PDF

Invoice

From:
Hazedawn Limited

Room 2202, 22/F,
Mega Trade Centre,
1 Mei Wan Street,
Tsuen Wan, New Territories

info@hazedawn.com
Tel: 91375571

Invoice Number h-i2020063491650
Invoice Date 08.11.2023
Total Due $200,000.00
To:
Global Technology Integrator Limited

Unit 3603-3609, 36/F, 1 Hung To Road, Kwun Tong, Kowloon, Hong Kong.

https://gti.com.hk
Hrs/Qty Service Rate/PriceAdjustSub Total
1 Azure Landing Zone Design & Implementation Service for HKMC

Project Preparation
Conduct project kick-off meeting
Technical workshop to gather Azure infrastructure requirements (Azure adoption plan, migration plan) from business units and other stakeholders (e.g. operation risk, information risk, compliance, IT)
Finalize project timeline, tasks and R&R
Azure Environments design (e.g. Dev/Test/Prod)
Formulate an end to end, complete, scalable, extensible system design to support requirement (function/non-functional) gathered
Identity and access management design and implementation
Define up to 3 RBAC roles for Azure subscriptions cloud operation and mangement using built-in Azure roles

Network topology and connectivity design and implementation
Datacenter connectivity requirement discovery
Define hub-and-spoke network architecture design (VNETs, subnets, CIDR, network security groups, route tables)
Setup DNS and name resolutions for Azure resources (Azure Private DNS zone)
Setup S2S VPN connectivity through Azure Virtual Network Gateway (if applicable)
Setup Jumphost or Bastion services for secure remote access to Azure environment
Setup Azure firewall
Setup IP whitelisting for end users
Ensure that all data-in-transit are encrypted for Azure connectivity
Setup Azure Key Vaults for DAP
Setup certificate renewal alerts and auto-rotation
Resource organization and implementation
Define resource groups, naming conventions, tagging conventions
Define resource locations and zones for Azure workload deployment
Core system infrastructure design and implementation on Azure
Define and implement infrastructure-level data architecture (e.g. specifying all physical storages, data flow within, into & out of the System)
Set up and configure common cloud infrastructure components (e.g. landing zone, SMTP gateway, API gateway, etc.)

Infrastructure-as-Code (IaC) enablement and DevOps enablement
DevOps Enablement
Creation of Azure DevOps organization
Creation of Git repositories for storing IaC scripts, Python notebooks for Databricks, schedule jobs, other custom developed scripts for DAP
IaC Enablement
Conversion of infrastructure design to Terraform IaC scripts cover all Azure infrastructure (landing zone and DAP workloads)
Testing and fine-tuning of Terraform IaC scripts
Deployment of Terraform IaC scripts to PROD environment

Setup Azure Infastructure Security baseline
Enable Defender for Cloud
Enable Azure Security Center default policy
Data Security
Ensure that all data-at-rest and data-in-transit are encrypted
Complete security assessment with Customer
Security scanning through Azure Security Center and Azure Advisor
Remediation of Azure Security Center critical findings and Customer-provided security tools critical findings
Compliance Review
Compliance check according to the Customer’s internal IT guidelines
Compliance check with external guidelines such as PDPO, guidelines issued by Insurance Authority

Azure infrastructure governance baseline
Enable Azure Advisor
Define and enable up to 5 Azure policies
Provide Azure well-architected assessment tool output and Azure Advisor output
Setup up to 10 Azure email alerts for Azure system issues

Operational Handover
8 hours knowledge transfer over Teams
for Business Unit representatives
for IT infrastructure / application / operation team

Documentation
Functional Requirement Document
Design Document / Architecture Document / Network Diagram
Setup and Configuration Document / Technical Specifications
System Test Plan
User Guide / Manual
Azure Admin and Operational Manual
Included: Project Management
Define and execute the project delivery methodology (Waterfall/Agile)
Ensure project schedule and deliverable quality

Assumptions
HKMC will handle all Azure AD related operations, including user account creation, service principal creation, Azure AD roles assignment, Privileged Access Management, MFA setup, enterprise applications enrollment
Creation of Python notebook contents for Databricks, scheduled jobs, custom scripts not related to infrastructure-as-code deployment is out of HD scope.
Areas of management and operational excellence are out of scope at this project stage
The business continuity plan and DR plan are out of scope at this project stage
User Manual, System Implementation Procedure and Training Manual will be combined as Azure Admin and Operational Manual
All documentation in form of softcopy in Microsoft Office format with optional video format, and in English

 $200,000.000.00%$200,000.00
1 Terms & Condition

Terms & Condition
User Acceptance Test:
It is understood that the Services provided by HD under this Quotation only forms a portion of the Deliverable to be supplied to HKMC by Leading Edge. HD hereby agrees to the following terms regarding User Acceptance Test:
i. HD shall advise and assist Leading Edge, with reasonable effort, in the HKMC User Acceptance Tests.
ii. Acceptance Tests will be selected at the discretion of the HKMC.
iii. HD’s portion of the Deliverable must be verified by the HKMC to ensure it meets their requirements.
iv. Acceptance of Deliverable will be based on the satisfaction or non-satisfaction of the HKMC. A Successful Completion will be acknowledged when the HKMC issues a written notice confirming the passing of the Acceptance Tests and satisfactory completion of the Deliverable.
v. In the event that HD’s portion of the Deliverable is not accepted to the HKMC's full satisfaction, given conclusive proof by HKMC:
a) Leading Edge reserves the right to terminate this agreement immediately, and HD will be required to promptly refund any amounts paid for the respective Deliverable.
b) Leading Edge may also require HD to address and correct the defects, while retaining the right to terminate this agreement as mentioned above at any time.
For the avoidance of doubt, HD is only responsible for its own performance under this Quotation. HKMC’s rejection of the Acceptance Test, if not solely and directly due to the performance of HD, is not a reason for Leading Edge to terminate this agreement, and is not a reason to delay settlement of the respective payment milestone. In the event that during the HKMC Acceptance Test where HD’s portion of the Deliverable passed the acceptance test, while Leading Edge’s portion of the Deliverable failed the HKMC Acceptance Test, Leading Edge is obligated to settle the UAT payment milestone to HD as defined in the Quotation.

$0.000.00%$0.00
Sub Total $200,000.00
Tax $0.00
Total Due $200,000.00

*Cheques should be crossed and made payable to “Hazedawn Limited”
*Company bank account - Bank of China - 012-720-0-003526-8

Hazedawn Limited
FPS ID: 160462198

HTML tutorial HTML tutorial

Payment 14 days after invoice date Overdue accounts subject to a service charge of 20% per month.
Thank you for your interest in our services, and we look forward for the pleasure of serving you again in the near future.
Remind: All items are non-refundable.

Business IT Solutions | IT Application | Multimedia Production
Page {PAGENO}/{nbpg}