EOTSS is seeking to establish MSAs under which State Agencies will independently procure vendor services assist in creating Incident Response Plans (IRPs) or Table Top Exercises (TTXs). Incident Response Plans are defined as: A written document, formally approved by the senior leadership team, that helps organizations before, during, and after a confirmed or suspected security incident. Vendors will be expected to work with State Agencies to create a plan that helps State Agencies before, during, and after a cybersecurity incident. This includes: Necessary training of staff Reviewing the IRP with the State Agencies’ Legal Department Connecting State Agency to appropriate intelligence sharing organization Developing an incident staffing and stakeholder plan Investigating potential compromises Assigning appropriate staff to IRP Roles Tabletop Exercises (TTXs)are defined as: A discussion-based exercise where personnel with roles and responsibilities in a particular IT plan meet in a classroom setting or in breakout groups to validate the content of the plan by discussing their roles during an emergency and their responses to a particular emergency situation. A facilitator initiates the discussion by presenting a scenario and asking questions based on the scenario. Vendors must have credentials or certifications that demonstrate the expertise of their TTX team. The Vendor will be expected to: Create a TTX scenario for a State Agency Run that scenario with the State Agency to test their IRP Create a “Lessons Learned” document showing any issues in scenario and how to fix them
