Specifications include, but are not limited to: The AOC is seeking proposals from prospective Offerors to perform assessments of our current information security controls and practices against the NIST Cybersecurity Framework (https://www.nist.gov/industryimpacts/cybersecurity-framework) and other leading industry information security and audit standards and practices. The assessment is to be conducted to develop a set of recommendations and analysis that will (1) provide a context for the enhancement and operation of Information Security functions, (2) generate and provide a gap analysis and make recommendations to take full advantage of the implementation and integration of technologies and tools, both current and additional, and (3) an analysis of the presence and protection of certain data currently housed in JIS systems.
