BOARD OF COMMISSIONERS PORT OF NEW ORLEANS

Similar documents
REQUEST FOR PROPOSALS

REQUEST FOR QUALIFICATIONS

Board of Commissioners. Port of New Orleans REQUEST FOR QUALIFICATIONS

Board of Commissioners. Port of New Orleans REQUEST FOR QUALIFICATIONS

Board of Commissioners of the Port of New Orleans

REQUEST FOR PROPOSALS FOR AS-NEEDED CONTAINER CRANE ENGINEERING SERVICES FOR FISCAL YEARS 2016 & 2017

REQUEST FOR PROPOSALS FOR AS-NEEDED EMERGENCY DAMAGE ASSESSMENT AND ENGINEERING SERVICES FOR FISCAL YEARS 2016 THRU 2018

REQUEST FOR PROPOSALS. Janitorial Services

Board of Commissioners of the Port of New Orleans. April 25, 2018

PORT OF SOUTH WHIDBEY PUBLIC WORKS INVITATIONS TO SUBMIT STATEMENT OF QUALIFICATIONS ON-CALL ENGINEERING SERVICES

REQEST F0R PROPOSALS

ALABAMA STATE PORT AUTHORITY REQUEST FOR QUALIFICATIONS

REQUEST FOR PROPOSALS (RFP) FOR GATEWAY ENTRANCE SIGNAGE DESIGN, FABRICATION AND INSTALLATION FOR THE VILLAGE OF SPARTA

CITY OF PORT ORCHARD DEPARTMENT OF PUBLIC WORKS REQUEST FOR QUALIFICATION (RFQ)

SAMPLE CONTRACT BETWEEN THE BOARD OF COMMISSIONERS OF THE PORT OF NEW ORLEANS AND CONTRACTOR NAME FOR SERVICES

TOWN OF MIDLAND ADMINISTRATION DEPARTMENT REQUEST FOR PROPOSAL FILE # F Information Technology Strategic Plan

TOWN OF MIDLAND ADMINISTRATION DEPARTMENT REQUEST FOR PROPOSAL

ADVERTISEMENT REQUEST FOR PROPOSALS FOR PILOT PROGRAM of ADVANCED METERING INFRASTRUCTURE PILOT SYSTEM (AMI) FOR THE CITY OF GRAND ISLAND, NEBRASKA

COWLEY COUNTY, KANSAS REQUEST FOR PROPOSAL. SALARY STUDY SUBMITTAL DEADLINE June 1, 2012 RFP NUMBER

SAN DIEGO CONVENTION CENTER CORPORATION

REQUEST FOR PROPOSAL (RFP) Professional Public Education Legal Services for the School District of Janesville. Release Date: Monday, August 6, 2018

The CITY OF BAYONNE is soliciting responses/proposals to the City's RFQ/RFP for the provision of the following professional services:

INVITATION TO BID RFP #

CHEROKEE NATION REQUEST FOR SEALED PROPOSAL SECURITY RISK ASSESSMENT SERVICES

Request For Proposal (RFP) for

Alabama State Port Authority

City of Sidney Request for Qualifications and Proposal for. Plumbing Maintenance and Repair Services # S

Requests For Proposals

REQUEST FOR SEALED COMPETATIVE PROPOSALS PROPOSALS FOR CCTV/SURVEILLANCE UPGRADES OF:

REQUEST FOR PROPOSALS (RFP) Marina Management Services. Docktown Marina

REQUEST FOR SEAL PROPOSALS

REQUEST FOR PROPOSALS

Warner Robins Housing Authority

REQUEST FOR PROPOSAL (RFP) # DESIGN BUILD NEW CHIEFLAND MIDDLE/HIGH SCHOOL CONSULTANTS' COMPETITIVE NEGOTIATION ACT (CCNA)

OKEECHOBEE COUNTY ROAD STRIPING AND MARKING SERVICES

REQUEST FOR QUALIFICATIONS (RFQ) FOR DSA INSPECTOR OF RECORD (IOR) SERVICES. April 18, 2006

Request for Proposals

The Minnesota Workers Compensation Assigned Risk Plan (MWCARP) Actuarial Services Request For Proposals

Quotations for Small Purchase (QSP) Wilkinson Terrace Real Estate Appraisal Services CONDITIONS TO QUOTE - NONCONSTRUCTION

Invitation To Bid. for

ARCHITECT OF RECORD & DSA CLOSEOUT CERTIFICATION SERVICES RFQ# 029

OFFICE OF THE SUMMIT COUNTY SHERIFF

a. Proposals shall be submitted in a sealed envelope and addressed as follows:

HARNETT COUNTY Request for Proposals Harnett County 2022 Real Property Reappraisal. Date: March 25, I. Introduction:

REQUEST FOR QUALIFICATIONS (RFQ) FOR DSA INSPECTOR OF RECORD (IOR) SERVICES

ADVERTISEMENT FOR REQUEST FOR QUALIFICATIONS FOR PROFESSIONAL COST ESTIMATING AND SCHEDULING SERVICES FOR THE MIAMI DADE AVIATION DEPARTMENT RFQ NO

REQUEST FOR QUALIFICATIONS (RFQ) FOR ENGINEERING SERVICES FOR THE CONSTRUCTION OF WATER AND SANITARY SEWER LINES

Leavenworth County Department of Public Works 300 Walnut Street, Suite 7 Leavenworth, KS 66048

Request for Proposal

REQUEST FOR QUALIFICATIONS. For ON-CALL DESIGN ENGINEERING SUPPORT SERVICES. For DESIGN ENGINEERING DIVISION STOCKTON, CALIFORNIA MAY 21, 2018

CITY OF PORT ORCHARD DEPARTMENT OF PUBLIC WORKS REQUEST FOR QUALIFICATION (RFQ) Pavement Repair Projects Ad Ready Design (PS&E) August 2018

City of Forest Park Request for Proposals. Landscape Installation, 803 & 785 Forest Parkway, Forest Park Ga

WEST VALLEY SANITATION DISTRICT

Quotations for Small Purchase (QSP) Wilkinson Terrace Real Estate Appraisal Services CONDITIONS TO QUOTE - NONCONSTRUCTION

Proposal No:

PROJECT DESCRIPTION SCOPE OF SERVICES

Request for Proposal for: Financial Audit Services

MIDDLESEX COUNTY UTILITIES AUTHORITY

The CITY OF BAYONNE is soliciting responses/proposals to the City s RFQ/RFP for the provision of the following professional services:

ADVERTISEMENT FOR BID

CITY OF ST. LOUIS DEPARTMENT OF PUBLIC SAFETY. REQUEST FOR PROPOSAL (amended*)

APPENDIX B TO COMPREHENSIVE AGREEMENT UOSA CONTRACT VSS UOSA VEHICLE SERVICE STATION FORM OF STAGE 2: FINAL DESIGN AMENDMENT

CITY OF MONTEREY REQUEST FOR PROPOSALS FINANCIAL ADVISORY SERVICES. City of Monterey Finance Department 735 Pacific Street, Suite A Monterey, CA 93940

Center Township Butler County, Pennsylvania REQUEST FOR PROPOSALS AND QUALIFICATIONS FOR PROFESSIONAL ENGINEERING SERVICES

REQUEST FOR PROPOSAL (RFP) AS NEEDED MATERIALS TESTING SERVICES FOR 2012, 2013 & 2014

Motor Grader Packer-Roller. Bids Due and Opening Monday, March 26, 2018 Time: 2:00 p.m.

ALABAMA STATE PORT AUTHORITY REQUEST FOR PROPOSAL

Request For Proposal. For Construction Management Services. For The. Benton County Jail and Sheriff s Office

City of Henderson PO Box 716 Henderson, Kentucky REQUEST FOR PROPOSALS # 14-25

STATE OF LOUISIANA DIVISION OF ADMINISTRATION THE OFFICE OF GROUP BENEFITS (OGB) REQUEST FOR PROPOSALS (RFP) FOR

Request for Qualifications for Owner s Program Management Services For Wilton Police Headquarters Renovation and Expansion

REQUEST FOR QUOTATION RFQ # 09-Q-LP-031 Blanket Purchase Agreement (BPA) for Copywriter and Editing Services COMPANY NAME: ADDRESS: PHONE NO.

KANSAS CITY PUBLIC LIBRARY REQUEST FOR PROPOSALS FOR AUDIT SERVICES

Request for Proposal

REQUEST FOR PROPOSAL (RFP) Legal Services for Xenia Community City School District

QUARTZ HILL WATER DISTRICT REQUEST FOR PROPOSALS FOR PROFESSIONAL AUDITING SERVICES

CITY OF CHINO HILLS. Request for Proposals (RFP) for Water Fixed Assets Assessment Study

7750 East Broadway Boulevard, Suite A-200, Tucson, AZ

REQUEST FOR PROPOSALS

CITY OF BEVERLY NEW JERSEY MUNICIPAL NON-AUDIT SERVICES REQUEST FOR PROPOSAL

Request for Proposals. For. Financial Aid Services. Issued by: Pennsylvania State System of Higher Education Office of the Chancellor

Responsibility Determination for General Contractors Who May Desire to Submit Bid Proposals for the Construction of [PROJECT TITLE]

Request for Quote RFQ# Date: 02/01/2017

City of Spartanburg Procurement and Property Division Post Office Drawer 1749, SC P (864) F (864)

The CITY OF BAYONNE is soliciting responses/proposals to the City s RFQ/RFP for the provision of the following professional services:

City of Harris Harris, Minnesota Public Works Department GRADING GRAVEL ROADS REQUEST FOR PROPOSALS Fax #

NEW CASTLE COUNTY Purchasing Division New Castle County Government Center 87 Read s Way New Castle, DE (302)

Request for Bid/Proposal

REQUEST FOR QUOTATION RFQ# 07-Q-JS-118 Six (6) Portable Visitor Information Desks COMPANY NAME: ADDRESS: PHONE NO.: FAX NO.:

LEGAL NOTICE REQUEST FOR QUALIFICATIONS RFQ For CONSULTANT SERVICES CMAQ-5414(632) ST. CHARLES COUNTY GOVERNMENT ST.

Lower Township Municipal Utilities Authority. ( Authority or LTMUA )

Invitation To Bid. for PURCHASE OR LEASE OF CARDIOVASCULAR EQUIPMENT 2016

REQUEST FOR QUALIFICATIONS TERMINAL 3 HEADLINE DOLPHIN DESIGN & MAINTENANCE PROGRAM

Ohio Public Employees Retirement System. Request for Proposal

CITY OF PETALUMA REQUEST FOR PROPOSALS

Private Transportation Company (PTC) Business Licence

REQUEST FOR QUALIFICATIONS & PROPOSALS. Julie Wilkie Assistant City Manager:

Warner Robins Housing Authority

Greater Dayton Regional Transit Authority 4 S. Main Street Dayton, OH 45402

REQUEST FOR PROPOSALS

Transcription:

BOARD OF COMMISSIONERS PORT OF NEW ORLEANS REQUEST FOR QUALIFICATIONS INFORMATION TECHNOLOGY (IT) CYBERSECURITY VULNERABILITY ASSESSMENT DUE BY TWELVE NOON CENTRAL TIME ON THURSDAY JANUARY 7, 2016 NEW ORLEANS, LOUISIANA Issue Date: November 23, 2015 Revised Date: December 9, 2015

Table of Contents Table of Contents... 2 PART I. SUMMARY...3 NOTICE OF REQUEST FOR QUALIFICATIONS... 3 PART II. GENERAL INFORMATION...4 INTRODUCTION... 4 SCOPE OF WORK... 4 INSURANCE... 5 SELECTION PROCESS AND CRITERIA... 7 COMPENSATION... 7 AUDIT REQUIREMENTS... 7 TRANSPORTATION WORKER IDENTIFICATION CREDENTIALS... 7 AFFIDAVITS... 8 PART III. REQUIREMENTS TO RESPOND TO THIS RFQ...8 SUBMITTAL REQUIREMENTS... 8 SUBMITTAL FORM... 8 EVALUATION CRITERIA OF THE RFQ... 12 PART IV. REQUIREMENTS TO RESPOND TO AN RFP IF INVITED... 12 INVITATION TO RESPOND TO RFP... 12 REQUEST FOR PROPOSALS... 12 Page 2 of 12

PART I. SUMMARY NOTICE OF REQUEST FOR QUALIFICATIONS Notice is hereby given that the Board of Commissioners of the Port of New Orleans (Board) is issuing a Request for Qualifications (RFQ) from firms that are interested in being considered for award of a contract to perform an Information Technology (IT) cybersecurity vulnerability assessment with the intent to identify and mitigate potential vulnerabilities in its critical IT infrastructure. The Board maintains several enterprise and departmental software applications and platforms managed in-house and on premise. The IT cybersecurity assessment will identify vulnerabilities in its information technology infrastructure, systems, policies and practices and develop a prioritized set of actions to mitigate the risks identified. Interested firms may obtain the RFQ via the Port of New Orleans website at www.portno.com under the PROCUREMENT page under HOME, then under REQUEST FOR PROPOSALS, or directly at this website address: http://portno.com/request-for-proposals. The RFQ contains information and instructions on submitting qualifications. The evaluation of qualifications, issuance of Request for Proposals (RFP), evaluation of proposals, and award of contract will be scheduled as set forth in the RFQ. All interested qualified firms are invited to submit their qualifications and that of any sub-consultants proposed to perform the services outlined in the RFQ. The RFQ describes the evaluation factors that will be used in recommending firms to receive an RFP. Failure to submit all information required in the RFQ will constitute a non-response. A response submittal to this RFQ shall consist of six bound copies furnished in a sealed envelope or box titled Request for Qualifications for IT Cybersecurity Vulnerability Assessment. Submittals shall be mailed or delivered (no facsimile nor email) to the Board of Commissioners of the Port of New Orleans, Ms. M. Eileen Pansano, Internal Audit Director, 1350 Port of New Orleans Place, New Orleans, Louisiana 70130 not later than twelve noon, local time, on Thursday, January 7, 2016. Deliveries are only accepted Monday thru Friday, excluding holidays, from 8 a.m. to 4 p.m. Inquiries regarding this RFQ shall be directed to Ms. Eileen Pansano by email only at pansanoe@portno.com Page 3 of 12

PART II. GENERAL INFORMATION INTRODUCTION The federal government, starting with the Presidential Executive Order Improving Critical Infrastructure Cybersecurity, is taking steps to enhance cybersecurity in U.S. port facilities. These initiatives will greatly enhance the security and resiliency of this vitally important sector. Cybersecurity has been identified as a top priority for the Coast Guard, which has responsibility for maritime Homeland Security. The Board of Commissioners of the Port of New Orleans (Board) is designated as a political subdivision of the State of Louisiana and is subject to federal and state laws governing public entities, including public records laws and the designation of certain classes of information as Sensitive Security Information (SSI). The Port of New Orleans is a Facility under federal law that must operate in compliance with the MARSEC security requirements of Title 33 Code of Federal Register (CFR) 105. One of the MARSEC security requirements is that Facilities must have a Facility Security Plan (FSP) to protect their Facility at the respective MARSEC levels. The Board s IT system and the security camera system are infrastructure which is included is this FSP. The Internal Audit Department of the Board is issuing a Request for Qualifications (RFQ) from firms licensed to do business in Louisiana that are interested in being considered for award of a contract to perform an IT cybersecurity vulnerability assessment with the intent to identify and mitigate potential vulnerabilities in its critical IT infrastructure. The Board maintains several enterprise and departmental software applications and platforms managed in-house and on premise. The IT cybersecurity assessment will identify vulnerabilities in its information technology infrastructure, systems, policies and practices and develop a prioritized set of actions to mitigate the risks identified. SCOPE OF WORK The Board will select a qualified consultant on a best value basis using a point-method of award to undertake a comprehensive IT Cybersecurity Vulnerability Assessment, thoroughly reviewing the current state of the Port s information technology security, develop a vulnerability mitigation plan, and prioritized road map of activities to enhance the Port s future cybersecurity position. The consultant s approach will utilize industry best practice methodologies to ensure a standardized risk mitigation approach that will offer the highest risk reduction potential. The approach will complement the Framework for Improving Critical Infrastructure Cybersecurity developed by the National Institute for Standards and Technology (NIST) in response to Presidential Executive Order 13636 (http://www.nist.gov/cyberframework/upload/cybersecurityframework-021214.pdf). Additionally, the approach shall consider the OpSec (Operations Security) Five Step Process (http://www.opsecprofessionals.org/process.html) as it pertains to Cybersecurity. The assessment is to include, but not be limited to: Page 4 of 12

(a) Test for susceptibility to Advanced Persistent Threats (APTs) such as viruses, malware, Trojan horses, botnets and other targeted attack exploits. Evaluate the Port of New Orleans current threat posture including antivirus and Intrusion Detection and Prevention (IDP) capabilities. (b) Review wireless network system components for security vulnerabilities, validating system specific configurations and known exploits. (c) Review Marine Security Operations Center (MSOC) for security vulnerabilities, validating system specific configurations and known exploits. (d) Validate system-specific configurations and review for known exploits. This includes firewalls, switches and routers, Microsoft Active Directory, email and file servers, web servers, wireless routers, VPN, VoIP and CCTV systems. (e) Assess VoIP network system components for security vulnerabilities, validating systemspecific configurations and reviewing for known exploits. (f) Review existing IT policies and procedures and make recommendations for changes and/or additional policy and procedure development. The overall engagement will be managed by the consultant, with a defined scope, schedule and budget. Project activities will be appropriately managed, and project risks and task progress will be formally communicated. Scope of the project includes the following: External Network Vulnerability Assessment and Penetration Testing o Number of IP addresses in target space(s) 616 o Number of live hosts approximately 38 External Website Vulnerability Assessment and Penetration Testing o Number of web servers 10 Firewall and Router Configuration Reviews o Number of type of firewalls to be reviewed 6 O Number of Internet routers to be reviewed 2 Wireless Network Assessment and Penetration Testing o Number of Wireless Networks 3 o Physical Sites to conduct scanning 6 o Public Wireless Networks 2 o Private Wireless Networks 1 Marine Security Operations Center (MSOC) Review o Command Bridge regional situation awareness system o Security cameras installed around Port properties -230 INSURANCE Before a professional services contract can be executed and become effective, the consultant and each sub-consultant shall furnish to the Board's risk manager certificates evidencing that it has procured the insurance herein required. Current insurance certificates must be provided for the Page 5 of 12

coverages required herein during the entire term of this contract. For a period of three years after termination of this contract, the consultant and any sub-consultant providing professional services, and any other firm as applicable, must carry applicable insurance as outlined below. All insurance shall be written with insurance companies authorized and licensed to do business in the State of Louisiana and acceptable to the Board (Best's rating A-, VI, or better). Selfinsurance programs authorized by the Commissioner of Insurance of the State of Louisiana for workers' compensation insurance are acceptable with the submission of a certified copy of the consultant s authority to self-insure. All insurance required herein shall be primary to any similar insurance that may be carried by the Board for its own protection. Except for the workers' compensation insurance and the professional liability insurance, the Board shall be named as an additional insured on all policies required herein. All insurance policies required herein, as well as any other insurance carried by the consultant for its protection or the protection of its property on the contract shall provide that the insurers waive in favor of the Board any rights of subrogation the said insurers may be entitled to. All policies required herein shall provide for thirty (30) calendar days written notice of cancellation or material change to be sent to the Board at P.O. Box 60046, New Orleans, Louisiana 70160 Attention: Risk Manager. For additional information contact the Board s risk manager at (504) 528-3273. All insurance policies herein required shall remain in full force and effect for the duration of this contract. If any insurance required herein is canceled or materially changed and not immediately replaced during the term of this contract, the Board reserves the right to purchase insurance at the expense of the consultant to protect the Board's interest. The furnishing of insurance shall not relieve the consultant of the responsibility for losses not covered by insurance. The Board makes no representation or warranty that the insurance the Board requires will be sufficient to protect the consultant s interests. The consultant shall be responsible for the full amount of any deductible associated with any of the insurance policies required herein. A combination of primary and excess insurance may be used to satisfy the insurance requirements. The insurance requirements are as follows: Comprehensive General Liability Insurance Consultant shall procure and maintain at its sole cost and expense comprehensive general liability insurance (on an occurrence basis) with limit of liability of not less than one million dollars ($1,000,000) for all injuries or deaths resulting to any one person or from any one occurrence. The aggregate limit for products and completed operations shall be not less than one million dollars ($1,000,000). The limit of liability for property damage shall be not less than one million dollars ($1,000,000) for each occurrence and aggregate. Comprehensive Motor Vehicle Liability Insurance Consultant shall procure and maintain at Page 6 of 12

its sole cost and expense comprehensive motor vehicle liability insurance which shall include hired car and non-ownership coverage with limit of liability of not less than one million dollars ($1,000,000) for all injuries or deaths resulting to any one person or from any one occurrence. The limit of liability for property damage shall be not less than one million dollars ($1,000,000) for each occurrence and aggregate. Workers' Compensation Insurance Consultant shall procure and maintain at its sole cost and expense workers compensation insurance which will protect it from claims under the Louisiana Workers Compensation Act (LSA 23:1021, et seq.). The limits of liability under the employer s liability section of the workers compensation policy, as well as both compensation schemes, shall be not less than one million dollars ($1,000,000). Professional Liability Insurance Consultant shall procure and maintain errors and omissions / professional liability insurance in the amount of one million dollars ($1,000,000) per claim and two million dollars ($2,000,000) annual aggregate. The insurance shall be in full force and effect for a period of three years after completion of the project. Such insurance shall be issued subject to a deductible not to exceed ten thousand dollars ($10,000.00) that will be for the account of the consultant. SELECTION PROCESS AND CRITERIA This RFP is using a two part process. A short list of the three to five top-ranked prime firms will be developed based on the evaluation of the qualifications submitted for this RFQ. Those consultants who receive notification of being short-listed will be sent a Request for Proposal (RFP) as described in Part III herein and will be ranked using criteria as described for final recommendation. COMPENSATION Compensation for services will be based on all inclusive hourly rates for various classifications of personnel working on a project. Direct costs and sub-consultant costs will be compensated based on actual invoiced costs with no multipliers. Total contract value will be the final not-toexceed fee negotiated by Board staff, after evaluation of the RFPs. AUDIT REQUIREMENTS The selected consultant, and any of its sub-consultants, shall maintain accounting records for three years, as a condition to the award of this public contract, for the Legislative Auditor of the State of Louisiana and/or the Board s auditors to inspect, examine and/or conduct an audit of all books, accounts and records of firms pertaining to the performance of contractual obligations and the compensation due to be received under this contract. TRANSPORTATION WORKER IDENTIFICATION CREDENTIALS Work within the Board s terminals and at most other properties, such as the Harbor Police building, require Transportation Safety Administration Transportation Worker Identification Credentials (TWIC). Federal regulations require that persons seeking entry to restricted areas Page 7 of 12

of United States ports must present a valid TWIC card and must maintain possession of the TWIC at all times in secure port areas. Without a TWIC or an approved Port of New Orleans authorized TWIC escort, no entry will be allowed into restricted areas. Port personnel will not be responsible for providing escorting services to any consultants. The Board does not compensate consultants for obtaining TWIC for its employees and sub-consultants. Processing for a TWIC can take several weeks, and consultants should ensure that key personnel on the team have applied for TWIC on Notice of Award of a contract. Entry into the Board s administrative headquarters does not require a TWIC card. AFFIDAVITS Affidavits will be needed to be executed by the person or firm doing business with the Board at the time of entering a contract. Refer to the Port of New Orleans website at www.portno.com under PROCUREMENT under INFORMATIONAL DOCUMENTS under AFFIDAVITS. Sub-consultants do not need to provide affidavits to the Board, only the Prime consultant. The affidavits submitted by the Prime consultant to the Board are due at the time of submitting the final contract for execution. Consultants should read the affidavits and be aware that they are a requirement in order to enter into a contract with the Board. PART III. REQUIREMENTS TO RESPOND TO THIS RFQ SUBMITTAL REQUIREMENTS Any prime consultant/team failing to submit any of the information required will be considered non-responsive. Facsimiles and email submittals will not be accepted. SUBMITTAL FORM 1. Contract Name: IT Cybersecurity Vulnerability Assessment 2. Announcement Date: November 23, 2015 3a. Registered Firm Name / State of Registration (Note: Louisiana registration will be required for the winning bidder) 3b. Name, Title, Telephone number and email address of the signing authority 3c. Name, title, telephone number, and e-mail address of full-time professional in charge Page 8 of 12

4. List the number and type of full-time professional personnel on firm s payroll who are likely to work under the contract. 5. Do you presently have sufficient staff to perform the services to undertake this work in the next 5 months? (Yes/No) 6. (For use by the prime consultant only) Do you intend to use a sub-consultant(s) for services? (Yes/No) If yes in box 6, Identify the element of work and the percent of the contract scope of work to be performed by each sub-consultant, and if sub-consultant is a certified SBE. Name and Address of Consultant (12/2/15 Revision: Sub-consultant information has been modified for clarity.) Is sub-consultant a certified SBE? Expected percentage of contract to be performed % Is sub-consultant a certified SBE? Expected percentage of contract to be performed % Is sub-consultant a certified SBE? Expected percentage of contract to be performed % Page 9 of 12

7. Staffing Plan A Diagram showing all key personnel that would be available for assignment. These key personnel will be obligated to perform at least 60% of the total effort. The Staffing Plan should also include the same information for sub-consultants (if applicable). 8. Brief resume of key persons anticipated to work on project (repeat as necessary) a. Name & domicile b. Job Title: c. Name of firm by which employed full time d. Years experience: With this firm With other firms e. Education: Degree(s) / Years / Specialization f. Certifications Page 10 of 12

9. Work by firm which best demonstrates IT Cybersecurity Vulnerability Assessments relevant to this contract as shown in Box 1 (List no more than 5 projects) a Project name & location b. Project description c. Nature of firm s responsibility & key personnel involved d. Owner s name, address, and telephone number e. Contract Completion Date 10. This is to certify that all information contained herein is accurate and true. Signature of Authorized Representative (same as 3b) Date Page 11 of 12

EVALUATION CRITERIA OF THE RFQ The general criteria to be used by the Consultant Evaluation Committee in evaluating responses for the selection of three to five Consultants/Teams to receive an RFP for the contract are: 1. The described approach and methodology to be used by the respondent 2. The corporate background, experience, and financial stability 3. Staffing and support personnel qualifications 4. Small Business Enterprise (SBE) participation (12/2/15 Revision: Removed Cost of proposal Proposed costs to be included in RFP only.) The evaluation will be by means of a point-based rating system of the prime consultant/team as a whole. The Consultant Evaluation Committee will be responsible for performing the above described evaluation, and presenting a short-list of three to five of the highest rated prime consultants to the Board s Chief Operating Officer. These short-listed firms will receive an RFP. PART IV. REQUIREMENTS TO RESPOND TO AN RFP IF INVITED INVITATION TO RESPOND TO RFP Only those firms short-listed by the Consultant Evaluation Committee will receive an invitation to respond to the RFP for each contract. REQUEST FOR PROPOSALS All RFP respondents will be required to submit their response as stipulated in the RFP. There are three components that will be required to respond to the RFP: 1) A written project proposal which includes a high-level technical description of the procedures to be used for the project and a description of the deliverables; 2) A Certification Statement; and a 3) Price Proposal in a separate, sealed envelope. The consultant s written project proposal, certification statement, fee proposal and any and all other forms required in the RFP shall be submitted as stated therein. Any consultant/team failing to submit any of the required information will be considered non-responsive. Facsimiles and email submittals of the Project Proposal or Fee Proposal will not be accepted. The following information is required to respond to the RFP, if invited: 1) Written Project Proposal: Six bound sets plus one original. The information should correspond to the criteria upon which the evaluations will be scored and indicated herein. 2) Certification Statement: Certifies that the proposer has read and understands all requirements and specifications of the RFP 3) Price Proposal: A schedule based on all-inclusive hourly rates for various classifications of personnel working on a project. Direct costs and sub-consultant costs will be compensated based on actual invoiced costs with no multipliers. The contract will be issued on a not-to-exceed basis. Page 12 of 12

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback