Loading...
Skip to main content
PhoneCall Us: 800-835-4603 AvatarLogin
Login Window
Forgot your password?
< Back to results

Information Security Audit

Location
New Hampshire
Publication Date
05/31/2023 07:27 AM EDT
Closing Date
06/30/2023 11:59 PM EDT
Issuing Organization
State of New Hampshire - Judicial Council
Solicitation Number
LockedRegistered members only
Description

Specifications include, but are not limited to: This Request for Proposals (RFP) is issued by the New Hampshire Judicial Branch (NHJB) through the Administrative Office of the Courts (AOC) to solicit proposals to provide the NHJB with information security services that include two audits a year, two audit preparation sessions a year, and a fixed amount of remediation hours. The vendor will provide training to NHJB IT personnel, when necessary to fill in knowledge gaps. Audits will follow the NIST Cyber Security Framework or ISO 27001:2013 framework. a. Audit Preparation Planning 1. Scope i. The vendor will select two domains from ISO 27001 to audit. The results will be used for comparison against the established baseline. ii. The vendor will specify at least two policies to review for regulatory compliance and process alignment. iii. The vendor will select one application\service from the IT services catalogue to assess confidentiality, availability, and integrity of the service. 2. Resource i. The vendor will estimate the vendor and NHJB resources required to accomplish the stated scope. ii. The vendor will estimate effort and duration requirements for the resources. 3. Schedule i. The vendor will coordinate with NHJB to set the dates of the on premise and remote activities. ii. The vendor will negotiate schedules for the resources required for the on premise and remote work. iii. Scheduling will be established a minimum of 30 days prior to the audit commencement date. b. Information Security Audit 1. ISO 27001 Audit i. Vendor will perform an audit of the NHJB NIST CSF. NHJB maintains a performance baseline based on the ISO 27001 framework tied to the NIST CSF. A minimum of two sections, in which NHJB performed poorly during previous audits within the past two years, should be audited, with a comparison to previous results. NHJB will make previous findings available to the vendor. In addition to the two sections mentioned previously, each audit will include an audit of two new sections, or the equivalent of Six sub-sections as outlined by ISO 27001:2013 framework. ii. Audit report with findings and recommendations will be provided by Vendor.

Source
https://apps.das.nh.gov/bidscontracts/ (opens in a new window)
Get instant access to solicitation details & future business opportunities.

Get instant access

to solicitation details & future business opportunities.

Get Access

Vendor packages with access to similar open solicitations

Matching bid notifications & access to all Statewide & Group bid details

Statewide

Matching bid notifications & access to all Statewide & Group bid details
Matching bid notifications from participating agencies

Group

Matching bid notifications from participating agencies
Access participating agency bids

Basic

Access participating agency bids

We use cookies and other similar technology to deliver our online services. Essential cookies are used to enable you to access and navigate our site. These are necessary and are always on. We also use functional, analytics, and marketing cookies when we have your consent to do so. For more information on how we use cookies, please consult our Privacy Policy.