Cyber Security Assessment Services for State IT Systems
Location:
Alaska, United States
Posted on:
Deadline:
Summary:
Solicitation for cybersecurity assessments of select Alaska state IT systems, focusing on NIST and CIS controls, asset inventories, and threat identification.
Get full access to this RFP
Download the full RFP document and use Settle's AI to analyze requirements, estimate budget, and draft winning responses in minutes.
The government authority in Alaska is seeking vendors to conduct cybersecurity assessments of select state IT systems. The assessment should be performed using the National Institute of Standards and Technology (NIST) Cybersecurity Framework and Center for Internet Security (CIS) controls. The security review will cover the infrastructure supporting key systems, the types and extent of data processed within those systems, and associated database structures.
Vendors will be responsible for analyzing statewide IT security training policies, particularly their effectiveness in countering phishing schemes. This evaluation is to encompass all relevant policies, not only those tied to the specific systems under review. Additionally, vendors must develop a comprehensive, classification-based inventory of all relevant assets and data flows. The scope includes identifying, validating, and prioritizing threats and vulnerabilities across the specified IT systems and their supporting infrastructure. Application-level security controls will also be evaluated.
Best-fit vendors:
• Proven experience conducting cybersecurity assessments using NIST and CIS frameworks
• Familiarity with government IT environments and policies
• Strong capability in threat and vulnerability analysis
• Ability to evaluate statewide IT training policies
• Relevant certifications such as CISSP, CISM, or CISA
