Posted Date : November 23,2022
Product (RFP/RFQ/RFI/Solicitation/Tender/Bid Etc.) ID : CSE-14074
Government Authority located in Crane, Indiana; USA based organization looking for expert vendor for certified cloud security professional and certified information security manager services.
[A] Budget: Looking for Proposal
[B] Scope of Service:
Vendor needs to provide certified cloud security professional and certified information security manager services to the government authority located in Crane, IN.
- Certified Information Security Manager (CISM) Training and Certification
Information Security Governance
Develop an information security strategy, aligned with business goals and directives.
Establish and maintain an information security governance framework.
Integrate information security governance into corporate governance.
Develop and maintain information security policies.
Develop business cases to support investments in information security.
Identify internal and external influences to the organization.
Gain ongoing commitment from senior leadership and other stakeholders
Domain 2: Information Risk Management
Establish and/or maintain a process for information asset classification to ensure that measures
taken to protect assets are proportional to their business value.
Identify legal, regulatory, organizational and other applicable requirements to manage the risk of
noncompliance to acceptable levels.
Ensure that risk assessments, vulnerability assessments and threat analyses are conducted
consistently, and at appropriate times, to identify and assess risk to the organization’s
information.
Identify, recommend or implement appropriate risk treatment/response options to manage risk to
acceptable levels based on organizational risk appetite.
Determine whether information security controls are appropriate and effectively manage risk to
an acceptable level.
Facilitate the integration of information risk management into business and IT processes to
enable a consistent and comprehensive information risk management program across the
Organization
Domain 3: Information Security Program Development & Management
Develop a security program, aligned with information security strategy
Ensure alignment between the information security program and other business functions
Establish and maintain requirements for all resources to execute the IS program
Establish and maintain IS architectures to execute the IS program
Develop documentation that ensures compliance with policies
Develop a program for information security awareness and training
Integrate information security requirements into organizational processes
Integrate information security requirements into contracts and activities of third parties
Develop procedures (metrics) to evaluate the effectiveness and efficiency of the IS program
Compile reports to key stakeholders on overall effectiveness of the IS program and the
underlying business processes in order to communicate security performance.
Certified Cloud Security Professional (CCSP) Training and Certification – 5 day course
Domain 1: Cloud Concepts, Architecture and Design
Understand cloud computing concepts
Describe cloud reference architecture
Understand security concepts relevant to cloud computing
Understand design principles of secure cloud computing
Evaluate cloud service providers
Domain 2: Cloud Data Security
Describe cloud data concepts
Design and implement cloud data storage architectures
Design and apply data security technologies and strategies
Implement data discovery
Plan and implement data classification
Design and implement Information Rights Management (IRM)
Plan and implement data retention, deletion, and archiving policies
Design and implement auditability, traceability, and accountability of data events
[C] Eligibility:
- Onshore (USA Organization Only);
[D] Work Performance:
Performance of the work will be Offsite. Vendor needs to carry work in their office location.
Budget :
Deadline to Submit Proposals: December 06,2022
Cost to Download This RFP/RFQ/RFI/Solicitation/Tender/Bid Document : 5 US$
Product (RFP/RFQ/RFI/Solicitation/Tender/Bid Etc.) ID : CSE-14074
Government Authority located in Crane, Indiana; USA based organization looking for expert vendor for certified cloud security professional and certified information security manager services.
[A] Budget: Looking for Proposal
[B] Scope of Service:
Vendor needs to provide certified cloud security professional and certified information security manager services to the government authority located in Crane, IN.
- Certified Information Security Manager (CISM) Training and Certification
Information Security Governance
Develop an information security strategy, aligned with business goals and directives.
Establish and maintain an information security governance framework.
Integrate information security governance into corporate governance.
Develop and maintain information security policies.
Develop business cases to support investments in information security.
Identify internal and external influences to the organization.
Gain ongoing commitment from senior leadership and other stakeholders
Domain 2: Information Risk Management
Establish and/or maintain a process for information asset classification to ensure that measures
taken to protect assets are proportional to their business value.
Identify legal, regulatory, organizational and other applicable requirements to manage the risk of
noncompliance to acceptable levels.
Ensure that risk assessments, vulnerability assessments and threat analyses are conducted
consistently, and at appropriate times, to identify and assess risk to the organization’s
information.
Identify, recommend or implement appropriate risk treatment/response options to manage risk to
acceptable levels based on organizational risk appetite.
Determine whether information security controls are appropriate and effectively manage risk to
an acceptable level.
Facilitate the integration of information risk management into business and IT processes to
enable a consistent and comprehensive information risk management program across the
Organization
Domain 3: Information Security Program Development & Management
Develop a security program, aligned with information security strategy
Ensure alignment between the information security program and other business functions
Establish and maintain requirements for all resources to execute the IS program
Establish and maintain IS architectures to execute the IS program
Develop documentation that ensures compliance with policies
Develop a program for information security awareness and training
Integrate information security requirements into organizational processes
Integrate information security requirements into contracts and activities of third parties
Develop procedures (metrics) to evaluate the effectiveness and efficiency of the IS program
Compile reports to key stakeholders on overall effectiveness of the IS program and the
underlying business processes in order to communicate security performance.
Certified Cloud Security Professional (CCSP) Training and Certification – 5 day course
Domain 1: Cloud Concepts, Architecture and Design
Understand cloud computing concepts
Describe cloud reference architecture
Understand security concepts relevant to cloud computing
Understand design principles of secure cloud computing
Evaluate cloud service providers
Domain 2: Cloud Data Security
Describe cloud data concepts
Design and implement cloud data storage architectures
Design and apply data security technologies and strategies
Implement data discovery
Plan and implement data classification
Design and implement Information Rights Management (IRM)
Plan and implement data retention, deletion, and archiving policies
Design and implement auditability, traceability, and accountability of data events
[C] Eligibility:
- Onshore (USA Organization Only);
[D] Work Performance:
Performance of the work will be Offsite. Vendor needs to carry work in their office location.
Budget :
Deadline to Submit Proposals: December 06,2022
Cost to Download This RFP/RFQ/RFI/Solicitation/Tender/Bid Document : 5 US$