We here at Dunder Mifflin Tech have been offering security services for clients of various sizes for the past 13 years. We have been focused on finding opportunities with government agencies and mid-sized organizations to address security-related issues and help them operate in a more secure manner. We started in 2002 with just 4 individuals and have been ever growing for the last 13 years. In the last 13 years we have grown to a team of 22 full time employees. We are currently pulling in 1.6 million (US dollars) annually in gross sales.
As a team we routinely provide complete security services including: assessments, penetration tests, policy creation and regulatory compliance assistance. Currently we have two ongoing contracts to provide managed security
…show more content…
services for federal agencies that regulate commerce and land management. Our employees who will be focused on this project hold certifications ranging from CISSP, CISM, GIAC, to other GIAC certifications. In the last four years we have won four major contracts for vulnerability assessments and penetration tests. The firm meets the vendor requirements in the following ways: • Must be in business for the last five consecutive years: Our firm has been providing these services for 9 years and has been in business for 13 total years.
• Report annual gross sales of at least 1 million US dollars:
Our firm generates 1.6 million US dollars in annual sales.
• Present three references of previous engagements, within the last three years, that are materially similar to the requirements contained within the document:
We have had four major contracts over the last four years for vulnerability assessments and penetration tests. Two contracts have been with government agencies.
• Must have at least one person who will be the primary participant in delivering products and services who holds a CISSP, CISM, or equivalent security certification:
We have 8 members dedicated to the project five with CISSP’s and four with CISM’s.
• Cannot have any active managed security service provider contracts with any other agency of this state:
We currently have two open contracts with the federal government regarding commerce and land management, we will re-evaluate these contracts to ensure that they will not in conflict with our proposal.
• Must maintain at least one permanent office in this
state: We have explored multiple options of possibly opening up another office near your area but, we have not decided its exact location as of yet. • Must provide samples of previous reports for other clients, sensitive information omitted, that contains three of the following activities: Risk assessment Vulnerability assessment Penetration test Source code review BCP/DRP - We can provide previous Risk Assessments, Vulnerability Assessments, and Penetration Tests
This document will outline the policies and practices to be used and implemented in compliance with DoD specifications and standards for the contract of services to be provided to them. This report will consist of creating security controls based on auditing frameworks within the seven domains. Also to develop information assurance (IA) plan, a list of the requirements for each of the seven domains.
At the July Association of the United States Army (AUSA) Conference, LTG Ostrowski, the Army Acquisition Executive Lead, conveyed the Army’s need for future network solutions. It was also shared in the FY16 Presidential Budget that the Army has several budget requests for Communications systems and upgrades totally over $1.2B (Keller, J. , 2015). This is an opportunity for the Comms BU to expand its customer base in the U.S. Army market place. Northrop Grumman was ranked in the Top 5 of Aerospace and Defense Companies in Forbes America’s Best Employers list (2017). They were ranked over larger companies such as Boeing, Lockheed Martin and Raytheon. Their commitment to their employees, diversity, their customer and even the environment drives their culture. Northrop Grumman’s competitive advantage is leveraging the technology already developed and tested for the services (Air Force and Navy). Their experience with the Army is via services work where our people have gained the expertise to be the right people for working with the Missile Defense Agency. After analyzing both the internal and external environment of Northrop, their competitors and the analysis of their financial position, Northrop has developed a sustainable competitive advantage. They have done this through the use of product differentiation. The value they receive, the knowledge they gain and patents they own by acquiring other companies expands their portfolio to offer products and services not comparable to their competitors. Their respective strategic position establishes a value to their customers that is differentiated amongst their competitors, allowing them to offer a higher premium for their products and
middle of paper ... ... Works Cited Pbs.com, (n.d.) -. Frontline, Contractors, High Risk Contracting Business, Private Warrior. Retrieved November 7, 2013 from http://www.pbs.com. Web.archive.org.
Lockheed Martin is an organization that heavily relies on its defense contracts in order to generate revenue. In 2005, 95% of Lockheed Martin’s revenue came from the US Department of Defense, other US Federal government agencies and foreign military customers (Defense News, 2007). Lockheed Martin earns this revenue by winning government contracts. As previously noted, Lockheed Martin has a large customer base with the US Department of Defense. The company is the largest provider of IT services, systems integration, and training to the government (Lockheed Martin, 2008). Other customers that provide revenue for Lockheed Martin are international governments and some commercial sales of products and services (Lockheed Martin, 2008).
After reading the course materials, I have questions about: Having completed research activities for school and professional projects, the provided materials offer very clear and concise direction and suggestions for completing the assignment.
Evaluate the Specifications of Information Security Consultants (vendors) to Become a Strategic Partner Assisting in the Reduction of Information or Security Risks
Contracting private military companies and private security contractors are not without their issues. Management of these companies and contractors are a crucial issue for the government. One of the most significant challenges in d...
Security helps the organization meet its business objectives or mission by protecting its physical and financial resources, reputation, legal position, employees, and other tangible and intangible assets through the selection and application of appropriate safeguards. Businesses should establish roles and responsibilities of all personnel and staff members. However, a Chief Information Officer should be appointed to direct an organization’s day to day management of information assets. Supporting roles are performed by the service providers and include systems operations, whose personnel design and operate the computer systems. Each team member must be held accountable in ensuring all of the rules and policies are being followed, as well as, understanding their roles, responsibilities and functions. Organizations information processing systems are vulnerable to many threats that can inflict various types of damage that can result in significant losses (Harris, 2014). Losses can come from actions from trusted employees that defraud the system, outside hackers, or from careless data entry. The major threat to information protection is error and omissions that data entry personnel, users, system operators and programmers make. To better protect business information resources, organizations should conduct a risk analysis to see what
Information Technology is performing a risk assessment on security related areas including physical access, network security, credit card controls, franchise security, end-point security, and several other areas. This risk assessment will show us our strengths/weaknesses and provide an overview of what Buffalo Wild Wings needs to work on. Information Technology in conjunction with other department leaders will provide guidance on our business goals and priorities. One security breach could cripple our future, our customers, and our brand. No one wants to see our tremendous growth get shattered by overlooking simple fixes and common vulnerabilities. A team effort and a focused organization can make our organization strive for decades. Let’s not be the next Target.
Managed the Billing, Liability/Self-Pay, and Bad Debt departments plus client service performance including upselling. Implemented training programs based on FDCPA and HIPAA Guidelines.
Carefully positioning the program sponsorship sends a clear message to the entire organization emphasizing the importance of the information security program. Additionally, approval from the senior management will ensure adequate resources for developing and implementing the awareness plan. (Wilson, M. & Hash, J,2003)
I hope above information will clear enough to get an approval. Please let me know if you need more information. We can setup a meeting.
The company needs to appoint a committee or a team of professionals to take care of the technology.
2. Project committee prepares a briefing for top management describing ISO 14000, the EMS, registration, costs, and benefi...
It is important to have the whole team involved and every team member should about the status of the project and identify there responsibility towards the project success.