted and managed NinjaOne will be used for remote PC access. No. These items are out of scope.Users will re-authenticate and configure profiles upon first login.No migration of local application settings is required Yes. Vendor will be provided access to the City’s IT Service Management (ITSM) system. All deployments and activities must be logged daily Temporary access badges will be issued Parking availability varies by site & is available at no charge Yes. All GPO (Group Policy Object) changes must follow formal change management Necessary exceptions will be configured prior to deployment. Vendor must coordinate with network team City is using OEM on new PC, with O365.

Q (No subject): Q1. SECTION 15 — CONNECTICUT PROFESSIONAL LICENSES Section 15 requires the firm to maintain "any appropriate licenses or certifications required by the State of Connecticut." What specific Connecticut state licenses or certifications — if any — are required for an IT professional services firm providing PC deployment and staffing services? Are there CT-specific contractor registrations beyond company registration that must be in place prior to contract execution? Q2. SECTION 10 — PURCHASE ORDER vs. PSA — WHICH TRIGGERS WORK START Section 10 states the agreement will be via both a Purchase Order and a Standard Professional Services Agreement. Does the technician's onsite start date begin upon issuance of the Purchase Order, or upon full execution of the Professional Services Agreement? These documents may be issued on different dates, and this determines our mobilization planning. Q3. EVALUATION CRITERIA 2 vs. 3 — SCORING DISTINCTION The scoring matrix has two separate 25-point criteria: (2) Demonstrated Ability of Key Personnel Experience, and (3) Qualifications & Experience. To structure our proposal correctly: should Criterion 2 address exclusively the proposed onsite technician's individual hands-on experience, while Criterion 3 covers the firm's overall qualifications, past project history, and references? Q4. SECTION 16 — ADDITIONAL SERVICES: LEGAL/PERMIT SCOPE Section 16 references potential services including preparation of permit applications, assisting in legal proceedings, and court appearances. Are these standard boilerplate terms from the City's contract template, or are any of these services realistically anticipated as part of this PC imaging and deployment engagement? Q5. 60-DAY WITHDRAWAL RESTRICTION — PRICING VALIDITY The Legal Notice states no proposer may withdraw within 60 days of the April 2 opening. If the award decision or contract execution extends beyond 60 days from April 2, are vendors released from their submitted pricing, or does the City expect pricing to remain firm beyond the 60-day period?

A: 1. None known 2. PSA would be issued prior to PO 3. Yes 4. Standard Boiler plate items 5. 60 days should be sufficient for pricing.

Q (No subject): --- **Q1. CERTIFICATE OF INSURANCE — SUBMISSION vs. EXECUTION (GL, WC, AUTO)** The Q&A confirmed that Umbrella and E&O coverage are required prior to contract execution only. Does the same timing apply to General Liability, Workers' Compensation, and Automobile Liability? Must Certificates of Insurance for these coverages be uploaded with the Part A submission on April 2, or are all insurance certificates required only prior to contract execution? --- **Q2. PART B PRICING — MANDATORY TEMPLATE OR FREE-FORM** The Vendor Submission Forms section lists "PRICE PROPOSAL*" as a required response. Is there a pre-built pricing form or spreadsheet template in the portal that vendors must complete, or may vendors submit their own Part B as a free-form PDF with the required cost breakdown? --- **Q3. NON-COLLUSIVE STATEMENT — NOTARIZATION REQUIREMENT** The RFP requires vendors to download, complete, and upload the Non-Collusive Statement/Affidavit. For electronic submission via the OpenGov portal, must the form be notarized and sworn, or is an authorized signature without notarization acceptable? --- **Q4. MOBILIZATION TIMELINE — DAYS FROM AWARD TO ONSITE START** How many calendar days are anticipated between contract execution and the required onsite start date for the deployment technician? --- **Q5. CONNECTICUT PREVAILING WAGE — FOLLOW-UP (UNANSWERED)** This question was submitted in our March 24 batch and acknowledged but not yet answered. We respectfully request a response as it directly affects our pricing: Does this engagement fall under Connecticut prevailing wage requirements under CGS §31-53 for service workers on public contracts? If yes, which wage determination applies to IT deployment technicians? --- **Q6. OUT-OF-STATE VENDOR REGISTRATION — CONNECTICUT REQUIREMENT** Mavlra Corporation is incorporated in California. Is registration with the Connecticut Secretary of State or the Connecticut DAS supplier portal required as a condition of contract award or execution for out-of-state vendors? --- **Q7. AWARD TIMELINE — EXPECTED DECISION DATE** What is the City's anticipated timeline for evaluating proposals and announcing the award decision following the April 2 submission deadline? --- **Q8. ORAL PRESENTATION FORMAT — IF SHORTLISTED** If the City exercises its right to invite shortlisted vendors for presentations or interviews, will these be conducted in-person in Meriden, CT or virtually? What is the expected duration, and who should attend from the vendor side (e.g., account management, technical lead, proposed onsite technician)?

A: 1. Upon Execution of Agreement 2. Yes, feel free to Upload a separate Sheet if needed 3. Must be notarized & uploaded onto site prior to Due Date 4. Ideally 15-30 days 5. NA 6. Please check with CT Secretary of State to determine 7. Within 30 days 8. Will be given notice & GoogleMeets/Zoom would be acceptable.

Q (No subject): 1. Hardware & Asset Details Can the City provide a detailed list of the make, model, and hardware specifications of the 400 PCs (e.g., OEM, CPU, RAM, disk type)? Are all 400 devices from a single OEM family, or is this a mixed-manufacturer fleet? Will all devices be received at a central location, or delivered directly to multiple City facilities? Will devices arrive unboxed, and if so, who is responsible for unboxing, asset tagging, and disposal of packaging? 2. Operating System & Windows Licensing Which Windows editions and versions are currently planned for deployment (e.g., Windows 10 Enterprise, Windows 11 Enterprise)? Are all devices licensed via OEM licensing only, or does the City utilize Volume Licensing / Microsoft 365 licensing for OS entitlement? If multiple OS versions are in scope, is standardization encouraged or required as part of this engagement? 3. Image Strategy & Deployment Methodology How many “standard” images and how many “specialized” images does the City currently anticipate? Does the City have documented definitions of what constitutes each standard and specialized image? Can the City provide a software inventory per image or department? Has compatibility of all required applications been validated against the target Windows version(s)? Will imaging be performed via: Network boot (PXE), Central deployment server, Physical media, Or vendor‑recommended alternative tools? Is the City open to a modern deployment approach (e.g., base OS plus automated post‑build software deployment) rather than static “golden images”? 4. Software Installers & Licensing Readiness Can the City provide a list of all required software installers, including: Installer formats, Approximate file sizes, Licensing mechanisms (license files, license servers, user‑based licenses)? Are any required application installers larger than 1GB, and if so, which ones? Does the City have written installation procedures for any specialized or department‑specific applications? 5. Active Directory, Azure AD & Device Join Model How should deployed devices be joined and managed? On‑premises Active Directory only, Hybrid Azure AD joined, Azure AD joined only? If Hybrid or Azure AD join is required: Does the City have appropriate Microsoft 365 / Entra licensing assigned to all applicable users? Is Microsoft Intune currently in use or planned? 6. Group Policy Scope & Expectations Does the City have an established Group Policy baseline (e.g., internal standards, CIS benchmarks)? Should this project assume: Minor modifications to existing GPOs, Significant redesign or optimization, Or creation of new policy baselines? Are there any compliance frameworks (CIS, CJIS, HIPAA, etc.) that Group Policy must align to? 7. NinjaOne Scope & Responsibilities Does the City currently maintain a NinjaOne tenant, or is the vendor expected to: Deploy a new tenant, Configure policies, monitoring, and automation, Provide administrative knowledge transfer? What functional scope is expected for NinjaOne as part of this project? Monitoring only, Patch management, Software deployment, Imaging workflows, Policy enforcement? Is technical training or handoff for City IT staff expected as part of NinjaOne implementation? 8. Deployment Logistics & Locations How many City facilities are involved in the deployment, and can a list be provided? What is the approximate distance or travel time between primary deployment locations? Who is responsible for transporting devices between locations (vendor or City staff)? Will City IT staff assist with: Scheduling end-user appointments, Physical desk-side deployment, User acceptance and sign-off? 9. Onsite Resource Expectations (3-Month Engagement) Should the onsite resource be scoped as: Full end‑to‑end deployment (unbox → image → deploy), Or primarily post-deployment support and troubleshooting? What technical skill level does the City expect for the onsite resource (Tier 2, Tier 3, Tier 4)? Is the 3‑month onsite resource expected to: Continue deploying remaining devices, Support users already deployed, Assist City IT with operational tasks beyond this project? Is the City’s expectation that the entire 400‑device rollout be completed within the three‑month onsite period? 10. Project Timeline & Success Criteria Is there a target completion date for the full 400‑device deployment? Are there any business or operational blackout periods that affect deployment scheduling? What criteria will the City use to define successful project completion?

A: Detailed inventory will be provided post-award. Single manufacturer Combination of central staging and distributed delivery. Vendor responsible for unboxing, tagging, and disposal at a city facility. Latest compatible Windows version. OEM licensing. 1–3 standard images Limited specialized images Software inventory provided post award. Hybrid approach; vendor recommendations encouraged. Provided by City. AD Existing baseline; optimization expected. Existing or new; vendor to recommend and configure. Multiple municipal facilities; list provided post-award. Transportation primarily vendor responsibility. End to end deploy Vendor should recommend what tier technician will be provided. Target: within 3-month engagement. Vendor provide optional recommendations.

Q (No subject): Q1. PDQ DEPLOY LICENSING AVAILABILITY The City noted it may have existing PDQ Deploy tooling. Can the City confirm whether an active license exists and whether it could be made available to the awarded vendor, or should all proposals assume fully vendor-provided licensing? Q2. ACTIVE DIRECTORY ACCESS & PROVISIONING Given that the vendor will be modifying and extending existing AD/GPO configurations, will the vendor be granted delegated or Domain Admin rights to Active Directory and GPMC from day one? What is the access provisioning process and expected lead time? Q3. INTER-FACILITY LOGISTICS The deployment spans several City buildings. Will the City provide logistics support for moving equipment between facilities, or should vendors include inter-site transportation costs in the proposal? Q4. DATA READINESS SIGN-OFF — NETWORK DRIVES Since end-user data is stored on network drives (not local devices), will the vendor be responsible for verifying that each user's data is confirmed backed-up before imaging begins, or will City IT certify device readiness prior to the vendor touching each machine? Q5. NEW PCs — DELIVERY SCHEDULE Will all 400 new PCs be available at the staging area at project start, or will they be delivered in batches? If batched, what is the expected delivery schedule and batch sizes? This directly affects our phasing plan and staffing model. Q6. PER-DEVICE PRICING TIERS Should the per-device unit price be uniform across all 400 devices, or should vendors provide tiered pricing for different image complexity levels (e.g., standard user vs. specialized/department-specific images)? ──────────────────────────────────────────── SUBMISSION & EVALUATION ──────────────────────────────────────────── Q7. PAGE LIMITS AND FILE SIZE — PART A & PART B Are there page limits or file size restrictions for Part A (Qualifications) or Part B (Pricing) as submitted through the OpenGov eProcurement portal? Q8. NUMBER OF REFERENCES REQUIRED The response to Question 18 confirmed that references are required but did not specify the minimum number. How many client references must be included in the proposal? ──────────────────────────────────────────── CONTRACT & INSURANCE ──────────────────────────────────────────── Q9. TIMELINE FROM AWARD TO CONTRACT EXECUTION What is the anticipated number of calendar days between award notification and contract execution? This determines how much time the vendor will have to secure the required Umbrella/Excess Liability policy prior to execution. Q10. E&O / PROFESSIONAL LIABILITY — SUBMISSION vs. EXECUTION The response confirmed that the Umbrella policy is required prior to contract execution only, not at submission. Does the same timing apply to the Professional Liability (E&O) coverage at $2,000,000 per claim / $2,000,000 aggregate — required at execution only, or must it be in place at the time of proposal submission?

A: 1 City may provide; vendor should include contingency. 2 Role-based, least privilege; not full domain admin by default. 3 Vendor responsible. 4 City certifies readiness. 5 Phased/batched. 6 Vendor may propose tiered pricing. 7 No limit 8 3-6 is appropriate 9 15-30 days 10 Execution of Agreement

Q (Imaging & Hardware): Are these new PCs being imaged from scratch, or existing PCs being re-imaged?

A: New PC's

Q (Imaging & Hardware): What operating system and version should the images be based on (e.g., Windows 11 Pro 25H2)?

A: Latest compatible Windows build.

Q (Imaging & Hardware): Will the City provide application licenses and installers, or is the vendor expected to procure them?

A: City provides.

Q (Imaging & Hardware): Does the City possess any devices that are utilized by multiple employees within a department?

A: Yes, limited.

Q (Imaging & Hardware): Does the City currently possess any tool that facilitates the seamless migration of local user profiles to new devices, such as Profile Wizard by ForensIT??

A: Not required.

Q (NinjaOne): Does the City currently hold NinjaOne licenses, or is the vendor expected to procure and quote licensing?

A: Vendor can propose and configure as an option. City reserves the right to buy direct.

Q (NinjaOne): Is there an existing NinjaOne instance/tenant the vendor will configure within, or will this be a net-new deployment?

A: Existing demo environment, may need configuration.

Q (PDQ Deploy): Does the City currently own PDQ Deploy licenses? Is the City open to alternative imaging solutions such as MDT if the vendor can demonstrate equivalent or superior results?

A: Alternatives allowed.

Q (Group Policy): Does the City have an existing Group Policy framework, or will this be a greenfield GPO implementation?

A: Existing environment; details post-award.

Q (Group Policy): What Active Directory structure is currently in place (single domain, multi-site, etc.)?

A: Existing environment; details post-award.

Q (Deployment Logistics): How many City locations will receive deployed PCs, and what are the approximate device counts per site?

A: Multiple sites.

Q (Deployment Logistics): Will the City provide a staging area for imaging and pre-deployment QA?

A: Yes, provided.

Q (Deployment Logistics): Is data migration from existing PCs to new devices included in scope?

A: Not in scope.

Q (Deployment Logistics): Will end users be available during deployment for profile setup and orientation?

A: Yes, coordinated.

Q (Onsite Staffing): What are the expected onsite working hours for the three-month technician (e.g., 8:00 AM to 5:00 PM, Monday through Friday)?

A: Standard business hours. Monday - Friday 8-5

Q (Onsite Staffing): Is the onsite technician expected to work at a single location or rotate across multiple sites?

A: A primary staging location will be provided. This can be adjusted where it is more practical.

Q (Contract & Administrative): Is the three-month onsite period fixed, or is the City open to extending or shortening based on project progress?

A: May be adjusted as determined necessary by the city.

Q (Imaging & Hardware): How many distinct image types/configurations are required across the 400 PCs?

A: 1-3 base images. May require department specific imaging in some cases.

Q (Imaging & Hardware): What hardware makes and models are included in the 400-device scope?

A: 1-3 models will be used.

Q (Onsite Staffing): Is there a City workspace/desk available for the onsite technician?

A: Workspace will be provided

Q (Contract & Administrative): What is the anticipated contract start date following award?

A: The start date will be communicated upon award.

Q (Contract & Administrative): Are travel and lodging for the onsite technician considered reimbursable expenses, or should they be included in the hourly rate?

A: Travel should be clearly identified and preferably included or capped.