The Request for Proposal (RFP) for Audit of Information Technology (IT) Operations at Westchester Library System will be posted on: August, 20 2019 at 4:00PM EDT
Get the RFP
You may download the electronic copy of the RFP below:
Request for Proposal – Audit of Information Technology (IT) Operations at Westchester Library System (PDF)
You may download a free reader using the link below:
Adobe Reader (PDF)
Parties interested may also request a paper copy of the RFP document by emailing AuditRFP@wlsmail.org. In your request include:
- Name and/or Department to whose attention the mailing should be addressed
- Organization Name
- Street Address
- City, State, and Zip Code
All proposal responses to the RFP must be received no later than Friday, September 13, 2019 @ 4:00 pm EDT.
See the contents of the RFP document for the rules pertaining to submitting proposal responses.
Questions and AnswersWe also sell monthly services that might be needed by WLS, depending upon the audit results. If we do the audit and recommend certain monthly services that we also sell, does that disqualify us from proposing sales of these monthly services from our company later on?
No. Being selected as the auditor would not disqualify a firm from providing additional services in the future.
The 38 library locations: Will we need to visit every single location for physical security and network reviews or is a “representative sample” combined with remote/WAN-based assesstment sufficient? Seems like site visit required for accurate assessment of 3.C.viii.
A representative sample should be sufficient. Based on preliminary findings a more exhaustive review could be conducted.
In terms of the VDI environment:
- What is the purpose of this environment? For library employees? Public workstations? Both?
- What types of data resides on the VDI user profile disks? This will help us scope the labor effort to assess security concerns around storage environment
- Is this environment accessed primarily via thin/zero clients?
In terms of the Datacenter environment:
- What is the total number of hosts and VMs, and how many VMs are in-scope?
- Is there central management used to manage this environment (such as SCCM, Kaseya, etc.) and will we be able to leverage these tools during the assessment to create efficiencies?
There are 9 hosts (nodes) spread among 3 chassis. There are 784 VMs evenly distributed amonth the nodes with roughly 660 VMs that are solely staff VDI desktops.
Three products are used to manage the virtualized environment – VMware vSphere, Horizon Admin portal and Nutanix Prism.