The Matanuska-Susitna Borough is requesting proposals from qualified firms to assess the current state of the Borough’s information security posture to ensure that it is configured and is operating the IT infrastructure in a secure manner that meets or exceeds the Borough’s compliance obligations, and that the Borough’s electronic risks are adequately addressed. See scope of services for more detail.
Penetration testing will focus on MSB systems and applications. All tests shall be non-destructive in nature, where all remote system scanning, and attempts to exploit vulnerabilities or escalate privileges are conducted with proper care to avoid any disruption of service. The vendor will follow procedures set by the National Institute of Standards and Technology (NIST) Special Publication 800-115, Technical Guide to Information Security and Assessment. The vendor will have the ability to address and meet the project deliverables.