- 1 -

AGENSI KAUNSELING DAN PENGURUSAN KREDIT

IMPLEMENTATION OF SOFTWARE DEFINED – WIDE

AREA NETWORK (SD-WAN)

(REF: AKPK/RFP21/JUL03)

Request for Proposal

[RFP]

Issuer

Agensi Kaunseling Dan Pengurusan Kredit

Level 6, Menara Bumiputra Commerce

11 Jalan Raja Laut

50350 Kuala Lumpur

ISSUE DATE : 29 JULY 2021

CLOSING DATE/TIME : 13 AUGUST 2021 / 12:30 PM

- 2 -

1 INTRODUCTION

1.1 AKPK is an agency set up by Bank Negara Malaysia with a mission to

empower the community – households and small medium enterprise (SMEs) – to

be financially resilient via customer-centric financial education, advisory and debt

management services.

1.2 Since its establishment in 2006, AKPK has assisted more than 1.2 million

individuals through its financial advisory services, where about 350,000 had

participated in the Debt Management Programme (DMP). Meanwhile, about 7

million Malaysians have benefited from AKPK’s various financial education

interventions.

1.3 Over the years, the connection of AKPK's WAN is via MPLS connection.

As a result, all data, workflows, and transactions, including access to cloud

service or the Internet, required traffic to be redirected to the data center for

processing and redistribution. Hence, the Management is desirous in improving

the performance of the network in order to obtain goods and services of the

organization.

1.4 AKPK hopes that the implementation of SD-WAN can help to streamline

how traffic is routed from the branches, making it easier to create local internet

breakout and allowing users to access cloud services directly from the branches

instead of connecting via data centre. Here, branches shall have their own

network and devices for local internet breakout as well as related security

services. At the same time, the solution should also offer flexibility for channeling

certain traffic to the data centre via a secure tunnel.

1.5 The SD-WAN solution should give highest priority to security while

ensuring automated but flexible application flow when implemented, taking into

account the highest user experience to AKPK application residing on Cloud as

follows: -

Application-driven security policies must be supported for all applications

running over broadband Internet

Performance must be optimized without compromising security

- 3 -

Security must be enforced with an integrated firewall to safeguard the

branch from potential threats

Service chaining to next-generation firewalls or cloud-delivered security

services must be automated

Instant fail-over among WAN links should be in place in case there is an

outage in any of the available WAN links regardless of type of WAN

technologies such as MPLS / Fiber Broadband / LTE

Central device management and reporting with comprehensive reporting

on traffic utilization by users and type of applications at all branches should

be accessible via a central console

1.6 The purpose of this Request for Proposal (RFP) is to seek Proposals from

interested vendors to implement (i.e., Supply, Delivery, Installation, Integration,

Migration, Testing, Commissioning, Training, and Maintenance) AKPK's SD-

WAN. The proposed solution that AKPK is looking for is described as per the

requirement table below.

(The remaining page is intentionally left blank)

- 4 -

2 Current state at AKPK

2.1 Currently, AKPK is using Fortinet's Next-Generation Firewall (NGFW), and

Centralised Management products at DC, DR, HQ and Branches as part of the

WAN transformation initiative, the proposed SD-WAN solution must be able to

integrate with the existing FortiGate NGFW.

2.2 In order to enable local Internet breakout for each site, the proposed SD-

WAN must have NGFW capabilities such as Application Control, Anti-Malware,

Intrusion Prevention System, SSL Inspection, and Web Filtering.

2.3 Fortinet offers SD-WAN functionalities on the existing NGFW product

(FortiGate) without an additional license and since the product is recognised as a

leader by Gartner Magic Quadrant on SD-WAN and Network Firewall Year 2020.

2.4 Therefore, Fortinet is the preferred solution for AKPK by providing a better

Total Cost of Ownership (TCO) on the investment made and substantially optimises

the additional investment required for AKPK to deploy SD-WAN and NGFW on the

remaining sites.

2.5 The following are the desired architecture diagram and followed by the

requirements and specifications for the Deliverables: -

2.6 Desired Architecture Diagram

- 5 -

3 DELIVERABLES

A. To Supply Hardware, Software, and Licenses for SD-WAN

No Description Qty

References (Page # of your Proposal)

1

SD-WAN for Head Quarters (HQ)

1 Unit

Please specify the proposed model

The minimum requirements for the following specification are: -

1. Throughput

1.1 Firewall Throughput 20 Gbps

1.2 Threat Protection Throughput 1 Gbps

2. Network Interfaces

2.1 2x GE RJ45 MGMT/DMZ Ports

2.2 2x GE RJ45 WAN Ports

2.3 2x GE RJ45 HA Ports

2.4 12x GE RJ45 Ports

2.5 2 x 10 GbE SFP

2.6 4x GE SFP Slots

2.7 4x GE RJ45/SFP Shared Media Pairs

3. Hardware Specifications

3.1 1U Rack Size

3.2 Local HDD 480GB

3.3 Dual Power Supplies

4. Software License

4.1 Unified Threat Protection with 24x7 Support 3 Years

2

SD-WAN for Branches

10 Units

Please specify the proposed model

The minimum requirements for the following specification are: -

1. Throughput

1.1 Firewall Throughput 10 Gbps

1.2 Threat Protection Throughput 700 Mbps

2. Network Interfaces

2.1 2x GE RJ45 WAN Ports

- 6 -

2.2 1x GE RJ45 DMZ Ports

2.3 7x GE RJ45 Ports

3. Hardware Specifications

3.1 Desktop Size

3.2 Local HDD 128GB

4. Software License

4.1 Unified Threat Protection with 24x7 Support 3 Years

5. LTE Wireless WAN Extender

5.1 Modem Support 1x

5.2 Supported Bands 1, 2, 3, 4, 5, 7, 8, 12, 13, 20, 25, 26,

29, 30, 41

5.3 Antennas 3 SMA External

5.4 5 GE RJ45 Ports (WAN + LAN)

5.5 Power over Ethernet (PoE) Powered IEEE 802.3af

(15.4 W)

10 Units

6. Forticare with 24x7 support 3 Years

3

Analyser for SD-WAN

3 Years 1. Subscription license for 50 GB/Day Central Logging &

Analytics

2. 24x7 FortiCare support, IOC, SOC subscription, and

FortiGuard Outbreak Alert service 3 Years

B. Solution Requirement

No Descriptions Comply Yes/No

References (Page # of

your Proposal)

Traffic Management

1 Ability to perform active-active load balance among multiple internet connections for both wired and wireless 3G/LTE WAN connections

2

Support the following WAN connection methods:

Static IP

DHCP

PPPoE

3 Ability to support Web Blocking to filter unwanted websites

4 Ability to load balance inbound traffic

5 Ability to reserve bandwidth resources for specific users

6 Ability to support Dynamic Application Steering using SD-WAN Rules

- 7 -

7 Ability to support Traffic Shaping and QoS

8

Ability to support the below strategy:

Implicit

Best Quality

Lowest Cost

Maximize Bandwidth

9 Ability to support MAC Address in SD-WAN rules

10 The proposed hardware must not have dedicated WAN ports limitation. Physical ports on the hardware must be configurable to support both WAN or LAN

11 The proposed solution must have Dynamic Routing (such as BGP or OSPF) capability for ease of traffic management

12 The proposed solution must support ADVPN to dynamically establish direct tunnels (called shortcuts) between a traditional Hub and Spoke architecture spokes.

Security

1 Ability to block specific websites by IP or Domain Name

2 Ability to support Web URL Filter by Categories and Blacklist

3 Ability to support Application Blocking by Categories

4 Ability to support Stateful Firewall on IP, Protocols and Port Filtering

5

Ability to detect and prevent the following types of attacks from the Internet: Port Scans - NMAP FIN/URG/PSH, Xmas Tree, Another Xmas Tree, Null Scan, SYN/RST, SYN/FIN Ping Flood Attack DoS prevention module must provide real-time DoS protection

6 Ability to classify traffic to allow or deny packets according to pre-defined rules

7 Ability to block exploit and malware via Intrusion Prevention System and Anti-Malware profiles

8 Ability to have DNS Security to inspect on DNS Queries.

Device Management

1 The device is managed by web-based Management (HTTP/HTTPS)

2 Support different user levels for web-based management access

3 Support Authentication of admin security using Microsoft AD or LDAP

4 Ability to send out notification messages by email

5 Ability to save device configuration settings on a file and use such file to load settings on the device

6 Ability to integrate with SIEM server to log events of the device

7 Ability to configure whether a port can reply to ICMP Ping requests

- 8 -

Centralised Management Platform

1 Ability to manage all devices via centralized device management, monitoring, and reporting platform

2 Ability to synchronize the configuration to the management platform automatically

3 The proposed Centralized Management and Logs Analytics must be on-premises in a virtual machine platform

4 The proposed centralized logs analytics must have a dedicated dashboard for SD-WAN

5 Please include a sample SD-WAN report

Wireless Extender

1 The proposed solution must have Wireless Extender for every branch

2 The Wireless Extender must work with the local service provider in cellular connectivity

3 The proposed Wireless Extender must be managed under the same platform without requiring additional or third-party console

4 The proposed solution must include Power Injector to power on the proposed Wireless Extender

4 PROJECT MANAGEMENT REQUIREMENT

The following are the requirements for the Project Implementation:

No Descriptions References (Page # of your Proposal)

Project Management

1.

The Vendor is to implement the project by providing a project

methodology covering the following, but not limited to:

1) To provide project status, which includes

a. overall timeline

b. detailed timeline

c. key milestone

d. risk and mitigation plans

e. key deliverables

f. others

2) A complete project documentation

3) The Vendor to establish Vendor Project Management Team to

prepare and manage presentation slides, project meeting

arrangement, Minutes of Meetings, etc.

4) The Vendor Project Management Team consists of dedicated

team members such as Project Manager, Assistant Project

- 9 -

Manager, Project Management Office, Technical Lead, etc. to

manage this project from initiation until project hand-over stage.

5) The Vendor Project Management Office (PMO) is also to be the

center of communication between the Vendor and client.

6) The Vendor Project Management Team must attend and

participate actively in project meetings (AKPK Project

Management Team and Project Steering Committee).

7) The Vendor Project Manager to jointly update and present the

project status to AKPK stakeholders.

Implementation

2.

1) Installation, Configuration, Testing, Commissioning of SDWAN in

AKPK HQ, Data Centre (DC), Disaster Recovery Centre (DRC)

and Branches.

2) Installation, Configuration, Testing, Commissioning of

FortiAnalyzer in Data Centre (DC). The implementation will run

under the AKPK virtual infrastructure (VMWARE) environment.

3) Integration, Migration and Testing with existing firewalls. 4) Integration, Migration and Testing with existing FortiManager.

Certification

3.

Preferably the vendor should have engineers with valid certification

at a minimum NSE-4 by Fortinet. Please include the project

engineers’ certification into the proposal

Transfer of Technology (ToT)

4. To provide hands-on training/guide during implementation (setting, configuration, modification and etc)

Training

5. To provide online classroom training for 4 users.

Product Warranty

6.

1) The solution should not be end-of-life for the next five (5) years

2) The solution should come with a three (3) months warranty period

upon Go-live date, to cover the support and fixes.

3) All Software warranty and maintenance cost will commence from

the Go-live date and not from the purchase date.

Post Implementation Review

7. The vendor provides handholding services to help the client

familiarise using the SDWAN for three (3) months upon Go

- 10 -

live. The vendor will provide the PIR report upon project closure

to AKPK.

1) Provide handholding services to help build AKPK’s capability in using the solution for three (3) months upon Go-live.

2) Prepare all operating manuals, user manuals, system manuals, IT security manuals etc. as required.

3) Upon completion and satisfaction of PIR, the vendor shall prepare the handover to AKPK

1)

Support and Maintenance

7.

1) Support and Maintenance must be cover within working hours

2) Upon handing over the project to the client, the solution is subject

to three (3) years of Maintenance. The Vendor should conduct

Preventive Maintenance on the solution twice yearly within the

maintenance period.

3) Before the expiry of the Maintenance, the renewal should be

arranging and reviewed before the execution.

4) The Vendor will prepare the Maintenance Agreement, where the

clauses will have to be agreed upon by both client and Vendor.

5) The Vendor will prepare the monthly health check, including

findings and recommendations. The report must be submitted to

AKPK by the fifth (5th) day every month.

6) The Vendor will conduct preventive Maintenance half-yearly. The

report must be submitted to AKPK by the fifth (5th) day every

month.

Timeline

8. The project is expected to Go Live within Six (6) months.

(The remaining page is intentionally left blank)

- 11 -

5 Right to Clarify

5.1 AKPK reserves the right to seek further clarification on the Vendor (s)

PROPOSAL. Where such clarifications may reasonably result in a

variation of the price, the Vendor must submit a fresh quotation under a

separate sealed cover, within such period as specified by AKPK.

5.2 Vendor(s) who are required to submit the fresh quotation as per 7.1 after

the delivery of the PROPOSAL, are required to state the price variation

and, such variations shall remain valid until the expiry of the validity period.

6 Confidentiality of Information

6.1 The information contained in this RFP is proprietary and strictly

confidential to AKPK. Vendor is not permitted to publish, release, or

disclose any portion of this document without prior written consent of

AKPK.

6.2 Should a breach of confidentiality occur at any time before and after the

RFP proposal deadline, AKPK retains the right to disqualify the Proposal

and may choose not to invite the defaulting Vendor to any future proposal

exercises. AKPK reserve the right to claim damages on any losses if

applicable as a result of the breach.

7 Tender Details (Cost Proposal)

7.1 The unit price quoted for the proposed implementations must take into

account all relevant taxes, government duties, delivery charges,

installation, commissioning charges at site, etc. All prices supplied

should be itemised as per requirement.

7.2 All prices must be quoted on a fixed price basis in Ringgit Malaysia (RM).

7.3 Price listed in the Proposal shall be the Vendor's prevailing prices currently

in effect, provided always that AKPK shall have the benefit of the lower

price, if the market price moves downward.

7.4 The cost should be itemised by module or sub-application, if applicable.

7.5 The cost of annual Maintenance should also be included separately.

Where initial warranty is provided without charges, it should reflect as a RM

zero (0) cost.

- 12 -

7.6 Training class packages and the intended audiences should be listed as a

part of total project cost.

7.7 Any discount should also be itemised and quoted.

7.8 All costs and expenses incurred by Vendor in any way associated with the

development, preparation, and submission of responses, including but not

limited to; the attendance at meetings, discussions, demonstrations, proof

of concept, etc. and providing any additional information required by

AKPK, will be borne entirely and exclusively by the Vendor.

7.9 Cost proposals must remain valid for a minimum of period of 180 calendar

days from date of submission. Where these prices are contingent upon

certain assumptions, these assumptions should be clearly documented.

7.10 The costing of the requirement in the Functional and User Requirement

Study must be taken into consideration by the vendors. AKPK reserve the

right to accept or reject any additional cost from Functional and User Requirement

Study conducted above.

8 RFP SUBMISSION

8.1 Solution Proposal

In addition to the above, interested vendors are required to include the

following as attachment:

8.1.1 Overall strategy, approach and techniques for completing this

project.

8.1.2 Detailed evaluation methodology that describes the methods

used.

8.1.3 Qualifications, background and experience of Project Manager

and other team members proposed to work on the project.

8.1.4 To provide techical specification of solution to function at

optimum level.

8.1.5 To provide network and system architecture of the solution

8.1.6 Description of the chronology for completing the work,

including a time line and deadlines for each task.

8.1.7 Minimum three (3) examples of similar projects your company

has developed. Clearly explain the design objectives,

approach, rational and the outcome.

- 13 -

8.1.8 Relevant Suruhanjaya Syarikat Malaysia's (SSM) documents

as follows:-

For Enterprise Company; or

Company Profile

Corporate Information

Form D

Latest Audited Financial Statements 2019 and 2020

Product Brochures (if any)

Letters of Authorization from Principals and Distributors (if

any)

For Sendirian Berhad & Berhad Company

Company Profile

Memorandum and Articles of Association

Corporate Information

Form 49

Form 9 (Sendirian Berhad) & Form 8 (Berhad)

Latest Audited Financial Statements 2019 and 2020

Product Brochures (if any)

Letters of Authorization from Principals and Distributors (if

any)

8.1.9 Fill up the Person In-Charge Form.

8.1.10 Fill up the Company Profile Form.

8.2 Provide the following information/documents as Cost Proposal (Appendix

B):-

8.2.1 Provide Official Company Quotation for the Deliverables.

(Vendor must submit this and refer to items #10 VALIDITY

OF THE QUOTATION for the validity period of the Quotation)

8.2.2 Fill up the Cost Summary.

8.2.3 Provide proposed Payment Term.

8.2.4 Provide Bank Info.

9 METHOD OF SUBMISSION

9.1 The method of submission is via online ONLY. Proposals to this RFP must

be sent with separate documents via email to tender@akpk.org.my for both

Solution Proposal and Cost Proposal (Appendix B).

9.2 The subject to the email should read - AKPK/RFP21/JUL03: SD-WAN,

- 14 -

submitted by [service provider's name].

9.3 A bidder is required to submit the separate Solution Proposal and Cost

Proposal in PDF format and encrypted with a password.

9.4 Vendors submitting Proposals shall receive an email confirmation

acknowledging receipt of their Proposals.

10 CLARIFICATIONS

10.1 A bidder requiring any clarification on this RFP (technical or procurement

matters) may do so by sending the query to tender@akpk.org.my.

However, AKPK is under no obligation to respond to any queries. The

AKPK's officer in-charge are as follows:

a. AKPK's Procurement officer in-charge is:

Name : i) Nur Hayati Mat Salleh

: ii) Hadi Isma Che Wil

b. AKPK's Technical officer in-charge is:

Name : i) Mohd Azmi Mohd Supain

: ii) Halim Saleh

: iii) Muhammad Mu’az Azam

11 DEADLINE OF SUBMISSION

11.1 All quotations/proposals must reach us by / before 12:30 pm on 13

August 2021.

11.2 Tender received after the deadline and/or not comply with method of

submission as above mentioned will be rejected.

11.3 The Vendor's proof of posting and/or submission by other means shall not

be accepted as proof of receipt by AKPK.

11.4 Documents that are rejected or disqualified will be disposed-off at our end.

11.5 Regardless of the method used for delivery, vendors shall be wholly

responsible for the timely delivery of submitted Proposal.

12 PROOF OF CONCEPT / CLARIFICATION SESSION / CLIENTELE REFERENCE

12.1 Shortlisted vendors will be notified via email and required to attend and

arrange a Proof of Concept / Clarification session (at the vendors' office)

virtually on a date between 23 to 27 August 2021 and agreeable.

12.2 Clientele reference check

- 15 -

13 VALIDITY OF THE QUOTATION

13.1 The validity of the quotation submitted shall be 180 calendar days;

13.2 To provide additional service with the same specification and price within

twelve (12) months (if require) after first purchase done; and

14 AWARD OF THE CONTRACT

14.1 Before the expiry period of validity of the Proposal, AKPK shall notify the

selected Vendor in writing by registered letter or by email that its Proposal

has been accepted by AKPK and any intention to award a Contract.

14.2 The selected Vendor will be issued with an official Letter of Award (LOA).

14.3 Prior to such an issuance, price negotiation may be carried out with the

selected Vendor.

14.4 The parties to the contract shall have it signed within ten (10) days from

the date of LOA issuance unless there is an administrative review request.

14.5 The selected Vendor shall prepare the Project Agreement or Maintenance

Agreement (where required) within two (2) weeks upon acceptance of the

Letter of Award from AKPK.

14.6 Stamp duty to be borne by the selected Vendor.

14.7 The project shall commence once the Project Agreement or Maintenance

Agreement (where required) is signed by both parties, AKPK and the

selected Vendor.

15 ANTI-BRIBERY AND ANTI-CORRUPTION

15.1 AKPK is committed to conducting business in an ethical and honest

manner and has zero-tolerance for bribery and corrupt activities.

15.2 We are committed in all business dealings and relationships and will

constantly uphold all laws relating anti-bribery and anti-corruption in

Malaysia in particular the Malaysia Anti-Corruption Commission Act 2009.

16 WHISTLE BLOWING

16.1 Report on whistleblowing matters are as follows:

16.1.1 The Vendor is encouraged to report any concern by

completing the Whistleblowing Incident Report Form (WIRF)

as attached in Appendix C.

16.1.2 The Vendor shall as soon as possible, in writing or orally,

inform the CEO of AKPK, upon having knowledge of any

- 16 -

director, officer or employee of AKPK, directly or indirectly,

asking for or receiving, any gratification whether for his own

personal benefit or advantage or for the benefit or advantage

of any other person, in relation to this Agreement, whether

before, during or after the term of this Agreement at

ceo@akpk.org.my

16.1.3 If the concern involves the CEO of AKPK, the whistleblower

could address his concern either by post or email to the

Chairman of AKPK's Audit Committee at

acchairman@akpk.org.my

16.1.4 If the concern involves a director of the Board, you should

share your concern either by post or email with the Chairman

of the Board at chairman@akpk.org.my

'Gratification' includes corruption or bribery, any gift, money, property or thing

of value, or any service, favor or other intangible benefit or consideration of

any kind, or any other similar advantage

(The remaining page is intentionally left blank)

Confidential

- 17 -

APPENDIX A

A. SOLUTION PROPOSAL

1. VENDOR’S SOLUTION PROPOSAL (MANDATORY)

No Description Tick () Envelope

a)

A written proposal for the following: -

Solution Proposal

1. Proposal Overview

2. Propose solution hardware and software

3. Project Implementation plan & timeline

4. Product specification and quantity

5. Proposed Diagram

6. Proposed Project Organisation Chart

7. Project implementation experience

8. Technical Specification response 9. Write up respond in Section 3 (Deliverable) and

Section 4 (Project Management Requirement) 10. Minimum three (3) examples of similar projects

your company has implemented with clearly explain the design objectives, approach, rational and the outcome with screenshots.

b)

1. Copy of Company Profile form

2. Copy of Business Registration Certificate 3. Copy of Memorandum and Articles of

Association

4. Corporate Information (SSM) 5. Copy of Form D (Enterprise), Form 9 (Sendirian

Berhad) & Form 8 (Berhad)

6. Copy of Form 49 ( Sendirian Berhad & Berhad) 7. Copy of Latest Audited Financial Statements

2019 & 2020

c) Attached Product Brochures

d)

Curriculum Vitae and Certification of Project Manager and other team members propose to work on the project.

e) Letters of Authorization from Principals and Distributors, if any

f)

In case of joint venture or any other form of partnership (JV), provide the legal name of each party with role & function

g)

Declaration of any relationship with AKPK Board members or staff, i.e., parents, spouse, children, siblings (if any)

Confidential

- 18 -

2. DELIVERY OF DELIVERABLE

No Description Delivery Timeframe

(Please stated)

1 Delivery of the Deliverable

3. PERSON IN-CHARGE

Name

Designation

Signature

Email

Contact Number (Off)

Mobile Number (HP.)

Signature

Date

Company Stamp

(The remaining page is intentionally left blank)

Confidential

- 19 -

APPENDIX B

A. COST PROPOSAL

1. CHECKLIST

2. COST SUMMARY

2.1. One Time Cost

No Description Qty Cost Per

Unit (RM)

Tax Total (RM)

A. B. One Time Cost

SD-WAN for Head Quarters (HQ)

1 Hardware *Please specify the proposed model*

1 Unit

2 Software License

o Unified Threat Protection with 24x7 Support

3 Years

SD-WAN Branches

1 Hardware *Please specify the proposed model*

10 Units

2 Software License

o Unified Threat Protection with 24x7 Support

3 Years

3 LTE Wireless WAN Extender *Please specify the proposed model*

10 Units

4 Forticare with 24x7 support 3

Years

Analyzer for SD-WAN

1 Subscription license for 50 GB/Day Central

Logging & Analytics 3

Years

2

24x7 FortiCare support, IOC, SOC

subscription, and FortiGuard

Outbreak Alert service

3 Years

C. Professional services

1 Installation, Configuration, Testing, Commissioning of SDWAN.

1 Lot

No Description Tick (√)

Envelope

1 Submit official quotation with an itemized cost (Must submit this)

Cost Proposal

2. Cost Summary (as per item Appendix B (2) below)

3. Propose Delivery Timeframe

4. Propose Payment Term

5. Bank Info

Confidential

- 20 -

2 Installation, Configuration, Integration, Testing, Commissioning of FortiAnalyzer

1 Lot

3 Migration and Testing of existing firewalls 1 Lot

4 Integration and Testing with existing FortiManager

1 Lot

D. Project Management

1 Project Kick-off, Project Steering Committee (PSC), and Closure

1 Lot

2 Documentation 1 Lot

3 - Warranty 3 months after Go-Live 1 Lot

4 Online Classroom Training 4 Pax

Total

Sales & Services Tax (SST)

Grand Total Cost

2.2. Recurring Cost

No Description Qty Cost Per

Unit (RM)

Tax Total (RM)

1. Support and Maintenance Year 1

Quarter 1 1 Lot

Quarter 2 + Preventive Maintenance 1/2 1 Lot

Quarter 3 1 Lot

Quarter 4 + Preventive Maintenance 2/2 1 Lot

2. Support and Maintenance Year 2

Quarter 1 1 Lot

Quarter 2 + Preventive Maintenance 1/2 1 Lot

Quarter 3 1 Lot

Quarter 4 + Preventive Maintenance 2/2 1 Lot

3. Support and Maintenance Year 3

Quarter 1 1 Lot

Quarter 2 + Preventive Maintenance 1/2 1 Lot

Quarter 3 1 Lot

Quarter 4 + Preventive Maintenance 2/2 1 Lot

Total

Sales & Services Tax (SST)

Grand Total Cost

(All cost are inclusive of delivery charges and other taxes incidental to the deliverables)

Confidential

- 21 -

3. BREAKDOWN OF COST PROPOSAL

The breakdown of the cost for each item is specified in 2. COST PROPOSAL where

applicable.

1. How the cost is derived for each item.

2. The assumptions or conditions made, the resources required, and man-day rate where

possible to derive the cost, i.e. Professional Services.

3. Man day rate (if it is being used) as it will be the basis for future enhancements or

additional work required going forward.

4. DELIVERY TIMEFRAME

No Description Timeframe

1

Delivery of the Deliverables to complete the job in working days Note: The timeline maybe adjusted accordingly based on situation

……………………..

(including software and hardware delivery)

5. PAYMENT STRUCTURE

No Milestone Description Percentage

1. Upon Project Kick-Off 5%

2 Upon delivery of software and hardware 40%

3 Upon completion of the installation, commissioning and User Acceptance Testing at HQ, Data Centre (DC) and Disaster Recovery Centre (DRC)

20%

4 Upon completion of the installation, commissioning and User Acceptance Testing at 10 Branches (10 x 2%)

20%

5 Upon completion of Training 10%

6 Upon 3 Month Warranty Period (Please state if your payment term is not as per the above-preferred term)

5%

Confidential

- 22 -

6. BANK INFO

No Description

1

Manner of Payment i. Name of Bank : ii. Address of Bank : iii. Account number : iv. Account type : Current / Saving v. Account scheme : Conventional / Islamic

(The remaining page is intentionally left blank)

Confidential

- 23 -

APPENDIX C

1. COMPANY PROFILE FORM

This section covers generic company information that will provide a quick overview of the vendor/solution provider organization. Please fill in as much information as possible, and feel free to add additional information in the form of an attachment.

i. Particulars of Company

No Items Explanation

1. Company Name

2. Company Registration No. (for company registered in Malaysia)

3. Business Address

4. Correspondence Address (if different from the above business address)

5. Telephone No.

6. Fax No.

7.

Operation hours and support contact numbers ( Helpdesk)

Contact Person(s) for AKPK to communicate regards the proposal

Name: Contact No.: Email:

Name: Contact No.: Email:

Name: Contact No.: Email:

8. Number of years in business operation

9. Latest Audited Financial Statements

10. SSM Certification (e.g. Form 49. Form 9, etc.)

11. Company Nature of Business

12. Company Paid up Capital

13. Company Share Holder Fund

14. Total Staff – Company

15.

Total Staff – For This Project

(Project Manager, Project Management Office,

Technical Lead, Engineer, and etc.) where

applicable.

Confidential

- 24 -

ii. Company's Directors (Please add more where required or you may attach the CV of directors in the Solution Proposal)

No Name of

Directors

Position In

Company

Experiences,

Education /

Professional

Qualifications

Period

1.

2.

3.

iii. Company's Current and Past Work Experience (latest three (3) projects)

Please attach the list of similar contracts/projects performed by your company. The list

should be confined only to similar or related supply/services/works described in

this RFP document and presented in the format specified below (please add more rows

if not sufficient).

No. Client Name Project Description Project Completion Completion

Date

1.

2.

3.

2. DECLARATION

We declare that: i. All the information and statements made in Solution Proposal, Cost Proposal &

Company Profile Form and item b below, are true and we accept that any

misrepresentation contained in it may lead to our disqualification; and

ii. We have no outstanding bankruptcy or pending litigation or any legal action or planned

office closures, and/or impending merger that could impair our operation as a going

concern.

Signature

Name

Designation

Contact No.

Email address

Confidential

- 25 -

APPENDIX D

Whistleblower Incident Report Form (WIRF)

Instruction: All reports should be made using the WIRF

Reporting Misconduct

You should share your concerns of misconduct to the Chief Executive Officer (CEO) of

AKPK. If it is inappropriate to make the report to the CEO, you can report your concerns

to the Chairman of the Board of Directors or Chairman of the Board Audit Committee.

Alternatively, you may mail the completed WIRF to the Chairman of the Board of

Directors or to the Chairman of the Board Audit Committee.

Date of Report: _____________________________________________________

Person reporting the actual or suspected misconduct.

(Do not complete this section if you wish this to be an anonymous report)

Name : ___________________________________________________

Email address : ___________________________________________________

Telephone number : ___________________________________________________

Person against whom the report of actual or suspected misconduct is being

made:

Name : ___________________________________________________

Email address : ___________________________________________________

Telephone number : ___________________________________________________

*Use the back of this form or additional sheets of paper to describe the alleged

misconduct. Include specific facts and documentation, if any, as well as the

names of any individual at AKPK with whom you have discussed your concerns.

END OF RFP