DMV_SMRFP_IT RFP Development Form_Master_02-06-l5 V 1.0 AD Final

IT RFP Development Form – 02-27-14 Page 1 of 113
State of Nevada Brian Sandoval
Department of Administration Governor
Purchasing Division Jeff Mohlenkamp
Director
Greg Smith
515 E. Musser Street, Suite 300
Carson City, NV 89701
Administrator
NEVADA STATE PURCHASING DIVISION
REQUEST FOR PROPOSAL (RFP) DEVELOPMENT FORM FOR IT PROJECTS
Note: If you have questions regarding completion of this form, please contact the Procurement Staff
Member that will be working with you on the RFP.
DEPARTMENT/AGENCY INFORMATION
Department: Nevada Department of Motor Vehicles
Agency/Division/Bureau: Nevada Department of Motor Vehicles
Budget Account Number: 4716 Agency Number: 810
Program (if applicable): NA
Anticipated Contract Amount: $ 109,446,534 MM
Anticipated Contract Term: FY2016 - FY2021
Authored By: Alexander Dore
Title: Sr. Enterprise Architecture – Security Architect
Phone Number: (310) 863-9142 Fax Number: 775.684.4563
Email Address: Adore@dmv.nv.gov; alexander.dore@gmail.com;
Mailing address: 555 Wright Way Carson City, NV 89711
How many contract originals does
your agency require for signature?
3
Name Title
Troy Dillard Director
Rhonda Bavaro Deputy Director
Names and Titles of individuals that
will sign the contract:
RFP Title: Nevada Department of Motor Vehicles System Modernization
Previous RFP Number, if applicable: RFP #: Issued by:
Previous Purchasing Contact, if
applicable:
Previous RFP or Contract if done by
agency:
Please attach a copy for reference
Anticipated BOE Date: September/October 2015
Is the project funded? Yes: No: X
Is any portion federal funds? Yes: No: X
Does this project require a Technology
Investment Request (TIR)?
Yes: X No:
If so, has it been approved? Please
provide a copy of the approval.
Yes: X No:

RFP DEVELOPMENT INFORMATION INSTRUCTIONS
Complete all information required in the following tables. If not applicable or required, please put
“Not Applicable” in the appropriate section. The information provided below will be included in the
appropriate sections within the RFP. Follow the numbering format in the RFP template to identify
section headings, subheadings, etc. Attach additional information if applicable. A PDF version of
the IT RFP Template is embedded here for your reference in completing this form.

PROJECT OVERVIEW
This section should provide a brief synopsis of the project/requirements.
The section should include an overview of the project to include such things as anticipated project start and end dates,
administering agency, any other pertinent information.
DMV Intent and Modernization Background:
The Prime Directive
The prime directive of this RFP is to clearly step out an integral informational roadmap that will allow an
informative group of solution vendors and integration specialists to digest and present a best of class response
as to the specifics as to what the Nevada DMV requires to purchase a complete systemic (IT) overhaul.
The Desired Response
The responses must treat and improve on the current methods as to how DMV manages its business. The
responses must elaborate the proposed reduction or eradication of, where possible, manual processes and record
keeping, unless otherwise mandated by business continuity constraints. Where possible the proposals must also
demonstrate where the transition from a manual to automated work-flow optimizes the business requirements.
Lastly the proposals must demonstrate the deployment of fully automated and consolidated transparent services,
providing customer secure best-in-class products and services.
Absorbing Legislative Mandates
The DMV will present a list of future features that it is challenged to implement, should the legislature agree,
where these modernizations must be designed as placeholders should the law change. Some examples would be
the enlarging of the PII dataset by the inclusion of fingerprints on the driver license or the discrete collection
and storing of phenotyping for each unique customer profile. The Nevada DMV is a mature yet forward
thinking organization that is fully prepared to enter the era of fast paced technology development and business
evolution.
Business Approach
This RFP sets out a framework to promote a seamless approach to business and technology capability
integration. The RFP does not dictate the technology components only the environments such as SOA and
MDM, standards and capabilities required; where the approach is to define the WHAT not the HOW. With that
in mind the DMV requires a system that will meet above all the desired business evolution coherently and
cohesively. This direction must be mirrored in the solution vendor responses.
Risk Management
The DMV will institute a security principled risk management policy which will be based on a future
repurposed DMV master security model based on the concept of an enterprise within an enterprise.
This RFP will require the vendor to tackle future risk by raising the security bar from minimum to maximum
requirements based on the inclusion of additional international, U.S. federal government and recognized
institutional security measures and standards enhancing the Nevada state security standard. Unfortunately due
to the current cyber threats and vulnerabilities minimum tolerances are no longer acceptable.
The proposed legacy modernization transition is an opportunity to ensure a sustainable and leading edge risk
mitigated environment. The selected solution vendor must present the most holistic assurances that stem any
and all vulnerabilities from an end-to-end architectural perspective.
This RFP though focusing on technology modernization and the benefits from social networking, mobility and
clouds will emphasize the absolute need for enhancing security countermeasures and assurances based on
current measurable and immeasurable threats and vulnerabilities.

PROJECT OVERVIEW
The High Bar
Attaining zero tolerant security is the intended goal of this RFP. This aim alone is the most compelling goal for
government and the private sector related to the stewardship of sensitive and private information in our
technology age. Indiscriminate criminal and malicious hacking has reached new unforeseen heights and more
advanced elements such as Anonymous have successfully breached internets, extranets and intranets that were
once thought of as safe government organizations as well as wealthy institutions in the public sector. As we see
on the international front line cyber-attacks are beginning to be thought of a serious act of malicious aggression,
if not close to an act of terrorism.
DMV though requiring zero tolerance also recognizes that zero tolerance for security risk is doubly problematic
in an environment in which information must be shared. There is a recognized deep and unavoidable tension
between information sharing and information security. The solution vendor’s responses must allow the DMV to
evaluate the mechanisms that mitigate this tension, some being unavoidable, in order that senior DMV
leadership can decide what degree of security risk is acceptable and under what circumstances in return for the
advantages of broad based information sharing.
Without doubt the DMV’s information systems are prime targets for internal and external threats; nevertheless,
the only approach that truly provides ZERO risk is one that destroys all information as soon as it is collected or
that otherwise makes information entirely inaccessible to anyone1
.
Irreproachable Stewardship
The DMV as an agency is additionally the steward of the consummate intellectual property that has become the
PII record of every documented citizen of Nevada that has applied for an identity card and the driver license.
The proposed new DMV system will ensure that PII is a collection of unique properties of identification that
only pertain to one individual; no duplicates are acceptable. It is therefore the prime function and responsibility
of DMV to ensure the uniqueness, security and integrity of this information.
In order to secure PII DMV has defined a requirement for a vault-type security model in its reference
architecture. The vault or bar-code repository must be de-coupled from any other agency interface and that any
publication to other agencies, internally or with the DMV customer will be handled within the prescribed
boundaries of this maximum security model.
Caution as a Best Practice
Therefore the Nevada DMV in this RFP will take the most cautionary approach in line with zero tolerance
verses the current and evolving threats; anything less being unacceptable. In order to accomplish this risk-
averse strategy the DMV, as set out in this RFP is highly motivated to building its own secure enterprise that
would be seamless within the existing state enterprise, yet still working hand in hand with EITS; being
transparent where necessary. This is further outlined in the security section of this RFP.
Optimizing Time through Agility
Competing vendors must be acutely aware that the time projected to complete the technology transition falls
within a five year program. Where possible the main business of the DMV should be optimized by being
brought on line iteratively rather than in a waterfall process. Therefore the vendor propositions must somehow
manage the constantly evolving and competing technologies.
1
A Review of the FBI's Trilogy Information Technology Modernization Program

PROJECT OVERVIEW
The initial technology offering must attain a steady state of equilibrium, factoring in the most collaborative and
ready to market solutions. The solution vendors must also plan for the inclusion of new technology where
appropriate, where new apps are secure, easily integrated and certified.
Critical Path
This RFP addresses the critical path and challenging infrastructural predicament the DMV as an organization
finds itself in. The DMV in this RFP has decided to present a more business centric view of its organization
aspiring to attract the right mix of best-in-breed technologies to replace the security and economic risks
involved by continuing to operate a legacy environment that is long overdue for an overhaul. The legacy
technology currently in production that maintains DMV services has eclipsed its usefulness and the DMV’s
ability to support an old COBOL language environment at a low cost has sunset. The continued addition of
enhancements on top of an original 40 year old legacy as well as repeated attempts to wrap the legacy and add a
more modern façade has reached the point of no return. DMV must now rapidly ascertain the point of least
resistance to work its way out of the legacy through modernization.
Equilibrium
The strategic aim of this RFP is to secure the desired state of systemic overhaul equilibrium, yet still observing
conventional wisdom to manage risk. For all outside appearances the DMV will continue to maintain its current
services per the legislative record to date. This RFP unveils the proposed modernization process. As this legacy
modernization process matures into the planning stage the hope is that the selected vendor will be on hand to
inform and assist the legislative body to visualize how leading edge technology may improve future service
capabilities, reduces costs and manage risk.
DMV Heavy Load & Burden
The Nevada Department of Motor Vehicles (DMV) currently does business with over two million people a
year, which could possibly reach three and a half to five million in five years. Today DMV also manages at
least 15% of the State operating revenues. With increased system efficiency and optimized workflow the new
DMV system could improve the collection of revenues by merely balancing the books and in all probability
could markedly surpass the collectable revenues currently reported annually. With the current and
unforeseeable fluctuation in U.S. and global economics, the changes in immigration flux, birthrates, migrations
from high costs of living and urban saturation, the opportunities for new technology parks such as the Tesla
move to Nevada, it is still unrealistic however to project meaningful statistics beyond 2020. Therefore the high
end requirement capacities to handle increased data, data traffic, transactions, security as well as increased
online and mobile access can only be projected for the future based on the current demographic data forecasts
available.
DMV Today & Tomorrow
Today the DMV is a broad and diverse enterprise agency that not only issues driver licenses, registers vehicles,
and produces vehicle titles, it manages motor carrier permits including the collection of fuel taxes as well as
issuing a limited amount of small business licenses. This markedly differentiates the Nevada DMV from its
other State DMV agencies. Even though the Public Safety sector has recently been spun off from the original
DMV organization, the DMV today still maintains and transmits a considerable quantity of Personally
identifiable information or PII (as used in U.S. privacy law and information security, is information that can be
used on its own or with other information to identify, contact, or locate a single person, or to identify an
individual in context) pertaining to law enforcement, the judiciary and public health that under no circumstances
can this information be compromised by the new system. The DMV currently interacts with more customers
than any other State agency and produces the most important government secure identity for the State of

PROJECT OVERVIEW
Nevada; the identity card and the driver license.
The People of DMV
This project is not just about technology and computers; it is really about the dedicated DMV civil servants who
are asked to perform a rigorous task on outdated equipment. It is about their futures and careers; it is also about
making the customers of the DMV feel that their state taxes are being well spent, that there is true
accountability and that the DMV services that the state offers are of the highest quality and will attain to
become one of the best DMV agency models in the nation.
Special Instructions
Contract award is dependent on legislative funding and Board of Examiners (BOE) approval. Upon funding
and BOE approval, the project is anticipated to start on or before October 1, 2014 and end by June 30, 2020.
Transformation
The DMVfully intends to radically move away from the legacy constrained BPM model that it currently
endures by deploying its technology on a mainframe “Z” architecture platform. The current product layer
encompasses a broad and highly diverse product array. Due to the inherent architecture from the maiframe
Z/OS even with modern wrappers the stovepipe model is unavoidable as even web services inherit the initial
segregation of services based on the mainframe LPAR internal structure.

PROJECT OVERVIEW
DMV - Current State Legacy BPM
Transformation Scope
The intended transformation will vastly improve the BPM integrating once separated services and products into
a seamless dynamic optimized supply and value chain BPM. The Vendor’s architecture must address this
transformation and apply the dynamics needed to fully integrate the BPM. Additionally the BPM model must
evolve from a 2D presentation of data to a 3D presentation of business intelligence. Below are the major
thresholds to overhaul presented at the enterprise level. The vendor will find the component layer more
explicitly described in the function requirements later on in this RFP.
Intended Division of Labor
The DMV’s organizational aspirations are, where possible, to create a seamless and cohesive set of enterprise
services. The major enterprises of the intended system for the purpose of this RFP are expressed as services
driven by a business process layer of requirements as detailed in the appendices (???) of this RFP. The major
DMV services are, but not limited to, tax collection, finance, document control, customer relationship,
eligibility determination, privilege issuance, secure stewardship, public safety and public education.
The Process and Service layers shall be managed from a business intelligence driven DMV governance and
compliance management to be developed from metric driven service level agreements and service level
objectives as determined in appendix III. The binding force of the intended processes and services shall be the
BPM layer, or in its technology form the ESB. The protection of DMV assets will be managed from a zero-
tolerance security model.

PROJECT OVERVIEW
Finance
The DMV intends to completely overhaul its concepts of core GL financal model ensuring financial compliance
and increased automation within the integrated core finance processes.
The DMV shall require an intuitive and user friendly portal managing a transaction based GL reporting and
revenue distribution system that interfaces with the State Treasurer and State Controller. The DMV will
continue to collect revenues in the same form as it does today; at the counter, on line or mailed in, reserving the
possibility, as secure interfaces mature, to adopt newer forms, such as Apple-Pay™ for example.
The new GL hub will be required to better optimize current resources and streamline financial operations,
complying with the State Accounting Policies and Procedures as well as all Nevada statutes as they relate to
revenue collection and distribution, including but not limited to financial reporting requirements.
The intended GL system shall plan to streamline and automate financial operations with the State Treasurer and
State Controller while complying with state regulations. The DMV GL portal will deliver core financial
business intelligence to gain real-time insight into overall performance within US GAAP and State standards.
Additionally the core financial process shall integrate processes from various applications for a single version of
financial truth operating in multiple geographies in Nevada.
Suggested Financial MDM GL Hub
Customer Relations and Business Process
The DMV also anticipated in building a much improved citizen and customer outreach and knowledge

PROJECT OVERVIEW
interchange by delivering a dynamic customer relationship management (CRM) portal as well as radically
redesigning the business processes to achieve dramatic improvements in organizational performance. DMV
requires that CRM refers to not only to the software application but the business strategy as well and the vendor
shall make every attempt to ensure a homogenous enablement of both to ensure ease of maintenance of
unpredictable adaptations of the business process and its subsequent deployment. The DMV shall require a
CRM that includes methods, strategies, software and network capabilities that vastly improve the DMV to
resource manage and organize its counter and online relationships with its customers from issuance to audit.
The CRM shall allow the dynamic collection and distribution of data into all the core business areas. The CRM
system must be a readily maintainable implementation of reliable interactive systems processes and procedures.
Sustainability
DMV additionally has aspirations to meet sustainability to enforce protective measures on the environment.
DMV requires to implement a rule based electronic document and template managed library system creating as
much of a paperless environment where hard copy documents are not required; barring what is mandated by law
and constrained by disaster recovery needs. Unavoidably, some paper forms will still remain outside of the
systemic environment until legislative changes are made in the future.
Enterprise Overview of Seamless Processes and Services
Major Stats (Current and Growth)
Nevada DMV Demographic Growth Rate Projection
State Demographer Growth Rate
2015 2016 2017 2018 2019
1.30% 1.30% 1.30% 1.00% 0.90%
Note: Growth for FY18 & FY19 is based on the Demographers most recent 20 year projections including
projected growth as a result of Tesla.

PROJECT OVERVIEW
Nevada Verification of Lawful Status Projection
VLS Projected Growth Rate
Year VLS Charged Transactions
2013 (Actual) 129,800
2014 (Actual) 130,008
2015 (Projected) 131,698
2016 (Projected) 133,410
2017 (Projected) 135,145
2018 (Projected) 136,496
2019 (Projected) 137,724
Nevada DMV Total Transactions (TXN) Growth Rate Projection
Year Total TXNs
2013 (Actual) 8,430,476
2014 (Actual) 8,669,517
2015 (Projected) 8,782,221
2016 (Projected) 8,896,390
2017 (Projected) 9,012,043
2018 (Projected) 9,102,163
2019 (Projected) 9,184,083
Nevada DMV Total AAMVA Transactions (TXN) Growth Rate Projection
AAMVA Projected Growth Rate
Year
SSA Charged
Transactions
PDPS Charged
Transactions
2013 (Actual) 190,907 2,699,543
2014 (Actual) 447,777 2,797,944
2015 (Projected 453,598 2,834,317
2016 (Projected) 459,495 2,871,163
2017 (Projected) 465,468 2,908,489
2018 (Projected) 470,123 2,937,573
2019 (Projected) 474,354 2,964,012

PROJECT OVERVIEW
GOALS AND OBJECTIVES
If applicable, this section should provide high level goals and objectives of the project. This can be incorporated
in the Project Overview Section. More specific goals and objectives should be included in the Scope of Work Section.
High-level Agency Goals:
• All Department processes will be reengineered to maximize technology and resources.
• All existing vendor contracts will continue to be used with no changes identified at this time.
• All existing vendor interfaces will be developed and tested to existing specifications; unless the vendor
is upgrading or using new supported systems.
• The implementation strategy will depend on the awarded vendor selection and funding model approved
for system modernization.
Customer Environment
• To prioritize, to fully implement and expound upon the Governor’s mandates in the context of DMV
modernization.
• To improve customer service allowing the DMV greater customer centric services and customer
relationship management.
• To increase efficiency and fairness in dealing with the general public, improving perception of the
DMV as a valuable and helpful institution.
• To promote consumer education allowing the DMV to provide accessible education regarding offered
products, services, and motor vehicle changing laws.
• To improving revenue collection efficiencies, improving public awareness of DMV services, reaching
out to communities that are unplugged through education and marketing.
• To offer the experience of a One-Stop Shop to all customers in every DMV Field Service Office.
• To deal with any and all DMV related informational and service generation capacities, such as general

inquiries to specific legal issues.
• To shorten the time required to turn around background research that cannot be handled at the
counter.
• To modernize communication systems that will enable DMV to generate specialized system-
generated reports within a 24 hour period using VoIP, email, at a Kiosk station or through a DMV
mobile app.
• To upgrade the front and back office GUI and UI interfaces meeting the new capabilities of service
computing ensuring the customer and business facades are intuitive, simple, secure and self-
educating.
• To generate real-time reporting data.
• To explore big data applicability in order to grow and stimulate highly available educational and
marketing tools
• To constantly update information improving DMV’s ability to influence and develop a smarter public
and a more resource driven DMV staff.
• To remove the drudgery from the manual interface with customers including the limited data
accessibility of computer information during counter computer usage.
• To streamline services increasing the number of available product choices and more independence
self-managing each individuals profile and account.
• To promote public awareness improving public safety awareness using alternate technologies.
Public Safety
• To ensure the sealing and securing of the driver license PII as it is the prime ID for Public Safety
checking of an individual’s profile, whereabouts and privileges.
• To improve the banner of public safety by surveying and targeting specific communities, mitigating
burdens to the DMV, such as educating young teenage drivers, educating uninsured drivers,
connecting unplugged communities, and lowering the high recidivism in DUI and substance abuse
drivers
• To lessen the impact on the court system
• To improve the integration and management of court records and criminal profiles as well as
constantly keeping tabs on the whereabouts of offenders.
• To abate the revolving door effect of DMV customers that fail to obtain the services in an expedient
and timely manner, either through constant return visits or misinformation about document
requirements as well as other eligibility data that causes Nevadans to be frustrated with the DMV
process.
• To increase the seamlessness of the processing of the accuracy, sharing and updating of registered
sexual offenders and driving offenders’ locations including the terms of probation and/or suspension,
• To secure the absolute secrecy of undercover work in the context of identity management.
Business Enterprise
• To project the need to manage transactions based on a future exponential growth of the Nevada
population over the next 15 years into the business architecture requirements.

• To work hand-in-hand with EITS to ensure the overall state system capacity interface can manage an
ever growing DMV security and increased traffic load ensuring that all dependent and collaborative
systems be well within the system tolerances of growth.
• To deliver the best Role (Product) based Profile Resourced (DMV Technicians) Calendar
Appointment based Customer Friendly Portal to allow DMV to better manage its Customer handling
and quality of service (QOS).
• To facilitate DMV to better manage and allocate its resources and information by developing rapid
JIT coverage overlap; considering the outlier locations and the distance between DMV Service
Offices.
• To centralize the expedient distribution of documents and license plates from a dual-centralized hub
system removing the burden for offices to carry and manage inventories.
• To develop self-sufficiency by increasing the number of transactions and offered products available
using alternative services.
• To deliver the best service model (SOA) that adds new dynamics to the inner DMV operations, the
DMV interfaces with its partners
• To implement full failover with two (2) server farms securing a 24/7 failsafe replication that will meet
all the operational transparency, business continuity and disaster recovery mandates, wherein DMV
will no longer depend on a high-risk single site model.
• To avoid building another modern version of a monolithic mainframe by repeating the
implementation of near-term legacy concepts when there is substantial and vastly improved mature
technology readily available in the solution marketplace today.
• To vastly improve the automated sharing of information with all government agencies including non-
governmental partners, reducing the creation of multiple versions of the same information in many
different formats, leaving room for errors and ambiguity.
• To remove the manual process as much as possible from the collection of information to the
manipulation of information by DMV staff; the effort is to consolidate the division of work using
separate screens, apps and terminals to one terminal operational portal governed by roles and
privileges.
• To offer all of the DMV services to be virtually shared throughout all physical locations as well as
maximizing and optimizing mobile, kiosk and future technology driven portal accessibility with built
in transparency, where the legislation permits.
• To streamline tax collection by enabling electronic tax filing, processing, auditing, collection and
reimbursement of taxes.
• To improve compliance allowing the DMV to respond effectively for compliance and enforcement of
motor vehicle laws using case management.
Zero Tolerant Security
• To operate at the highest level of security stewardship, administering security measures that thwart the
most sophisticated threats and vulnerabilities to protect the most confidential if not secret data
pertaining to the state of Nevada with state of the art countermeasures.
• To base the new system design on the most robust security framework by installing new concepts of
decoupled architecture incorporating vault technology, following guidelines set out by but not limited

to ISO, NIST, TOE, the Common Criteria and the State of Nevada regulations.
• To provide Common Criteria Quality Assurance utilizing Common Criteria (i). Evaluation Assurance
Levels (EAL); the level of certification sought, using grades EAL1 through EAL7, (ii). Target of
Evaluation (TOE); the system submitted for evaluation, and (iii). TOE Security Functions; set of all
hardware, software, and firmware needed for the enforcement of the Zero Tolerant Security policy
and (iv). Security Assurance Requirements (SARs); measures, compliance, and functionality.
• To provide Common Criteria Evaluations; (1). Protection Profiles (PP) and (2). Security Target (ST)
requirements, and (3). Security Functional Requirements (SRFs), provided by product.
• To provide Zero Risk by destroying all information as soon as it is collected or by otherwise making
information entirely inaccessible to anyone2
.
• To provide Zero Risk by separating the process layer from the data layer with decoupled clients and
interface staging areas.
• To provide Zero Risk by encapsulating all the system interactions under Division “A” Verified
Protection as the predominating acceptable level of security using the Trusted Computer System
Evaluation Criteria (TCSEC) semantics.
• To monitor and control all exploited internal and external vulnerabilities of basic and enhanced-basic
brute force attacks through the exploitation of weak authentication and weak implementation of
protocols allowing access to operating systems and networks.
• To monitor and control all attack potentials on internal and external vulnerabilities of high and
beyond-high sniffing attacks through bypassing authentication on administrative traffic or through
infiltration using default username/password or bypass authentication mechanism through other
interfaces.
• To monitor and control all attack potentials visualized with threat agents and their attack potentials on
internal and external vulnerabilities through non‐specified interfaces.
• To monitor and control all attack potentials on internal and external exploitation of
unencrypted/weak/non‐standard crypto algorithms.
• To monitor and control all attack potentials on internal and external unauthorized access causing
malicious intrusion, undetected system activity, resource exhaustion, user data disclosure and general
Target of Evaluation (TOE) failures.
• To secure the most sensitive PII information in sealed vaults, possibly only accessible through escrow
and trust management, access granted using avatars, gadgets and disseminated using barcodes.
Architecture
• To ensure that the architecture adopted, in whatever form or mode, is bound seamlessly by standards,
policy and well-tried principles.
• To ensure that the architecture is not driven by the technology but by the capabilities required to
perform the business function.
• To ensure that above all security is an embedded mandate for the enterprise architecture and that
every measure to protect the data, the user and stakeholder is interwoven into the End-2-End
principles of sustainable operations.
• To ensure that any alternative to the widely accepted and standardized MDM driven SOA must meet

the highest standards equivalent to service orientation, that would equally allow the agency to
optimize its business processes with application assets that return the fullest support, while avoiding
redundancy, innumerable supply-chain systems, multiple CRM systems, as well as multiple and
disparate disconnected application layers that fail to work effectively causing security bankruptcy.
• To ensure that the former legacy architecture is not replaced by a more contemporary legacy that is
camouflaged with a modern wrapper.
• To remain open to advances in architecture without incurring unnecessary risk maintaining the
philosophy and industry norm that service oriented architecture is the best-in-class and that there
really are no viable alternatives other than COTS closed systems.
• That the agency will not consider any design or architecture that stifles ongoing advancements and
evolution.
• That the agency will not consider any design or architecture or the components that come with it that
has an expired shelf life.
• That the agency will consider Open System architecture as long as it is bound seamlessly by
standards, policy and well-tried principles equivalent to MDM driven SOA.
Smart Technology
• To remove all legacy concepts from the DMV systems
• To remove doing business as usual (BAU)
• To realign the business process context and the behavior of data can
• To optimized the business process by utilizing new efficient technologies that are offered in MDM
ecosystems in conjunction with shared service models.
• To shorten and streamline the data round trips to build DMV business processes
• To use a lean approach incorporating end to end architecture
• To remove unnecessary builds and ETL processes caused by legacy technology
• To inject first generation data into its ultimate destination in one transaction.
Sustainability
• To leverage modernization IT capabilities across the entire DMV agency spectrum to facilitate
sustainability initiatives, where opportune.
• To injecting smart ways to reduce carbon emissions that positively impacts the environment.
• To balance the usage of sustainability though appearing as small adjustments which are offset by
major reorientation.
• To adopt IT sustainability practices that wholly serve business strategies and especially the
environment in that sustainability is a top-down effort that can be horizontally worked into all
verticals of the enterprise agency.
• To adopt IT sustainability practices such as going paperless, repurposing heat generated by data
centers, optimizing servers and storage virtualization and leveraging cloud services
• To reduce waste, harness renewable energy and foster eco-friendly business practices.
• To include the following four modernization factors that distinguishes long-lived IT organizations to

improve the environmental performance.
(i) Sensitivity and adaptability to the business environment
(ii) Cohesion and sense of identity
(iii) Tolerance of diversity (decentralization)
• To Enforce the cornerstones of sustainability into the modernization architectural paradigm3
Expected Change to DMV Operations
ACRONYMS/DEFINITIONS
Agency/project specific acronyms/definitions to be added to the listing in the RFP
Acronym Definition
AAMVA American Administration of Motor Vehicle Administrators
ACA Affordable Care Act or ObamaCare
ACD AAMVA Code Dictionary
ACL Access Control List
AES
Advanced Encryption Standard algorithm, a symmetric block cipher specification for
the encryption of electronic data established by the U.S. National Institute of
Standards
AICPA American Institute of Certified Public Accountants

AMIE AAMVAnet Message Interchange Envelope
ANSI American National Standards Institute
API Application Program Interface
ASD Administrative Services Division
ASTM American Society for Testing and Materials
AVAYA An application used in the State of Nevada for phone and call center services.
BAU Business As Usual
B2B Business to Business
B2C Business to Customer
B2G Business to Government
BAC Blood Alcohol Content
BI Business Intelligence
BIOS Basic Input/Output System
BLOB Binary Large OBject
BN Billion
BOE Board of Examiners
BOE Board of Equalization
BPA Business Process Analyst
BPEL Business Process Execution Language
BPF Business Process Framework
BPO Business Process Outsourcing
BSD Berkeley Software Distribution (license)
CARRS
Combined Automotive Revenue and Registration System; Fully integrated client
server system written in Power Builder, VB.NET, ASP.NET, COBOL, DB2, and
SQL.
CBC Cipher-Block Chaining
CC Cubic Centimeter
CC 2.1 Common Criteria for Information Technology Security. Evaluation
CDL Commercial Driver’s License
CDLIS Commercial Driver’s License Information System
CED Compliance Enforcement Division

CERT Community Emergency Response Team
CFR Code of Federal Regulations
CIA Central Intelligence Agency
CICS Customer Information Control System
CIS Center for Internet Security
CLI Command Line Interface
CLP Commercial Learner’s Permit
CLASS M Motorcycle
CMS Call Management System
CMU SEI CMMI
Carnegie Mellon Software Engineering Institute Capability Maturity Model
Integration
COBOL Common Business Oriented Language
COTS Commercial Off the Shelf
CPA Certified Public Accountant
CPU Central Processing Unit
CR Cash Receipt
CREDENTIAL License, Decal, Cab Card, Registration etc.
CRM Customer Relationship Management
CSD Central Service Division
CSPRNG Cryptographically secure pseudorandom number generator
CSTIMS Commercial Skills Test Information Management System
CTI Computer telephony integration
CVIEW Commercial Vehicle Information Exchange Window
CVINA Complete Vehicle Identification Number Analysis
CVISN Commercial Vehicle Information and Network
DAC Driver’s Authorization Card
DASD Direct Access Storage Device
DAWN Data Warehouse of Nevada
DB Database
DETR Department of Employment Training and Rehabilitation

DFB Delinquent Fine
DHHS Department of Health and Human Services
DHS Department of Homeland Security
DL Driver’s License
DLDV Driver License and Identification Card Data Verification
DLL Dynamic-Link Library
DLN Driver’s License Number
DMV Department of Motor Vehicles
DMZ Perimeter network
DOD Department of Defense
DOT Department of Transportation
DPAPI Data Protection Application Programming Interface
DPL Data Protection Level
DPS Department of Public Safety
DR Disaster Recovery
DRl Driving on a restricted License
DSA Digital Signature Algorithm
DUAL_EC_DRBG Dual Elliptic Curve Deterministic Random Bit Generator
DUI Driving Under the Influence
EA Estimated Audit
EAL Evaluation Assurance Level
EAM Embedded Audit Module
E2E ARCHITECTURE End-to-End Architecture
ECDLP Elliptic curve discrete logarithm problem
ECDSA
Elliptic Curve Digital Signature Algorithm offers a variant of the Digital Signature
Algorithm
EDI Electronic Data Interchange
EDRS Electronic Dealer Report of Sale
eDS Electronic Lien and Titling System Vendor (eDealer Services)
EDW Enterprise Data Warehouse

EFT Electronic Fund transfer
EIDM Enterprise Identity Management
EITS Enterprise Information Technology Systems (formerly DoIT)
ELT Electronic Lien and Title
ELU Eluding Police Officer
EMR Electronic Medical Record
EPA Environmental Protection Agency
ERIC
Electronic Registration Information Center is a program which holds a
comprehensive database of voters across participating states with the goal of
eliminating duplicate voter registration in multiple states.
ERP Enterprise Resource Planning
ESB Enterprise Service Bus
ESMT Extended Simple Mail Transfer
ESSIV Encrypted Salt-Sector Initialization Vector
ESX Elastic Sky X (hypervisor)
ETL Extract Transform Load
EVA Evading and Peace/Police Officer
EVVER Electronic Verification of Vital Events Records
FAC Waiting for MVIT to respond?
FBI Federal Bureau of Investigation
FED EX Federal Express
FEIN Federal Employer Identification Number
FIFO First In First Out
FIPS Federal Information Processing Standard
FIRST DATA Electronic Payment Vendor
FLOSS Free/Libre/Open Source Software
FMCSA Federal Motor Carrier Safety Administration
FOSS Free Open Source Software
FR Federal Register
FRS (i) Failure-Resistant Systems
FRS (ii) Facial Recognition System

FSD Field Services Division
FTP File Transfer Protocol
FURPS+
Functionality, Usability, Reliability, Performance, Supportability
[+ = HP extended]
FURPS++
Functionality, Usability, Reliability, Performance, Supportability
[+ = unified model extended]
FY Fiscal Year
GADGETS
A gadget is a small tool or application such as a virtual machine that has a particular
niche function sometimes referred to as gizmos.
GAO General Accountability Office
GL General Ledger
GNU GNU's Not Unix (non-UNIX OS)
GPL General Public License
GPS Global Positioning System
GST Government Services Tax
GUI Graphical User Interface
GVWR Gross Vehicle Weight Rating
GYR Green-Yellow-Red
HAVA Help America Vote Act
HAZMAT Hazardous Material
HDD Heavy Duty Diesel
HIGH DESERT Scanning Vendor
HIPAA Health Insurance Portability and Accountability Act
HR Human Resources
HTML Hyper Text Mark Up Language
HTTPS Hypertext Transfer Protocol Secure
I/M Inspection and Maintenance Advisory Committee
I/O Input/Output
IaaS Infrastructure as a Service
IBM Z SYSTEMS Computing transaction engine hardware for new mobile apps infrastructure
ICS Industrial Control Systems
ID Identification

IDE Integrated Development Environment
IEC International Electrotechnical Commission
IEEE Institute of Electrical and Electronics Engineers
IFS Integrated Financial System
IFTA International Fuel Tax Agreement
IICMVA
Insurance Industry Committee on Motor Vehicle Administration
The liaison between the insurance industry and Motor Vehicle Departments in the US
and Canada.
IP Internet Protocol
IRP International Registration Plan
IRS Internal Revenue Service
IRW Image Retrieval Workstation
ISAE International Standards for Assurance Engagements
iSight
iSight Case Management System which is an internet based tool that provides case
management tracking of investigations.
ISO Information Security Officer
ISO International Organization for Standardization
ISO 15048 General Concepts & Principles of IT Security Evaluation
ISO 27001 Information Security Management
ISO 27002 Security Framework (formerly ISO 17799)
ISO 2700X Security Standard Master for ISO 27001 & ISO 27002
ISSA Information Systems Security Association Communication Requirements
IT Information Technology
ITI Intellectual Technology Inc.
ITP Information Technology Programmer
ITPI IT Process Institute
IVP Insurance Verification Program [now referred to as Nevada LIVE]
JDK Java Development Kit
JEE Java Platform Enterprise Edition
J2EE Java 2 Platform, Enterprise Edition
J2SE Java 2 Platform, Standard Edition

JIT Just-In-Time
JLINK Justice Link
JV Journal Voucher
KPI Key Performance Measure
KPO Knowledge Process Outsourcing
KVM Keyboard, Video, Mouse
LAN Local Area Network
L1 (MorphoTrust) Driver License and Identification Card Production Vendor
LCB Legislative Counsel Bureau
LCV Longer Combination Vehicle
LGPL Lesser General Public License
LIFO Last In First Out
LPAR Logical Partition
LPO Legal Process Outsourcing
MC Motor Carrier
MC45 Motor Carrier Refund Form for Gas/Diesel Tax
MCD Motor Carrier Division
MCSIA Motor Carrier Safety Improvement Act
MCTS Motor Carrier Tax System
MDM Master Data Management
MDM ECOSYSTEM The circulation of Master Data by core capabilities and technologies that provide the
glue between upstream and downstream systems.
MDS Microsoft Deployment Services
MIT Massachusetts Institute of Technology
MOODLE Modular Object Oriented Dynamic Learning Environment
MOSA Modular Open Systems Approach
MPC Monthly Project Charges
MPG Miles Per Gallon
MPM Master Project Manager
MS Microsoft

MSA Master Services Agreement
MS .NET Microsoft Dot Net Framework
MSO Multi-System Operator
MS&P Management Services and Programs Division
MSRP Manufacturer’s Suggested Retail Price
MV Motor Vehicle
MVA Motor Vehicle Agencies
MVR Motor Vehicle Record
MVIP Motor Vehicles Industry Portal
MVIT Motor Vehicle Information Technology
MyDMV DMV Portal Account
NAC Nevada Administrative Code
NACD National Association of Corporate Directors
NADA National Automotive Dealers Association
NAIC Nevada Citation/Accident Tracking System
NAICS North American Industry Classification System
NAPHSIS National Association for Public Health Statistics and Information Systems
NCATS Nevada Citation and Accident Tracking System
NCCIC National Cybersecurity and Communications Integration Center
NCDL Non Commercial Driver’s License
NCIC National Crime Information Center
NCJIS Nevada Criminal Justice Information System
NCORS Nevada Commercial Online Registration System
NCS Network Control Software
NDOT Nevada Department of Transportation
NEATS Nevada Employee Action and Timekeeping System
NEBS Nevada Executive Budget System
NEIM National Information Exchange Model
NFE Non-Functional Exceptions
NHTSA National Highway Traffic Safety Administration

NIST National Institute of Standards and Technology
NLA
An indicator which represents a SR22 requirement due to a vehicle registration
reinstatement.
NLB
A withdraw action which initiates a 30 day driver’s license suspension. This is a
penalty for insurance offenders who have reached or exceeded their third offence of
no insurance within a 5 year period. The withdraw code is added to the DL when
processing the vehicle registration reinstatement.
NMVITS National Motor Vehicle Title Information System
NOMADS Nevada Operations of Multi–Automated Data Systems
NORRS Nevada Out- of-State Registration Reporting System
NRS Nevada Revised Statutes
NSA National Security Agency
NSF Non-Sufficient Funds (Insufficient)
NSOR National Sex Offender Registry
NV Nevada
Nevada LIVE Nevada Liability Insurance Validated Electronically
OAG Office of the Attorney General
OBD On Board Diagnostics
OBD-II
On Board Diagnostic System. Emission inspection that utilizes the vehicle’s on board
computer to test the vehicle’s emission system.
OBL Occupational and Business Licensing
OCR Optical Character Recognition
ODS Operational Data Store
OHV Off Highway Vehicle
OIS Office of Information Security
OLAP Online Analytical Processing
OSI Open Source Initiative
OPSEC Temporary Placard Vendor
OPTEC Vision Test System Vendor
ORGANIZATIONAL
SILOS
Silos can be departmental separation, or executive separation from operational as well
as geographical separation where horizontal information and management is not
equally shared or distributed.
OS Operating System
OSS Open Source Software

P&P Policy and Procedure
PaaS Platform as a Service
PARADOX
Database tracking system in MCD to track receipt, balance, and aging of negotiable
items and payments. A non-supported database.
PAYPOINT Electronic Payments via First Data
PDF Portable Document Format
PDPS Problem Driver Point System
PII Personally Identifiable Information
PIO Public Information Officer
PM Program Manager
PMI Project Management Industry
PMO Project Management Office
PMP Project Management Professional
PMT Project Management Team
POA Power of Attorney
POC Proof of Concept
POD Print On Demand
POLK Vin Decoding Company with CVINA product offering.
PP Protection Profile
PPS Productivity Platform Suite
PRISM Performance and Registration Information Systems Management
PSR Project Service Request
PTO Power Take Off
PV Payment Voucher
PVA Point Violation
Q&A Question and Answer
QA Quality Assurance
QAS Quality Address System
QLESS Customer Queuing System Vendor
QOS Quality Of Service

RA Reference Architecture
RACF Resource Access Control Facility
RDBMS Relational Database Management System
RDZ Rational Developer for System z
RFID Radio-Frequency Identification
RFP Request for Proposal
RHA Reckless Driving /Hit and Run
RISS Regional Information Sharing System
RMF Risk Management Framework
RMIN Rocky Mountain Information Network
RMM Removable Media Manager
ROI Return on Investment
ROOSTER
Report Out of States Test Results – AAMVA development system that supports rule
§ 383.79 of the new CLP regulation. The regulation provides that a person who holds
a CLP will be able to take the CDL skills test outside of his/her state of domicile. The
rule also requires that states be able to exchange electronically test results in a safe
and secure manner by July 08, 2015.
RPC Remote Procedure Call
RSA Rivest-Shamir-Adleman algorithm, a cryptosystem for public-key encryption
S2S State to State Verification Service
SaaS Software as a Service
SAFER Safety and Fitness Electronic Records
SAM State Administrative Manual (Nevada)
SANS INSTITUTE
System Administration, Networking, and Security Institute a Private U.S. company
that specializes in information security and cybersecurity training
SARS Security Assurance Requirements
SAS-70 Statement on Auditing Standards (SAS) No. 70
SAVE Systematic Alien Verification for Entitlements
SDA Suspension based on Security deposit
SDLC System or Software Driven Lifecycle
SECURITY
ECOSYSTEM
A security ecosystem is a model of infinite possibilities (similar to the UNIX shell)
that functions similarly to the human immunity system. The ecosystem is highly
sensitive to the ever evolving synthesis and distribution of incalculable gradations of
continual threats and vulnerabilities. The ecosystem is supported by strategic and

nimble executable countermeasures that interweave systemically through a complex
array of interdependent assets. The security components working together thus
enable informational systems to work with the highest levels of seamless
indemnification of human intervention and interaction producing a cohesively secure
and holistic system.
SEI CCMI Software Engineering Institute Capability Maturity Model Integration
SEP Systems Engineering Plan
SFR Security Functional Requirements
SFTP Secure File Transfer Protocol
SHA
Secure Hash Algorithm designed by the National Security Agency (NSA) to be part
of the Digital Signature
SIEM Security Information and Event Management
SL Service Level
SLA Service Level Agreement
SLO Service Level Objective
SM System Modernization
SME Subject Matter Expert
SMS Storage Management System
SMTIR System Modernization Technology Investment Request
SOA Service Oriented Architecture
SOC Service Organization Control
SOC-1 Policy Packets on Reports on Controls at a Service Organization and SSAE 16
SOC-2 Policy Packets on AICPA
SOC-3 Reports and Trust Service Principles
SOR State of Record
SOW Statement of Work
SOX Sarbanes-Oxley Act Sections 302 & 404
SQL Structure Query Language
SR22 Certificate of Financial Responsibility
SRI Stanford Research Institute
SSA Social Security Administration
SSAE Statement of Standards for Attestation Engagement

SSN Social Security Number
SSO Single Sign-on
SSOLV Social Security On Line Verification
SSRS Single State Registration System
ST Security Target
STS Solutions Thru Software – Knowledge test vendor for drivers licenses
STOVEPIPE
(Organization)
A stovepipe organization has a structure which largely or entirely restricts the flow of
information within the organization to up-down through lines of control, inhibiting or
preventing cross-organizational communication.
TCP/IP Transmission Control Protocol & Internet Protocol
TCSEC Trusted Computer System Evaluation Criteria
TIR Technology Investment Request
TOE Target of Evaluation
TS Tax System (Xerox)
TSA Transportation Security Administration
TXI Tax Industry
UAT User Acceptance Testing
UC Under Cover
UI User Interface
UID Unique Identification
UNBUNDLING
A neologism of leanness or etymology to describe how the ubiquity of mobile
devices, Internet connectivity, consumer web technologies, social media and
information access today is affecting older institutions as in government agencies by
breaking down the stove pipes and narrow unwieldy packages once offered, providing
particular parts of them at a scale and cost unmatchable by the old order of doing
business.
UNI Unified Network Interface
UNIX Uniplexed Information and Computing System - A multi-user operating system.
UNIX/SS7 A multi-user operation system signaling system 7.
UPS Uninterruptible Power Supply
URI Uniform Resource Identifier
URL Uniform Resource Locator
U.S. United States

USA Unsatisfied Judgment
USCIS United States Citizenship and Immigration Services
US GAAP United States Generally Accepted Accounting Practices
USPS United States Postal Service
USPV United States Passport Verification
VA Veterans Administration
VID Vehicle Information Database
VIN Vehicle Identification Number
VLAN Virtual Local Area Network
VLS Verification of Lawful Status
VM Virtual Machine
VMM Virtual Machine Monitor or Hypervisor
VoIP Voice over Internet Protocol
VPN Virtual Private Network
VTS Vision Test System
Virtual
In computing, refers to the act of creating a virtual (rather than actual) version of
something, including but not limited to a virtual computer hardware platform,
operating system (OS), storage device, or computer network resources.
VISTA FINANCIAL An interface for transaction payment and distribution
W6A Commercial Driver’s License infraction
WAN Wide Area Network
WEB World Wide Web
WIFI Wireless Technology
WSDL Web Service Description Language
XML Extensible Markup Language
XNIS
Cross Nevada Information System – A system developed by EITS to facilitate access
to DMV data by other State Agencies.
ACRONYMS – TO BE DELETED
List those acronyms that can be deleted from the listing in the RFP
Acronym Acronym Acronym Acronym Acronym

ACRONYMS – TO BE DELETED
List those acronyms that can be deleted from the listing in the RFP
BACKGROUND - PROJECT
Describe the history and reasons behind the project.
In 1999, DMV rolled out the current client-server application to replace the legacy Green screen application that
ran on Honeywell Bull system. The current client-server application supports statewide motor vehicles business
functions including but not limited to Vehicle Registration, Titling, Commercial and non-Commercial Driver
Licensing, Occupational Business Licensing, Insurance Verification, etc. The current client-server application is
composed of desktop PowerBuilder application that provides intuitive Graphical User Interface, ASP.NET web
applications, and COBOL/CICS/DB2 application that runs on System Z.
Though the current application integrates several core business functions, DMV continues to rely on few vendor
provided legacy applications to provide services. The number of manual processes and procedures that are
employed to address limitations in the current system is on the rise.
The current architecture inhibits our ability to be nimble, proactive and agile. Consequently, the time to
implement newer projects mandated by legislature and the Federal Government has been on the rise. The
current system limits DMV’s ability to adapt and offer modern services that citizens expect. As a result, the
backlog of enhancements and fixes requested has been steadily climbing. The amount of backlog is currently
estimated to be 7 years’ worth.
BACKGROUND - AGENCY
Describe the agency’s organization and functional units; office locations;
staffing, etc., including relationship to current project.
The DMV Agency [Placeholder]

BACKGROUND - AGENCY
The Department of Motor Vehicles (DMV) is a multi-divisional organization which provides vehicle and
driving industry products and services to Nevada citizens, state agencies, and internal customers. DMV
business is transacted through 18 office locations in Northern and Southern Nevada. The DMV includes the
Director’s office and seven divisions.
The Director's Office (which includes Public Information and Hearings Offices) establishes policy for the
department and directs and controls the operations of the agency. The Director's Office handles all media
inquiries through the Public Information Officers. Additionally, department policies and procedures,
information security and the personnel and training units fall under the responsibility of this office.
The Public Information Officer interacts directly with the public and act as a liaison with other Public
Information Officers and officials from federal, state, local and non-governmental organizations. The
PIO coordinates and scripts press releases and public service announcements to promote alternative
services offered by the Department and create informational flyers, posters, brochures and videos as
requested by the Director or Deputy Director. The PIO also performs as the public relations officer;
providing marketing communication and public program strategy oversight; manages the public
relations and information program for the Department on a statewide basis; writes media releases,
newsletters, and informational brochures; produces audiovisual presentations and photography duties.
The Hearings Office provides due process hearings to any person aggrieved by a decision of the
Department. Generally, these hearings concern the suspension, revocation, or cancellation of a privilege
license issued by the Department, such as a driver's license or a license to conduct business involving

BACKGROUND - AGENCY
motor vehicles. The decisions of the administrative law judges assigned to the Office may impact the
lives and property of thousands of Nevadans. For this reason, the Office strives to conduct all hearings
in a timely, fair, and impartial manner and in accordance with the provisions in the Nevada
Administrative Procedures Act, Chapter 233B. The Office is supported primarily from Highway Fund
revenues.
Under the general direction of the Director, Deputy Director and Chief Information Security Officer, the
Information Security Officer is responsible for the development and delivery of a comprehensive
information security and privacy program for the department of Motor Vehicles. The scope of the
program concentrates on state wide oversight of physical and cyber security of all DMV assets,
including heavily integrated affiliations with other state agencies, federal agencies, and private sector
entities.
The purpose of this program includes but is not limited to: the protection of all IT and human assets
while ensuring that all information and data created, generated acquired, maintained and disseminated
by the department is safeguarded and used for its intended purpose; to protect the department’s
information, personnel and infrastructure from all forms of internal and external threats; assure the
department complies with statutory and regulatory requirements regarding information access, security,
privacy and dissemination; and to provide strategic and tactical input, design and oversight for the next
generation of the agencies product and service infrastructure.
Each division within the Department administers several programs. The divisions and examples of administered
programs are as follows:
Central Services Division (CSD), Field Services Division (FSD), Motor Carrier Division (MCD), Management
Services and Programs Division (MS&P), Administrative Services Division (ASD), Compliance Enforcement
Division (CED) and Motor Vehicle Information Technology (MVIT).
The Central Services and Records Division (CSD) provide alternative methods for Nevada motor vehicle
customers regarding drivers' licenses, registrations, titles, and license plates. This division is also responsible
for processing titles, ensuring data integrity and applying driver license sanctions.
The License Plate Factory is also operated by the Central Services and Records Division. Also known as
the "Tag Plant," the License Plate Factory is charged with designing, manufacturing, and distributing
Nevada's license plates to DMV offices and State Assessors Offices for issuance to vehicle owners and
operators in Nevada.
The Insurance Verification Program, known as Nevada LIVE (Nevada Liability Insurance Validated
Electronically), verifies that registered owners of motor vehicles registered in Nevada maintain liability
insurance. Revenue is generated from reinstatement fees and fines after suspensions for no insurance
The Field Services Division (FSD) is responsible for direct customer service operations for the driver licensing
and vehicle registration functions. Field Services assures that only safe and knowledgeable drivers receive the
privilege to drive on the highways. It also registers and titles vehicles, and collects appropriate fees and taxes
imposed upon the owners and operators of vehicles.
The Motor Carrier Division (MCD) is responsible for ensuring compliance with Nevada laws applicable to its
Motor Carrier Customers. This includes administration of special fuel and motor fuel supplier programs to
fairly collect and distribute the total fuel tax revenue owed to Nevada; licensing all commercial vehicles over
26,000 pounds; licensing vehicles with interstate operations under the International Registration Plan (IRP) and
International Fuel Tax agreement (IFTA); revenue and bad debt collections; and conducting audits of motor
carriers and fuel suppliers to ensure customer education and compliance with Nevada laws and regulations, the
International Registration Plan (IRP), and the International Fuel Tax Agreement (IFTA).

BACKGROUND - AGENCY
The Management Services and Programs Division (MS&P) is a resource to help achieve the department's
strategic plan goals and is responsible for developing regulations; drafting legislation; preparing fiscal notes,
surveys, forms, and desk reference manuals; developing requests for proposals; and managing projects related
to vehicle, driver, occupational, and business programs. This division develops policies and procedures for all
Department of Motor Vehicles (DMV) divisions to ensure consistent and uniform program delivery. Division
responsibilities also include support for the other divisions in the areas of strategic planning, research,
coordination of regulation and statutory changes, and legislative interaction
The Administrative Services Division (ASD) is charged with providing professional, timely, and accurate
support services to the Director, various divisions of the department, and other associated agencies. Support
services include fiscal accounting, budgeting, travel arrangements, payroll, warehousing, inventory control,
mail services, purchasing services, contract management, facilities management, revenue collection, revenue
distribution, and bad debt service. Through its centralized functions, it provides services to all divisions within
the department. With the centralized services, the department is able to ensure consistency, accuracy, and
compliance with laws and regulations for all divisions in these service areas.
The Compliance Enforcement Division (CED) is the regulatory arm of the Department of Motor Vehicles.
Regulation of the auto industry provides consumer protection through the licensing and regulation of businesses
related to the manufacture, transport, sale, and disposal of vehicles. The purpose of the fraud investigation
section is to investigate and resolve fraudulent activity. The Division also investigates all complex and criminal
complaints filed against licensees. Staff conducts audits, monitors, inspects, and provides investigative services
on the internal and external entities related to the DMV core programs
The purpose of the Emissions Control Program is to ensure that vehicles in Clark and Washoe Counties
comply with Nevada's laws and regulations regarding emission standards. The division carries out its
role by licensing and regulating emissions stations and inspectors as well as provides training and
certification of applicants seeking employment as Emission Inspectors. Staff conducts audits and
inspections at licensed emission stations; investigates potential program evaders and applies appropriate
sanctions against program violators. The division cooperates with the various planning agencies
involved in the Air Quality Program to evaluate air quality standards. The division is also a core
member of the Inspection and Maintenance (I/M) Advisory Committee
The Motor Vehicle Information Technology Division (MVIT) provides data processing support for the
Department of Motor Vehicles. MVIT is responsible for the development of new programs, enhancements to
existing programs and maintains application systems and the necessary infrastructure for systems data, as well
as provides technical and operating support.
Project Organization - Team

BACKGROUND - AGENCY
Projected System Modernization Organization
Project Timetable
Gant Chart Dead Link?
Project Roll-out
The DMV recommends an Agile role out. All of the service layers are dependent on the maturity of the
implementation of the Financial GL Hub.

BACKGROUND - AGENCY
Suggested Roll-Out by Iterative Time-box
CONCURRENT IMPACTS / PROJECTS
Describe any concurrent projects that may have an impact on the project identified in the RFP
Future legislative bills introduced in any Legislative Session and Federal mandates could impact business
requirements with this project.
CURRENT COMPUTING ENVIRONMENT
Describe the agency’s current computing environment
Current Computing Environment
The current computing environment is composed of PowerBuilder (thick client) application that power the DMV
technician’s desktop, and ASP.NET web applications that both technicians and citizens of the State use. The
client .NET and PowerBuilder applications invoke COBOL RPCs that run on IBM System Z. DB2 database on
System Z serves as the core system of records. SQL Server database is also used to hold discrete application
data. SQL Anywhere database is used as the local database that PowerBuilder application connects to display
static reference data such as drop downs.
The following diagram is a high-level overview of the current technology platform.

The following section provides an overview of DMV’s current computing environment and applications.
Application Overview
DMV engages services from its Motor Vehicle Information Technology (MVIT) unit to support core program
competencies. MVIT works closely with DMV business end-users, management and external customers to
ensure that data is properly collected, processed, stored and reported. Day-to-day MVIT services include code
maintenance, database and server administration, LAN support, local phone and Call Center support, desktop
support, computing operations and project management.
Several of DMV’s automated applications utilize the State's Enterprise Information and Technology Services
(EITS) IBM mainframe and/or wide area communications network for statewide communications and volume
processing.
CARRS – The Department of Motor Vehicles (DMV) application (CARRS) is DMV’s core integrated business
application for conducting vehicle registration and driver license transactions. CARRS is a fully integrated client
server system written in Power Builder, VB.NET, ASP.NET, COBOL, CICS, DB2, JCL, TSO/ISPF and SQL.
The DMV application has over 800 internal users, many external customers and interfaces with local, State and
Federal agencies. Nevada DMV received federal grant funding to integrate and implement VLS (Verification of
Lawful Status) and USPVS (US Passport Verification System) within the DMV CARRS application. The DMV
will be working on integrating and implementing VLS and USPVS systems with the CARRS application. All of
the required functionality will be added to the DMV application in accordance with the VLS and USPVS
documentation.

Data is stored in DB2 tables on the Mainframe. Access to the data is done through COBOL RPCs using SQL.
There is also a good amount of business logic stored in COBOL RPCs to be created and/or modified.
CARRS interfaces with AAMVA Net using UNI or Web Services to verify immigration documents and track the
status of all open cases.
CARRS was developed with vendor help and has been functioning since September 1999. CARRS is currently
enhanced and maintained by MVIT. The functionality in CARRS includes:
• Vehicle registration and all its related components;
• Driver License and it related components;
• Reporting on stored data;
• Cashiering and accounting;
• General Ledger Account maintenance;
• Debt Collections;
• Hearings, Audit and investigations;
• Call center interface
• Insurance data verification
• Interface to AAMVA and other vendor applications necessary to complete DMV transactions.
As part of this RFP, the vendor will replace and modernize the CARRS application to improve internal
processing and customer demands.
NCORS (Nevada Commercial Online Registration System) – is a web based system that is used by Motor
Carrier division personnel to register commercial vehicles that are not processed through CARRS. This system
allows installment payments and uses the IRP clearing house. NCORS functionality includes:
• Commercial Fleet maintenance;
• Fleet registrations;
NCORS is an internally developed application and was implemented in 2009. As part of this RFP, the vendor
will replace and modernize the functionality supported by the current NCORS applications to improve internal
processing and customer demands.
IFTA (International Fuel Tax Association) – is a vendor supplied and maintained system that is used by Motor
Carrier division personnel to collect and distribute Carrier Fuel taxes. This system uses IFTA clearing house.
IFTA functionality includes:
• Submission of Carrier tax return;
• Collection of Fuel taxes;
As part of this RFP, the vendor will replace and modernize the functionality supported by the current IFTA

applications to improve internal processing and customer demands.
Motor Fuel Supplier Tax application – is a web based system that is used by Motor Carrier division personnel
to collect Supplier Fuel tax. This system functionality includes:
• Submission of Supplier tax return;
• Collection of Fuel taxes;
Motor Fuel Supplier Tax application is an internally developed application and was implemented in 2005. As
part of this RFP, the vendor will replace and modernize the functionality supported by the current Motor Fuel
Supplier Tax application to improve internal processing and customer demands.
Web transactions
Currently DMV has a number of transactions available on its website www.DMVNV.com. MVIT continually
adds DMV transactions for the ease and convenience of Nevada citizens.
MyDMV Portal
MyDMV Portal was developed internally by MVIT staff and provides central access to customer data by
allowing Nevada citizens to log into one place to access their records. A number of Web transactions are
available to customers through the portal. In addition, this is the only online option where customers are allowed
to complete their address change without having to visit a DMV office. As of November 2014, there are over
350,000 MyDMV portal accounts with over 630,000 transactions.
Current Computing Infrastructure
DMV’s existing automated applications and components drive the Department’s current computing infrastructure.
For several of the core legacy applications the Department uses a combination of IBM mainframe technology
including COBOL, DB2 and CICS programs in the backend and Power Builder, VB.net & ASP.net in the front end
with a home grown INTERSPACE middle layer.
DMV uses Microsoft servers running 2008/12. Microsoft Windows and MS Office suite products, including MS
Internet Explorer.
Current Environment and tools (Back-end)
Currently the DMV application is two-tiered. Over 90% of the business logic and data reside on IBM’s
System Z environment.
The software component on the Mainframe that serves as the transaction server is called CICS. Connections to CICS
are established through HTTP over TCPIP. Access to Transaction is controlled through RACF (Resource Access
Control Facility) software on the Mainframe. Controlled access to transactions and application features are enabled
through DMV written software component named Identity and Access Management software. Business users
invoke RPC (Remote Procedure Call) programs that are managed by CICS. COBOL programs encapsulate most of
the business logic and accesses DB2 on System Z to retrieve, update and save application data. In addition to online

transactions, a number of batch program are run through Batch Scheduler.
The following is a high-level overview of back-end technical infrastructure that provides runtime services.
Identity and Access Manager
Nevada DMV built this software component that provides crucial services to authenticate and enable com-
munication between Applications that run on Windows and System Z environments. Identity and Access
Manager uses IBM’s RACF to manage users, authenticate, and control access to System Z resources. In addition,
access to specific business transactions are controlled through this software.
CICS Transaction Server
IBM’s CICS hosts online application programs. CICS enables COBOL programs as end point services that
process requests from client applications that run on Windows environment.
DB2
DB2 database on System Z serves as the central repository for core system of records.
DB2 Connect
DB2 Connect provides ODBC, ADO.NET, JDBC drivers to access DB2 databases from applications. Used for ETL
and ad-hoc report generation.
ZEKE
ZEKE batch scheduler enables us to schedule, monitor and manage our batch schedule.
Output Manager
Output Manager enables to archive job logs, and batch output for specified period of time. It also provides ability to
view, and print output.
Removable Media Manager (RMM)
RMM enables us view and manage data residing on removable media (tapes).
BPF Sound Software
Sound Software enables to generate and print barcodes.
Informatica Identity Systems
Informatica Identity Systems Name 3 software enables us to do fuzzy searches, match business and individual names
to obtain a score that indicates how close they match.
UNI (AAMVA) Software
AAMVA/UNI software enables DMV to communicate and share information with other State and Federal entities.
Secure FTP Server
Nevada DMV built this software to handle data interchange between DMV and several Insurance carriers. The
software provides application specific requirements to automate processing of Insurance carrier’s books of business.
Real-time multi-threaded Insurance inquiry processor
Nevada DMV built this framework to randomly inquire liability insurance real time through insurance carrier
provided web service. The framework provided the ability to single-thread inquiries to each insurance
company and spawned as many child tasks that are allowed to concurrently run. The framework also allowed

users to view last few insurance calls from the trace buffer, start, stop, and pause all or specific tasks.
The following is a high-level overview of back-end Application Development and System administration tools.
Debug tool - Enables ability step through application program.
Fault Analyzer - Helps with analysis unchecked exceptions by formatting application and system dumps.
File Manager – Enables programmers to edit, create, view data residing on supported file systems. It also packs a
number of productivity tools for System Z application development.
RDZ – IDE for System Z application development.
LifeCycle Manager – SCM tool to manage versions and build
DB2 Admin tool – Database administration tool
DB2 Object Compare – Tool that allowed DBAs to implement and promote database changes to various
environments.
DB2 Query Monitor – Tool to capture and analyze performance metrics of application SQLs.
Omegamon for DB2 – Tool for monitor real-time and snapshot Database performance metrics
Omegamon for CICS – Tool to monitor real-time and snapshot Transaction server performance metrics
RMF – Tool that provides insight into overall System Z performance metrics
SMS – IBM’s Storage Management software that enables DMV to migrate data to cheaper storage media and
recall them to active disk when needed seamlessly. The software also archives, backs up and delete aged data
based on rules.
Infrastructure related information:
1) User Desktop – Windows 7
2) Server – Windows 2008R2 & 2012
3) SQL Server – 2008R2
4) Web Server – Windows 2008R2
5) Network Interface – RJ45 - 1Giga bit to Desktops
6) VMWare Ver. 5
7) SAN Storage replicated North & South.
A listing of software, hardware, and development products currently in use is found in Table I, Current
Computing Infrastructure, below.
Table I - Current Computing Infrastructure

Database Products
VSAM, Flat Files, DB2V10, SQL Server 2008R2,
Paradox, Access DB, SQL Anywhere (Sybase)
Computing Platform IBM Mainframe, MS Windows Server 20xx, VMWare
Ver. 5
Network
TCP/IP, WAN, Cisco, F5
Storage
Mainframe DASD, Storage Area Network, Tape
Cartridges, Virtual Tapes (VTS)
Application Infrastructure
Microsoft Visual Studio 2008/2010, Sybase Power Builder
V12, Interspace, IBM RDz, Humming Bird, Crystal
Reports Ver. /10, QAS Batch Software, Dameware,
Acrobat Write Pro 10, Sybase SQL Anywhere, PDF4Net,
PDF4View, MS SQL Server 2008 R2, MS Team
Foundation Server, Microsoft Internet Information
Services, Adobe Acrobat X PRO, Microsoft SharePoint
2010, IBM CICS Transaction Server, IBM DB2, IBM
DB2 Connect, ZEKE, IBM Output Manager, IBM
Removable Media Manager, Informatica Identity Systems,
BPF Sound Software, UNI (AAMVA), Identity and Access
Manager, Secure FTP polling processor, TAL Barcode
Software, Debug tool, Fault Analyzer, File Manager, RDZ,
LifeCycle Manager, DB2 Admin tool, DB2 Object
Compare,
DB2 Query Monitor, Omegamon for DB2, Omegamon for
CICS, RMF, SMS, F5 (NLB), SQL Server Cluster
Typical Desktop
Dell Optiplex 7010 (OptiPlex 7010, 8GB Ram, 1GB AMD
video card, 500GB SATA HHD, I7 3.4GHz processor,
Single 22” monitor)
Front Counter Peripherals
Barcode Scanner, IPad (Credit Card Scanner), Document
Scanner (Canon M160), POD Printer, Dell (Laser) Printer –
All are USB ports except POD Printers.
Power User’s Desktop
Dell Precision 1700 (Precision 1700, 8GB Ram, 1GB
NVIDIA video card, 500GB SATA HHD, I7 3.60GHz
processor, Dual 22” monitors)
Email Communications MS Exchange Server 2010

Productivity Suite Microsoft Office
Typical Workstation Printer Dell Laser 5460
High Volume/High Speed Printers
Oce VarioPrint 110 Laser Printers, Printronix P700 Series
Line Matrix, High Volume POD Printers, Batch Decal
Printers
Network Infrastructure Cisco Switching / Routing
Interactive Voice Response Unit Avaya Equipment
Call Management / Call Center Phone
Switching
Avaya CTI / CMS Application
Document Imaging Kodak, WebXtender, ASD Document Imaging, Colfax
Anti-Virus Software Symantec
Virtualization Environment
DMV utilizes server virtualization technology to consolidate resources, maximize technology investment, and
improve the speed and efficiency in which server, storage, and application resources are deployed and managed.
Currently, DMV hosts non-mainframe applications on Microsoft Windows Server operating systems.
For the Microsoft Windows Server environment, VMWare ESX Server hypervisor technology is used to
partition physical servers into multiple virtual machines each with its own reconfigurable subset of machine
resources to support application needs.
While storage virtualization technology may be considered in the future it is not currently used; however, DMV
is actively researching client/desktop virtualization technologies for future use.
XML, Web Services and SOA
For various DMV application enhancements, DMV has or is deploying XML, web services, and Service
Oriented Architecture (SOA) technologies to link and integrate heterogeneous applications. The technology
facilitates transfer of data between DMV’s applications using standard interfaces and messaging schemas.
Data Encryption
DMV utilizes Triple DES encryption algorithm to encrypt selective pieces of data that are deemed confidential.
MVIT currently transparently encrypt personal identifying information (PII) - such as client Social Security
Numbers - stored in DB2 databases without requiring major modification to existing applications.

Disaster Recovery Environment
Disaster recovery for the current systems environment includes two (2) procedures. First, disaster recovery for
the mainframe environment is maintained and managed by the State of Nevada Department of Information
Technology (EITS); the State’s central IT unit. EITS works with other State agencies to ensure that mainframe
components and related applications are recoverable from disaster. Multiple State agencies rely on this first
recovery procedure. The second recovery procedure is used by DMV to recover non-mainframe mission-critical
servers. Utilizing server space both in Northern and Southern Nevada, DMV replicates and shares information
between the two locations for systems recovery purposes.
STATE OF NEVADA ENTERPRISE INFORMATION & TECHNOLOGY SERVICES CURRENT COMPUTING
ENVIRONMENT
The State of Nevada Enterprise Information & Technology Services (EITS) maintains a comprehensive
computing and communications facility and provides technical services and support to State agencies statewide.
Primary EITS services include Wide Area Network (WAN) and Local Area Network (LAN) provision and
support, IBM mainframe capacity, maintenance and support, UNIX hosting and support, data center facilities
and server support services, and other technical consulting and software design, development and related
services.
DMV currently has multiple applications on IBM mainframe platform. Other Windows systems run on Intel
platforms. The State datacenter uses DB2, and MS SQL server database software. For modernization planning
purposes, DMV anticipates utilizing EITS’s server co-location and hosting services for DMV IT operations.
The primary network protocol for the State’s LAN and WAN services is Ethernet and TCP/IP with WAN
components consisting predominantly of Cisco Systems equipment using Cisco Systems best practices. DMV
uses EITS's statewide WAN and IBM mainframe services to support various DMV applications that are used by
DMV field offices throughout the State of Nevada. For DMV modernization statewide network and
communication planning purposes, DMV will continue to rely on the EITS WAN for communications. Within
the RFP response, the vendor is required to indicate WAN capacity and performance requirements in support of
their proposed modernization solution.
PROJECT SOFTWARE
Describe the current desktop tools utilized by the agency
S.No Project Software/Tools Track/Group Remarks
1 MS Office Suite (Word, Excel, Access,
Outlook, Power Point, Project, SharePoint,
Visio)
All
2 WinSCP All Third Party Tool used to connect
to FTP Servers.
3 WebXtender All
4 Hyena Networks/Computer
Helpdesk
User and end point
administration

PROJECT SOFTWARE
Describe the current desktop tools utilized by the agency
Helpdesk administration
5 Screen Print Platinum 5 All Screen Print Software
6 CMS (Phone System) John Stewart and
Wannetta Bernard
Access phone switch reports for
Computer Help Desk
7 CommVault Computer Helpdesk Server Tape Backup System
8 Application Extender Computer Helpdesk
9 Windows 7, Windows 2008, 2013 All Operating System
10 Cisco VPN All Desktop access from remote
locations
11 Remedy All Project and Ticket Reporting
System and Equipment Inventory
12 Symantec Virus Scan Enterprise All Virus
13 MDS – Microsoft Deployment Services Networks Used for Ghost Images
14 Identity Manager Computer Help
Desk
Application User Administration
DEVELOPMENT SOFTWARE
Review this section and provide modifications as applicable.
S.No Development Software/Tools Track/Group Remarks
1 Microsoft Visual Studio 2008/2010 Applications,
FAC
2 Sybase Power Builder V12 Applications,
FAC
3 Interspace Applications,
FAC
Homegrown Application
4 IBM RDz Applications,
Systems, FAC
IBM IDE - Used for Mainframe
Access
5 Humming Bird Applications,
Systems, FAC
Used for Mainframe Access
6 Crystal Reports Ver. 9/10 Applications
7 QAS Batch Software Applications,
FAC
Address Verification Application
9 Dameware All Remote Access to PCs
8 Acrobat Write Pro 10 All
9 Sybase SQL Anywhere All
10 Erwin System Database Maintenance Tool

DEVELOPMENT SOFTWARE
Review this section and provide modifications as applicable.
11 PDF4Net Applications Third Party Tool used to create PDF
forms/reports through ASP.NET
12 MS SQL Server 2008 R2 All Microsoft SQL Server DB Software
13 MS Team Foundation Server All Source Control Software
14 Microsoft Internet Information Services All Web Servers.
15 Adobe Acrobat X PRO Applications,
FAC
Limited number of licenses for creating
PDFs.
16 Microsoft SharePoint 2010 All
17 IBM CICS Transaction Server All
18 IBM DB2 All
19 IBM DB2 Connect All
20 ZEKE Operations Batch job scheduler on System Z
21 IBM Output Manager All
22 IBM Removable Media Manager Systems,
MVIT
Tape Management software
22 Informatica Identity Systems Applications Fuzzy search software
23 BPF Sound Software Applications Barcoding software
24 UNI (AAMVA) Applications
25 Identity and Access Manager All Built by MVIT to authenticate and
control access to DMV applications.
26 Secure FTP polling processor Applications Built by MVIT for processing to
receive, process and return insurance
data for NVLIVE
STATE RESOURCES
Review the sections in the template and provide any changes or additions
within this section by referencing back to the sections in the template.
Will there be a Steering Committee? Yes: X No:
Will there be a Project Sponsor? If yes, who will the project
sponsor be?
Administrator of Management Services and Program Division
Yes: X No:
Will there be a Project Manager? Yes: X No:
State Project Staff – Any limitations on their availability; i.e.,
specific timeframes they would not be available?
If so, identify those timeframes:
Yes: No: X
Will there be a Quality Assurance Monitor? Yes: X No:

SYSTEM REQUIREMENTS – COMPUTING PLATFORM
If applicable, this section should include, but not be limited to, the following information regarding the
agency’s project platform, LAN/WAN, output requirements, etc.
Conceptual Platform Architecture [Placeholder]
This could be used in the RFP but MVIT has to bless it?
It was agreed upon in a joint RFP/ MVIT meeting that this was a good strategy and agreeable in
principle to Bill the Networking lead that supported mirrored data centers as a way to have distributed
LOE and instant fail over capabilities

SYSTEM REQUIREMENTS – TECHNICAL REQUIREMENTS
If applicable, this section should include, but not be limited to, the following information regarding the agency’s
required presentation requirements, data requirements, processing requirements, reporting, architecture,
programming requirements, disaster recovery, development, testing and training environment, error control,
on-line help, system interfaces, search tool, etc.
Conceptual SOA Architecture Pattern [Placeholder]

SYSTEM REQUIREMENTS – TECHNICAL REQUIREMENTS
If applicable, this section should include, but not be limited to, the following information regarding the agency’s
required presentation requirements, data requirements, processing requirements, reporting, architecture,
programming requirements, disaster recovery, development, testing and training environment, error control,
on-line help, system interfaces, search tool, etc.
FUNCTIONAL REQUIREMENTS
If applicable, this section should include the functional specifications
Mandatory
Functionality
Description
Objective:
The Vendor must follow the functional requirements as set out in this formal RFP, which makes the best
attempt to describe in detail the product's intended capabilities, appearance, and interactions with users, in
that this particular set of mandatory functional requirements sets out the intended greenfield modernization of
the entire DMV computer technology environment.
The Vendor must use this particular set of mandatory functional requirements as a best-in-class attempt to set
out a holistic modernization of the entire DMV computer technology environment describing what the system
is supposed to do by defining functions and high-level logic.
Non-Objective:
The Vendor though appearing compliant with the mandatory functional requirements, as set out below, must
not, under any circumstances, in their response to this RFP, offering below standard products, design and
architecture that may appear to resolve the mandatory functional requirements, that are however old

DMV_SMRFP_IT RFP Development Form_Master_02-06-l5 V 1.0 AD Final

DMV_SMRFP_IT RFP Development Form_Master_02-06-l5 V 1.0 AD Final

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Andere mochten auch

Andere mochten auch (20)

Ähnlich wie DMV_SMRFP_IT RFP Development Form_Master_02-06-l5 V 1.0 AD Final

Ähnlich wie DMV_SMRFP_IT RFP Development Form_Master_02-06-l5 V 1.0 AD Final (20)

Mehr von Alexander Doré

Mehr von Alexander Doré (17)

DMV_SMRFP_IT RFP Development Form_Master_02-06-l5 V 1.0 AD Final