The URL can be used to link to this page

7456 - Scope of WorkRFP 7456 City of Denton Website Scope of Work General Project Requirements & Specifications • The contractor shall fully implement and deliver the new website and shall bear primary responsibility for website performance, quality, and functionality. The website should perform acceptably for planned visitor load and be protected from excessive traffic generated by bots or malicious third parties. • Develop responsive design for a website that is suitable for viewing on multiple devices such as: desktop, mobile and web platforms. (An app version would also be desirable). • Ensure that the website meets ADA requirements to provide equal access to all users. • Provide a sustainable website platform and design that can grow with the City. Maintain compatibility with operating systems and other integrated applications, internet browsers, other software, etc. • Develop a unique strong design that incorporates the City’s brand and has a consistent style throughout. (City can provide fonts, colors, and images). • The contractor shall create and deliver a detailed project plan. The contractor shall complete the project in phases and shall clearly identify the objectives and deliverables of each phase in the project plan. • The contractor shall bear primary responsibility for managing the project and coordinating project activities, including City tasks, where appropriate. The contractor shall designate a project manager responsible for supervising project personnel, updating work plans, assigning project resources, representing project status, and presenting deliverables. • The contractor shall provide and host the content management system (CMS) to support current and new applications. • The contractor shall work with City staff to migrate and integrate existing content to the new website architecture and navigation, based on user analysis and other web analytics, and implement conversion, including current calendar items, e-subscribers, and existing data. • The contractor shall ensure that the website fully supports functional and technical requirements included in this document and integrates existing third-party software used by the City, which include but are not limited to eTrakit, Granicus Meeting Efficiency Suite and Legistar, NeoGov, eCare, QuickPay, Coplogic, Ionwave, and OpenCounter, Swaggit, and CivicRec through the use of modern REST Web API standards • The contractor shall provide necessary ongoing security upgrades to the website and ongoing development as part of a maintenance agreement. • The contractor shall provide user training to all City content managers through classroom instruction. The contractor shall also provide user manuals and training materials in an electronic format. • After publicly launching the new website, the contractor shall perform at least one round of feedback and usability testing and shall continue to partner with the City to develop innovative solutions to help the City meet its goals and address future challenges or opportunities. • The contractor shall provide cost-effective hosting services with evidence of the relevant aspects of their control environment, risk assessment, monitoring, and information and communication in the form of the Statement on Standards for Attestation Engagements (SSAE) No. 16 • Provide separate test and production environments • Provide weekly updates on the project during implementation, as needed. CMS Features & Security • Change management capability and approval workflows. • Ability to for user accounts to have localized editing permissions for specific pages. • Modular-build template(s) for design flexibility. • Any custom built functionality needs to be designed with the OWASP top 10 in mind • Log failed/successful logins, changes and errors at a minimum • Integrated Web Application Firewall (WAF) would be nice • Limit the amount of plugins/addons to only what is needed • Understand that I will be vulnerability scanning and possibly pen testing • Authenticate via Azure Directory Services or on premises directory services • Allow the synchronization of user information from Azure Directory Services or on premises directory services in order to minimize rogue accounts • Provide capability to utilize multi-factor authentication for accessing administrative or editing functions • Utilize a minimum of 128 bit encryption for transport layer security (TLS), with a minimum TLS version of 1.2 being utilized • Contain settings preventing use of cross site scripting • Utilize controls to prevent SQL attacks (e.g., hashing query strings, utilizing stored procedures rather than plain text queries in strings) • Protection from Cross site Request Forgery (CSRF) attacks • Access to logging for security monitoring purposes, logs must be made available for ingestion into log monitoring services like Splunk or LogRhythm • Provide regular patching for security threats and provide information on patch history for compliance monitoring purposes • Provide an application roadmap that shows planning for security controls in addition to new features Tools & Website Features Required Features • A highly functional website search feature is required. This should be able to help users navigate to a page by searching for keywords that are either entered manually or pulled from the page text (including text within dropdowns or other widgets). • Meganav menu option is required. • Submenus will be needed for collections of pages (for example, all pages related to Solid Waste will have the same submenu for ease of navigation). The submenu shall be not include graphics or icons; a text-based submenu in a side panel is desired. • Notification banner that shows up on all pages of the site in case of emergencies or other critical messaging • Newsroom feature that has blog-like options, such as the ability to automatically email subscribers when a new story/press release is posted. An option for users to select instant or weekly emails is desired. • Capability for specific keyword tagging that can drive search results or heavily weight the standard search algorithm. Desired Features • Calendar feature that shows content from all departments in the City, with options to filter events by department. • Photo gallery. • Integrated online form system. • Customizable message for instances when a “page is not found”. Analytics The contractor shall enable the website to gather the following usage data: • Search terms entered by website visitors • Pageviews per session • The average duration of a session • What website visitors click on when they visit pages • Website should be set up with integration with Google Analytics • Automatic scanning and reporting on dead links found within pages • Ability to run a reports on content changes (such as finding pages that haven’t been updated in a long time ago or within specific time range).