Owosso Community Engagement Platform — Requirements → Ownership Matrix

Prepared for internal IBM Cloud & Partner alignment • Version 2025-09-19
Owner of submission and services: Business Partner (prime). IBM Cloud is delivered through the partner.
Priority key:  M Mandatory — must be included in the base proposal and operational at go‑live. D Desired — important for scoring; provide plan/timeline if not day‑one. O Optional — nice‑to‑have; can be priced as add‑on without affecting compliance.
Perficient — Prime Application + Systems Integrator (UX, VPAT, municipal SI)
Differentiators: Front-end & microservices ownership; strong WCAG/VPAT discipline. Laserfiche, CMS, social integrations via API Connect; SSO with IBM Verify/App ID. SaaS operations on IBM Cloud with runbooks, uptime reporting, and security evidence.
ID Category Requirement Priority IBM Cloud scope (IaaS/PaaS/SaaS) IBM Cloud services (delivered via partner) Business Partner must deliver (as vendor of record) Evidence / Artifacts
Engagement Tools
1 Engagement Tools Online surveys with customizable question types (multiple‑choice, open‑ended, ranking). M PaaS/SaaS platform support for backend services; secure runtime; scalable data store. OpenShift (ROKS), API Connect, Db2 or Databases for PostgreSQL; Cloud Load Balancer. Provide or configure the survey application layer (native or ISV); ensure UX quality, configurability, validation, and performance under concurrent load. Working survey module with admin configuration; load test summary; UI walkthrough.
2 Engagement Tools Digital polling/voting tools for quick feedback. M PaaS for APIs and data; event capture. API Connect, Event Streams (Kafka), Db2/Db2 Warehouse. Implement polling/voting flows; ensure anti‑ballot stuffing controls and auditability. Demonstrate vote workflow, rate‑limit & fraud controls, and audit trail.
3 Engagement Tools Integrates AI into data gathering and analysis. M PaaS for AI services & governance. watsonx.ai Studio; watsonx.governance; Knowledge Catalog. Design NLP (sentiment/themes) pipeline; register models/runs; document guardrails and bias testing. Model cards & governance records; sample outputs; risk controls.
4 Engagement Tools Interactive mapping for geographic feedback (pin‑on‑map). D PaaS runtime and API mediation for map SDKs. API Connect; OpenShift (hosting of map components). Provide mapping UX and storage of geo‑responses; license/operate chosen map SDK; ensure WCAG compliance. Live demo with map interactions; WCAG checks for map controls.
5 Engagement Tools Gamification (points/rewards). O PaaS runtime and data store; optional eventing. OpenShift; Db2; Event Streams. If offered, design rules, privacy‑safe leaderboards/badges; opt‑in controls. Feature spec; privacy note; sample leaderboard.
Equity & Accessibility
6 Equity & Accessibility ADA/WCAG 2.1 AA accessibility compliance. M N/A – app/UI responsibility (IBM provides hosting and security). Own VPAT and perform WCAG 2.1 AA audits across all resident‑facing pages (web/mobile). Current VPAT; 3rd‑party audit summary; remediation log.
7 Equity & Accessibility Multilingual support. M PaaS messaging; runtime. Event Notifications (email/SMS) for multilingual comms; OpenShift for language packs/services. Deliver locale strategy, translation workflow, RTL support, and language toggles. Language matrix; sample localized UI; translation QA process.
8 Equity & Accessibility SMS/text message input for residents without internet access. D PaaS messaging & API gateway. Event Notifications (SMS), API Connect. Enable SMS intake with verification, consent logging, and routing into the same data pipeline. SMS journey diagram; consent & opt‑out records; test transcripts.
9 Equity & Accessibility Capture paper survey responses into the system. O PaaS runtime & API gateway for ingestion. API Connect; Object Storage (optional) for scanned artifacts. Define manual entry/scanning process; double‑entry QC; chain‑of‑custody to Laserfiche. Procedure & training; sample scanned record; QC stats.
Analytics & Reporting
10 Analytics & Reporting Real‑time analytics dashboards. M PaaS analytics & eventing; scalable store. Db2 Warehouse / watsonx.data; Event Streams. Publish city & public dashboards; refresh under SLA; document KPI definitions. Dashboard links; SLA metrics; KPI catalog.
11 Analytics & Reporting Demographics tracking of respondents (age, ZIP, gender, etc.). M PaaS data & governance. Db2/Db2 Warehouse; Knowledge Catalog for metadata/lineage. Collect demographics with consent; privacy minimization; schema & retention controls. Data dictionary; consent text; retention policy.
12 Analytics & Reporting Sentiment analysis across open‑text responses. M PaaS AI & governance. watsonx.ai; watsonx.governance. Implement NLP pipeline; measure accuracy; document model drift monitoring. Evaluation report; governance artifacts; alerting rules.
13 Analytics & Reporting Compare engagement to census benchmarks (representativeness). D PaaS analytics store & compute. Db2 Warehouse / watsonx.data. Load ACS/census sets; define weighting/normalization; publish equity lenses. Benchmark workbook; sampling/weighting method.
14 Analytics & Reporting Exports to Excel/CSV/PDF. M PaaS data services & API mediation. Db2 Warehouse; API Connect (download endpoints). Implement role‑scoped exports; log access; ensure PII minimization in exports. Export samples; access logs; PII minimization note.
Transparency & Public Access
15 Transparency & Public Access Public dashboards with aggregated results. M PaaS hosting & cache; CDN option (if used). OpenShift; (optional) CDN via IBM Cloud Internet Services if desired. Deliver public site with uptime & cache strategy; clear methodology notes on charts. Public URL; uptime SLO; methodology page.
16 Transparency & Public Access Residents track project updates and see feedback outcomes. M PaaS runtime and API. OpenShift; API Connect. Provide project pages, update feeds, and ‘you said / we did’ traceability. Sample project page; update history; notification hooks.
17 Transparency & Public Access Email notification system for topic updates. D PaaS messaging. Event Notifications. Configure subscriptions, double‑opt‑in, bounce handling, and digest settings. Comms policy; bounce & complaint handling metrics.
Security & Privacy
18 Security & Privacy Encryption in transit and at rest. M IaaS/PaaS security & KMS; TLS termination. Key Protect / Hyper Protect Crypto Services; Load Balancer (TLS). Enforce app‑level TLS; use CMKs for database/warehouse; rotate keys; document crypto posture. KMS key plan; TLS cipher list; evidence of encryption at rest.
19 Security & Privacy Role-based access for City staff. M PaaS identity and access services. IBM Verify / App ID; IBM Cloud IAM (service policies). Design RBAC/ABAC in the app; SCIM/user provisioning; least‑privilege roles; admin audit. RBAC matrix; provisioning SOP; quarterly access review plan.
20 Security & Privacy GDPR/CCPA‑style privacy protections. M PaaS compliance tooling and evidence. Security and Compliance Center (controls, evidence); Activity Tracker (audit). Publish privacy policy, consent, DSAR/export/erasure processes; logging/audit trails. Privacy policy; DSAR SOP; audit samples.
21 Security & Privacy Ability to anonymize sensitive resident data. D PaaS data tooling; analytics store. Db2 Warehouse functions; Knowledge Catalog tags/classifications. Implement de‑identification/anonymization; document re‑identification risk. De‑identification method; test before/after samples.
Technical
T1 Technical Cloud‑based SaaS; vendor‑managed hosting, patches, and upgrades. M IaaS/PaaS foundation for SaaS delivery; multi‑zone HA. OpenShift (ROKS) multi‑zone; Container Registry; Continuous Delivery; Monitoring/Logs. Be the SaaS vendor of record; operate, patch, upgrade; provide SLA and incident communications. SaaS responsibility matrix; patch/upgrade calendar; maintenance windows.
T2 Technical Supports concurrent logins across multiple departments. M PaaS identity and runtime scalability. IBM Verify/App ID; OpenShift autoscaling. Design tenancy, throttling, and concurrency limits; run load tests; document SSO realms/spaces. Load test results; tenancy model; SSO configuration.
T3 Technical Works on iOS and Android mobile devices; no client‑side installs. M PaaS hosting and content delivery. OpenShift; API Connect; (optional) CDN. Deliver responsive web app; verify mobile browser compatibility; avoid native installs. Mobile compatibility matrix; device/browser QA results.
T4 Technical Uptime SLA of 99.9%. M IaaS/PaaS multi‑zone design and observability. ROKS multi‑zone; Cloud Monitoring; Cloud Logs/Activity Tracker; Flow Logs. Engineer multi‑zone ROKS and SRE runbooks to meet ≥99.9% uptime; publish monthly SLO reports. SLA doc; SLO dashboard; sample postmortem.
T5 Technical Integrates with City website and social media platforms; Laserfiche. M API gateway and integration services. API Connect; Event Notifications; Event Streams. Provide production‑grade Laserfiche, CMS, and social integration via API Connect with audit trails. Integration runbooks; API specs; audit samples.
Notes: All external integrations flow through API Connect; encryption uses CMKs (Key Protect/Hyper Protect); observability via Cloud Monitoring, Cloud Logs, and Activity Tracker; multi‑zone ROKS for ≥99.9% availability.
GlassHouse Systems — Infra‑security anchor + Managed SecOps; curated ISV for app layer
Differentiators: Leads landing zone, multi‑zone ROKS, IAM, network segmentation, and KMS. 24×7 SOC/NOC, vuln/patch pipeline, backup/restore validation, compliance evidence (SCC). Coordinates and operates a mature Civic ISV on IBM Cloud; integrates analytics & records.
ID Category Requirement Priority IBM Cloud scope (IaaS/PaaS/SaaS) IBM Cloud services (delivered via partner) Business Partner must deliver (as vendor of record) Evidence / Artifacts
Engagement Tools
1 Engagement Tools Online surveys with customizable question types (multiple‑choice, open‑ended, ranking). M PaaS/SaaS platform support for backend services; secure runtime; scalable data store. OpenShift (ROKS), API Connect, Db2 or Databases for PostgreSQL; Cloud Load Balancer. Provide or configure the survey application layer (native or ISV); ensure UX quality, configurability, validation, and performance under concurrent load. Working survey module with admin configuration; load test summary; UI walkthrough.
2 Engagement Tools Digital polling/voting tools for quick feedback. M PaaS for APIs and data; event capture. API Connect, Event Streams (Kafka), Db2/Db2 Warehouse. Implement polling/voting flows; ensure anti‑ballot stuffing controls and auditability. Demonstrate vote workflow, rate‑limit & fraud controls, and audit trail.
3 Engagement Tools Integrates AI into data gathering and analysis. M PaaS for AI services & governance. watsonx.ai Studio; watsonx.governance; Knowledge Catalog. Design NLP (sentiment/themes) pipeline; register models/runs; document guardrails and bias testing. Model cards & governance records; sample outputs; risk controls.
4 Engagement Tools Interactive mapping for geographic feedback (pin‑on‑map). D PaaS runtime and API mediation for map SDKs. API Connect; OpenShift (hosting of map components). Provide mapping UX and storage of geo‑responses; license/operate chosen map SDK; ensure WCAG compliance. Live demo with map interactions; WCAG checks for map controls.
5 Engagement Tools Gamification (points/rewards). O PaaS runtime and data store; optional eventing. OpenShift; Db2; Event Streams. If offered, design rules, privacy‑safe leaderboards/badges; opt‑in controls. Feature spec; privacy note; sample leaderboard.
Equity & Accessibility
6 Equity & Accessibility ADA/WCAG 2.1 AA accessibility compliance. M N/A – app/UI responsibility (IBM provides hosting and security). Coordinate VPAT/audits with the chosen ISV; verify accessibility of hosted components and ingress/egress paths. Current VPAT; 3rd‑party audit summary; remediation log.
7 Equity & Accessibility Multilingual support. M PaaS messaging; runtime. Event Notifications (email/SMS) for multilingual comms; OpenShift for language packs/services. Deliver locale strategy, translation workflow, RTL support, and language toggles. Language matrix; sample localized UI; translation QA process.
8 Equity & Accessibility SMS/text message input for residents without internet access. D PaaS messaging & API gateway. Event Notifications (SMS), API Connect. Enable SMS intake with verification, consent logging, and routing into the same data pipeline. SMS journey diagram; consent & opt‑out records; test transcripts.
9 Equity & Accessibility Capture paper survey responses into the system. O PaaS runtime & API gateway for ingestion. API Connect; Object Storage (optional) for scanned artifacts. Define manual entry/scanning process; double‑entry QC; chain‑of‑custody to Laserfiche. Procedure & training; sample scanned record; QC stats.
Analytics & Reporting
10 Analytics & Reporting Real‑time analytics dashboards. M PaaS analytics & eventing; scalable store. Db2 Warehouse / watsonx.data; Event Streams. Publish city & public dashboards; refresh under SLA; document KPI definitions. Dashboard links; SLA metrics; KPI catalog.
11 Analytics & Reporting Demographics tracking of respondents (age, ZIP, gender, etc.). M PaaS data & governance. Db2/Db2 Warehouse; Knowledge Catalog for metadata/lineage. Collect demographics with consent; privacy minimization; schema & retention controls. Data dictionary; consent text; retention policy.
12 Analytics & Reporting Sentiment analysis across open‑text responses. M PaaS AI & governance. watsonx.ai; watsonx.governance. Implement NLP pipeline; measure accuracy; document model drift monitoring. Evaluation report; governance artifacts; alerting rules.
13 Analytics & Reporting Compare engagement to census benchmarks (representativeness). D PaaS analytics store & compute. Db2 Warehouse / watsonx.data. Load ACS/census sets; define weighting/normalization; publish equity lenses. Benchmark workbook; sampling/weighting method.
14 Analytics & Reporting Exports to Excel/CSV/PDF. M PaaS data services & API mediation. Db2 Warehouse; API Connect (download endpoints). Implement role‑scoped exports; log access; ensure PII minimization in exports. Export samples; access logs; PII minimization note.
Transparency & Public Access
15 Transparency & Public Access Public dashboards with aggregated results. M PaaS hosting & cache; CDN option (if used). OpenShift; (optional) CDN via IBM Cloud Internet Services if desired. Deliver public site with uptime & cache strategy; clear methodology notes on charts. Public URL; uptime SLO; methodology page.
16 Transparency & Public Access Residents track project updates and see feedback outcomes. M PaaS runtime and API. OpenShift; API Connect. Provide project pages, update feeds, and ‘you said / we did’ traceability. Sample project page; update history; notification hooks.
17 Transparency & Public Access Email notification system for topic updates. D PaaS messaging. Event Notifications. Configure subscriptions, double‑opt‑in, bounce handling, and digest settings. Comms policy; bounce & complaint handling metrics.
Security & Privacy
18 Security & Privacy Encryption in transit and at rest. M IaaS/PaaS security & KMS; TLS termination. Key Protect / Hyper Protect Crypto Services; Load Balancer (TLS). Engineer TLS, CMKs (Key Protect/Hyper Protect), and encryption policies; document crypto evidence in SCC. KMS key plan; TLS cipher list; evidence of encryption at rest.
19 Security & Privacy Role-based access for City staff. M PaaS identity and access services. IBM Verify / App ID; IBM Cloud IAM (service policies). Design RBAC/ABAC in the app; SCIM/user provisioning; least‑privilege roles; admin audit. RBAC matrix; provisioning SOP; quarterly access review plan.
20 Security & Privacy GDPR/CCPA‑style privacy protections. M PaaS compliance tooling and evidence. Security and Compliance Center (controls, evidence); Activity Tracker (audit). Publish privacy policy, consent, DSAR/export/erasure processes; logging/audit trails. Privacy policy; DSAR SOP; audit samples.
21 Security & Privacy Ability to anonymize sensitive resident data. D PaaS data tooling; analytics store. Db2 Warehouse functions; Knowledge Catalog tags/classifications. Implement de‑identification/anonymization; document re‑identification risk. De‑identification method; test before/after samples.
Technical
T1 Technical Cloud‑based SaaS; vendor‑managed hosting, patches, and upgrades. M IaaS/PaaS foundation for SaaS delivery; multi‑zone HA. OpenShift (ROKS) multi‑zone; Container Registry; Continuous Delivery; Monitoring/Logs. Act as SaaS operator of record; enforce change control, patching, and DR; maintain compliance evidence. SaaS responsibility matrix; patch/upgrade calendar; maintenance windows.
T2 Technical Supports concurrent logins across multiple departments. M PaaS identity and runtime scalability. IBM Verify/App ID; OpenShift autoscaling. Design tenancy, throttling, and concurrency limits; run load tests; document SSO realms/spaces. Load test results; tenancy model; SSO configuration.
T3 Technical Works on iOS and Android mobile devices; no client‑side installs. M PaaS hosting and content delivery. OpenShift; API Connect; (optional) CDN. Deliver responsive web app; verify mobile browser compatibility; avoid native installs. Mobile compatibility matrix; device/browser QA results.
T4 Technical Uptime SLA of 99.9%. M IaaS/PaaS multi‑zone design and observability. ROKS multi‑zone; Cloud Monitoring; Cloud Logs/Activity Tracker; Flow Logs. Own SLA; publish SLOs & monthly uptime; drill incident response; provide postmortems. SLA doc; SLO dashboard; sample postmortem.
T5 Technical Integrates with City website and social media platforms; Laserfiche. M API gateway and integration services. API Connect; Event Notifications; Event Streams. Build/maintain connectors; adhere to gateway policies; ensure auditability and rate limits. Integration runbooks; API specs; audit samples.
Notes: All external integrations flow through API Connect; encryption uses CMKs (Key Protect/Hyper Protect); observability via Cloud Monitoring, Cloud Logs, and Activity Tracker; multi‑zone ROKS for ≥99.9% availability.
AccelBI — Data/AI‑forward app + analytics depth; curated ISV for UX velocity
Differentiators: Watsonx‑based sentiment/topic modeling; census representativeness and equity lenses. Public dashboards backed by Db2 Warehouse / watsonx.data; governed with watsonx.governance and Knowledge Catalog. Configures ISV or light front‑end; maintains vendor‑managed hosting and training/support.
ID Category Requirement Priority IBM Cloud scope (IaaS/PaaS/SaaS) IBM Cloud services (delivered via partner) Business Partner must deliver (as vendor of record) Evidence / Artifacts
Engagement Tools
1 Engagement Tools Online surveys with customizable question types (multiple‑choice, open‑ended, ranking). M PaaS/SaaS platform support for backend services; secure runtime; scalable data store. OpenShift (ROKS), API Connect, Db2 or Databases for PostgreSQL; Cloud Load Balancer. Provide or configure the survey application layer (native or ISV); ensure UX quality, configurability, validation, and performance under concurrent load. Working survey module with admin configuration; load test summary; UI walkthrough.
2 Engagement Tools Digital polling/voting tools for quick feedback. M PaaS for APIs and data; event capture. API Connect, Event Streams (Kafka), Db2/Db2 Warehouse. Implement polling/voting flows; ensure anti‑ballot stuffing controls and auditability. Demonstrate vote workflow, rate‑limit & fraud controls, and audit trail.
3 Engagement Tools Integrates AI into data gathering and analysis. M PaaS for AI services & governance. watsonx.ai Studio; watsonx.governance; Knowledge Catalog. Implement watsonx.ai NLP with topic/sentiment models; register runs and controls in watsonx.governance. Model cards & governance records; sample outputs; risk controls.
4 Engagement Tools Interactive mapping for geographic feedback (pin‑on‑map). D PaaS runtime and API mediation for map SDKs. API Connect; OpenShift (hosting of map components). Provide mapping UX and storage of geo‑responses; license/operate chosen map SDK; ensure WCAG compliance. Live demo with map interactions; WCAG checks for map controls.
5 Engagement Tools Gamification (points/rewards). O PaaS runtime and data store; optional eventing. OpenShift; Db2; Event Streams. If offered, design rules, privacy‑safe leaderboards/badges; opt‑in controls. Feature spec; privacy note; sample leaderboard.
Equity & Accessibility
6 Equity & Accessibility ADA/WCAG 2.1 AA accessibility compliance. M N/A – app/UI responsibility (IBM provides hosting and security). Own VPAT and end‑to‑end accessibility; run audits across web/mobile; correct defects prior to go‑live. Current VPAT; 3rd‑party audit summary; remediation log.
7 Equity & Accessibility Multilingual support. M PaaS messaging; runtime. Event Notifications (email/SMS) for multilingual comms; OpenShift for language packs/services. Deliver locale strategy, translation workflow, RTL support, and language toggles. Language matrix; sample localized UI; translation QA process.
8 Equity & Accessibility SMS/text message input for residents without internet access. D PaaS messaging & API gateway. Event Notifications (SMS), API Connect. Enable SMS intake with verification, consent logging, and routing into the same data pipeline. SMS journey diagram; consent & opt‑out records; test transcripts.
9 Equity & Accessibility Capture paper survey responses into the system. O PaaS runtime & API gateway for ingestion. API Connect; Object Storage (optional) for scanned artifacts. Define manual entry/scanning process; double‑entry QC; chain‑of‑custody to Laserfiche. Procedure & training; sample scanned record; QC stats.
Analytics & Reporting
10 Analytics & Reporting Real‑time analytics dashboards. M PaaS analytics & eventing; scalable store. Db2 Warehouse / watsonx.data; Event Streams. Publish real‑time analytics with equity lenses; ensure public dashboards reflect data quality controls. Dashboard links; SLA metrics; KPI catalog.
11 Analytics & Reporting Demographics tracking of respondents (age, ZIP, gender, etc.). M PaaS data & governance. Db2/Db2 Warehouse; Knowledge Catalog for metadata/lineage. Collect demographics with consent; privacy minimization; schema & retention controls. Data dictionary; consent text; retention policy.
12 Analytics & Reporting Sentiment analysis across open‑text responses. M PaaS AI & governance. watsonx.ai; watsonx.governance. Implement NLP pipeline; measure accuracy; document model drift monitoring. Evaluation report; governance artifacts; alerting rules.
13 Analytics & Reporting Compare engagement to census benchmarks (representativeness). D PaaS analytics store & compute. Db2 Warehouse / watsonx.data. Load ACS/census data; implement representativeness weighting and disclose methodology. Benchmark workbook; sampling/weighting method.
14 Analytics & Reporting Exports to Excel/CSV/PDF. M PaaS data services & API mediation. Db2 Warehouse; API Connect (download endpoints). Implement role‑scoped exports; log access; ensure PII minimization in exports. Export samples; access logs; PII minimization note.
Transparency & Public Access
15 Transparency & Public Access Public dashboards with aggregated results. M PaaS hosting & cache; CDN option (if used). OpenShift; (optional) CDN via IBM Cloud Internet Services if desired. Deliver public site with uptime & cache strategy; clear methodology notes on charts. Public URL; uptime SLO; methodology page.
16 Transparency & Public Access Residents track project updates and see feedback outcomes. M PaaS runtime and API. OpenShift; API Connect. Provide project pages, update feeds, and ‘you said / we did’ traceability. Sample project page; update history; notification hooks.
17 Transparency & Public Access Email notification system for topic updates. D PaaS messaging. Event Notifications. Configure subscriptions, double‑opt‑in, bounce handling, and digest settings. Comms policy; bounce & complaint handling metrics.
Security & Privacy
18 Security & Privacy Encryption in transit and at rest. M IaaS/PaaS security & KMS; TLS termination. Key Protect / Hyper Protect Crypto Services; Load Balancer (TLS). Enforce app‑level TLS; use CMKs for database/warehouse; rotate keys; document crypto posture. KMS key plan; TLS cipher list; evidence of encryption at rest.
19 Security & Privacy Role-based access for City staff. M PaaS identity and access services. IBM Verify / App ID; IBM Cloud IAM (service policies). Design RBAC/ABAC in the app; SCIM/user provisioning; least‑privilege roles; admin audit. RBAC matrix; provisioning SOP; quarterly access review plan.
20 Security & Privacy GDPR/CCPA‑style privacy protections. M PaaS compliance tooling and evidence. Security and Compliance Center (controls, evidence); Activity Tracker (audit). Publish privacy policy, consent, DSAR/export/erasure processes; logging/audit trails. Privacy policy; DSAR SOP; audit samples.
21 Security & Privacy Ability to anonymize sensitive resident data. D PaaS data tooling; analytics store. Db2 Warehouse functions; Knowledge Catalog tags/classifications. Implement de‑identification/anonymization; document re‑identification risk. De‑identification method; test before/after samples.
Technical
T1 Technical Cloud‑based SaaS; vendor‑managed hosting, patches, and upgrades. M IaaS/PaaS foundation for SaaS delivery; multi‑zone HA. OpenShift (ROKS) multi‑zone; Container Registry; Continuous Delivery; Monitoring/Logs. Be the SaaS vendor of record; operate, patch, upgrade; provide SLA and incident communications. SaaS responsibility matrix; patch/upgrade calendar; maintenance windows.
T2 Technical Supports concurrent logins across multiple departments. M PaaS identity and runtime scalability. IBM Verify/App ID; OpenShift autoscaling. Design tenancy, throttling, and concurrency limits; run load tests; document SSO realms/spaces. Load test results; tenancy model; SSO configuration.
T3 Technical Works on iOS and Android mobile devices; no client‑side installs. M PaaS hosting and content delivery. OpenShift; API Connect; (optional) CDN. Deliver responsive web app; verify mobile browser compatibility; avoid native installs. Mobile compatibility matrix; device/browser QA results.
T4 Technical Uptime SLA of 99.9%. M IaaS/PaaS multi‑zone design and observability. ROKS multi‑zone; Cloud Monitoring; Cloud Logs/Activity Tracker; Flow Logs. Own SLA; publish SLOs & monthly uptime; drill incident response; provide postmortems. SLA doc; SLO dashboard; sample postmortem.
T5 Technical Integrates with City website and social media platforms; Laserfiche. M API gateway and integration services. API Connect; Event Notifications; Event Streams. Build/maintain connectors; adhere to gateway policies; ensure auditability and rate limits. Integration runbooks; API specs; audit samples.
Notes: All external integrations flow through API Connect; encryption uses CMKs (Key Protect/Hyper Protect); observability via Cloud Monitoring, Cloud Logs, and Activity Tracker; multi‑zone ROKS for ≥99.9% availability.
Lantrasoft — Cost‑effective custom portal + ISV fallback; Midwest proximity
Differentiators: Lean WCAG‑compliant portal on ROKS/Kubernetes; fast iteration cycles. Midwest on‑site PM and Tier‑1/2 helpdesk; vendor‑managed hosting and observability. Optional ISV fallback (PublicInput/CitizenLab) with IBM Cloud integration preserved.
ID Category Requirement Priority IBM Cloud scope (IaaS/PaaS/SaaS) IBM Cloud services (delivered via partner) Business Partner must deliver (as vendor of record) Evidence / Artifacts
Engagement Tools
1 Engagement Tools Online surveys with customizable question types (multiple‑choice, open‑ended, ranking). M PaaS/SaaS platform support for backend services; secure runtime; scalable data store. OpenShift (ROKS), API Connect, Db2 or Databases for PostgreSQL; Cloud Load Balancer. Deliver lean survey UX in a custom portal or configure the selected ISV; prioritize rapid iterations and cost control. Working survey module with admin configuration; load test summary; UI walkthrough.
2 Engagement Tools Digital polling/voting tools for quick feedback. M PaaS for APIs and data; event capture. API Connect, Event Streams (Kafka), Db2/Db2 Warehouse. Implement polling/voting flows; ensure anti‑ballot stuffing controls and auditability. Demonstrate vote workflow, rate‑limit & fraud controls, and audit trail.
3 Engagement Tools Integrates AI into data gathering and analysis. M PaaS for AI services & governance. watsonx.ai Studio; watsonx.governance; Knowledge Catalog. Design NLP (sentiment/themes) pipeline; register models/runs; document guardrails and bias testing. Model cards & governance records; sample outputs; risk controls.
4 Engagement Tools Interactive mapping for geographic feedback (pin‑on‑map). D PaaS runtime and API mediation for map SDKs. API Connect; OpenShift (hosting of map components). Provide mapping UX and storage of geo‑responses; license/operate chosen map SDK; ensure WCAG compliance. Live demo with map interactions; WCAG checks for map controls.
5 Engagement Tools Gamification (points/rewards). O PaaS runtime and data store; optional eventing. OpenShift; Db2; Event Streams. If offered, design rules, privacy‑safe leaderboards/badges; opt‑in controls. Feature spec; privacy note; sample leaderboard.
Equity & Accessibility
6 Equity & Accessibility ADA/WCAG 2.1 AA accessibility compliance. M N/A – app/UI responsibility (IBM provides hosting and security). Own VPAT for the custom portal; remediate findings pre‑go‑live. Current VPAT; 3rd‑party audit summary; remediation log.
7 Equity & Accessibility Multilingual support. M PaaS messaging; runtime. Event Notifications (email/SMS) for multilingual comms; OpenShift for language packs/services. Deliver locale strategy, translation workflow, RTL support, and language toggles. Language matrix; sample localized UI; translation QA process.
8 Equity & Accessibility SMS/text message input for residents without internet access. D PaaS messaging & API gateway. Event Notifications (SMS), API Connect. Enable SMS intake with verification, consent logging, and routing into the same data pipeline. SMS journey diagram; consent & opt‑out records; test transcripts.
9 Equity & Accessibility Capture paper survey responses into the system. O PaaS runtime & API gateway for ingestion. API Connect; Object Storage (optional) for scanned artifacts. Define manual entry/scanning process; double‑entry QC; chain‑of‑custody to Laserfiche. Procedure & training; sample scanned record; QC stats.
Analytics & Reporting
10 Analytics & Reporting Real‑time analytics dashboards. M PaaS analytics & eventing; scalable store. Db2 Warehouse / watsonx.data; Event Streams. Publish city & public dashboards; refresh under SLA; document KPI definitions. Dashboard links; SLA metrics; KPI catalog.
11 Analytics & Reporting Demographics tracking of respondents (age, ZIP, gender, etc.). M PaaS data & governance. Db2/Db2 Warehouse; Knowledge Catalog for metadata/lineage. Collect demographics with consent; privacy minimization; schema & retention controls. Data dictionary; consent text; retention policy.
12 Analytics & Reporting Sentiment analysis across open‑text responses. M PaaS AI & governance. watsonx.ai; watsonx.governance. Implement NLP pipeline; measure accuracy; document model drift monitoring. Evaluation report; governance artifacts; alerting rules.
13 Analytics & Reporting Compare engagement to census benchmarks (representativeness). D PaaS analytics store & compute. Db2 Warehouse / watsonx.data. Load ACS/census sets; define weighting/normalization; publish equity lenses. Benchmark workbook; sampling/weighting method.
14 Analytics & Reporting Exports to Excel/CSV/PDF. M PaaS data services & API mediation. Db2 Warehouse; API Connect (download endpoints). Implement role‑scoped exports; log access; ensure PII minimization in exports. Export samples; access logs; PII minimization note.
Transparency & Public Access
15 Transparency & Public Access Public dashboards with aggregated results. M PaaS hosting & cache; CDN option (if used). OpenShift; (optional) CDN via IBM Cloud Internet Services if desired. Deliver public site with uptime & cache strategy; clear methodology notes on charts. Public URL; uptime SLO; methodology page.
16 Transparency & Public Access Residents track project updates and see feedback outcomes. M PaaS runtime and API. OpenShift; API Connect. Provide project pages, update feeds, and ‘you said / we did’ traceability. Sample project page; update history; notification hooks.
17 Transparency & Public Access Email notification system for topic updates. D PaaS messaging. Event Notifications. Configure subscriptions, double‑opt‑in, bounce handling, and digest settings. Comms policy; bounce & complaint handling metrics.
Security & Privacy
18 Security & Privacy Encryption in transit and at rest. M IaaS/PaaS security & KMS; TLS termination. Key Protect / Hyper Protect Crypto Services; Load Balancer (TLS). Enforce app‑level TLS; use CMKs for database/warehouse; rotate keys; document crypto posture. KMS key plan; TLS cipher list; evidence of encryption at rest.
19 Security & Privacy Role-based access for City staff. M PaaS identity and access services. IBM Verify / App ID; IBM Cloud IAM (service policies). Design RBAC/ABAC in the app; SCIM/user provisioning; least‑privilege roles; admin audit. RBAC matrix; provisioning SOP; quarterly access review plan.
20 Security & Privacy GDPR/CCPA‑style privacy protections. M PaaS compliance tooling and evidence. Security and Compliance Center (controls, evidence); Activity Tracker (audit). Publish privacy policy, consent, DSAR/export/erasure processes; logging/audit trails. Privacy policy; DSAR SOP; audit samples.
21 Security & Privacy Ability to anonymize sensitive resident data. D PaaS data tooling; analytics store. Db2 Warehouse functions; Knowledge Catalog tags/classifications. Implement de‑identification/anonymization; document re‑identification risk. De‑identification method; test before/after samples.
Technical
T1 Technical Cloud‑based SaaS; vendor‑managed hosting, patches, and upgrades. M IaaS/PaaS foundation for SaaS delivery; multi‑zone HA. OpenShift (ROKS) multi‑zone; Container Registry; Continuous Delivery; Monitoring/Logs. Be the SaaS vendor of record; operate, patch, upgrade; provide SLA and incident communications. SaaS responsibility matrix; patch/upgrade calendar; maintenance windows.
T2 Technical Supports concurrent logins across multiple departments. M PaaS identity and runtime scalability. IBM Verify/App ID; OpenShift autoscaling. Design tenancy, throttling, and concurrency limits; run load tests; document SSO realms/spaces. Load test results; tenancy model; SSO configuration.
T3 Technical Works on iOS and Android mobile devices; no client‑side installs. M PaaS hosting and content delivery. OpenShift; API Connect; (optional) CDN. Deliver responsive web app; verify mobile browser compatibility; avoid native installs. Mobile compatibility matrix; device/browser QA results.
T4 Technical Uptime SLA of 99.9%. M IaaS/PaaS multi‑zone design and observability. ROKS multi‑zone; Cloud Monitoring; Cloud Logs/Activity Tracker; Flow Logs. Own SLA; publish SLOs & monthly uptime; drill incident response; provide postmortems. SLA doc; SLO dashboard; sample postmortem.
T5 Technical Integrates with City website and social media platforms; Laserfiche. M API gateway and integration services. API Connect; Event Notifications; Event Streams. Build pragmatic connectors (Laserfiche/CMS/Social) through API Connect; maintain runbooks for each. Integration runbooks; API specs; audit samples.
Notes: All external integrations flow through API Connect; encryption uses CMKs (Key Protect/Hyper Protect); observability via Cloud Monitoring, Cloud Logs, and Activity Tracker; multi‑zone ROKS for ≥99.9% availability.