Information System Security

(Functional Area 7)

The security of information and computing resources at all organizational levels; including software/application and data security support, as well as disaster recovery planning and risk assessment.

Hardware/Software/Application Security Support

Disaster Recovery and Risk Assessment

Hardware/Software/Application Security Support

Description:

Strategies and solutions to defend hardware and software IT and telecommunications resources against adversaries such as viruses, worms and hackers for operating systems and applications in a mainframe, client/server, or networked environment.

Examples of Potential Services: 

  • Provide operational and analytical support related to security for computing platforms (i.e. PC, servers, mainframe) and networks;
  • Analyze and evaluate new and emerging security technologies as well as vendor security products for their applicability and feasibility of use in securing hardware/software IT and telecommunications resources;
  • Support customer security operations, including assisting customers with analyzing, developing and implementing security methodologies and safeguards to protect their IT and telecommunications assets;
  • Provide technical training for all aspects of information security relative to personal computers, file servers, and networks;
  • Design, test, install and support wireless network security systems; and
  • Provide virus detection, elimination, and prevention support.

The examples of services listed in this section are not all inclusive of the services available under the Master Contract.

Disaster Recovery and Risk Assessment

Description:

Disaster recovery planning and risk assessment in support of the mitigation of risks to IT and telecommunications systems and infrastructure. Through quantitative risk analyses establish recovery time and recovery point objectives, effective mitigation strategies, and documented disaster recovery plans. Assess adequacy of existing management, operational, and technical controls in safeguarding assets against waste, loss, unauthorized access/use, misappropriation to establish the consequences/impact of the potential threats on operations and service delivery requirements.

Examples of Potential Services: 

  • Review, develop, update and/or integrate disaster recovery, continuity of operations plans, contingency plans, and risk assessments; and
  • Identify, develop and/or implement mitigation strategies to increase the effectiveness of operations and the continuity of service.

The examples of services listed in this section are not all inclusive of the services available under the Master Contract.