Write a Winning Proposal

Request for Proposal (RFP)

There are some technical nuances with a proposal writing and by learning them one can write a winning proposal. However, it would be misleading if we say that only writing the proposal in a specific format, summarizing all features, following all procedures would win you a proposal. There are certain requirements without which a proposal is not even considered, for example security certificates, relevant experience or accessibility standards. You will have to submit your solution to a third party audit/vulnerability testing for a security certificate. You will have to amass a small body of experience of working in private sector before you launch yourself in public sector. Lastly you will have to upgrade your solution so that it passes through other checks and standards. It’s called a competitive process for a reason; the suppliers have to step up their game to be considered as a viable solution.

The standards can be summarized in five main points:

a. Cyber security: it should be part of the architecture
b. Cost effective: TCO - all costs including initial investment, maintenance cost and replacement cost all will be considered.
c. Cost readiness: commercial of the shelf solutions are usually preferred with little to no customization
d. Unified solutions: featuring easy integrations with third party APIs and other in-use solutions
e. Standardized: the solution complies with widely accepted industry standards

1. Executive Summary, Scope or Deliverables

These three main sections of the RFP mainly contains all the information needed for a primary scrutiny. The context of the RFP, buyer’s current solution, problems they are facing can be found here. Their expectations from the new solution, deliverables and timelines are also mentioned in this section. If the requirements match with the proponent’s solution, he proceed with the next sections. This section helps to construct answers.

Lets see what are the key information required in almost all ICT related RFPs and how best one can answer them.

2. Proponent’s Company, Team and Experience

A complete description of the supplier is required. We would suggest that you treat this proposal like a marketing material i.e. put all your best points on the paper and don’t leave anything for assumptions or deductions. However, you should steer clear of the seller’s bluff kind of statements. Only true and genuine claims should be made. Companies' capability and capacity to meet the RFPs requirement should be mentioned including:

  • relevant skill sets and experience of those nominated by the supplier for a task;
  • workforce breakdown i.e. which personal will be responsible for which job in the project;
  • organizational capacity to provide back-up in case of non-availability;
  • team strength - their qualifications, experiences and designations;
  • overall experience of the supplier including that which specifically pertains to that RFP;
  • sometimes project value is also required.

3. Technical requirements

This sections includes discussion around "the solution," solution architecture and technology roadmap.
Read more about the Technical Requirements

4. Security certificates

For a government it is more important to secure data than the code. It is expensive to build technology and make it secure. On the top of that it’s even more costlier to keep the code a secret. So they are particular interested in knowing how well their solution addresses and complies with privacy protection, data security, and effective information management. UK, Europe and Canada have all defined their IT policies and cyber security standards; their RFPs are judged accordingly.
Learn what industry wide standards and protocols are required.

The proponents are expected to enter into agreement based on a combination of its standard terms and conditions which are subject to little negotiation. This section cannot be maneuvered around; one has to have a solid financial standing to pass in this area. The governmental agencies require documents like financial statements and audit reports of the last 2 years.

Financial documents and Insurance

Proponent is also expected to carry few insurances to an amount around $2,000,000 including:

Commercial general liability
Cyber liability insurance (coverage includes security liability, privacy regulatory defense, payment of civil fines, payment of credit card provider penalties and breach response costs)
Professional liability insurance covers negligence, copyright infringement and personal injury etc.
Errors and Omissions coverage

Since insurance is tied to assets, companies/suppliers with good financial backing meet up this requirement.


The rates quoted by the proponent must be all-inclusive and must include all labor and material costs, all travel and logistical costs, all insurance costs, all costs of delivery, all costs of installation and set-up, including any pre-delivery inspection charges, and any other overhead, including any fees or other charges required by the law.

6. Project Implementation Plan with Timelines and Milestones

“An implementation plan is a document that outlines the steps your team should take to accomplish a shared goal or initiative. Implementation planning is the counterpart to a strategic plan… The purpose of an implementation plan is to ensure that your team can answer the who, what, when, how, and why of a project before moving into the execution phase.”
Learn about the different phases of project implementation.

7. Service Level Agreement, Training & Documentation, Social & Ethical Values

Read the details here

Further Reading
Anne-Marie Scott. "How To Procure Open Source" A placid island of ignorance… 26, Feb 2019
The OSS Watch Team. "Decision Factors For Open Source Software Procurement" OSS Watch 11 July 2008 , last updated 11 April 2014