TMCnet News

Information Technology Division Request for Quotation ITD RFQ 15-02GRC Solution [TendersInfo (India)]
[June 18, 2014]

Information Technology Division Request for Quotation ITD RFQ 15-02GRC Solution [TendersInfo (India)]


(TendersInfo (India) Via Acquire Media NewsEdge) Tenders are invited for Commonwealth of Massachusetts Information Technology Division Request for Quotation ITD RFQ 15-02GRC Solution. Description and Purpose of Procurement ITD is issuing this RFQ to solicit proposals from qualified Bidders to provide software licenses, maintenance and support, training and documentation for a governance, risk, and compliance ( GRC ) solution (such software licenses, maintenance and support, training and documentation collectively, the Software ), and professional services related to installing and implementing the Software (the Services ). The business requirements are set forth below in the section entitled Description of Requested Goods and Services Business and Software Requirements. The sections entitled Training Services, Enterprise Policies and Standards, Accessibility and Security also contain requirements with which the Software and Services must comply. Description of Requested Goods and Services Business and Software Requirements The scope of the procurement covers the Software (i.e., software licenses, maintenance and support, training and documentation) and professional services to assist ITD in implementing and rolling out the Software. Main Functionality The proposed Software must include, at minimum, the following functionality: Ability to handle virtually any kind of audit request (including without limitation PCI, HIPAA, CMS, SSA, IRS Pub. 1075, NIST SP 800-53, NIST Cybersecurity Framework, and Commonwealth-specific standards including Executive Order 504) Automatically detect whether a control is required across multiple compliance requirements Provide a means to upload and retain evidence, including applicable policies and compliance details Support for multiple (at least 3) administrator accounts Multiple users from different groups must be able to submit information and/or partially answer questionnaire Capacity for at least one ISO user from each agency to submit questionnaire Capacity to record and save one Agency Head user from each agency to sign off on questionnaire and submit it Support for up to 100 simultaneous users Ability to create custom questionnaires and authoritative sources (example: Massachusetts Executive Order 504) Support scan results from vulnerability testing and analytics services, such as Qualys and Rapid 7 Ability to give a risk score based on scan results and existence (or lack thereof) of controls for an asset or an agency Scope of Services The successful Bidder must provide professional services (the Services ) as follows: Work with ITD to design the solution, including determining the hardware and software infrastructure requirements, interfaces, and skill sets needed for an enterprise rollout of the GRC Software. Install and fine-tune the GRC Software and solution. Customize the GRC Software to include all of the compliance requirements for the standards listed in Section VI(A) above: PCI, H Major organization : DEPARTMENT OF TRANSPORTATION Address : 1 Ashburton Place, Suite 811, Boston, Massachusetts 02108 Contact Person : Jim Cusson Country :United States Email : [email protected] Tender notice number : BD-14-1030-0H100-0H002-00000000771 Notice type : Tender Notice Open date : 2014-07-22 Tender documents : T22662308.html (c) 2014 Euclid Infotech Pvt. Ltd. Provided by SyndiGate Media Inc. (Syndigate.info).



[ Back To TMCnet.com's Homepage ]