Specifications include, but are not limited to: The Awarded Proposer shall be required to prepare and execute a comprehensive report that audits and evaluates the City’s IT security systems and summarizes the audit outcomes, including providing recommendations for security improvements, if any. The final scope shall be as negotiated between the City and Awarded Proposer pursuant to the terms of this ITN. It is currently anticipated that the negotiated scope will include, but not be limited to, the following components: I. Review existing IT security policies and procedures for the organization, including an audit of existing access controls for various systems and data (network, folders, emails, telephone/VOIP, etc.), along with a review of the change management processes for each of these controls. II. Test compliance with such security access protocols by conducting a digital forensic audit and identify any breaches in protocols. III. Recommend changes to security access protocols and enhanced security to ensure compliance with such protocols. As part of the steps identified above, the Awarded Propose shall: A. Perform a digital forensic analysis of elected official file shares (approximately 30 top-level folders), including: o Examination of all permissions set on such folders since 2018. o Analysis of creation dates for all such folders within the file share. o Documentation of all instances when permissions were changed or occasions when security-related actions were logged since 2018. o Review of access logs for folders by users who were not the designated mayor, council member, or staff. o If possible, identify whether documents or data accessed by unauthorized internal or external users were copied, moved, uploaded, or downloaded. B. Prepare a detailed timeline of all instances of access, including the specified user, from January 1, 2018 through the present date, including the first and last recorded accesses, and further addressing the following: o Specify when folders were created and what permissions were initially granted. o Identify all instances where changes were made in permissions for each folder within the file share, including identification of which changes in permissions were made. o Indicate all instances where elected officials or their staff accessed folders belonging to other council members. o Identify any instances of access by external (unauthorized) users. C. Identify other areas of concern.
