Specifications include, but are not limited to: The Nebraska Department of Education (NDE) is seeking a qualified vendor to provide an Information Security Assessment and Penetration Testing on existing NDE networks. All requirements are according to specifications enclosed herein. This assessment will allow NDE to gain a better understanding of potential network vulnerabilities that may be visible from both outside and inside NDE’s resources. The Scope of Work consists of the two sections outlined below. Bidders may bid on any or all of these sections and are requested to provide cost estimates for each section separately as NDE may not select all activities to be conducted and/or may select one or more bidders for separate activities. 1) Penetration Testing a. External Network Vulnerability Assessment and Penetration Testing b. Internal Network Vulnerability Assessment and Penetration Testing c. Wireless Network Assessment and Penetration Testing d. Application Penetration Testing e. Client-Side Penetration Testing f. Physical Penetration Testing 2) Policy Planning and Development a. Business Impact Analysis b. Disaster Recovery Planning c. Policy Development ; The Penetration testing shall provide a practical approximation of the weak points in NDE's network infrastructure and selected applications, describing the risks of such vulnerabilities, and facilitating the design of a plan for implementing remediation. The vendor must ensure the penetration testing activities will not impact the availability of the wireless system or email services for NDE and the broader state environment.