According to the ITB, “the contractor must be capable of performing industry-leading tests of the city’s network, systems, structures and defenses, to locate and identify any weaknesses, threats and vulnerabilities.”
In December 2020, the city previously awarded a contract for $15,200 to True North Consulting Group LLC, to perform a network vulnerabilities assessment and analysis of its IT infrastructure.
Since then, no testing has been done, resulting in the city seeking a new vendor to perform an updated analysis to ensure that the security protocols for its IT infrastructure are secure and robust enough to resist penetration efforts.
In terms of project scope, the ITB lists the following requirements for the audit:
- Identify and catalog all hardware assets within the city’s IT infrastructure
- Assess the effectiveness of existing controls for managing and securing hardware assets
- Provide recommendations for improving asset inventory management and control mechanisms
- Conduct vulnerability assessments on critical systems and networks
- Recommend a remediation plan and continuous vulnerability management strategies
More detailed information about ITB2024-163IT, including all submission requirements and requests, can be found online. The deadline for responses is 3 p.m. on May 3.
