State Benefits Portal Modernization
# Implementation Exhibit RFP Reference: DSS-2024-0041 Project Title: State Benefits Portal Modernization Issuing Agency: Department of Social Services Document Type: Implementation, Delivery, Testing, Launch, and Stabilization Exhibit Release Date: Apr 27, 2026 Response Deadline: May 14, 2026 --- ## Page 1 - Implementation Overview The selected vendor must provide a production implementation plan for the State Benefits Portal Modernization project. The implementation plan must describe the activities, staffing, timeline, governance, dependencies, deliverables, and decision checkpoints required to move the modernized portal into production. The Department expects the vendor to provide a complete delivery approach covering: - Project kickoff. - Discovery and requirements confirmation. - Configuration. - Integration planning. - Legacy mainframe integration. - Payment status service integration. - Document repository coordination. - Case-worker queue coordination. - Functional testing. - Integration testing. - Accessibility review. - Security readiness review. - User acceptance testing. - Training. - Production readiness review. - Production launch. - Stabilization. The Department prefers an implementation approach that can operate with a small agency steering group while minimizing disruption to case workers, citizens, call center personnel, payment cycles, eligibility review processes, and existing operational reporting. The Department’s current benefits environment supports active public services. The selected vendor must plan work in a way that preserves continuity of benefit operations. Portal modernization activities must not interrupt citizen access, case-worker review queues, benefit eligibility determinations, payment status visibility, or required notices except as authorized by the Department through a planned production event. The implementation plan must be production-oriented. A pilot-only launch does not satisfy the required milestone. The Department expects the selected vendor to complete production go-live within 12 weeks of contract award. The implementation plan should be practical, specific, and measurable. General statements about agile delivery, iterative implementation, or collaborative discovery must be supported by a schedule, staffing model, deliverable list, dependency list, and risk management approach. The selected vendor must maintain an implementation schedule throughout the project. The schedule must identify critical path activities, Department dependencies, vendor dependencies, integration readiness activities, testing windows, training deadlines, production readiness checkpoints, and launch support activities. --- ## Page 2 - Project Governance and Staffing The selected vendor must establish a project governance structure that supports timely decision-making, issue escalation, risk management, and Department visibility into implementation status. The vendor must identify the following named roles: - Delivery Lead. - Technical Lead. - Security Contact. - Escalation Owner. - Implementation Analysts. - Senior Engineers. - QA Lead. - Training or Change Support Lead, if applicable. - Production Launch Lead, if applicable. The Department expects the Delivery Lead to be responsible for overall implementation coordination, status reporting, risk tracking, issue escalation, milestone management, and Department communication. The Technical Lead must be available for integration planning, architecture review, technical coordination, and production readiness activities. The Security Contact must support the security questionnaire, security readiness review, incident-response documentation, and security-related implementation questions. Weekly status reporting is required. The weekly status report must include, at minimum: - Completed activities. - Planned activities. - Open risks. - Open issues. - Blockers. - Decisions needed. - Upcoming milestones. - Schedule changes. - Dependency status. - Department action items. - Vendor action items. The Department expects risks, blockers, and decisions to be logged in a shared project record. The shared project record may include a risk register, issue log, decision log, action-item log, milestone tracker, dependency tracker, and status report archive. Major scope changes, schedule changes, integration delays, security-readiness concerns, staffing changes, or production readiness concerns must be escalated to the Department project sponsor. The staffing plan must show which roles are dedicated and which roles are shared. The Department expects senior technical staff to be available during kickoff, integration readiness, testing, production readiness, and launch support. Vendors should not assume that junior implementation resources can resolve legacy integration issues without senior technical support. The staffing plan must also describe vendor availability during the stabilization period. Stabilization support must include issue triage, defect response, status reporting, incident coordination, and practical support for Department personnel using the modernized portal. --- ## Page 3 - Production Timeline and Legacy Integration The selected vendor shall complete production go-live within 12 weeks of contract award. The production timeline must include the following minimum activities: 1. Contract award and project kickoff. 2. Governance setup. 3. Requirements confirmation. 4. Design confirmation. 5. Integration planning. 6. Integration readiness. 7. Configuration and implementation. 8. Functional testing. 9. Integration testing. 10. Accessibility review. 11. Security readiness review. 12. User acceptance testing. 13. Training preparation. 14. Production readiness review. 15. Production launch. 16. Stabilization. The schedule must identify agency dependencies, staffing assumptions, environment access, test data availability, decision checkpoints, and launch-readiness conditions. The portal must integrate with the Department’s legacy mainframe eligibility and payment systems. Mainframe integration must be complete before production go-live. The modernized portal must support continuity of eligibility review, household record updates, payment status inquiries, notices, case-worker workflow queues, and citizen-facing account activity during transition. The Department will provide available interface documentation after award. Vendors should not assume that all legacy documentation is complete, current, or immediately sufficient for implementation. The vendor must identify assumptions related to: - Mainframe interface documentation. - Test credentials. - Integration windows. - Data mapping. - Agency technical support. - Error handling. - Batch or real-time exchange methods. - Payment status service dependencies. - Eligibility system dependencies. - Document repository dependencies. - Case-worker queue dependencies. - Reporting database dependencies. The vendor must describe how it will manage integration uncertainty within the required schedule. The implementation plan should identify integration readiness activities early in the project. The Department expects integration risk to be surfaced promptly and not deferred until user acceptance testing or production readiness review. The implementation plan must explain how the vendor will coordinate with agency technology staff, existing managed-service providers, business subject-matter experts, security reviewers, and production readiness decision makers. --- ## Page 4 - Testing, Security Readiness, and Agency Dependencies The implementation plan must include a complete testing approach. Testing must include representative citizen workflows and representative case-worker workflows. The testing plan must address: - Functional testing. - Integration testing. - Accessibility review. - Performance testing. - Security readiness review. - User acceptance testing. - Production cutover validation. - Regression testing for critical workflows. - Defect tracking and remediation. - Test data management. - Test environment assumptions. Representative citizen workflows may include account access, identity-related workflows, household record updates, eligibility status review, payment status inquiry, notice access, document upload, account recovery, and submission confirmation. Representative case-worker workflows may include review queues, task assignment, case updates, document review, status updates, exception handling, administrative reporting, and audit-log review. The Department may require remediation before accepting a milestone if critical workflows fail, if required security documentation is incomplete, if accessibility issues are unresolved, if integration testing is not complete, or if production readiness evidence is insufficient. The selected vendor must support security readiness activities. Security readiness activities may include confirmation of access controls, administrator access management, role-based access control, audit logging, incident-response contacts, data handling, secure development practices, vulnerability remediation procedures, third-party service provider disclosures, and production support security procedures. The Department will provide subject-matter experts, integration access, available test data, procurement clarification responses, and production readiness decision makers. Vendors must identify any Department dependency that could delay production launch if agency access is unavailable. Agency dependencies may include: - Access to integration environments. - Access to technical documentation. - Access to legacy-system staff. - Access to business subject-matter experts. - Access to test data. - Access to security reviewers. - Access to privacy reviewers. - Access to production launch decision makers. - Access to managed-service providers. - Timely review of deliverables. - Timely response to implementation questions. Access to required integration environments is expected during project kickoff. If the vendor determines that required access is unavailable, incomplete, delayed, or insufficient, the vendor must document the impact and escalate the dependency through the project governance process. --- ## Page 5 - Launch, Stabilization, and Implementation Deliverables The selected vendor must support production launch, issue triage, status reporting, defect response, and stabilization after go-live. The production launch plan must identify launch activities, communication procedures, support coverage, escalation contacts, rollback or contingency procedures, validation steps, and Department decision points. The vendor must provide a production readiness checklist. The checklist should address, at minimum: - Functional testing completion. - Integration testing completion. - Accessibility review completion. - Security readiness review completion. - User acceptance testing completion. - Training material availability. - Support contact confirmation. - Incident escalation path. - Launch communication plan. - Cutover plan. - Rollback or contingency plan. - Known issue list. - Open risk list. - Department signoff. The vendor should provide a rollback plan or contingency process if launch-readiness checks fail. The Department understands that not every launch issue may require rollback, but the vendor must describe how launch risks will be assessed and how the Department will decide whether to proceed, pause, remediate, or revert. The stabilization period must include issue triage, defect prioritization, operational status reporting, support coordination, and confirmation that production workflows are functioning as intended. The vendor must maintain the implementation schedule and issue log during stabilization. Required implementation deliverables may include: - Project kickoff materials. - Governance plan. - Project schedule. - Staffing plan. - Risk register. - Issue log. - Decision log. - Dependency tracker. - Requirements confirmation. - Design confirmation. - Integration readiness plan. - Data mapping documentation. - Testing plan. - Security readiness documentation. - Accessibility review evidence. - Training materials. - Production readiness checklist. - Launch plan. - Stabilization report. The Department expects the vendor to keep the implementation schedule current throughout delivery. Schedule updates must identify changes, causes, impacts, and recovery actions. The Department will evaluate implementation proposals based on feasibility, specificity, public-sector experience, staffing credibility, integration approach, testing approach, security readiness support, and ability to meet the 12-week production go-live requirement.