Appendices
Supporting documentation and reference materials
Quick Navigation
A
Assumptions & Exclusions
Assumptions
The following assumptions have been made in preparing this proposal:
Project Access
- Red Bulls will provide timely access to the existing portal system and database within 5 business days of contract execution
- Read-only production database access will be available for data analysis and migration planning
- Test/staging environment credentials will be provided for integration testing
Stakeholder Availability
- Key stakeholders will be available for requirements sessions (minimum 4 hours/week during Discovery)
- Subject matter experts for each user type (Admin, Trainer, Parent) will participate in design reviews
- Red Bulls IT team will be available for integration discussions and support
- UAT testers from each user group will be available during the testing phase
Technical Environment
- Red Bulls will make decisions on cloud provider (AWS or Azure) within 2 weeks of contract start
- Third-party services (Auth0, Cybersource) have standard API documentation and sandbox environments
- Salesforce Marketing Cloud API access can be provisioned within 30 days of request
- Data warehouse specifications and access will be provided by Week 21
Data Quality
- Existing member data is reasonably clean; standard data cleanup is included
- Duplicate member records do not exceed 5% of total database
- Historical data requiring migration has consistent formatting
Timeline
- Contract execution occurs by April 15, 2026
- No major scope changes after requirements sign-off
- Decisions on design and functionality will be made within 5 business days of presentation
Organizational
- Red Bulls handles internal change management and communication
- Single point of contact designated for day-to-day decisions
- No major regulatory changes affecting requirements during project
Exclusions
The following items are explicitly excluded from this proposal:
Development
- Native mobile application development (iOS/Android apps)
- Custom payment gateway development (integration only)
- Third-party software customization (Auth0, Salesforce modifications)
- Legacy system maintenance during transition
Data & Content
- Historical data beyond 5 years (archival can be quoted separately)
- Content migration beyond structured data (documents, images, PDFs)
- Data cleanup beyond standard normalization
- Custom data transformations not identified in discovery
Infrastructure
- Cloud hosting costs
- Third-party service licensing (Auth0, monitoring tools, etc.)
- SSL certificates (included with cloud hosting typically)
- Hardware or physical infrastructure
Services
- On-site training travel and expenses (if required)
- Third-party security penetration testing (can arrange separately)
- Legal review of terms and conditions
- Marketing or promotional website development
B
Company Overview
Orases
Custom Software & AI Development Experts
| Headquarters | 5728 Industry Lane, Frederick, MD 21704 |
| Main Phone | (301) 756-5527 |
| Website | https://orases.com |
Office Locations
Frederick, MD (HQ)
5728 Industry Lane, Frederick, MD 21704
(301) 756-5527
Washington, D.C.
700 12th Street NW, Suite 700, Washington, DC 20005
(202) 600-9620
Chicago, IL
1655 Blue Island Ave, Suite 351, Chicago, IL 60608
(312) 262-7344
Houston, TX
4400 Louisiana Street, Suite 900, Houston, TX 77002
(281) 547-2427
Services
Insurance Coverage
| Coverage Type | Limit | Status |
|---|---|---|
| General Liability | $1,000,000+ per occurrence | Active |
| Professional Liability (E&O) | $2,000,000+ aggregate | Active |
| Cyber Liability | $1,000,000+ | Active |
| Workers Compensation | Statutory limits | Active |
Certificate of Insurance available upon request.
G
Glossary of Terms
API
Application Programming Interface - method for systems to communicate
AWS
Amazon Web Services - cloud computing platform
CI/CD
Continuous Integration/Continuous Deployment - automated software delivery
COPPA
Children's Online Privacy Protection Act - US federal law
Eloquent
Laravel's ORM (Object-Relational Mapper) for database operations
Laravel
PHP web application framework with MVC architecture
Meilisearch
Fast, open-source search engine used with Laravel Scout
MySQL
Open-source relational database management system
OAuth
Open Authorization - industry standard for access delegation
PCI-DSS
Payment Card Industry Data Security Standard
Redis
In-memory data structure store, used for caching and queues
REST
Representational State Transfer - API architecture style
SSO
Single Sign-On - one login for multiple systems
UAT
User Acceptance Testing - validation by end users
Vue.js
Progressive JavaScript framework for building user interfaces
H
Feature Mapping to RFP Requirements
Platform 1: Sales + Program Management
| RFP Feature | Included | Phase | Notes |
|---|---|---|---|
| 1. Organizations | Yes | 2 | Full CRUD, relationship management |
| 2. User accounts | Yes | 2 | All user types, 6+ admin roles |
| 3. Contract Management | Yes | 3 | Training + Camp, e-signature |
| 4. Invoicing | Yes | 3 | Auto-generation, payment tracking |
| 5. Sales report dashboard | Yes | 3 | Budget vs actual, pipeline |
| 6. Online registration | Yes | 4 | Full e-commerce, $4MM+ capacity |
Platform 2: Program Operations
| RFP Feature | Included | Phase | Notes |
|---|---|---|---|
| 7. Facility database | Yes | 2 | Linked to organizations |
| 8. Facility inspection | Yes | 5 | Annual workflow, linked to camps |
| 9. Season schedule | Yes | 5 | Master view, auto-population |
| 10. Training schedules | Yes | 5 | Coach-specific views |
| 11. Camp schedules | Yes | 5 | Staff assignment, availability |
| 12. Club and Camp Info Sheets | Yes | 5 | Document attachment support |
| 13. Event Info Forms | Yes | 5 | One-off events |
| 14. Injury + Incident Reports | Yes | 6 | Form with org linking |
| 15. Registers | Yes | 5 | Linked to registrations |
Integrations
| Integration | Included | Phase | Notes |
|---|---|---|---|
| Payment Gateway (Cybersource) | Yes | 3 | PCI-compliant tokenization |
| Salesforce Marketing Cloud | Yes | 9 | Opt-in sync |
| Data Warehouse | Yes | 9 | Configurable sync |
| Mobile App API | Yes | 9 | RESTful endpoints |
| Single Sign-On | Yes | 1 | Auth0 or Cognito |
Compliance
| Requirement | Included | Approach |
|---|---|---|
| COPPA | Yes | Parental consent, data controls |
| PCI-DSS | Yes | Tokenization, no card storage |
I
Document Checklist
Proposal Contents
- Executive Summary
- Technical Proposal
- Development Approach
- Scope of Work (Detailed Phase Breakdown)
- Linear Approach (Timeline, Roadmap & Schedule)
- MVP Approach (Timeline, Roadmap & Releases)
- Appendices
Required Attachments (To Be Added)
- Certificate of Insurance
- Case Studies (2-3 relevant examples)
- Team Resumes/Bios
- References (3 client contacts)
- Completed Disclosures Statement