The URL can be used to link to this page

Home My WebLink AboutContract 59952DocuSign Envelope IQ FBFAFF23-E9AD-4C71-9566-7749CF07A353 CSC No. 59952 FORT WORTH CITY OF FORT WORTH COOPERATIVE PURCHASE AGREEMENT This Cooperative Purchase Agreement ("Agreement") is entered into by and between ePlus Technology, Inc. ("Vendor") and the City of Fort Worth, ("City"), a Texas home rule municipality. The Cooperative Purchase Agreement includes the following documents which shall be construed in the order ofprecedence in which they are listed: 1. This Cooperative Purchase Agreement; 2. Exhibit A -ePlus Technology, Inc. Cyber Security Project Objectives Plan; 3. Exhibit B -TIPS 230105 Cooperative Agreement; and 4. Exhibit C - Conflict of Interest Questionnaire. Exhibits A, B, and C which are attached hereto and incorporated herein, are made a part of this Agreement for all purposes. Vendor agrees to provide City with the services and goods included in Exhibit A pursuant to the terms and conditions of this Cooperative Purchase Agreement, including all exhibits thereto. City shall pay Vendor in accordance with the pricing index in Exhibit A and the provisions of this Agreement. Total payment made annually under this Agreement by City shall not exceed One Hundred Thousand and 00/100 dollars ($100,000.00). Vendor shall not provide any additional items or services or bill for expenses incurred for City not specified by Exhibit A and this Agreement unless City requests and approves in writing the additional costs for such items, services, and/or expenses. City shall not be liable for any additional expenses of Vendor not specified by this Agreement unless City first approves such expenses in writing. The term ofthis Agreement shall be effective beginning on the date signed by the Assistant City Manager below ("Effective Date") and ending on May 31, 2024, City shall be able to renew this agreement for Four (4) one-year options by written agreement ofthe parties. Vendor agrees that City shall, until the expiration ofthree (3) years after final payment under this Agreement, or the final conclusion of any audit commenced during the said three years, have access to and the right to examine at reasonable times any directly pertinent books, documents, papers and records, including, but not limited to, all electronic records of Vendor involving transactions relating to this Agreement at no additional cost to City. Vendor agrees that City shall have access during normal working hours to all necessary Vendor facilities and shall be provided adequate and appropriate work space in order to conduct audits in compliance with the provisions o fthis section. City shall give Vendor reasonable advance notice of intended audits. Notices required pursuant to the provisions of this Agreement shall be conclusively determined to have been delivered when (1) hand -delivered to the other party, its agents, employees, servants or representatives, (2) delivered by facsimile with electronic confirmation of the transmission, or (3) received by the other party by United States Mail, registered, return receipt requested, addressed as follows: OFFICIAL RECORD CITY SECRETARY Cooperative Purchase FT. WORTH, Tx Page 1 on 7 DocuSign Envelope ID: FBFAFF23-E9AD-4C71-9566-7749CF07A353 To CITY: City of Fort Worth Attn: Valerie Washington, Manager 200 Texas Street Fort Worth, TX 76102-6314 Facsimile: (817) 392-8654 To VENDOR: ePlus Technology, Inc. ePlus Technology, Inc. Assistant City ATTN: Legal Department 13595 Dulles Technology Drive Herndon, VA. 20171 Facsimile: N/A With copy to Fort Worth City Attorney's Office at same address IP Indemnification. Vendor agrees to indemnify, defend, settle, or pay, at its own cost and expense, including the payment of attorney's fees, any claim or action against the City for infringement of any patent, copyright, trade mark, service mark, trade secret, or other intellectual property right arising from City's use of the Deliverable(s), or any part thereof, in accordance with the Agreement, it being understood that the agreement to indemnify, defend, settle or pay shall not apply if City modifies or misuses the Deliverable(s). So long as Vendor bears the cost and expense of payment for claims or actions against the City pursuant to this section, Vendor shall have the right to conduct the defense of any such claim or action and all negotiations for its settlement or compromise and to settle or compromise any such claim; however, City shall have the right to fully participate in any and all such settlement, negotiations, or lawsuit as necessary to protect the City's interest, and City agrees to cooperate with Vendor in doing so. In the event City, for whatever reason, assumes the responsibility for payment of costs and expenses for any claim or action brought against the City for infringement arising under the Agreement, the City shall have the sole right to conduct the defense of any such claim or action and all negotiations for its settlement or compromise and to settle or compromise any such claim; however, Vendor shall fully participate and cooperate with the City in defense of such claim or action. City agrees to give Vendor timely written notice of any such claim or action, with copies of all papers City may receive relating thereto. Notwithstanding the foregoing, the City's assumption of payment of costs or expenses shall not eliminate Vendor's duty to indemnify the City under the Agreement. If the Deliverable(s), or any part thereof, is held to infringe and the use thereof is enjoined or restrained or, if as a result of a settlement or compromise, such use is materially adversely restricted, Vendor shall, at its own expense and as City's sole remedy, either: (a) procure for City the right to continue to use the Deliverable(s); or (b) modify the Deliverable(s) to make them/it non -infringing, provided that such modification does not materially adversely affect City's authorized use of the Deliverable(s); or (c) replace the Deliverable(s) with equally suitable, compatible, and functionally equivalent non -infringing Deliverable(s) at no additional charge to City; or (d) if none of the foregoing alternatives is reasonably available to Vendor, terminate the Agreement, and refund all amounts paid to Vendor by the City, subsequent to which termination City may seek any and all remedies available to City under law. VENDOR'S OBLIGATIONS HEREUNDER SHALL BE SECURED BY THE REQUISITE INSURANCE COVERAGE REQUIRED BY CITY. Cooperative Purchase Page 2 of 17 DocuSign Envelope ID: FBFAFF23-E9AD-4C71-9566-7749CF07A353 Data Breach. Vendor further agrees that it will monitor and test its data safeguards from time to time, and to adjust its data safeguards from time to time in light of relevant circumstances or the results of any relevant testing or monitoring. If Vendor suspects or becomes aware of any unauthorized access to any financial or personal identifiable information ("Personal Data") by any unauthorized person or third party, or becomes aware of any other security breach relating to Personal Data held or stored by Vendor under the Agreement or in connection with the performance of any services performed under the Agreement or any Statement(s) of Work ("Data Breach"), Vendor shall immediately notify City in writing and shall fully cooperate with City at Vendor's expense to prevent or stop such Data Breach. In the event of such Data Breach, Vendor shall fully and immediately comply with applicable laws, and shall take the appropriate steps to remedy such Data Breach. Vendor will defend, indemnify and hold City, its Affiliates, and their respective officers, directors, employees and agents, harmless from and against any and all claims, suits, causes of action, liability, loss, costs and damages, including reasonable attorney fees, arising out of or relating to any third party claim arising from breach by Vendor of its obligations contained in this Section, except to the extent resulting from the acts or omissions of City. All Personal Data to which Vendor has access under the Agreement, as between Vendor and City, will remain the property of City. City hereby consents to the use, processing and/or disclosure of Personal Data only for the purposes described herein and to the extent such use or processing is necessary for Vendor to carry out its duties and responsibilities under the Agreement, any applicable Statement(s) of Work, or as required by law. Vendor will not transfer Personal Data to third parties other than through its underlying network provider to perform its obligations under the Agreement, unless authorized in writing by City. Vendor's obligation to defend, hold harmless and indemnify City shall remain in full effect if the Data Breach is the result of the actions of a third party. All Personal Data delivered to Vendor shall be stored in the United States or other jurisdictions approved by City in writing and shall not be transferred to any other countries or jurisdictions without the prior written consent of City. No Bovcott of Israel. If Vendor has fewer than 10 employees or the Agreement is for less than $100,000, this section does not apply. Vendor acknowledges that in accordance with Chapter 2270 of the Texas Government Code, City is prohibited from entering into a contract with a company for goods or services unless the contract contains a written verification from the company that it: (1) does not boycott Israel; and (2) will not boycott Israel during the term of the contract. The terms "boycott Israel" and "company" shall have the meanings ascribed to those terms in Section 808.001 of the Texas Government Code. By signing this Addendum, Vendor certifies that Vendor's signature provides written verification to City that Vendor. (1) does not boycott Israel; and (2) will not boycott Israel during the term of the Agreement. Prohibition on Bovcottine Energv Companies. Vendor acknowledges that in accordance with Chapter 2274 of the Texas Government Code, as added by Acts 2021, 87th Leg., R.S., S.B. 13, § 2, the City is prohibited from entering into a contract for goods or services that has a value of $100,000 or more that is to be paid wholly or partly from public funds of the City with a company with 10 or more full-time employees unless the contract contains a written verification from the company that it: (1) does not boycott energy companies; and (2) will not boycott energy companies during the term of the contract. The terms "boycott energy company" and "company" have the meaning ascribed to those terms by Chapter 2274 of the Texas Government Code, as added by Acts 2021, 87th Leg., R.S., S.B. 13, § 2. To the extent that Chapter 2274 of the Government Code is applicable to this Agreement, by signing this Agreement, Vendor certifies that Contractor's signature provides written verification to the City that Contractor: (1) does not boycott energy companies; and (2) will not boycott energy companies during the term of this Agreement. Cooperative Purchase Page 3 of 17 DocuSign Envelope ID: FBFAFF23-E9AD-4C71-9566-7749CF07A353 Prohibition on Discrimination Aeainst Firearm and Ammunition Industries. Vendor acknowledges that except as otherwise provided by Chapter 2274 of the Texas Government Code, as added by Acts 2021, 87th Leg., R.S., S.B. 19, § 1, the City is prohibited from entering into a contract for goods or services that has a value of $100,000 or more that is to be paid wholly or partly from public funds of the City with a company with 10 or more full-time employees unless the contract contains a written verification from the company that it: (1) does not have a practice, policy, guidance, or directive that discriminates against a firearm entity or firearm trade association; and (2) will not discriminate during the term of the contract against a firearm entity or firearm trade association. The terms "discriminate," "firearm entity" and "firearm trade association" have the meaning ascribed to those terms by Chapter 2274 of the Texas Government Code, as added by Acts 2021, 87th Leg., R.S., S.B. 19, § 1. To the extent that Chapter 2274 of the Government Code is applicable to this Agreement, by signing this Agreement, Vendor certifies that Contractor's sig-nature provides written verification to the City that Contractor: (1) does not have a practice, policy, guidance, or directive that discriminates against a firearm entity or firearm trade association; and (2) will not discriminate against a firearm entity or firearm trade association during the term of this Agreement. Cooperative Purchase Page 4 of 17 DocuSign Envelope ID: FBFAFF23-E9AD-4C71-9566-7749CF07A353 The undersigned represents and warrants that he or she has the power and authority to execute this Agreement and bind the respective Vendor. CITY OF FORT WORTH: Valerie Washington �n (Aug 8, 2023 10:15 CDT) By: Name: Valerie Washington Title: Assistant City Manager Date: Aug 8, 2023 APPROVAL RECOMMENDED: By: Name: Kevin Gunn Title: IT Solutions Director 4.d4UUIlgIl� ATTEST: cF FORr�aa v_p �' ';00 o °.�0, As °o o° aaa� nezA54aa By: Name: Jannette Goodall Title: City Secretary ePlus Tecg �,lnc. By: ruocu bin, w wine"�� gh I i n Title: senior vp Contracts Date: 8/1/2023 CONTRACT COMPLIANCE MANAGER: By signing I acknowledge that I am the person responsible for the monitoring and administration of this contract, including ensuring all performance and reporting requirements. r�i By: Jus Grace (Aug 1, 202315:52 CDT) Name: Justin Grace Title: Sr. IT Solutions Manager APPROVED AS TO FORM AND LEGALITY: By: Name: Taylor Paris Title: Assistant City Attorney CONTRACT AUTHORIZATION: M&C: N/A OFFICIAL RECORD CITY SECRETARY FT. WORTH, TX Cooperative Purchase Page 5 of 17 DocuSign Envelope ID: FBFAFF23-E9AD-4C71-9566-7749CF07A353 Exhibit A Cooperative Purchase Page 6 of 17 DocuSign Envelope ID: FBFAFF23-E9AD-4C71-9566-7749CF07A353 DocuSgn Envelope ID: 6831B944-35C3-4C39•A499-7EA57EF9DC91 e+ PROJECT OBJECTIVES PLAN City of Fort Worth This Agreement and Project Objectives Plan (this "Agreement" or "POP") Is made June 14", 2023 ("Effective Date") by and between City of Fort worth ("Customer") and ePlus Technology, inc. ("ePlus") (each of ePlus and Customer a "Party" and together the "Parties"). Tips contract 230105. 1.1 ExECUTtvE SUMMARY OF THE SERVICES Customer has engaged ePlus to provide a Principal Security Consultant to perform consulting and other activities in agreed -upon areas within the fields of governance, compliance, and risks associated with Cybersecunty. ePlus will provide Cybersecurrty Maturity Assessment Services. 1.2 DEFINrnoNS Deliverable: A measurable indication of progress within a given phase, documentation in hard copy or electronic form such as analyses, reports, manuals, test results, or any other Items as set forth in section 2.2. Milestone. A specific goal, objective, or event pertaining to services described In this POP. Normal Business Hours: The hours of Monday through Friday 8:00 a.m. to S:00 p.m. local time, excluding any federal and ePlus observed holidays. A list of ePlus observed holidays will be provided upon request. Products: Third party hardware and/or software products are sold separately and are not deliverables. 2.1 SERVICES The Services that ePlus and/or its subcontractor shall provide will Include: • Assess the Cyber Security environment and business objectives of the Security Program • Assist in Cyber Security Program development and execution • Undertake effective informal training, which will enable the Customer to achieve the short-term, intermediate, and long-term IT security and GRC goals and objectives identified as part of the development of the program Kick -Off Meetings During Initial meetings, ePlus and the Customer will: • Discuss and document the business goals for the engagement Business goals will drive prioritization of the specific results that Customer expects. • Discovery includes a review of compliance requirements, policy documents, security technology, presence of security awareness and training, and incident detection and response capabilities As related to the agreed upon areas being assessed, ePlus will develop a strategy that Is aligned with addressing the following needs: Security Risk and Compliance • Assess environment against the NIST CSF Cybersecurity Framework (or a subset of controls as agreed) and provide recommendations to meet controls that are not In compliance • Review Polices and controls for design and effectiveness within the organization • Verify that Account Management (logging/auditing, password policy, and privileged/admin accounts), Inventory Management (asset provisioning, tracking, and retirement) and Patch Management (assess patching policy, process, and effectiveness) are assessed and enhanced 6/14/2023 Oty of Fort Worth-Cybersecunty Matunty Assessment-1325S2 PAGE 2 Cooperative Purchase Page 7 of 17 DocuSign Envelope ID: FBFAFF23-E9AD-4C71-9566-7749CF07A353 DocuSign Envelope ID: 6831B94435C3-4C39-A499-7EA57EF9DC91 e+ PROJECT OBJECTIVES PLAN City of Fort Worth Phase 1 - ePlus Advisory Services — Cybersecurty Maturity Assessment • Review and assess the Cyber Security Program and strategy • Review existing skillset and undertake gap assessment • Evaluate policy documentation, controls, and program reporting. • Provide recommendations based on identified deficiencies • Cybersecunty Maturity Assessment Report • Design and build a Cyber Security Roadmap • Weekly business call to provide status and/or changes to existing milestones All expenses related to travel on behalf of the Customer will be charged to the Customer at cost. The Customer will be notified in advance if travel is required and an estimate of the expenses involved will be provided on request. Typical travel expenses may Include, but are not limited to, the following: airfare; ground transportation; hotel accommodations, sustenance, and other incidental expenses as required. Project Management Standard Project Management is utilized when the management requirements for a project of mid to high complexity. The expectation is that the Project Manager will be working on tasks which may include meeting planning, resource scheduling, equipment confirmation, and issue tracking, within a project workbook. The Project Manager will also be responsible for project closeout and satisfaction surveys. 2.2 DELIVERABLES ePlus will provide Services only, and no Deliverables will be provided except as follows: • Cybersecunty Maturity Assessment Report • Cybersecurty Roadmap (Format to be determined at Project Kick -Off) Notwithstanding anything to the contrary set forth herein: (i) as part of ePlus' provision of the Services, ePlus may utilize proprietary works of authorship that have not been created specifically for Customer, including without limitation computer programs, methodologies, designs, tools, and documentation, as well as intellectual property rights, ideas, concepts, know-how, or data, and any derivatives thereof, which have been originated, developed or purchased by ePlus or its affiliate, subcontractors or suppliers ("ePlus Information"); and (ii) ePlus Information and ePlus' administrative communications and records relating to the Services shall remain the sole and exclusive property of ePlus. 2.3 PLACE OF PERFORMANCE Unless otherwise specified elsewhere in this POP, all on -site Services will be performed at Customer's facilities located at the following location(s) ("Customer Site"): • Services will be performed remotely 3.1 GENERAL RESPONSIBILITIES During the course of this project, ePlus will require the support of Customer staff and computing resources. If the required Customer resources cannot be made available, the scope of the Services, estimated schedule (see section S.1), or both may be affected. Customer agrees to provide the following: • A work area suitable for the tasks to be performed and any required software or documentation. • If Customer directly procures any hardware or software required for this project, Customer agrees to provide the hardware, software, and any accompanying support documentation or instructions. 6/14/2023 City of Fort Worth-Cybersecunty Maturity Assessment-132552 PAGE 3 Cooperative Purchase Page 8 of 17 DocuSign Envelope ID: FBFAFF23-E9AD-4C71-9566-7749CF07A353 DocuSign Envelope ID: 6831B944-35C3.4C39•A498-7EA57EF9DC91 e+ PROJECT OBJECTIVES PLAN City of Fort Worth • A secure storage location for all equipment delivered to the Customer Site until the scheduled ePlus installation date, if applicable. • Contact personnel to escort the ePlus resource(s) through the Customer Site. • Access to the Customer Site during the work hours required for this project. • Documentation necessary to perform the Services, as requested by ePlus. Examples Include current network topology, current policies and standards/ procedures, prior assessments, regulatory requirements, client or third party contractual obligations, etc. • Provide a single point of contact, who is familiar with the Corporate Security Policies and requirements, to work with ePlus resource(s) throughout the engagement and act as a Faison between the Customer's staff. • Provide requested network diagrams/Information to ePlus resource within two (2) business days of the Initial request. 3.2 SYSTEM RESPONSIBILITIES • Unless otherwise agreed by the Parties, Customer shall respond within two (2) business days of ePlus' request for documentation or information needed for the project. • Customer shall ensure that contracts with its own vendors and third parties are fully executed and enable Customers business requirements to be met in full. Customer shall be responsible for all payments to, and the performance of, all non ePlus entities assigned to, or working on this project. • ePlus will not be responsible for data loss. Backups should be performed prior to work starting. All data is the responsibility of the Customer. • Should a manufacturer provide Customer with specialized or custom software unique to Customer, ePlus will not be responsible for any delays or failures to perform related to use of such software. • ePlus shall not be responsible for support and maintenance of products. • Unless otherwise specified in this POP, ePlus shall not be responsible for any customization of, or labor to Install software (except operating systems or firmware pre -installed by the manufacturer). • Services do not Include resolution of software or hardware problems resulting from third party equipment or services or problems beyond ePlus' control. • Services exclude any hardware upgrade required to run new or updated software. 4.0 ASSUMPTIONS 4.1 GENERAL ASSUMPTIONS The following assumptions were made to create this POP. Should any of these assumptions prove to be incorrect or Incomplete then ePlus may modify the price, scope of work, or Milestones pursuant to the Change Management Procedure set forth herein. ePlus assumes: • Where applicable, Customers Site shall be ready prior to the date scheduled for ePlus to perform the Services. Costs associated with Customer's inability to (1) make the Customer Site ready or (2) meet any of the other responsibilities specified in this POP shall be billed at ePlus' then -current time and materials rates plus travel and other related expenses. Any additional costs Incurred by Customer as a result of delays shall be the sole responsibility of the Customer. • This POP defines exclusively the scope of the Services. This POP shall not apply to any purchase, support or maintenance of products, which are purchased separately. • Customer acknowledges that ePlus' security consulting services do not include either a guarantee or warranty that a breach has not or cannot occur. ePlus makes no guarantee that investigative and remediation efforts will completely eradicate an existing threat or prevent future occurrences. ePlus shall 6/14/2023 City of Fort Worth-Cybersecurity Maturity Assessment-132552 PAGE 4 Cooperative Purchase Page 9 of 17 DocuSign Envelope ID: FBFAFF23-E9AD-4C71-9566-7749CF07A353 DocuSign Envelope ID. 6831B944-35C34C39-A499-7EA57EF9DC91 e+ PROJECT OBJECTIVES PLAN City of Fort Worth not be liable to Customer for claims, loss, or damage caused by events such as theft, cybercrime, hacktivism, or any other form of breach or Illegal activity. • In the event ePlus is required to provide third party materials under this POP (i.e. cables, racks, etc.), Customer shall be responsible for any costs, maintenance, and/or warranty obligations therein. • The schedule shall be extended up to thirty (30) days for any personnel change requests made by Customer. • Customer acknowledges that at any time during the project, if progress is stalled, by no fault of ePlus, for more than twenty (20) contiguous Business Days, ePlus reserves the right to issue a Milestone Completion Certificate for work that has been completed. • If Services include any assessments of Customers network, systems, or security protocols, Customer understands that no guaranty is made by ePlus or Its subcontractors that such assessments will detect all security weaknesses, potential security problems, vulnerabilities, or potential breaches. ePlus does not guarantee that recommendations or actions undertaken pursuant to this POP will completely address all Issues identified or not identified. If an ePlus Subcontractor is used to perform the security assessment/audit services, the data will be shared with ePlus for gap analysis and recommendation purposes. • Documents are created using ePlus templates (structure and format) and delivered to Customer In softcopy only. Customization to deliverable documents (structure, format, and/or other non standard content) must be handled via a Change Request (CR) unless explicitly stated in this POP. • ePlus Deliverable Documents Include up to two (2) revisions, per document, based on Customer feedback. Subsequent revisions will require a CR or separate POP. 4.2 PROJECT SPECIFIC AssumPTIONs • Calls and meetings will be scheduled at a mutually agreeable time between the Customer's and ePlus' resources. The calls and meetings will be scheduled through ePlus' Project Manager. • No training Is Included in this project unless otherwise specified In this POP. • Services schedule reflects work effort based on non-contiguous Business Days and does not include a full- time ePlus Engineer for staff augmentation during the project. 5.1 ESTIMATED TIMELINE The estimated timeline for the Services will begin within thirty (30) days after execution of this POP and continue for not more than twelve (12) months. If Services have not been scheduled at the execution of this POP, a timeline should be developed mutually by the Parties and agreed to before each phase of the Services begins. The actual start date will depend on the following considerations: • Scheduled availability of a qualified systems engineer • Receipt of Product and any necessary equipment • Receipt of signed POP from Customer prior to proposed start date • Receipt of purchase order from Customer 5.2 TERMINATION Either Party may terminate the POP for any reason on thirty (30) days prior written notice to the other Party. Upon any such termination, ePlus will be paid all fees and expenses which have been Incurred or earned In connection with the performance of the Services through the effective date of such termination. Additionally, In the event Customer cancels any Services with less than two (2) weeks prior notice, Customer shall reimburse ePlus for any nonrefundable expenses Incurred In preparation for such cancelled Services. 6/14/2023 City of Fort Worth-Cybersecunty Maturity Assessment-132552 PACE S Cooperative Purchase Page 10 of 17 DocuSign Envelope ID: FBFAFF23-E9AD-4C71-9566-7749CF07A353 DocuSgn Enve" ID: 6831B944-35C3-4C39-A4W7EA57EF9DC91 e+ PROJECT OBJECTIVES PLAN City of Fort Worth For the Services performed under this POP, Customer agrees to pay ePlus a fee of $22,000.00 ;the• Feo Milestones are as follows: Milestone 1 POP Acceptance & Signature S11,000.00 Milestone 2 Project Completion $11,000.00 The Pricing in this POP is valid for sixty (60) days from delivery to the Customer. Customer shall issue a purchase order adequate to cover the Fee prior to commencement of Services. Fees for additional services related to but not defined in this POP will be on a time and materials basis at a rate set forth in a written amendment or Change Request. All tasks under this POP will be completed during Normal Business Hours. Payment is due upon receipt of invoice. Customer acknowledges that ePlus may participate in and retain the benefit of incentive plans or other programs with, among others, its travel providers wherein ePlus may receive benefits, such as frequent flier miles or other consideration for Corporate travel volume. Fees, expenses, and other charges for the Services do not include sales, use, excise, value added, or other applicable taxes, tariffs, or duties. Payment that may be due on such amounts, and shall be the sole responsibility of Customer (excluding any applicable taxes based on ePlus' net income or taxes arising from the employment or independent contractor relationship between ePlus and its personnel). Upon ePlus' completion of a Milestone or Service performed, ePlus shall notify Customer by providing one of the following forms of acceptance: • Signed work order or time sheet; or • Milestone/Service Completion Certificate ("MCC"); or • Project completion document Customer has five (5) working days from the completion of the Services or Milestone, as applicable, to accept the work performed as bung complete. Signing of the MCC, approving the time sheet, or Customer's failure to respond to the approval request within the designated five (5) working day period, signifies Customer's acceptance of the Milestone or time sheet and that Services have been performed in accordance with the POP. In order to refuse acceptance of the Services, Customer must provide ePlus with full details that show that Services do not conform to the POP. ePlus shall address such non conformance in a timely manner and shall compile an action plan to correct any deficiencies. The acceptance process shall be repeated until all deficiencies have been resolved and the Services meet the requirements of the POP. Acceptance may not be withheld due to defects in Services that do not represent a material nonconformance with the requirements of the POP. 6/14/2023 City of Fort Worth-Cybersecurity Maturity Assessment-132552 PAGE 6 Cooperative Purchase Page 11 of 17 DocuSign Envelope ID: FBFAFF23-E9AD-4C71-9566-7749CF07A353 DocuSign Envelope ID: 6831B944-35C3-4C39-A4W7EA57EF9OC91 e+ PROJECT OBJECTIVES PLAN City of Fort Worth Any change to the scope of Services or the obligations of the Parties under this POP shall be set forth in a mutually agreed change request signed by both Parties ("Change Request"). The Change Request may be drafted by either Party and will describe the nature of the change, the reason for the change, and the effect of the change on the scope of work, Deliverables and/or the schedule. The Parties will negotiate in good faith the changes to the Services and the additional charges, if any, required to implement the Change Request. ePlus warrants that Services will be performed in a professional and workmanlike manner in accordance with industry standards for service providers under similar circumstances. ALL WARRANTIES PROVIDED HEREIN ARE PERSONAL TO, AND INTENDED SOLELY FOR THE BENEFIT OF, CUSTOMER AND DO NOT EXTEND TO ANY THIRD PARTY. EPLUS DISCLAIMS ALL OTHER WARRANTIES WITH RESPECT TO THIS POP (INCLUDING, WITHOUT LIMITATION, WARRANTIES AS TO MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE), TITLE. NON -INFRINGEMENT OR OTHERWISE, EXPRESS OR IMPLIED. IN NO EVENT WILL EPLUS BE LIABLE TO THE CUSTOMER OR ITS AFFIUATES FOR (A) ANY SPECIAL, INDIRECT, INCIDENTAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES, EVEN IF EPLUS HAS BEEN ADVISED OF THE POSSIBILITY THEREOF, (B) ANY DAMAGES RESULTING FROM LATENT DEFECTS. LOSS OF DATA OR PROFITS, (C) ANY CLAIM WHETHER IN CONTRACT OR TORT, THAT AROSE MORE THAN ONE (1) YEAR PRIOR TO INSTITUTION OF SUIT THEREIN. EPLUS SHALL NOT BE LIABLE FOR ANY LOSS OR DAMAGE RESULTING FROM THE USE, OPERATION OR PERFORMANCE OF PRODUCTS MANUFACTURED OR LICENSED BY THIRD PARTIES. EXCEPT FOR DAMAGES RESULTING FROM PERSONAL INJURY OR TANGIBLE PROPERTY DAMAGES DIRECTLY RESULTING FROM GROSS NEGLIGENCE, EPLUS' AGGREGATE LIABILITY HEREUNDER, IF ANY, SHALL BE STRICTLY LIMITED TO THE AMOUNT PAID BY CUSTOMER PURSUANT TO THIS PROJECT OBJECTIVES PLAN. IN NO EVENT SHALL EPLUS BE LIABLE FOR ANY CLAJMS BY A THIRD PARTY. EACH PARTY ACKNOWLEDGES THAT THIS SECTION SETS FORTH A REASONABLE ALLOCATION OF LIABILITY BETWEEN THEM, AND THAT EPLUS' PRICING IS OFFERED IN RELIANCE ON THE WARRANTY DISCLAIMERS AND LIABILITY UMITATIONS AND EXCLUSIONS SET FORTH IN THIS POP. Effect of Termination: Termination of this POP does not relieve Customer's obligations to pay all fees that accrued before Late Payment Charge and Default: Customer agrees to pay a late payment charge computed at the rate of one and one-half percent (1.5%) per month, or the maximum late payment charge permitted by applicable law, whichever is less, on any unpaid amount due under this Agreement and/or Purchase Orders. A late payment charge will apply to any amount not received by the due date and continue until all overdue payments, including late charges, are paid in full. Failure by epfus to assess this charge on one occasion in no way affects its right to do so on another occasion. In the event ePlus must resort to collection, Customer shall be responsible for all collection costs, including legal fees. ePlus reserves its right to review and revise either the credit or the payment terms based on Customer's financial condition or payment history at the time of such review, and Customer agrees to provide all relevant information to affect such review. ePlus further reserves its right to suspend Services for nonpayment by Customer for Services either under this Agreement and/or Purchase Orders. Assignment: Neither Party may assign this POP without the prior written consent of the other Party, which consent shall not be unreasonably withheld, conditioned or delayed, provided, however, that either Party may assign this POP to a corporation controlling, controlled by or under common control with the assigning Party without the prior written consent of the other Party. Notwithstanding the foregoing, ePlus may assign payment for financing purposes without notifying Customer, but Services will not be affected. 6/14/2023 City of fort worth- Cybersecurity Maturity Assessment-132552 PAGE 7 Cooperative Purchase Page 12 of 17 DocuSign Envelope ID: FBFAFF23-E9AD-4C71-9566-7749CF07A353 DocuSign Envelope ID: 6831B944-35C3.4C39-A499-7EA57EF9DC91 e+ PROJECT OBJECTIVES PLAN City of Fort Worth Non -Disclosure: -Confidential Information" is information or material disclosed by a party ("Discloser") to the other (Recipient') in connection with this Agreement that is either (a) marked or identified in writing as confidential, or (b) relates to the processes, technology, plans, or methodologies used by ePlus or its suppliers to provide the Services. Recipient shall not disclose Confidential Information to any third party until three (3) years after expiration or termination of this Agreement. Confidential Information does not include information that: (i) is or becomes publicly available without breach of this Agreement; (ii) is in Recipient's possession at the time of receipt or becomes available from a third party without breach of confidentiality obligation; or (iii) is independently developed by or for Recipient without access to Confidential Information, as evidenced by written records. This section shall not prohibit ePlus from disclosing information required by its suppliers or subcontractors in connection with this Agreement. Customer acknowledges that ePlus or its employees and subcontractors may provide similar services to others and use or disclose to others general knowledge, skill and experience developed over the years, including under this Agreement. A Recipient may disclose Confidential Information pursuant to a legal requirement or court order after first notifying Discloser and making a reasonable effort to obtain a protective order limiting the scope of disclosure. Non -Solicitation: Customer acknowledges that ePlus has invested significant resources in the training of its employees and that these employees are a valuable resource. Therefore, if ePlus provides Services under this Agreement, Customer agrees that during the term of this Agreement and for a period of eighteen (18) months thereafter, Customer shall not solicit for hire or hire employees of ePlus (or anyone who has been employed by ePlus within the month prior to the date of solicitation). Should such a hiring of an ePlus employee take place, ePlus shall be entitled to liquidated damages and/or compensation directly from the Customer in the amount of 20% of the employee's total annual compensation. Choice of law, Attorney Fees and Jury Trial Waiver. The laws of the Commonwealth of Virginia will govern the construction and operation of this POP without regard to the conflicts of laws and provisions thereof. In the event it is necessary for ePlus to bang legal action due to Customer's non-payment, ePlus shall be entitled to recover all costs of such action, including reasonable attorneys' fees. The Parties hereto waive, and to the extent permitted by law, all rights to a jury trial in any action or proceeding to enforce or defend any rights hereunder. Severability: The invalidity of any provision of this POP will not affect the validity and binding effect of any other provision. St ... .... The relationship created hereunder between the Parties shall be solely that of independent contractors entering into an agreement. No representations or assertions shall be made or actions taken that could imply or establish any agency, joint venture, fiduciary, partnership, employment or other relationship between the Parties with respect to the subject matter of this POP. ePlus retains the right to subcontract any Service described herein to subcontractor(s) of ePlus' choosing, provided that such subcontractor(s) shall possess qualifications equivalent to those of ePlus. Data Rights and Consents: Customer represents and warrants that it has all right, title, and interest in and to any data furnished in connection with the Services and/or that it has obtained all necessary consents, permissions, and releases necessary for ePlus to perform its obligations under this POP. Customer shall indemnify, defend, and hold ePlus harmless from any claims or liabilities arising out of Customer's breach of the foregoing. integration; Order of Precedence: This POP constitutes the entire agreement of the Parties hereto with respect to its subject matter and supersedes a!l prior and contemporaneous representations, proposals, discussions, and communications, whether oral or in writing. In the event of a conflict between the provisions of this POP and any exhibits, the provisions of this POP shall control, except to the extent the provisions in an exhibit expressly provide otherwise. This POP may be modified only by means of a duty executed written amendment. Neither the terms of any purchase order, invoice, or other instrument documenting a payment or transaction that is issued by either Party in connection this POP, nor any other act, document, usage, custom, or course of dealing shall modify the terms of this Agreement. This POP shall be enforceable in accordance with its terms when signed by each of the Parties hereto. 6/14/2023 Gty of Fort Worth-Cyttersecuriti, Maturity Assessment-132552 PAGE 8 Cooperative Purchase Page 13 of 17 DocuSign Envelope ID: FBFAFF23-E9AD-4C71-9566-7749CF07A353 DocuSgn Envelope ID. 6837B944-35C3-4C39-A499-7EA57EF9DC91 e+ PROJECT OBJECTIVES PLAN City of Fort Worth This POP rs City of Fort Worth Cybersecurity Maturity Assessment •I32SS2 is acceptable. Please sign and return to Misty Muniga at misty.muniga@eplus.com. IN WITNESS WHEREOF, the duly authorized representatives of the Parties hereto have caused this POP to be executed. 6/14/2023 aty of Fort Worth-Cybersecurity Maturity Assessment-132552 PAGE 9 Cooperative Purchase Page 14 of 17 DocuSign Envelope ID: FBFAFF23-E9AD-4C71-9566-7749CF07A353 Exhibit B Cooperative agreement 230105 CONTRACT Technoluv ePlus Technolo.Rv Incl.odf (tips-usa.com) TIPS VENDOR AGREEMENT TIPS RFP 230105 Technology Solutions, Products, and Services The following Vendor Agreement ("Agreement") creates a legal agreement between The Intcrlocal Purchasing System ("TIPS"), government purchasing cooperative and Department of Texas Region A Education Service Center and (INSERT ENTITY NAME): cPlus Technology, Inc. (ENTER ENTITY NAME] its owners, agents, subsidiaries, and affiliates (together, "Vendor') (individually, "Party", and collectively the "Partite') and this agreement shall exclusively govern the contractual relationship ("Agreement") between the Parties. TIPS, a governmental entity and a national purchasing cooperative seeks to provide a valuable and necessary solution to public entities and qualifying non -profits by performing the public procurement solicitation process and awarding compliant contracts to qualified vendors. Then, where the law of a customer's jurisdiction allows, instead of public entities and qualifying non -profits expending time, money, and resources on the extensive public procurement process, the use of TIPS allows public entities to quickly select and purchase their preferred products or services from qualified, competitively evaluated vendors through cooperative purchasing. 1. Purpose. The purpose of this Agreement is to identify the terms and conditions of the relationship between TIPS and Vendor. Public entities and qualifying non -profits that properly join or utilize TIPS "(TIPS Members") may elect to "piggyback" off of TIPS' procurements and agreements where the laws of their jurisdiction allow. TIPS Members arc not contractual parties to this Agreement although terms and conditions of this Agreement may ensure benefits to TIPS Members. Authority. The Parties agree that the signatories below arc individual authorized to enter into this Agreement on behalf of their entity and that they arc acting under due and proper authority under applicable law. 3. Definitions. TIPS Pricing: The specific pricing, discounts, and other pricing terms and incentives which Vendor submitted and TIPS approved for each respective TIPS Contract awarded to Vendor and all permissible, subsequent pricing updates submitted by Vendor and accepted by TIPS, if any. b. Authorized Reseller: A rescllcr or dealer authorized and added by a Vendor through their online TIPS Vendor Portal to make TIPS sales according to the terms and conditions herein. Entire Agreement. This Agreement resulted from TIPS posting a "TIPS Solicitation" (RFP, RCSP, RFQ, or other) and Vendor submitting a proposal in response to that posted TIPS Solicitation for evaluation and award. The Parties agree that this Agreement consists of the provisions set forth herein and: (1) The TIPS solicitation document resulting in this Agreement; (2) Any addenda or clarifications issued in relation to the TIPS solicitation; (3) All solicitation information provided to Vendor by TIPS through the TIPS cBid System; (3) Vendor's entire proposal response to the TIPS solicitation including all accepted required attachments, acknowledged notices and certifications, accepted negotiated terms, pricing, accepted responses to questions, and accepted written clarifications of Vendor's proposal, and: any properly included attachments to this Agreement. All documentation and information listed is hereby incorporated by reference as if set forth herein verbatim. In the event of conflict between the terms herein and one of the incorporated documents the terms and conditions herein shall control. Vendor's Specific Warranties, Terms, and License Agreements. Because TIPS serves public entities and non -profits throughout the nation all of which arc subject to specific laws and policies of their jurisdiction, as a matter of standard practice, TIPS does not typically accept a Vendor's specific "Sale Terms" (warranties, license agreements, master agreements, terms and conditions, etc.) on behalf of all TIPS Members. TIPS may permit Vendor to attach those to this Agreement to display to interested customers what terms may apply to their Supplemental Agreement with Vendor (if submitted by Vendor for that purpose). However, unless this term of the Agreement is negotiated and modified to state otherwise, those specific Sale Terms arc not accepted by TIPS on behalf of all TIPS Members and each Member may choose whether to accept, negotiate, or rcjcct those specific Sale Terms, which must be reflected in a separate agreement between Vendor and the Member in order to be effective. Cooperative Purchase Page 15 of 17 DocuSign Envelope ID: FBFAFF23-E9AD-4C71-9566-7749CF07A353 Exhibit C CONFLICT OF INTEREST QUESTIONNAIRE FORM CIQ For vendor doing business with local governmental entity This questionnaire reflects changes made to the law by H.B. 23, 84th Leg., Regular Session. OFFICEUSEONLY This questionnaire is being filed in accordance with Chapter 176, Local Government Code, by a vendor who Date Received has a business relationship as defined by Section 176 001(1-a) with a local governmental entity and the vendor meets requirements under Section 176.006(a). By law this questionnaire must be filed with the records administrator of the local governmental entity not later than the 7th business day after the date the vendor becomes aware of facts that require the statement to be filed. See Section 176.006(a-1), Local Government Code. A vendor commits an offense if the vendor knowingly violates Section 176.006, Local Government Code. An offense under this section is a misdemeanor. J Name of vendor who has a business relationship with local governmental entity. J ❑ Check this box if you are filing an update to a previously filed questionnaire. (The law requires that you file an updated completed questionnaire with the appropriate filing authority not later than the 7th business day after the date on which you became aware that the originally filed questionnaire was incomplete or inaccurate.) A Name of local government officer about whom the information is being disclosed. Name of Officer J Describe each employment or other business relationship with the local government officer, or a family member of the officer, as described by Section 176.003(a)(2)(A). Also describe any family relationship with the local government officer. Complete subparts A and B for each employment or business relationship described. Attach additional pages to this Form CIO as necessary. A Is the local government officer or a family member of the officer receiving or likely to receive taxable income, other than investment income, from the vendor? Yes F-1 No B Is the vendor receiving or likely to receive taxable income, other than investment income, from or at the direction of the local government officer or a family member of the officer AND the taxable income is not received from the local governmental entity? 71 Yes F-1 No J Describe each employment or business relationship that the vendor named in Section 1 maintains with a corporation or other business entity with respect to which the local government officer serves as an officer or director, or holds an ownership interest of one percent or more. J Check this box if the vendor has given the local government officer or afamily member of the officer one or more gifts as described in Section 176.003(a)(2)(B), excluding gifts described in Section 176.003(a-1). J Signature of vendor doing business with the governmental entity Date Form provided by Texas Ethics Commission www.ethics.state.tx.us Revised W30/2015 Cooperative Purchase Page 16 of 17 DocuSign Envelope ID: FBFAFF23-E9AD-4C71-9566-7749CF07A353 CONFLICT OF INTEREST QUESTIONNAIRE For vendor doing business with local governmental entity Acomplete copy of Chapter 176 of the Local Government Code may be found at http://www.statutes.legis.state.tx.us/ Docs/LG/htm/LG.176.htm. For easy reference, below are some of the sections cited on this form. Local Government Code§ 176.001(1-a): "Business relationship" means aconnection between two or more parties based on commercial activity of one of the parties. The term does not include a connection based on: (A) a transaction that is subject to rate or fee regulation by a federal, state, or local governmental entity or an agency of a federal, state, or local governmental entity; (B) a transaction conducted at a price and subject to terms available to the public; or (C) a purchase or lease of goods or services from a person that is chartered by a state or federal agency and that is subject to regular examination by, and reporting to, that agency. Local Government Code § 176.003(a)(2)(A) and (B): (a) A local government officer shall file a conflicts disclosure statement with respect to a vendor if: (2) thevendor: (A) has an employment or other business relationship with the local government officer or a family member of the officer that results in the officer or family member receiving taxable income, other than investment income, that exceeds $2,500 during the 12-month period preceding the date that the officer becomes aware that (i) a contract between the local governmental entity and vendor has been executed; or (ii) the local governmental entity is considering entering into a contract with the vendor; (B) has given to the local government officer or a family member of the officer one or more gifts that have an aggregatevalue of more than $100 in the 12-month period preceding the date the officer becomes aware that: (i) a contract between the local governmental entity and vendor has been executed; or (ii) the local governmental entity is considering entering into a contract with the vendor. Local Government Code § 176.006(a) and (a-1) (a) Avendor shall file a completed conflict of interest questionnaire if the vendor has a business relationship with a local governmental entity and: (1) has an employment or other business relationship with a local government officer of that local governmental entity, or a family member of the officer, described by Section 176.003(a)(2)(A); (2) has given a local government officer of that local governmental entity, or a family member of the officer, one or more gifts with the aggregate value specified by Section 176.003(a)(2)(B), excluding any gift described by Section 176.003(a-1); or (3) has a family relationship with a local government officer of that local governmental entity. (a-1) The completed conflict of interest questionnaire must be filed with the appropriate records administrator not later than the seventh business day after the later of: (1) the date that the vendor: (A) begins discussions or negotiations to enter into a contract with the local governmental entity; or (B) submits to the local governmental entity an application, response to a request for proposals or bids, correspondence, or another writing related to a potential contract with the local governmental entity; or (2) the date the vendor becomes aware: (A) of an employment or other business relationship with a local government officer, or a family member of the officer, described by Subsection (a); (B) that the vendor has given one or more gifts described by Subsection (a); or (C) of a family relationship with a local government officer. Form provided by Texas Ethics Commission www.ethics.state.tx.us Revised W30/2015 Cooperative Purchase Page 17 of 17