Vendor Engagement Resources

Column Paragraph
group of business people in a meeting

Information for Vendors

This page provides vendors a high-level understanding of how to navigate the complexities of the state IT procurement process

Tab/Accordion Items

Required Architecture Diagrams

The following are templates for architectural diagrams required upon RFP submission:

For additional information on these diagrams, see the descriptions below.

Network Architecture Diagram

This diagram describes the means of communication, the method of sending and receiving information, between the assets in the Technology Architecture.  

The diagram will take logical connections between client and server components and identify network boundaries and network infrastructure required to physically implement those connections. It does not describe the information format or content but will address protocol and capacity issues.

Technology Stack Diagram

Technology stack, also called a solution stack, is a set of software components that compose a logically complete platform for running a service or supporting an application. It is the set of software that provides the infrastructure for a solution. The stacks differ based on the deployment location (e.g. client, server, mainframe). The technology stack diagram depicts the relationships and critical communication paths between the solution’s software components.

Overview

The goals listed below reflect the overall strategy of DIT to find better ways to leverage and share what is common across the State in terms of IT. Key elements of the vision include providing agile, world-class technology solutions, with an emphasis on digital services, delivering value through a disciplined approach to the management of technology across the enterprise of state government, increasing overall productivity of agencies and their employees, meeting the Governor’s directive to increase the use of shared data and analytics among agencies, and protecting government systems and citizen information from unauthorized access.

Updated Statewide Information Technology Goals

  1. Secure IT systems and infrastructure: Provide a resilient infrastructure that mitigates risk, supports business continuity, provides security and privacy of the State’s and citizens’ data, and supports secure collaboration and information sharing.
  2. Deepen trusted partnerships: Support and empower the business of State government by improving processes, enhancing cross-agency collaboration and cooperation, and establishing and managing IT standards.
  3. Improve the management and transparency of IT: Better utilize the State’s IT resources by increasing visibility into what the State has, what it costs, and how the State uses it.
  4. Modernize and centralize IT operations: Modernize and centralize technology operations to effectively support a 21st century government.
  5. Empower our citizens through technology: Provide transparent, easy-to-use, and customer-focused government and student services.
  6. Promote better decision-making through analytics: Leverage the State’s data to make more informed decisions, policies, and laws.

    Strategic Resources

    Overview

    An enterprise approach optimizes information technology (IT) security and risk management activities performed at the statewide level, allowing the State to gain economies of scale and helping to ensure security program consistency.

    Security Resources

    Overview

    The Government Data Analytics Center (GDAC) is developing a comprehensive master data management tool to document the State’s data sources and definitions, as well as any quality issues associated with the data in terms of accuracy, currency, and completeness. Evaluating a data source at the enterprise level with varying business perspectives can point out these types of data quality concerns. Based on this knowledge, the GDAC can work with the data source agency to identify ways to improve and expand the capture of quality data to support more accurate analysis and decisions.

    Overview

    North Carolina constituencies expect great digital experiences when engaging with state government. Our goal is to deliver content, resources and services anytime, anywhere and on any device. We aim to deliver user-centric digital services with an emphasis on accessibility, ease-of-use and consistency while ensuring security and reliability. 

    Digital Commons

    The N.C. Department of Information Technology administers Digital Commons, a customized content management platform running on the open-source Drupal framework (currently Drupal 9) and hosted on FedRAMP compliant Amazon Web Services. As the state's enterprise web content management system, Digital Commons is considered the standard delivery platform for web and digital content.

    The platform supports more than 60 websites for agencies, boards and commission, including the NC.gov Constituent Portal

    Resources

    Overview

    NCDIT provides over 40 services to State agencies and other local government entities. DIT’s technical services range from networking to platform and hosting to productivity and collaboration. 

    Key NCDIT Services

    Overview

    The State Chief Information Officer (SCIO) strives to simplify electronic transactions with North Carolina State Government. The SCIO is required to ensure this happens in a secure manner. This is accomplished through authentication of users and controlled access to applications and services.

    Standard

    To achieve this, the SCIO requires all inter-agency and external facing solutions/applications that create content use the State’s Identity and Access Management solution (“NCID”).

    More information about the NCID service.

    NCID is used to integrate with numerous systems to synergize the end-user experience by providing authentication/authorization to State applications and solutions.

    All solutions requiring NCID authentication must externalize identity and access management and support the following protocols:

    • Security Assertion Markup Language (SAML v2)
    • Lightweight Directory Access Protocol (LDAP)
    • Web Services (SOAP/WSDL)

    As existing solutions are upgraded or replaced, they will be required to support the above protocols.

    A formal exception is required to use a solution other than NCID. The agency must provide just cause for the exception to be approved.

    Find the exception form and additional information about exceptions.