Specifications include, but are not limited to: Perform a confidential assessment of security controls for systems, policies and processes. The assessment is to be conducted to systematically identify programmatic weaknesses and where necessary, establish targets for continuing improvement of Town’s operations, internal controls and its current policies and procedures pertaining to its current IT environment. A comprehensive and best practice Security Audit to include, but not limited to, the areas of concern below. Any additional materials and documentation can be referenced and attached with your submission. The project’s scope includes: 1) Third Party On-Site Security Audit: Assist Town in performing a 3rd party security audit to confirm that security and data protection controls are in place and compliant to Town’s business needs and in alignment with industry standards such as NIST 800-53 or other applicable industry acceptable standards. ✓ Deliverables: ▪ Review and provide feedback on physical security ▪ Review and provide feedback on information security ▪ Review and provide feedback on identity management ▪ Review and provide feedback on Cloud / ASP / SaaS applications